node package manager

npm Code of Conduct

npm exists to facilitate sharing code, by making it easy for JavaScript module developers to publish and distribute packages.

npm is a piece of technology, but more importantly, it is a community.

We believe that our mission is best served in an environment that is friendly, safe, and accepting; free from intimidation or harassment.

Towards this end, certain behaviors and practices will not be tolerated.

We expect all members of the npm community, including paid and unpaid agents, administrators, users, and customers of npm, Inc., to abide by this Code of Conduct at all times in all npm community venues, online and in person, and in one-on-one communications pertaining to npm affairs.

This policy covers the usage of the npm registry, as well as the npm website, npm related events, and any other services offered by or on behalf of npm, Inc. (collectively, the "Service"). It also applies to behavior in the context of the npm Open Source project communities, including but not limited to public GitHub repositories, IRC channels, social media, mailing lists, and public events.

This Code of Conduct is in addition to, and does not in any way nullify or invalidate, any other terms or conditions related to use of the Service.

The definitions of various subjective terms such as "discriminatory", "hateful", or "confusing" will be decided at the sole discretion of the npm abuse team.

We are committed to providing a friendly, safe and welcoming environment for all, regardless of gender identity, sexual orientation, ability, ethnicity, religion, age, physical appearance, body size, race, or similar personal characteristics.

We ask that you please respect that people have differences of opinion regarding technical choices, and that every design or implementation choice carries a trade-off and numerous costs. There is seldom a single right answer. A difference of technology preferences is not a license to be rude.

Disputes over package rights must be handled respectfully, according to the terms described in the npm Dispute Resolution document. There is never a good reason to be rude over package name disputes.

Any spamming, trolling, flaming, baiting, or other attention-stealing behavior is not welcome, and will not be tolerated.

Harassing other users of the Service is never tolerated, whether via public or private media.

Avoid using offensive or harassing package names, nicknames, or other identifiers that might detract from a friendly, safe, and welcoming environment for all.

Harassment includes, but is not limited to: harmful or prejudicial verbal or written comments related to gender identity, sexual orientation, ability, ethnicity, religion, age, physical appearance, body size, race, or similar personal characteristics; inappropriate use of nudity, sexual images, and/or sexually explicit language in public spaces; threats of physical or non-physical harm; deliberate intimidation, stalking or following; harassing photography or recording; sustained disruption of talks or other events; inappropriate physical contact; and unwelcome sexual attention.

The Service administrators reserve the right to make judgment calls about what is and isn't appropriate in published packages. These are guidelines to help you be successful in our community.

Packages published to the Service must be created using the npm command-line client, or a functionally equivalent implementation. For example, a "package" must not be a PNG or JPEG image, movie file, or text document. Using the Service as a personal general-purpose database is also not allowed for this reason. Packages should be npm packages, and nothing else.

Packages must contain some functionality. "Squatting", that is, publishing an empty package to "reserve" a name, is not allowed.

Packages must not contain illegal or infringing content. You should only publish packages or other materials to the Service if you have the right to do so. This includes complying with all software license agreements or other intellectual property restrictions. For example, redistributing an MIT-licensed module with the copyright notice removed, would not be allowed. You will be responsible for any violation of laws or others’ intellectual property rights.

Packages must not be malware. For example, a package which is designed to maliciously exploit or damage computer systems, is not allowed. However, an explicitly documented penetration testing library designed to be used for white-hat security research would most likely be fine.

Package name, description, and other visible metadata must not include abusive, inappropriate, or harassing content.

If you believe someone is harassing you or has otherwise violated this Code of Conduct, please contact us at to send us an abuse report. If this is the initial report of a problem, please include as much detail as possible. It is easiest for us to address issues when we have more context.

All content published to the Service, including user account credentials, is hosted at the sole discretion of the npm administrators.

Unacceptable behavior from any community member, including sponsors, employees, customers, or others with decision-making authority, will not be tolerated.

Anyone asked to stop unacceptable behavior is expected to comply immediately.

If a community member engages in unacceptable behavior, the npm administrators may take any action they deem appropriate, up to and including a temporary ban or permanent expulsion from the community without warning (and without refund in the case of a paid event or service).

If you feel you have been falsely or unfairly accused of violating this Code of Conduct, you should notify npm, Inc. We will do our best to ensure that your grievance is handled appropriately.

In general, we will choose the course of action that we judge as being most in the interest of fostering a safe and friendly community.

Please contact if you need to report a problem or address a grievance related to an abuse report.

You are also encouraged to contact us if you are curious about something that might be "on the line" between appropriate and inappropriate content. We are happy to provide guidance to help you be a successful part of our community.

This is a living document and may be updated from time to time. Please refer to the git history for this document to view the changes.

This Code of Conduct borrows heavily from the Stumptown Syndicate Citizen's Code of Conduct, and the Rust Project Code of Conduct.

This document may be reused under a Creative Commons Attribution-ShareAlike License.