Home Explore Help
Sign In
CocoRoboLabs
/
CocoRoboDesktop
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: dd6dff3837
Branches Tags
CocoRoboDesk...
/
pdf1.js
/
node_modules
/
npm
/
man
/
man7
/
disputes.7

disputes.7 6.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149 
  1. .TH "DISPUTES" "7" "August 2021" "" ""
    2. 

  2. .SH "NAME"
    3. 

  3. \fBdisputes\fR \- Handling Module Name Disputes
    4. 

  4. .P
    5. 

  5. This document describes the steps that you should take to resolve module name
    6. 

  6. disputes with other npm publishers\. It also describes special steps you should
    7. 

  7. take about names you think infringe your trademarks\.
    8. 

  8. .P
    9. 

  9. This document is a clarification of the acceptable behavior outlined in the
    10. 

  10. npm Code of Conduct \fIhttps://www\.npmjs\.com/policies/conduct\fR, and nothing in
    11. 

  11. this document should be interpreted to contradict any aspect of the npm Code of
    12. 

  12. Conduct\.
    13. 

  13. .SS TL;DR
    14. 

  14. .RS 0
    15. 

  15. .IP 1. 3
    16. 

  16. Get the author email with \fBnpm owner ls <pkgname>\fP
    17. 

  17. .IP 2. 3
    18. 

  18. Email the author, CC support@npmjs\.com
    19. 

  19. .IP 3. 3
    20. 

  20. After a few weeks, if there's no resolution, we'll sort it out\.
    21. 

  21. 

  22. .RE
    23. 

  23. .P
    24. 

  24. Don't squat on package names\.  Publish code or move out of the way\.
    25. 

  25. .SS Description
    26. 

  26. .P
    27. 

  27. There sometimes arise cases where a user publishes a module, and then later,
    28. 

  28. some other user wants to use that name\. Here are some common ways that happens
    29. 

  29. (each of these is based on actual events\.)
    30. 

  30. .RS 0
    31. 

  31. .IP 1. 3
    32. 

  32. Alice writes a JavaScript module \fBfoo\fP, which is not node\-specific\. Alice
    33. 

  33. doesn't use node at all\. Yusuf wants to use \fBfoo\fP in node, so he wraps it in
    34. 

  34. an npm module\. Some time later, Alice starts using node, and wants to take
    35. 

  35. over management of her program\.
    36. 

  36. .IP 2. 3
    37. 

  37. Yusuf writes an npm module \fBfoo\fP, and publishes it\. Perhaps much later, Alice
    38. 

  38. finds a bug in \fBfoo\fP, and fixes it\. She sends a pull request to Yusuf, but
    39. 

  39. Yusuf doesn't have the time to deal with it, because he has a new job and a
    40. 

  40. new baby and is focused on his new Erlang project, and kind of not involved
    41. 

  41. with node any more\. Alice would like to publish a new \fBfoo\fP, but can't,
    42. 

  42. because the name is taken\.
    43. 

  43. .IP 3. 3
    44. 

  44. Yusuf writes a 10\-line flow\-control library, and calls it \fBfoo\fP, and
    45. 

  45. publishes it to the npm registry\. Being a simple little thing, it never
    46. 

  46. really has to be updated\. Alice works for Foo Inc, the makers of the
    47. 

  47. critically acclaimed and widely\-marketed \fBfoo\fP JavaScript toolkit framework\.
    48. 

  48. They publish it to npm as \fBfoojs\fP, but people are routinely confused when
    49. 

  49. \fBnpm install foo\fP is some different thing\.
    50. 

  50. .IP 4. 3
    51. 

  51. Yusuf writes a parser for the widely\-known \fBfoo\fP file format, because he
    52. 

  52. needs it for work\. Then, he gets a new job, and never updates the prototype\.
    53. 

  53. Later on, Alice writes a much more complete \fBfoo\fP parser, but can't publish,
    54. 

  54. because Yusuf's \fBfoo\fP is in the way\.
    55. 

  55. .IP 5. 3
    56. 

  56. \fBnpm owner ls foo\fP\|\. This will tell Alice the email address of the owner
    57. 

  57. (Yusuf)\.
    58. 

  58. .IP 6. 3
    59. 

  59. Alice emails Yusuf, explaining the situation \fBas respectfully as possible\fR,
    60. 

  60. and what she would like to do with the module name\. She adds the npm support
    61. 

  61. staff support@npmjs\.com to the CC list of the email\. Mention in the email
    62. 

  62. that Yusuf can run npm owner \fBadd alice foo\fP to add Alice as an owner of the
    63. 

  63. foo package\.
    64. 

  64. .IP 7. 3
    65. 

  65. After a reasonable amount of time, if Yusuf has not responded, or if Yusuf
    66. 

  66. and Alice can't come to any sort of resolution, email support
    67. 

