Skip to content

Commit 866b5ee

Browse files
authored
docs: safer documentation urls, repos, packages (#8030)
Noticed some of the resources pointed to external sites not controlled by npm or github and wanted to clean them up so they can't be squatted on.
1 parent 7f6c997 commit 866b5ee

File tree

1 file changed

+53
-53
lines changed

1 file changed

+53
-53
lines changed

docs/lib/content/configuring-npm/package-json.md

Lines changed: 53 additions & 53 deletions
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ Some tips:
4747
that name already, before you get too attached to it.
4848
<https://www.npmjs.com/>
4949

50-
A name can be optionally prefixed by a scope, e.g. `@myorg/mypackage`. See
50+
A name can be optionally prefixed by a scope, e.g. `@npm/example`. See
5151
[`scope`](/using-npm/scope) for more detail.
5252

5353
### version
@@ -80,7 +80,7 @@ The URL to the project homepage.
8080
Example:
8181

8282
```json
83-
"homepage": "https://github.com/owner/project#readme"
83+
"homepage": "https://github.com/npm/example#readme"
8484
```
8585

8686
### bugs
@@ -94,8 +94,8 @@ It should look like this:
9494
```json
9595
{
9696
"bugs": {
97-
"url": "https://github.com/owner/project/issues",
98-
"email": "project@hostname.com"
97+
"url": "https://github.com/npm/example/issues",
98+
"email": "example@npmjs.com"
9999
}
100100
}
101101
```
@@ -204,8 +204,8 @@ like this:
204204
```json
205205
{
206206
"name" : "Barney Rubble",
207-
"email" : "b@rubble.com",
208-
"url" : "http://barnyrubble.tumblr.com/"
207+
"email" : "barney@npmjs.com",
208+
"url" : "http://barnyrubble.npmjs.com/"
209209
}
210210
```
211211

@@ -214,7 +214,7 @@ you:
214214

215215
```json
216216
{
217-
"author": "Barney Rubble <b@rubble.com> (http://barnyrubble.tumblr.com/)"
217+
"author": "Barney Rubble <barney@npmjs.com> (http://barnyrubble.npmjs.com/)"
218218
}
219219
```
220220

@@ -232,7 +232,7 @@ string URL, or an array of objects and string URLs:
232232
{
233233
"funding": {
234234
"type" : "individual",
235-
"url" : "http://example.com/donate"
235+
"url" : "http://npmjs.com/donate"
236236
}
237237
}
238238
```
@@ -241,14 +241,14 @@ string URL, or an array of objects and string URLs:
241241
{
242242
"funding": {
243243
"type" : "patreon",
244-
"url" : "https://www.patreon.com/my-account"
244+
"url" : "https://www.patreon.com/user"
245245
}
246246
}
247247
```
248248

249249
```json
250250
{
251-
"funding": "http://example.com/donate"
251+
"funding": "http://npmjs.com/donate"
252252
}
253253
```
254254

@@ -257,12 +257,12 @@ string URL, or an array of objects and string URLs:
257257
"funding": [
258258
{
259259
"type" : "individual",
260-
"url" : "http://example.com/donate"
260+
"url" : "http://npmjs.com/donate"
261261
},
262-
"http://example.com/donateAlso",
262+
"http://npmjs.com/donate-also",
263263
{
264264
"type" : "patreon",
265-
"url" : "https://www.patreon.com/my-account"
265+
"url" : "https://www.patreon.com/user"
266266
}
267267
]
268268
}
@@ -539,9 +539,9 @@ same shortcut syntax you use for `npm install`:
539539

540540
```json
541541
{
542-
"repository": "npm/npm",
542+
"repository": "npm/example",
543543

544-
"repository": "github:user/repo",
544+
"repository": "github:npm/example",
545545

546546
"repository": "gist:11081aaa281",
547547

@@ -635,7 +635,7 @@ For example, these are all valid:
635635
"baz": ">1.0.2 <=2.3.4",
636636
"boo": "2.0.1",
637637
"qux": "<1.0.0 || >=2.3.1 <2.4.5 || >=2.5.2 <3.0.0",
638-
"asd": "http://asdf.com/asdf.tar.gz",
638+
"asd": "http://npmjs.com/example.tar.gz",
639639
"til": "~1.2",
640640
"elf": "~1.2.3",
641641
"two": "2.x",
@@ -714,7 +714,7 @@ included. For example:
714714
"dependencies": {
715715
"express": "expressjs/express",
716716
"mocha": "mochajs/mocha#4727d357ea",
717-
"module": "user/repo#feature\/branch"
717+
"module": "npm/example-github-repo#feature\/branch"
718718
}
719719
}
720720
```
@@ -773,7 +773,7 @@ For example:
773773
774774
```json
775775
{
776-
"name": "ethopia-waza",
776+
"name": "@npm/ethopia-waza",
777777
"description": "a delightfully fruity coffee varietal",
778778
"version": "1.2.3",
779779
"devDependencies": {
@@ -803,21 +803,21 @@ For example:
803803

804804
```json
805805
{
806-
"name": "tea-latte",
806+
"name": "@npm/tea-latte",
807807
"version": "1.3.5",
808808
"peerDependencies": {
809-
"tea": "2.x"
809+
"@npm/tea": "2.x"
810810
}
811811
}
812812
```
813813

814-
This ensures your package `tea-latte` can be installed *along* with the
815-
second major version of the host package `tea` only. `npm install
814+
This ensures your package `@npm/tea-latte` can be installed *along* with the
815+
second major version of the host package `@npm/tea` only. `npm install
816816
tea-latte` could possibly yield the following dependency graph:
817817

818818
```bash
819-
├── tea-latte@1.3.5
820-
└── tea@2.2.0
819+
├── @npm/tea-latte@1.3.5
820+
└── @npm/tea@2.2.0
821821
```
822822

823823
In npm versions 3 through 6, `peerDependencies` were not automatically
@@ -849,14 +849,14 @@ For example:
849849

850850
```json
851851
{
852-
"name": "tea-latte",
852+
"name": "@npm/tea-latte",
853853
"version": "1.3.5",
854854
"peerDependencies": {
855-
"tea": "2.x",
856-
"soy-milk": "1.2"
855+
"@npm/tea": "2.x",
856+
"@npm/soy-milk": "1.2"
857857
},
858858
"peerDependenciesMeta": {
859-
"soy-milk": {
859+
"@npm/soy-milk": {
860860
"optional": true
861861
}
862862
}
@@ -879,17 +879,17 @@ If we define a package.json like this:
879879

