These npm Enterprise Terms (version v6.0.1) and the Summary document or online form referencing them make up an agreement between npm, Inc., a Delaware corporation (npm) and the licensee named on the Summary (Licensee).
npm develops and provides computer software and services (npm Offerings) for installing, managing, and sharing packages of computer code, data, and programs (Packages). npm Offerings include a command-line interface (CLI) for interacting with repositories of Packages (each a Registry), a publicly accessible Registry at registry.npmjs.com (the Public Registry), and a website interface for interacting with the Public Registry at npmjs.com (the Website).
npm also develops software (npm Enterprise) for hosting a Registry (a Private Registry).
npm Enterprise is made up of:
npm's Packages, Packages that npm owns and maintains:
Open-Source Packages npm publishes to the Public Registry
Proprietary Packages npm publishes to enterprise.npmjs.com, an npm-operated Registry (the Proprietary npm Registry) for use by npm Enterprise licensees
Third-Party Packages, Packages not owned and maintained by npm:
Packages third parties publish to the Public Registry that npm's Packages Utilize
Packages third parties publish to software repositories associated with distributions of the Linux operating system (Linux Distribution Repositories), such as Debian package repositories, that npm's Packages Utilize
Packages third parties publish in source code form to software source code hosting platforms (Source Code Hosts), such as github.com, that npm's Packages Utilize
the License API, an application programming interface operated by npm at license.npmjs.com for managing npm Enterprise license keys (each a License Key)
npm grants Licensee a nonexclusive license (the Software License) to install and use npm Enterprise. npm further grants Licensee a nonexclusive right to use the Proprietary npm Registry and the License API to install, use, and update npm Enterprise (the Services License). Both the Software License and the Services License (the Licenses) are subject to the other terms of this agreement, including payment of fees (License Fees) and number of seats (Seats).
If Licensee has not licensed npm Enterprise before and the Summary provides for a free trial, Licensee will pay no License Fees, and have an unlimited number of Seats, for the number of calendar days on the Summary (the Free Trial). After any Free Trial, Licensee shall begin paying License Fees. Licensee will have the number of Seats on the Summary to start. Licensee may increase the number of Seats as the Summary describes.
The Licenses let Licensee:
download and install npm's Packages from the Public Registry and Proprietary npm Registry
run npm Enterprise to operate a Private Registry (Licensee's Registry)
allow as many Authorized Personnel to make requests of Licensee's Registry in any Month as Licensee has Seats for that Month
make a reasonable number of backup copies of npm's Packages to protect against data loss or inability to access the Public Registry and Proprietary npm Registry
The Licenses do not let Licensee:
license, sell, or lease npm Enterprise to third parties
facilitate or allow use of npm Enterprise by third parties
exceed the permissions given by licenses for any Third-Party Packages
remove or destroy any marking showing ownership, like a copyright or trademark notice, from any component of npm Enterprise
disable, avoid, or circumvent any security or access restrictions of npm Offerings, or access parts of npm Offerings not intended for access by you
strain infrastructure of npm Offerings, such as the Public Registry, Proprietary npm Registry, or License API with an unreasonable volume of requests, or requests that might impose an unreasonable load on npm IT systems
If any Authorized Personnel breaches any term of the Licenses, or if any third party breaches the terms of the Licenses under Licensee's direction or with Licensee's help, this agreement will treat that breach as if committed by Licensee itself. During the Term, npm may audit Licensee's compliance with this agreement and the Licenses at most once per calendar year.
npm shall give Licensee Notice containing a License Key no later than the third Business Day after the date of this agreement. Every License Key is Confidential Information of npm.
During the Term, npm shall publish documentation for npm Enterprise that enables a computer professional skilled in the installation and administration of server software on the Linux operating system to host Licensee's Registry using npm Enterprise, and to configure the features described in Functionality (Documentation).
npm shall provide support during the Term (Support Services) by responding to questions and requests for help concerning npm Enterprise from Authorized Personnel via the channels the Summary describes (Support Requests). npm shall respond to and prioritize Support Requests as the Summary describes. In return, Licensee shall pay the fees for Support Services on the Summary, if any (Support Fees).
Licensee's use of the Public Registry, Website, and npm Offerings other than npm Enterprise, if any, is governed by the terms for use of those npm Offerings.