  67. support@npmjs\.com and we'll sort it out\. ("Reasonable" is usually at least
    68. 

  68. 4 weeks\.)
    69. 

  69. 

  70. .RE
    71. 

  71. .SS Reasoning
    72. 

  72. .P
    73. 

  73. In almost every case so far, the parties involved have been able to reach an
    74. 

  74. amicable resolution without any major intervention\. Most people really do want
    75. 

  75. to be reasonable, and are probably not even aware that they're in your way\.
    76. 

  76. .P
    77. 

  77. Module ecosystems are most vibrant and powerful when they are as self\-directed
    78. 

  78. as possible\. If an admin one day deletes something you had worked on, then that
    79. 

  79. is going to make most people quite upset, regardless of the justification\. When
    80. 

  80. humans solve their problems by talking to other humans with respect, everyone
    81. 

  81. has the chance to end up feeling good about the interaction\.
    82. 

  82. .SS Exceptions
    83. 

  83. .P
    84. 

  84. Some things are not allowed, and will be removed without discussion if they are
    85. 

  85. brought to the attention of the npm registry admins, including but not limited
    86. 

  86. to:
    87. 

  87. .RS 0
    88. 

  88. .IP 1. 3
    89. 

  89. Malware (that is, a package designed to exploit or harm the machine on which
    90. 

  90. it is installed)\.
    91. 

  91. .IP 2. 3
    92. 

  92. Violations of copyright or licenses (for example, cloning an MIT\-licensed
    93. 

  93. program, and then removing or changing the copyright and license statement)\.
    94. 

  94. .IP 3. 3
    95. 

  95. Illegal content\.
    96. 

  96. .IP 4. 3
    97. 

  97. "Squatting" on a package name that you plan to use, but aren't actually
    98. 

  98. using\. Sorry, I don't care how great the name is, or how perfect a fit it is
    99. 

  99. for the thing that someday might happen\. If someone wants to use it today,
    100. 

  100. and you're just taking up space with an empty tarball, you're going to be
    101. 

  101. evicted\.
    102. 

  102. .IP 5. 3
    103. 

  103. Putting empty packages in the registry\. Packages must have SOME
    104. 

  104. functionality\. It can be silly, but it can't be nothing\. (See also:
    105. 

  105. squatting\.)
    106. 

  106. .IP 6. 3
    107. 

  107. Doing weird things with the registry, like using it as your own personal
    108. 

  108. application database or otherwise putting non\-packagey things into it\.
    109. 

  109. .IP 7. 3
    110. 

  110. Other things forbidden by the npm
    111. 

  111. Code of Conduct \fIhttps://www\.npmjs\.com/policies/conduct\fR such as hateful
    112. 

  112. language, pornographic content, or harassment\.
    113. 

  113. 

  114. .RE
    115. 

  115. .P
    116. 

  116. If you see bad behavior like this, please report it to abuse@npmjs\.com right
    117. 

  117. away\. \fBYou are never expected to resolve abusive behavior on your own\. We are
    118. 

  118. here to help\.\fR
    119. 

  119. .SS Trademarks
    120. 

  120. .P
    121. 

  121. If you think another npm publisher is infringing your trademark, such as by
    122. 

  122. using a confusingly similar package name, email abuse@npmjs\.com with a link to
    123. 

  123. the package or user account on https://www\.npmjs\.com/ \fIhttps://www\.npmjs\.com/\fR\|\.
    124. 

  124. Attach a copy of your trademark registration certificate\.
    125. 

  125. .P
    126. 

  126. If we see that the package's publisher is intentionally misleading others by
    127. 

  127. misusing your registered mark without permission, we will transfer the package
    128. 

  128. name to you\. Otherwise, we will contact the package publisher and ask them to
    129. 

  129. clear up any confusion with changes to their package's \fBREADME\fP file or
    130. 

  130. metadata\.
    131. 

  131. .SS Changes
    132. 

  132. .P
    133. 

  133. This is a living document and may be updated from time to time\. Please refer to
    134. 

  134. the git history for this document \fIhttps://github\.com/npm/cli/commits/latest/doc/misc/npm\-disputes\.md\fR
    135. 

  135. to view the changes\.
    136. 

  136. .SS License
    137. 

  137. .P
    138. 

  138. Copyright (C) npm, Inc\., All rights reserved
    139. 

  139. .P
    140. 

  140. This document may be reused under a Creative Commons Attribution\-ShareAlike
    141. 

  141. License\.
    142. 

  142. .SS See also
    143. 

  143. .RS 0
    144. 

  144. .IP \(bu 2
    145. 

  145. npm help registry
    146. 

  146. .IP \(bu 2
    147. 

  147. npm help owner
    148. 

  148. 

  149. .RE
    150.