{"id":20541630,"url":"https://github.com/cnpm/unpkg-white-list","last_synced_at":"2026-05-06T08:04:52.875Z","repository":{"id":240321466,"uuid":"802312749","full_name":"cnpm/unpkg-white-list","owner":"cnpm","description":"npmmirror.com 允许开启 unpkg 功能的白名单列表，避免被当作网盘滥用","archived":false,"fork":false,"pushed_at":"2026-04-01T06:52:52.000Z","size":1157,"stargazers_count":47,"open_issues_count":0,"forks_count":231,"subscribers_count":13,"default_branch":"master","last_synced_at":"2026-04-01T16:39:39.815Z","etag":null,"topics":["npm","npmmiror","unpkg"],"latest_commit_sha":null,"homepage":"https://npmmirror.com","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cnpm.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-05-18T00:48:49.000Z","updated_at":"2026-04-01T06:52:55.000Z","dependencies_parsed_at":"2024-05-29T04:47:25.149Z","dependency_job_id":"4f5f1595-a04a-45a4-8065-248e71bf43af","html_url":"https://github.com/cnpm/unpkg-white-list","commit_stats":null,"previous_names":["cnpm/unpkg-white-list"],"tags_count":286,"template":false,"template_full_name":null,"purl":"pkg:github/cnpm/unpkg-white-list","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cnpm%2Funpkg-white-list","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cnpm%2Funpkg-white-list/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cnpm%2Funpkg-white-list/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cnpm%2Funpkg-white-list/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cnpm","download_url":"https://codeload.github.com/cnpm/unpkg-white-list/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cnpm%2Funpkg-white-list/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31520577,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-07T16:28:08.000Z","status":"ssl_error","status_checked_at":"2026-04-07T16:28:06.951Z","response_time":105,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["npm","npmmiror","unpkg"],"created_at":"2024-11-16T01:25:06.378Z","updated_at":"2026-04-07T17:00:38.162Z","avatar_url":"https://github.com/cnpm.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# unpkg-white-list\n\n[![NPM version](https://img.shields.io/npm/v/unpkg-white-list.svg?style=flat-square)](https://npmjs.org/package/unpkg-white-list)\n[![CI](https://github.com/cnpm/unpkg-white-list/actions/workflows/nodejs.yml/badge.svg)](https://github.com/cnpm/unpkg-white-list/actions/workflows/nodejs.yml)\n\n\u003e [!IMPORTANT]\n\u003e **🚫 禁止添加 GKD 订阅规则相关的包**\n\u003e\n\u003e 本项目 **不接受** 任何与 [GKD（去广告/跳广告）](https://github.com/gkd-kit/gkd) 订阅规则相关的包申请，包括但不限于包名或 scope 中包含 `gkd`、`gkd-subscription`、`gkd_subscription` 等关键词的包。\n\u003e\n\u003e **原因：** 这类包不是真正的 npm library，而是利用 npmmirror CDN 来分发 GKD 广告屏蔽订阅规则文件，属于滥用 CDN 资源。此类 PR 将被直接关闭。\n\n- [npmmirror.com](https://npmmirror.com) 允许开启 [unpkg 功能](https://www.yuque.com/egg/cnpm/files)的白名单列表，避免 https://x.com/fengmk2/status/1791498406923215020 类似问题\n  - `allowPackages` 字段：用于添加指定包名和版本号，示例：\n\n    ```json\n    \"allowPackages\": {\n      \"urllib\": {\n        \"version\": \"*\"\n      }\n    }\n    ```\n\n  - `allowScopes` 字段：用于添加指定 scope，示例：\n\n    ```json\n    \"allowScopes\": [\n      \"@eggjs\",\n      \"@ant-design\"\n    ]\n    ```\n\n- npmmirror sync package tgz 超大文件白名单列表，避免 https://x.com/fengmk2/status/1999821026012889567 类似问题\n  - `allowLargePackages` 字段：用于添加指定包名和版本号，示例：\n\n    ```json\n    \"allowLargePackages\": {\n      \"aws-cdk-lib\": {\n        \"version\": \"*\"\n      }\n    }\n    ```\n\n  - `allowLargeScopes` 字段：用于添加指定 scope，示例：\n\n    ```json\n    \"allowLargeScopes\": [\n      \"@next\",\n      \"@swc\"\n    ]\n    ```\n\n## 添加白名单方式\n\n\u003e [!NOTE]\n\u003e 尽量使用 CLI 添加白名单，它可以确保字段顺序和格式正确，避免手动修改 `package.json` 文件。