争议解决

See Details

本文档介绍了解决与其他 npm 发布者之间的命名争议时应采取的步骤。它还描述了如果你认为名称侵犯你的商标存在问题，应采取的步骤。

¥This document describes the steps that you should take to resolve naming disputes with other npm publishers. It also describes the steps you should take if you think a name infringes your trademark.

本文档是对 npm 行为准则和 npm 开源条款指南的补充。本文件中的任何内容均不得解释为与 npm 行为准则或开源条款的任何方面相抵触。

¥This document is additive to the guidelines in the npm Code of Conduct and npm Open-Source terms. Nothing in this document should be interpreted to contradict any aspect of the npm Code of Conduct or Open-Source Terms.

tl;dr

在 https://support.github.com/contact/npm-name-disputes 提交支持工单。

¥Open a support ticket at https://support.github.com/contact/npm-name-disputes.
请尽可能详细地填写表单。

¥Fill out the form with as much detail as possible.
支持人员将处理你的请求。请注意，提交报告并不能保证软件包、组织或用户名的转移。

¥Support will address your request. Please note submitting a report does not guarantee the transfer of a package, org, or username.

何时使用此流程

¥When to use this process

此流程非常适合以下情况：

¥This process is an excellent way to:

请求一个你认为目前具有误导性或可能与你公司或开源项目使用的名称混淆的名称

¥Request a name that you believe is currently misleading or could be confused with a name used by your company or open source project
请求一个与你的公司或开源项目相关的名称，该名称无法通过账户恢复进行认领

¥Request a name related to your company or open source project that cannot be claimed via account recovery

如果软件包违反了我们的使用条款规则（尤其是可接受的使用和可接受的内容规则）或行为准则规则，则此流程不适用。这些文件参考此文件来解决 "squatting" 的情况；见下文。

¥This process does not apply if the package violates our Terms of Use, in particular our Acceptable Use and Acceptable Content rules, or our Code of Conduct. Those documents refer to this one to resolve cases of "squatting"; see below.

如果你发现不良行为或你认为不可接受的内容，请参阅《行为准则》中有关举报违规行为的指导原则。你永远不需要自行解决滥用行为。我们随时为你提供帮助。

¥If you see bad behavior or content you believe is unacceptable, refer to the Code of Conduct for guidelines on reporting violations. You are never expected to resolve abusive behavior on your own. We are here to help.

何时不使用此流程

¥When not to use this process

由于缺乏与特定名称相关的活动，此流程不适用于争议请求。

¥This process is not available for dispute requests due to lack of activity related to a specific name.

另请注意，在某些情况下，一方可能拥有某个特定名称的所有权，但将该名称提供给请求方会对 npm 生态系统构成供应链风险。在这种情况下，无论声明是否有效，请求都可能会被拒绝。

¥Please also note there are cases where a party may have claim to a specific name, but giving that name to the requesting party would pose a supply-chain risk to the npm ecosystem. In such cases, requests may be denied independent of the validity of the claim.

商标

¥Trademarks

npm 根据 GitHub 的商标政策处理商标声明。

¥npm processes Trademark claims under GitHub's Trademark Policy.

如果你认为其他 npm 发布者侵犯了你的商标，例如使用容易混淆的相似软件包、组织或用户账户名称，请通过我们的 form 提交商标政策违规报告。

¥If you think another npm publisher is infringing your trademark, such as by using a confusingly similar package, org, or user account name, please submit a Trademark Policy Violation Report via our form.

npm 自身商标的使用受我们的徽标和使用政策约束。

¥Use of npm's own trademarks is covered by our Logo and Usage Policy.

变更

¥Changes

本文档为动态文档，可能会不时更新。请参阅此文档的 git 历史记录查看更改。

¥This is a living document and may be updated from time to time. Please refer to the git history for this document to view the changes.

定义

¥Definitions

抢注

¥Squatting

仅仅为了保留以备将来使用而发布软件包、注册用户名或组织名称违反了 npm 的使用条款原则。

¥It is against npm's Terms of Use to publish a package, register a user name or an organization name simply for the purposes of reserving it for future use.

我们不会主动扫描注册表以查找被抢注的软件包，因此，即使某个名称已被使用，我们也不认为该名称有效。我们认定抢注的标准取决于被抢注的内容：

¥We do not pro-actively scan the registry for squatted packages, so the fact that a name is in use does not mean we consider it valid. The standards for what we consider squatting depend on what is being squatted:

包

¥Packages

如果软件包没有真正的功能，则其名称将被视为非法抢注。

¥Package names are considered squatted if the package has no genuine function.

组织

¥Organizations

如果在合理的时间内没有发布软件包，则组织名称将被视为被抢注。如果某个组织是付费组织，它可能拥有第三方不可见的私有软件包。出于隐私原因，我们无法透露某个组织是否拥有私有软件包，因此付费组织绝不会被视为非法占用。

¥Organization names are considered squatted if there are no packages published within a reasonable time. If an organization is a paid organization, it may have private packages that are invisible to third parties. For privacy reasons, we cannot reveal whether or not an organization has private packages, so a paid organization will never be considered squatted.

用户名

¥User names

我们极不可能转让用户名的控制权，因为成为 npm 用户并且从未发布任何软件包是完全合法的：例如，你可能是某个组织的成员，或者需要对私有包拥有只读权限。

¥We are extremely unlikely to transfer control of a user name, as it is totally valid to be an npm user and never publish any packages: for instance, you might be part of an organization or need read-only access to private packages.