nuǝɯ pǝɥsᴉꞁod mǝu

npm Trademark Policy

This policy describes npm trademarks and how you may use them. For information on what to do if someone infringes a trademark of yours with a confusing package name, see the Dispute Resolution Policy.

What is npm?

npm is a package manager for Node.js modules. It was created in 2009 by Isaac Schlueter as an open source project to help JavaScript developers share modules (aka packages) of code in a very easy and efficient way.

The npm project contains two main parts:

  1. The npm client, which is bundled with the Node.js platform, and is used as a command line tool to install and publish packages. It is simply called "npm". Its code is available as an open-source project:
  2. The npm registry service. When a user of the npm client runs the command npm install example-package, the npm client retrieves the package and all related dependencies from the npm registry service. The example output looks like this:
user1-MacBook-Pro-2:~ user1$ npm install example-package
npm http GET
npm http 200
example-package@2.4.1 node_modules/example-package

The registry is run as a free (as in beer) public service for anyone wanting to publish an open source package and for anyone to install an open source package.

What is npm, Inc. and what is its mission statement?

npm, Inc. is a company co-founded by npm's creator, Isaac Schlueter, along with Laurie Voss and Rod Boothby.

npm, Inc. is dedicated to the long term success of the JavaScript community, which includes the success of the open-source Node.js and npm projects.

At npm, Inc. we do three things to support this goal:

  1. Run the open source registry as a free service.
  2. Build tools and operate services that support the secure use of packages in a private or enterprise context.
  3. Build innovative new tools and services for the developer community.

Why npm, Inc. has a trademark policy

npm, Inc. has filed for trademarks for the npm name and logo. We have developed this trademark usage policy with the following goals in mind:

  • We'd like to make it easy for anyone to use the npm name or logo for community-oriented efforts that help spread and improve npm.
  • We'd like to make it clear how npm-related businesses and projects can (and cannot) use the npm name and logo.
  • We'd like to make it hard for anyone to use the npm name and logo to unfairly profit from, trick, or confuse people who are looking for official npm resources.

Nominative use - No need to type ™ on twitter

It's perfectly OK to use "npm" to refer to npm, Inc., to the npm software, and to the npm public registry. That's different from using npm in the name of one's own product or service.

Nominative use means it's OK to refer to something that is trademarked, but it is not OK to incorporate one company's trademark into another company's product, service, or company name. That's why you would need permission from the trademark owner to open "Discount Nike Shoes" or "iPad App Marketplace".

The npm trademark policy

We ask that you get permission from npm, Inc. to use the npm name or logo as part of the name of any project, product, service, domain or company.

We will grant permission to use the npm name and logo for projects that meet the following criteria:

  • The primary purpose of your project is to promote the spread and improvement of the npm client software or the npm registry service.
  • Your project is non-commercial in nature (it can make money to cover its costs or contribute to non-profit entities, but it cannot be run as a for-profit project or business).
  • Your project neither promotes nor is associated with entities that currently fail to comply with the Artistic License 2.0 under which npm is distributed, or which are in violation of this trademark policy.

For other projects, we have set up the following rules around the use of the npm trademark:

  1. It is not OK use npm in the name of any product, service, or project, except after the preposition "for". For example, "Private Registry Hosting for npm". You should not use npm in a company or domain name for a package registry or related service without our permission.
  2. When referring to the npm software in body text, the first usage should be followed by a generic term such as "package manager" to provide context. npm should never be used or explained as an acronym.
  3. When referring to the npm public registry, please follow npm with the word "registry" or the phrase "public registry".
  4. When referring to a private registry for npm packages, please describe it as "private registry for npm packages" or as a npm-registry proxy when first referring to it in the text.
  5. References to the owner of the npm client software and the operator of the npm public registry should be to npm, Inc.
  6. Any materials referring to npm should include the following notice in the fine print: "npm is a trademark of npm, Inc."

Examples of ways to use the term "npm" in a name

  • <Your consulting co's> services for npm
    e.g. Pink Unicorn Consulting Ltd. services for npm
  • <Your software co's> private registry for npm
    e.g. Purple Unicorn Inc. private registry server for npm

An example of a way to refer to npm when describing your solution:

  • Paypal/Kappa, a hierarchical npm-registry proxy

    In the case of Kappa, it is clear that the open source project name is "Kappa" so no one would be reasonably confused that it is the official npm client, or the official npm registry.

    Explaining that something is a proxy of the npm registry is OK.

When in doubt about your use of the npm name or logo, please contact npm, Inc. for clarification.

Our npm Logo is very recognizable and deserves special treatment. The npm Logo signifies us, or a special relationship with us, and you should use it only with our permission. Since the goal is to avoid confusion about you being us, or your relationship with us, context counts. We will consider requests on a case-by-case basis.

The npm Wombat Mascot

Like the npm Logo, the npm Wombat graphic is a very recognizable part of the npm brand, and signifies a special relationship with the the npm project, service, or company. It should never be used except with explicit written permission. We will consider requests on a case-by-case basis.

Please be advised that, unlike the npm logo, the Wombat generally may not be used to refer to the project, service, or company in a nominative sense, as any usage will almost always imply a special relationship with npm.


This is a living document and may be updated from time to time. Please refer to the git history for this document to view the changes.


Copyright (C) npm, Inc., All rights reserved

This document may be reused under a Creative Commons Attribution-ShareAlike License.