There's no need for drama, you're right. But you make an important point: the correct answer is "Oh, sorry about that, sure, it's all yours."
The problem is that sometimes the response is "No, I'm planning on releasing something there some day, so you can't have it." The relevant difference is that planned modules don't exist. On Fri, Dec 14, 2012 at 6:05 PM, Chris O'Hara <[email protected]> wrote: > It's worth adding that you should reach out to the author first if you find > such a package in npm. There's a good chance that they're not "squatting" > the name intentionally - they probably just started a project excitedly and > didn't push as fast as they'd hoped. > > I had a "dynamo" and "task" in npm without little or no code. I was > contacted by jed who had a dynamo client ready to go and tkellen who wanted > task for a gruntjs related project. - in both cases I gave up the names. > > No drama, no need call anyone a squatter, no need to get Isaac involved, > good times. > > > On Saturday, December 15, 2012 11:10:23 AM UTC+11, Isaac Schlueter wrote: >> >> TL;DR - Package squatting is not allowed. If you sit on a package >> name and don't publish code, it'll be deleted without warning. >> >> ---- >> >> npm package names have always been a "first come, first served" >> system. I think this is generally good. It incentivizes early >> adopters, which is important, because they're the most valuable users. >> >> It also is a powerful motivator to *actually write code*. >> Traditionally, the pattern has been that if you think of a great name, >> well, you'd better ship something, then! We never had to have an >> explicit rule about publishing empty packages, for the same reason >> that you don't have to have an explicit rule about leaving garbage on >> the floor in someone's house. It's just not something you'd do. >> >> It is hard to really comprehend *just how many* possible package names >> there are. The math isn't that hard, but the actual numbers are >> mind-boggling. Even just limiting to 4 characters, there's >> 36*38*38*38 potential names. That's about 100x the number of npm >> packages that have ever been published. And yes, it includes stuff >> like 0-_-, but still. You don't have to limit it to 4 characters. At >> 8 characters, there's 4118960973312 potential names. If you got TJ >> Holowaychunk and Raynos and Substack and architectd and Dominic Tarr >> together and managed to get them to publish a package with a unique >> 8-character name every MILLISECOND, it'd take OVER 130 YEARS to ever >> use them all up! Absurdity aside, there are millions and millions of >> common words and clever spellings. We'll never run out. There is no >> scarcity. >> >> (To the alpha-nerds in the audience: this is not a challenge. Please >> don't DOS the registry. ;) >> >> The official policy for handing name disputes mostly focuses on >> abandoned modules, confusing name collisions, and other cases where >> two parties both actually have published (or want to publish) working >> code. There's never been a need to make the "no seat saving" >> explicit, because it just didn't happen much. Disputes between two >> authors have generally always been handled pretty easily. The >> occasional "no code here" module was always a mistake or an oversight, >> and promptly cleaned up. >> >> Lately, probably owing to the increase in our community's size, or the >> increase in npm's popularity, or some combination of factors, I've >> been seeing a lot more cases where someone asks to use a module, >> pointing out that the author isn't using it, and they're told, "No, >> that's something I'll be publishing at some time in the future." When >> I've stepped in and made a ruling, pointing out that **npm is for node >> modules that exist, not for node modules that don't exist**, the >> squatters have in some cases reacted with surprise and frustration. >> It's gotten un-amicable. >> >> If you think I'm talking about you, you're probably right. But I >> wouldn't bother to write this if it had been an isolated incident, so >> you're not alone. I don't want to single anyone out, and it's >> happened enough times that clearly there's some widespread confusion >> about what's ok and what isn't. You're not a bad person. You didn't >> know. >> >> To be fair, yes, this was never a part of any "official" policy in an >> explicit way. So, as of >> >> https://github.com/isaacs/npm/commit/993abe412db791f9460932371b39642817523aab >> (and this email) it's explicit. (The great thing about npm being a >> dictatorship is that it doesn't ultimately matter what any policy >> says. My interest is for the node community to write code, so >> anything that stands in the way of that gets cut down, policy be >> damned.) >> >> It is very easy to rename a module. It's a matter of changing *a >> single field* in a JSON doc. If it takes a few months to build >> something, and someone publishes something in with the same name in >> the meantime, that means a few things are likely: >> >> 1. You took took long. Go faster. Which probably means: >> 1a. You tried to write something that was too big. Build smaller. >> 2. The name you chose is too vague and doesn't tell much about your >> problem domain. Which probably means: >> 2a. Your problem domain is ill defined. (Is it an MVC framework? >> CMS platform? Stop right there.) >> >> If that happens, just pick a new name! There are literally zillions >> to choose from. It doesn't matter how long you've slaved over the >> code to make your module, with the hope of using that name. They got >> it over the finish line first. That's how "first come first served" >> works. >> >> This is the warning. If you're reading this, and you have something >> that you're "intending" to publish "soon", hurry up! If your module >> is just a placeholder, it'll be removed the first time someone calls >> attention to it. >> >> It pains me to have to do administration of any sort. Really. You >> have no idea how lazy I am when it comes to petty things like this, >> and I don't enjoy being a hardass. But npm is not for owning words. >> It's for sharing code. Hack or get out of the way. -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
