|1.||Get the author email with npm owner ls <pkgname>|
|2.||Email the author, CC firstname.lastname@example.org|
After a few weeks, if theres no resolution, well sort it out.
Dont squat on package names. Publish code or move out of the way.
There sometimes arise cases where a user publishes a module, and then later, some other user wants to use that name. Here are some common ways that happens (each of these is based on actual events.)
The validity of Joes claim in each situation can be debated. However, Joes appropriate course of action in each case is the same.
1. npm owner ls foo. This will tell Joe the email address of the owner (Bob). 2. Joe emails Bob, explaining the situation as respectfully as possible, and what he would like to do with the module name. He adds the npm support staff email@example.com to the CC list of the email. Mention in the email that Bob can run npm owner add joe foo to add Joe as an owner of the foo package. 3. After a reasonable amount of time, if Bob has not responded, or if Bob and Joe cant come to any sort of resolution, email support firstname.lastname@example.org and well sort it out. ("Reasonable" is usually at least 4 weeks, but extra time is allowed around common holidays.)
In almost every case so far, the parties involved have been able to reach an amicable resolution without any major intervention. Most people really do want to be reasonable, and are probably not even aware that theyre in your way.
Module ecosystems are most vibrant and powerful when they are as self-directed as possible. If an admin one day deletes something you had worked on, then that is going to make most people quite upset, regardless of the justification. When humans solve their problems by talking to other humans with respect, everyone has the chance to end up feeling good about the interaction.
Some things are not allowed, and will be removed without discussion if they are brought to the attention of the npm registry admins, including but not limited to:
1. Malware (that is, a package designed to exploit or harm the machine on which it is installed). 2. Violations of copyright or licenses (for example, cloning an MIT-licensed program, and then removing or changing the copyright and license statement). 3. Illegal content. 4. "Squatting" on a package name that you plan to use, but arent actually using. Sorry, I dont care how great the name is, or how perfect a fit it is for the thing that someday might happen. If someone wants to use it today, and youre just taking up space with an empty tarball, youre going to be evicted. 5. Putting empty packages in the registry. Packages must have SOME functionality. It can be silly, but it cant be nothing. (See also: squatting.) 6. Doing weird things with the registry, like using it as your own personal application database or otherwise putting non-packagey things into it.
If you see bad behavior like this, please report it right away.
o npm help 7 registry o npm help owner
|NPM-DISPUTES (7)||October 2015|