Any developer knows that you must have a source code repository (e.g. Git) but from time to time I get the question “why do I need a binary repository”?
Here is the short answer:
Faster and more secure software development – Any company is a software company these days and the best companies release updates on daily/hourly bases. The ability to push updates quickly is a real competitive advantage. The minute you have few engineers on your team you wish to avoid ‘fetching the all internet’ with every ‘npm install’.
A binary repo will give you the option to cache these libraries and make sure you are working with the correct ones (vs a hacked one). From the developer perspective, it is a big boost for their productivity as it saves time during development and on each build. Even better, from the DevOps perspective, the ability to control all the packages/libraries (and scan them for vulnerabilities) is a huge advantage. It enables the internal engineering team to control the releases better as they have full transparency (e.g. quality, performance, security, licenses, etc’) on everything the ‘compose’ the release version. Check the 12-factor app manifesto for more on dependencies (declaration and isolation).