Licensee shall pay License Fees and any Support Fees as the Summary describes. Licensee shall pay License Fees and any Support Fees in United States dollars, with interest of 1.5% per month (or the highest legal rate) on overdue amounts. No stated amounts of License Fees or Support Fees include tax. Licensee shall pay any tax on License Fees and any Support Fees. npm will not issue credits or refunds for part of any Month that is not a whole calendar month. Licensee shall give prompt Notice of any change to its method of payment during the Term.
npm retains every Intellectual Property Right and other legal right it has in npm Enterprise, including in any copies Licensee makes, except those rights expressly granted Licensee under this agreement. Licensee acknowledges npm owns every Intellectual Property Right in npm's Packages and npm Enterprise overall, and that other Packages available from the Registry remain property of their owners.
npm acknowledges Licensee retains every Intellectual Property Right it has as of the date of this agreement, acquires other than from npm under this agreement, and develops during the term of this agreement.
During the Term, starting after any Free Trial, npm may identify Licensee as an npm Enterprise licensee to current and potential customers, and may list Licensee's business name and logotype in promotional materials, such as on the Website.
The parties may exchange confidential information (Confidential Information). Confidential Information includes information marked or identified as confidential and information the other party should reasonably understand to be confidential in context, including the terms of this agreement. Each party shall keep Confidential Information of the other secret with at least the same degree of care it takes with its own secrets, and never less than reasonable care. Neither party shall disclose Confidential Information to any third party, other than to their officers, directors, employees, attorneys, and accountants, or as required by law. This agreement does not limit either party's use of information learned outside any confidential relationship, independently developed by or for it, acquired from a third party it didn't know was required to keep it confidential, or become public other than by breach of this agreement. If a party's personnel breach these confidentiality obligations, this agreement will treat that breach as if committed by the party itself.
npm makes the statements in Warranties instead of other express and implied warranties. npm expressly disclaims any warranties the law might otherwise imply, like warranties of merchantability, fitness for any particular purpose, title, or noninfringement.
npm states that during the Term, the Latest Stable Version of npm Enterprise will support the features described at https://npmjs.com/enterprise as of the date of this agreement.
npm states that during the Term, the Latest Stable Version of npm Enterprise will Utilize only Third-Party Packages that are Open-Source Packages when the Latest Stable Version is released.
npm states that during the Term, the Latest Stable Version of npm Enterprise will Utilize only Third-Party Packages from Linux Distribution Repositories and Source Code Hosts, if any, that are publicly accessible free of charge.
npm states that during the Term, a version of CLI compatible with the Latest Stable Version of npm Enterprise will be available free of charge on Open-Source Terms.
Except for material breach of Confidentiality or Indemnification by npm, Licensee's sole remedy for damage or loss relating to npm Enterprise, Support Services, this agreement, or any material, information, or services furnished by npm under this agreement will be npm's choice of:
replacement of relevant software or material, or reperformance services
return or credit of the appropriate portion of amounts received by npm from Licensee
This limit applies even if damage or loss is caused by npm's negligence or breach of warranty.
Except for obligations under Indemnification, no party's liability under this agreement will exceed the amount received by npm from Licensee under this agreement during the 12 _Month_s before the claim for recovery. This limit applies even if the liable party is advised the other may suffer damages. Neither party will be liable for breach-of-contract damages they could not have reasonably foreseen when entering this agreement.
Subject to Indemnification Exceptions, npm shall indemnify and hold Licensee harmless for all liability, expenses, damages, and costs from any third-party claims, demands, lawsuits, or other actions alleging that Licensee's use of npm Enterprise infringes any third-party copyright or trade secret right. To be indemnified, Licensee must provide Notice of any action as soon as possible, allow npm to control defense and settlement, and cooperate with that defense.
npm will not indemnify or hold Licensee harmless for any third-party action based on any of:
use of npm Enterprise in breach of this agreement
use of npm Enterprise as Licensee modified, added to, or combined it with other software, equipment, or data (Licensee Combination), if infringement would not have occurred without Licensee Combination and Licensee Combination was not described by the Documentation
use of other than the Latest Stable Version of npm Enterprise, if Licensee received Notice that infringement could have been avoided by using the Latest Stable Version
use of Third-Party Packages, if Licensee would infringe by using those Third-Party Packages alone, and not as part of npm Enterprise or to install npm Enterprise
use of npm Enterprise after receiving notice from a third party, or otherwise becoming aware, that use infringes a third-party copyright or trade secret right, unless Licensee gave Notice of that fact to npm within 5 _Business Day_s of becoming aware of it
Indemnification by npm describes Licensee's only remedy and npm's only liability relating to infringement of any Intellectual Property Right.
If a third party brings an action covered by Indemnification by npm, or if npm believes a third party will likely bring an action, npm may secure Licensee the right to continue using npm Enterprise, replace or modify npm Enterprise to avoid infringement, or, if neither of those is reasonably possible, terminate this agreement and refund all License Fees paid by Licensee.
