Hacker News new | ask | show | jobs
by tus89 1789 days ago
And removing it will probably break half the internet. NPM is a nutshell.
1 comments
brundolf 1789 days ago
It's impossible to unpublish packages now.
link
behindsight 1789 days ago
I agree with the general sentiment, but if you do want to unpublish there is a policy available [0]

Key points being either:

- published within 72 hours and without any dependents

- no dependents, < 300/week downloads, single owner

Of course even with all that said there was also precedent for having it removed if you emailed them directly and it was up to their discretion (I believe this was prior to their acquisition so not sure if that still applies).

0: https://docs.npmjs.com/policies/unpublish

link
brundolf 1789 days ago
Technically. But the above is specifically designed to prevent someone from unpublishing a package that could "break half the internet", which is what the original poster was waxing on about.
link
galoisgirl 1788 days ago
Well, - has 56 dependents, so that ship has sailed.
link
baxuz 1788 days ago
Hopefully an npm alternative will come out, because npm and the entire node_modules & package.json resolution strategy is a joke.
link