This is the user on crates.io https://crates.io/users/swmon
There are 100+ crates and all of them are empty. It seems the user wants to sell the crate name in the future...
Shouldn't this classified as an abuse ? And is there any mechanism to prevent the similar things ?
There's been some discussion about this here: Crates.io squatting - #34 by zachlute - tools and infrastructure - Rust Internals, and in a number of other places in the past.
If I recall correctly, the policy is to allow it, but potentially force giving up the name if it's not being used and another person has a more legitimate use for it.
There are unfortunately several users that do this. strake and mahkoh are two other prolific ones.
The current policy is first-come first-served as described here:
We do not have any policies to define 'squatting', and so will not hand over ownership of a package for that reason.
i.e. there is nothing about what these users are doing that violates current crates.io policy.
I did a rough count three weeks ago and found that:
- 6% of published crates with
[a-z]+ names are name squats
- 8% of
[a-z]+ names up to 5 letters long are name squats
- 10% of
[a-z]+ names up to 4 letters long are name squats
- 12% of
[a-z]+ names up to 3 letters long are name squats
SO WE SHOULD ALL USE UPPERCASE NAMES NOW?