Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News Npm Bans Packages Which Display Ads via Its Command Line Interface

Npm Bans Packages Which Display Ads via Its Command Line Interface

Leia em Português

npm, Inc., the company behind the popular eponymous JavaScript package manager, will no longer allow packages which display ads. The upcoming change will also enable developers to silence any type of non-error terminal messages, including those which push ads or call for donations.

Ahmad Nassri, CTO for npm, Inc, detailed in an email to ZDnet the upcoming changes in npm policies:

[…] we’re making updates to our policies to be more explicit about the type of commercial content we do deem not acceptable.

ZDnet details the packages which will no longer be allowed:

  • Packages that display ads at runtime, on installation, or at other stages of the software development lifecycle, such as via npm scripts.
  • Packages with code that can be used to display ads are fine. Packages that themselves display ads are not.
  • Packages that themselves function primarily as ads, with only placeholder or negligible code, data, and other technical content.

The policy changes come after Standard, a JavaScript style guide, linter, and formatter, experimented with funding, a npm package which installs open source software, and displays a message from a supporting company. Feross Aboukhadijeh, the maintainer of both Standard and Funding, together with 100+ packages on npm, shows an example of such messages:

example of message displayed by the funding npm package

Aboukhadijeh took pains to explain in detail the motivations behind the experiment and its self-imposed limitations:

The current model of sustaining open source is not working. We desperately need more experimentation. This is one such experiment.
[…] The goal is to make sure that packages are well-maintained now and for the foreseeable future, with regular releases, improved reliability, and timely security patches. Healthy open source packages benefit users and maintainers alike.
[…] There is no tracking or data collecting — and it will always stay this way. You can look at the code to verify – indeed, this is the beauty of open source!
[…] you can permanently silence funding by adding an environment variable OPEN_SOURCE_CONTRIBUTOR=true to your terminal environment.
[…] funding also respects npm’s loglevel setting, so e.g. npm install --silent and npm install --quiet will be respected.

The community of JavaScript developers received the experiment with mixed feelings. Some developers quickly published packages (like no-cli-ads, or npm-adblock) to block command line interface ads.

Other developers, among which open source maintainers and open source contributors, emphasize the right for package authors to ask users to support their projects, outline the fact that the free nature of such software does not entitle users to dictate policy, and point at a long list of packages displaying donation messages.

Developers generally seem to be in agreement about the necessity to find a path for sustainable funding for open-source projects, while disagreeing on the path towards such goal. As one developer mentions:

[ad funding] is not the perfect end solution, but that’s not the point - it is about moving the conversation about how to build healthy relationships between our commons and companies forward.

Aboukhadijeh decided to cancel the funding experiment and shared his thoughts on the lessons learnt and possible ways forward to allow open-source software to capture a larger part of the value they create.

Rate this Article