Username Policy

tl;dr

npm follows GitHub’s Username Policy. This means that usernames, organization names, and package names are available on a first-come, first-served basis, and are intended for immediate and active use.

Trademarks

npm processes Trademark claims under GitHub's Trademark Policy.

If you think another npm publisher is infringing your trademark, such as by using a confusingly similar package, org, or user account name, please submit a Trademark Policy Violation Report via our form.

Use of npm's own trademarks is covered by our Logo and Usage Policy.

Squatting

It is against npm's Terms of Use to publish a package, register a username or an organization name simply for the purposes of reserving it for future use. Accounts violating the name squatting policy may be removed or renamed without notice. Attempts to sell, buy, or solicit other forms of payment in exchange for account names are prohibited and may result in permanent account suspension.

The standards for what we consider squatting depend on what is being squatted:

Packages

Package names are considered squatted if the package has no genuine function.

Organizations

Organization names are considered squatted if there are no packages published within a reasonable time. If an organization is a paid organization, it may have private packages that are invisible to third parties. For privacy reasons, we cannot reveal whether or not an organization has private packages, so a paid organization will never be considered squatted.

Usernames

We are extremely unlikely to transfer control of a username, as it is totally valid to be an npm user and never publish any packages: for instance, you might be part of an organization or need read-only access to private packages.

License

Copyright (C) npm, Inc., All rights reserved

This document may be reused under a Creative Commons Attribution-ShareAlike License.