NodeSummit in San Francisco kicked off today, with talks covering both the technical aspects of the platform to those dealing only with human beings. Among the topics discussed were the Node Foundation and its implications, the popularity of the React platform, and the need for enterprise controls around NPM.

Dan Shaw, CTO of NodeSource, said that the Node.js community has evolved into an ecosystem of its own, and that the future of the platform in enterprises hinges on this view of the community as an ecosystem. His company launched an enterprise-focused management and control platform for Node.js applications yesterday.

“I have to facilitate enterprise usage of Node. I have begun using the concept of Node.js as an ecosystem along with the community,” said Shaw. “The Node ecosystem allows us to have conversations around commercial things and business things. It’s still part of Node.”

(Related: Node.js 6.0 is out)

Shaw went on to mention the creation of sub-communities within Node around enterprise usage. These communities have surfaced some of the concerns businesses have around the Node.js ecosystem as a whole.

NodeSummit itself surfaced concerns around a single point within the Node.js community: NPM. The Node Package Manager has become essential to the evolution of Node.js as a community and as a viable ecosystem. Yet this singular repository of JavaScript bits and pieces is a point of concern for enterprise JavaScript developers.

Among them was Adam Eivy, developer solutions architect at the Walt Disney Company. He explained that, while Node is a powerful tool for developers, it’s also relatively devoid of the enterprise controls so beloved in other major enterprise languages.

Java, for example, has long offered controls for Maven repositories, allowing development leads to “bless” packages, libraries and open-source software for use within the enterprise. At present, NPM does not offer the types of controls enterprises want in this area, though it is clearly working to rectify this problem.

To make matters worse, Node.js projects tend to be highly reliant on NPM these days, as evidenced by the havoc created when open-source developer Azer Koçulu removed his projects from NPM, breaking many widely used projects that relied on his tiny project.

Koçulu did this because NPM took away control of one of his projects. That project, known as Kik, was targeted by a startup of the same name, and when he refused to remove it from NPM, the lawyers went to NPM directly.

It is the controversy around the repository in the Node community that was behind a lot of the talks at NodeSummit. It is also, perhaps, why the Node Foundation’s education community manager was on hand to discuss the difficulty of balancing business needs with community needs.

Tracy Hinds, the aforementioned community manager, said, “I think a [lot] of people tend to think that way: There’s the community side and the enterprise side of Node. But they’re not these two separate entities. It’s interesting to consider how much these overlap.”

Rachel White, from the IBM Watson team, pointed out that Node’s fast-moving and highly active community is one of its biggest benefits. She said she was attracted to the platform by the fact that she could find quick answers to problems on Stack Overflow and Twitter.

Looking over the crowd at San Francisco conference center, it’s not hard to see that vibrancy on display: The event was shoulder-to-shoulder, and speakers were at times tough to hear over the tumult of the expo booths crammed into the same room as the talks.

But then, the Node.js community certainly has a lot to talk about.