880880
```json
881881
{
882-
"name": "awesome-web-framework",
882+
"name": "@npm/awesome-web-framework",
883883
"version": "1.0.0",
884884
"bundleDependencies": [
885-
"renderized",
886-
"super-streams"
885+
"@npm/renderized",
886+
"@npm/super-streams"
887887
]
888888
}
889889
```
890890

891-
we can obtain `awesome-web-framework-1.0.0.tgz` file by running `npm pack`.
892-
This file contains the dependencies `renderized` and `super-streams` which
891+
we can obtain `@npm/awesome-web-framework-1.0.0.tgz` file by running `npm pack`.
892+
This file contains the dependencies `@npm/renderized` and `@npm/super-streams` which
893893
can be installed in a new project by executing `npm install
894894
awesome-web-framework-1.0.0.tgz`. Note that the package names do not
895895
include any versions, as that information is specified in `dependencies`.
@@ -914,8 +914,8 @@ dependency. For example, something like this:
914914
915915
```js
916916
try {
917-
var foo = require('foo')
918-
var fooVersion = require('foo/package.json').version
917+
var foo = require('@npm/foo')
918+
var fooVersion = require('@npm/foo/package.json').version
919919
} catch (er) {
920920
foo = null
921921
}
@@ -957,63 +957,63 @@ what version your dependencies rely on:
957957
```json
958958
{
959959
"overrides": {
960-
"foo": "1.0.0"
960+
"@npm/foo": "1.0.0"
961961
}
962962
}
963963
```
964964

965965
The above is a short hand notation, the full object form can be used to allow
966966
overriding a package itself as well as a child of the package. This will cause
967-
`foo` to always be `1.0.0` while also making `bar` at any depth beyond `foo`
967+
`@npm/foo` to always be `1.0.0` while also making `@npm/bar` at any depth beyond `@npm/foo`
968968
also `1.0.0`:
969969

970970
```json
971971
{
972972
"overrides": {
973-
"foo": {
973+
"@npm/foo": {
974974
".": "1.0.0",
975-
"bar": "1.0.0"
975+
"@npm/bar": "1.0.0"
976976
}
977977
}
978978
}
979979
```
980980

981-
To only override `foo` to be `1.0.0` when it's a child (or grandchild, or great
981+
To only override `@npm/foo` to be `1.0.0` when it's a child (or grandchild, or great
982982
grandchild, etc) of the package `bar`:
983983
984984
```json
985985
{
986986
"overrides": {
987-
"bar": {
988-
"foo": "1.0.0"
987+
"@npm/bar": {
988+
"@npm/foo": "1.0.0"
989989
}
990990
}
991991
}
992992
```
993993
994-
Keys can be nested to any arbitrary length. To override `foo` only when it's a
995-
child of `bar` and only when `bar` is a child of `baz`:
994+
Keys can be nested to any arbitrary length. To override `@npm/foo` only when it's a
995+
child of `@npm/bar` and only when `@npm/bar` is a child of `@npm/baz`:
996996

997997
```json
998998
{
999999
"overrides": {
1000-
"baz": {
1001-
"bar": {
1002-
"foo": "1.0.0"
1000+
"@npm/baz": {
1001+
"@npm/bar": {
1002+
"@npm/foo": "1.0.0"
10031003
}
10041004
}
10051005
}
10061006
}
10071007
```
10081008

10091009
The key of an override can also include a version, or range of versions.
1010-
To override `foo` to `1.0.0`, but only when it's a child of `bar@2.0.0`:
1010+
To override `@npm/foo` to `1.0.0`, but only when it's a child of `@npm/bar@2.0.0`:
10111011
10121012
```json
10131013
{
10141014
"overrides": {
1015-
"bar@2.0.0": {
1016-
"foo": "1.0.0"
1015+
"@npm/bar@2.0.0": {
1016+
"@npm/foo": "1.0.0"
10171017
}
10181018
}
10191019
}
@@ -1028,17 +1028,17 @@ package you wish the version to match with a `$`.
10281028
```json
10291029
{
10301030
"dependencies": {
1031-
"foo": "^1.0.0"
1031+
"@npm/foo": "^1.0.0"
10321032
},
10331033
"overrides": {
10341034
// BAD, will throw an EOVERRIDE error
10351035
// "foo": "^2.0.0"
10361036
// GOOD, specs match so override is allowed
10371037
// "foo": "^1.0.0"
10381038
// BEST, the override is defined as a reference to the dependency
1039-
"foo": "$foo",
1039+
"@npm/foo": "$foo",
10401040
// the referenced package does not need to match the overridden one
1041-
"bar": "$foo"
1041+
"@npm/bar": "$foo"
10421042
}
10431043
}
10441044
```

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy