Skip to content

Create npm Continuity Policy #1483

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
Jul 8, 2025
+35 −0
Merged

Create npm Continuity Policy #1483

Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
12f3890
Create npm continuity policy
ruddermann Jun 16, 2025
4eb1a4f
Update project-resources/npm-continuity-policy.md
ruddermann Jul 1, 2025
a939989
Update project-resources/npm-continuity-policy.md
ruddermann Jul 1, 2025
2ba6044
Update npm-continuity-policy.md
ruddermann Jul 1, 2025
5f45cfe
Update project-resources/npm-continuity-policy.md
ruddermann Jul 1, 2025
e87075d
Update project-resources/npm-continuity-policy.md
ruddermann Jul 1, 2025
acdd1c0
Update project-resources/npm-continuity-policy.md
ruddermann Jul 2, 2025
f392fff
Update npm-continuity-policy.md
ruddermann Jul 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 35 additions & 0 deletions project-resources/npm-continuity-policy.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
# OpenJS npm Continuity Policy

## Summary

This policy is intended to ensure that OpenJS npm Packages and Organizations remain accessible and manageable. It applies to all packages that are published on npm and part of a project.

It addresses the following use cases:

* Managing projects and users when maintainers are inactive or unreachable
* [Deprecating packages](https://docs.npmjs.com/deprecating-and-undeprecating-packages-or-package-versions) when maintainers are no longer reachable
* Adding or removing npm Organization members in emergency situations

# Continuity Options for Projects

### Option 1: Add an OpenJS Continuity Account to your npm Organization(s) and/or Packages

If you select this option a new, dedicated OpenJS account will be created specifically for your Project. The OpenJS Executive Director will manage this account.
If your project already has a dedicated continuity account in place, share the credentials securely (ideally a shared password manager) with the Executive Director.

To initiate this process, please create an issue in the [Infrastructure repository](https://github.com/openjs-foundation/infrastructure/issues/new?template=IT-SUPPORT-REQUEST.yml).

* If you use npm Organizations, you will add this account to your Organization(s) and grant it the Owner role.
* If you don’t use npm Organizations, you will add this account as an Owner to your npm Packages.

### Option 2: Opt Out

Projects that feel their governance is sufficient to provide continuity may opt out of this policy by requesting an exception from the CPC.

To initiate this process, please create an issue in the [CPC repository](https://github.com/openjs-foundation/cross-project-council/issues).

- Organizations with 1-2 maintainers in the Owner role are the highest priority for this policy and are unlikely to be granted an exception.
- Organizations with 3 or more maintainers in the Owner role who have been active in the past [6||12] months will be considered for an exception.

Please contact the OpenJS Foundation ([[email protected]](mailto:[email protected])) for questions or help with this policy.