"We are always working on improving our policies and expand on our commitments to the community," Ahmad Nassri, npm, Inc. CTO told ZDNet in an email this week.
"To that end, we're making updates to our policies to be more explicit about the type of commercial content we do deem not acceptable."
According to these upcoming updates, npm will ban:
Packages that display ads at runtime, on installation, or at other stages of the software development lifecycle, such as via npm scripts.
Packages with code that can be used to display ads are fine. Packages that themselves display ads are not.
Packages that themselves function primarily as ads, with only placeholder or negligible code, data, and other technical content.
The "Standard" scandal
Linode and LogRocket, the two companies who signed up to show ads via Funding in developers' npm terminals, also backed out in the face of negative comments from web developers -- their primary customers.
In a blog post explaining the full Funding backstory and the motives behind the project, Aboukhadijeh cited ongoing work from the npm team to standardize CLI post-install scripts -- the mechanism used by Funding to show ads.
The upcoming change will allow developers to silence any type of non-error terminal messages, such as ads, or calls for donations -- an issue many times more widespread[1, 2, 3, 4, 5, 6] than Funding's ads ever were.
"The days of free-form post-install solicitations seem numbered," Aboukhadijeh said. "So while terminal ads may work for a little while longer, there are clearly better paths forward."