Problems with npm publish, why is my node spam?

I write lot of nodes for Node-Red .
Since 2 days I want put this nodes to npm with npm publish.
Every time I become following error:

403 Forbidden - PUT - Package name triggered spam detection; if you believe this is in error, please contact support at
npm ERR! 403 In most cases, you or one of your dependencies are requesting
npm ERR! 403 a package version that is forbidden by your security policy.

I contact npm, but no answer.

How can I solve this ?
Is there an alternative to npm for Node-Red ?

Thanks for your help

Hi @iiot2k,
could it be that you are working an another computer? Then you might need to do login to npm once (see here)...

Thank you for answer.
No, I have only one computer.
Yes I do login with npm login and than npm publish.
npm make my :rage:

node.js - npm publish failed with Package name triggered spam detection - Stack Overflow

The name in package.json was: node-red-contrib-redplc-rpi-pcf8575
npm reports it as spam.
I change the name to node-red-contrib-redplc-pcf8575-rpi
Same npm reports it as spam.
I change the name to node-red-contrib-pcfxxxx-redplc
Publish successfully.
npm don't like numbers in packet name and recognizes as spam.
Stupid npm :rage: the name of chip is pcf8575, which name should I use ?

1 Like

npm publish works now.

This is the answer of npm:


Thanks for reaching out.

We've initiated some blocks related to package names. Our hope is this will help with both security and spam concerns we're facing.

As support, we're able to move beyond the block. I've published node-red-contrib-redplc-rpi-pcf8575@0.0.1-security . I've transferred write access to the package over to your @xxx user account. You should now be able to publish a new version, though you'll be unable to reuse any of the past version numbers.

Please let us know if there is anything else we can do for you. We’ll be here to help.

Thanks so much.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.