年前想搞定React的时候想了个骚操作:尝试用React的思路去做Vue的事情。又诞生了「Vue生态统一可以聚合」的骚想法,开始产生做Ahri的念头。想着那得搞个 npm 包吧,孤儿上线了。
嘛,在 npm 拿《英雄联盟》英雄名字抢注包名的做法都很弱智了,还“大义凛然”的在描述里写着:League of Legends hero.
关于第一次遇到它的时候,我就想算了,重新找合适的名字吧,但后来因为其他原因就搁置了。现在重新回坑,依然遇到这个问题,这次我不忍了,我打算找 npm 肛他!
寻找入口
首先看了profile页,发现没有举报入口。(从这里进了Twitter,让人感觉这是一个为了装逼而活着的人。
看看 npm 本身页面有没有什么入口,比如“联系我们”之类的邮箱总有吧,最后在最下面找到了Reporting Abuse。
不得不说 npm 连“因为名字打起来”的可能都想到了,那“因为孤儿操作”应该也会列入其中吧,果不其然。在骚扰举报一栏找到了控空包的情况:如果有用户注册无用空包,或者利用包进行乱七八糟的活动,可能有两种措施:ban 了这个用户;清除这些东西。
我一看到可以 ban 了他我就可兴奋了,于是,发邮件走起。
采取行动
操起我400分的4级水平英语,就开始写。
hi,
here a profile page: xxxxxx.this account keep a lot of empty packages which name as a role name in a game, it cause difficulty for me.
I NEED HELP! THANK YOU!
过了一会收到回信:
Our support hours are Monday through Friday, 9:00AM - 6:00PM PST, excluding US holidays.
Your request is being reviewed by our support staff and we’ll be responding soon.
To add additional comments, reply to this email.
噢,没在工作时间还行。过了几秒又收到一封邮件:
Hey there,
Thank you for reaching out. We hope you’re having a great week thus far, and are looking forward to responding to your request.
The npm support staff will be off on Wednesday, July 4th in observance of Independence Day. Due to this, you may experience some delay in expected reply times.
Thanks for your patience.
狗屎还带放假的?美国员工真的舒服啊,不加班,节假日放满。像我们这种997节假日还放不满的简直受到了6把无尽的暴击。
等了几天发现不对,没理我,再按照第一封发了一次,这次过了半天多才回。这次差点就怕我气到了,大概的意思就是你上次的 ticket 还没解决,如果你没问题了我们就关了。。。美国人上班都这么摸的?
又过了半天收到一封邮件,这次是技术客服(邮件是有人名的大佬)发来的:
Thanks for reaching out.
I was not able to find an account associated with (我发信的邮箱). Was there a specific one of these user’s package names you are interested in for a project?
If so, we may assist you with a transfer request or granting access to that package, depending on the package and contents.
有点着急,看了第一句之后,下面没仔细看,就有点想搞他,我就回信了。信的内容大概是这样:谢谢你的回复。这是我的项目名字(发了Ahri的GitHub Repo),这是我的 npm 账号(意识到发信的账号不对)。我对Ahri有兴趣,但他是个空的而且被占用了,我没办法使用,对吧?还有这个 B 恶意占用了大量的空包(跟上孤儿账号),他是不是同时违反了规则,是不是应该有所动作?
第二天(有时差),收到了回信,说包名已经转移到我的账号上:
Thanks for getting back to me with that information.
It’s all yours now, but you won’t be able to re-use any version numbers used by the previous author. In fact, I’d suggest publishing your first update as a major release, i.e., v1.0.0. Please publish an update to the package as soon as possible with your code.
我上了我的 npm 看了一眼,惊了…这就拿到了…
但并没有解放其他的空包和 ban 了他,这点我有点失望。总之,要到想要的包,这才是想要的结果。