Licensee shall indemnify and hold npm harmless for all liability, expenses, damages, and costs from actions under Indemnification Exceptions as well as any third-party claims, demands, lawsuits, or other actions based on breach of this agreement by Licensee or content Licensee stores using npm Enterprise.
The Term begins on the date the Summary states, and otherwise when Licensee agrees to these terms. Unless the Summary says otherwise, the Term continues for the initial term on the Summary, then renews automatically for consecutive one-year periods, and either party can end the Term by giving Notice at least 30 calendar days before it would otherwise renew. When the Term ends, the terms of the Licenses also end. When the term of any of the Licenses ends, the Term also ends.
If either party materially breaches any part of this agreement that is not subject to a specific sole remedy and fails to correct that breach within 10 calendar days of Notice, the Notice giving party may terminate this agreement immediately on Notice. npm may terminate this agreement immediately on Notice of Licensee's breach of Licenses or Confidentiality.
Licenses, Responsibility and Audit, Indemnification, Warranties, Limits, Assignment, Intellectual Property, and Confidentiality continue to apply after the Term. All provisions of this agreement about payment also apply after the Term, until all required payments are made.
California law will govern any adversarial proceeding relating to this agreement or Licensee use of npm Enterprise (a Dispute). Each party shall bring any Dispute only in the appellate jurisdiction of the Northern District of California, or, if there is no federal subject matter jurisdiction, in any state court sitting in San Francisco, California. The parties waive objection to exclusive jurisdiction, venue, or forum when a Dispute is brought in such a court.
npm may assign this agreement to an Affiliate or any third party that obtains direct or indirect possession of the power to direct or cause direction of the management or policies of npm, or substantially all the assets of npm. Otherwise, neither party shall assign rights under this agreement or any of the Licenses, together, separately, voluntarily, involuntarily, by merger, consolidation, dissolution, operation of law, or otherwise, without the other party's Permission. Any purported assignment of rights in breach of this agreement is void.
Neither party shall delegate any performance under this agreement without the other party's Permission. Any purported delegation of performance in breach of this agreement is void.
This agreement is the whole understanding of the parties about use of npm Enterprise. It replaces all other agreements about npm Enterprise between the parties. This agreement does not give legal rights or remedies to any third party.
Neither exercising any right under this agreement nor waiving any breach of this agreement prevents any later claim for breach. Amendments to this agreement must be written and signed by the parties. Electronically signed and delivered copies of this agreement and any amendments to this agreement will be as effective as hand-signed counterparts delivered in hard copy.
Notice is effective on receipt. Each party shall reply by email to confirm receipt of emailed Notice when received.
Affiliate means any legal person that another legal person has control over, is under the control of, or is under common control with.
Authorized Personnel means each employee and independent contractor of Licensee or any Affiliate of Licensee.
Business Day means a day other than Saturday, Sunday, or a day when commercial banks in San Francisco are authorized or legally required to close.
Intellectual Property Right means any patent, copyright, or trade secret right, or any other legal right in a work, invention, or proprietary information.
Latest Stable Version of software means the most-recent version of that software promoted by its author as suitable for use in production, rather than merely test or development, systems.
Month means a whole or partial calendar month during the Term.
Notice means written communication from one party to the other by registered or certified mail, courier, or email. Notice to Licensee must be sent to the street addresses or email address for Licensee on the Summary. Notice to npm must be sent to 1999 Harrison Street, Suite 1150, Oakland, California 94612 or email@example.com. Either party may change its postal or email address for Notice by giving Notice of a new address.
Open-Source Terms means the terms of a form license approved by the Open Source Initiative or a substantially similar license. For example, the MIT License is Open-Source Terms, as is the JSON License.
Open-Source Packages means Packages npm reasonably believes to be available for license by Licensee, free of charge, on Open-Source Terms. Written statements by authors of Packages, copies of or references to Open-Source Terms in "README," "LICENSE," source code, or similar files within Packages, and licensing metadata of Packages, such as values of "license" and "licenses" fields in "package.json" files, are grounds for reasonable belief that Packages are Open-Source Packages.
Permission of a party means prior Notice of its consent.
Proprietary Packages means Packages that are not Open-Source Packages.
Term means the term of this agreement.
Utilize means to depend on, install, configure, or link another package, directly or indirectly. Packages that list other Packages as dependencies in their "package.json" files Utilize those Packages. Packages that install other Packages from Linux Distribution Repositories or Source Code Hosts Utilize those Packages.
Last modified September 19, 2017 Found a typo? Send a pull request!