Creating a Blockchain distributed package manager for front-end enterprise CI/CD pipelines

Introduction:

NPM (Node Package manager) https://www.npmjs.com/ was a massive step forward in modern software development, a centralised open-source repository enabling code to be shared globally. NPM gave us dependency management for the modern development workflow, allowing modules to be reliably integrated in projects throughout the world. But it isn’t perfect.

NPM has been blamed for everything from security vulnerabilities: https://medium.com/hackernoon/im-harvesting-credit-card-numbers-and-passwords-from-your-site-here-s-how-9a8cb347c5b5 to general usability, bugs and control issues: https://www.reddit.com/r/javascript/comments/8xgokp/known_problems_with_npm/.

In general though, it was a massive step forward in modern software development; so important in fact that facebook decided to make their own version yarn which while technically superior (subjectively) shares many of the same problems, primarily that it is ‘owned’ by facebook and although it has superior (again subjectively) caching and building mechanisms, it still hasn’t solved what to me is the biggest inefficiency in modern CI / CD flows.

What is a modern CI/CD flow?

Clearly this is a highly subjective issue, as every CI/CD flow is different between enterprises. However, they all share common steps, and in my experience, they also share common problems. Let us imagine a ‘typical’ CI/CD flow…