\n\n### unpkg 白名单添加指定包名和版本号\n\n用 CLI 添加你想开启 unpkg 文件同步的 npm 包名和版本号，全量同步版本号可以设置为 `*`，以同步 [urllib](https://npmmirror.com/package/urllib) 为示例：\n\n```bash\n# npm run add -- --pkg={package name}[:{version range}]\nnpm run add -- \"--pkg=urllib\" # 同步 urllib 所有版本\n# or\nnpm run add -- \"--pkg=urllib:1.0.0\" # 同步 urllib 1.0.0 版本\n# or\nnpm run add -- \"--pkg=urllib:\u003e=1.0.0\" # 同步 urllib 大于等于 1.0.0 版本\n```\n\n_你将会看到 package.json 文件中的 `allowPackages` 字段被更新，如下所示：_\n\n```json\n\"allowPackages\": {\n  ...\n  \"urllib\": {\n    \"version\": \"*\"\n  }\n  ...\n}\n```\n\n### unpkg 白名单添加指定 scope\n\n\u003e [!WARNING]\n\u003e 为避免滥用，申请添加的 scope 必须已包含热门包（如周下载量超过 1 万）。我们不接受为刚创建且无热门包的 scope 添加白名单。\n\n当然你发布的是 scoped package，可以用 CLI 添加 scope 到白名单 `allowScopes`：\n\n```bash\nnpm run add -- --scope=@eggjs\n```\n\n_你将会看到 package.json 文件中的 `allowScopes` 字段被更新，如下所示：_\n\n```json\n\"allowScopes\": [\n  ...\n  \"@eggjs\",\n  ...\n]\n```\n\n### sync package tgz 超大文件白名单添加指定包名和版本号\n\n用 CLI 添加你想开启 npmmirror sync package tgz 超大文件同步的 npm 包名和版本号，全量同步版本号可以设置为 `*`，以同步 [aws-cdk-lib](https://npmmirror.com/package/aws-cdk-lib) 为示例：\n\n```bash\n# npm run add -- --large-pkg={package name}[:{version range}]\nnpm run add -- \"--large-pkg=aws-cdk-lib\" # 同步 aws-cdk-lib 所有版本\n# or\nnpm run add -- \"--large-pkg=aws-cdk-lib:1.0.0\" # 同步 aws-cdk-lib 1.0.0 版本\n# or\nnpm run add -- \"--large-pkg=aws-cdk-lib:\u003e=1.0.0\" # 同步 aws-cdk-lib 大于等于 1.0.0 版本\n```\n\n_你将会看到 package.json 文件中的 `allowLargePackages` 字段被更新，如下所示：_\n\n```json\n\"allowLargePackages\": {\n  ...\n  \"aws-cdk-lib\": {\n    \"version\": \"*\"\n  }\n  ...\n}\n```\n\n### sync package tgz 超大文件白名单添加指定 scope\n\n\u003e [!WARNING]\n\u003e 为避免滥用，申请添加的 scope 必须已包含热门包（如周下载量超过 1 万）。我们不接受为刚创建且无热门包的 scope 添加白名单。\n\n当然你发布的是 scoped package，可以用 CLI 添加 scope 到白名单 `allowLargeScopes`：\n\n```bash\nnpm run add -- --large-scope=@next\n```\n\n_你将会看到 package.json 文件中的 `allowLargeScopes` 字段被更新，如下所示：_\n\n```json\n\"allowLargeScopes\": [\n  ...\n  \"@next\",\n  ...\n]\n```\n\n## 提交 PR 并等待合并生效\n\n修改完成后提交一个 `Pull Request` 合并到 master 分支，等待 Review，合并后会自动发布，预计最长 5 分钟后会全网生效。\n\n### Pull Request 标题规范\n\n本项目使用 [Conventional Commits](https://www.conventionalcommits.org/) 规范，所有 Pull Request 的标题必须符合 [semantic-release](https://semantic-release.gitbook.io/) 要求。\n\n由于本项目使用 squash 合并方式，最终的 commit message 会基于 PR 标题生成，因此 PR 标题格式如下：\n\n```\n\u003ctype\u003e(\u003cscope\u003e): \u003csubject\u003e\n\n\u003cbody\u003e\n\n\u003cfooter\u003e\n```\n\n**Type 类型：**\n\n- `feat`: 新功能（会触发 minor 版本更新）\n- `fix`: Bug 修复（会触发 patch 版本更新）\n- `perf`: 性能优化（会触发 patch 版本更新）\n- `docs`: 文档修改（不会触发版本更新）\n- `style`: 代码格式修改（不影响代码含义，不会触发版本更新）\n- `refactor`: 代码重构（不会触发版本更新）\n- `test`: 测试相关修改（不会触发版本更新）\n- `build`: 构建系统或依赖项修改（不会触发版本更新）\n- `ci`: CI 配置文件修改（不会触发版本更新）\n- `chore`: 其他不修改 src 或 test 文件的修改（不会触发版本更新）\n- `revert`: 回退之前的 commit（不会触发版本更新）\n\n**示例：**\n\n```bash\nfeat: add lodash to allowPackages\nfeat(allowScopes): add @babel scope\nfix: correct semver range validation\ndocs: update README with commit guidelines\n```\n\n**Breaking Changes:**\n\n如果包含破坏性变更，需要在 type 后加 `!` 或在 footer 中说明：\n\n```bash\nfeat!: remove deprecated API\n# or\nfeat: add new feature\n\nBREAKING CHANGE: This removes the old API\n```\n\nCI 会自动检查 Pull Request 标题是否符合规范，不符合规范的 PR 将无法通过检查。\n\n## for admins\n\nblock sync packages and scopes:\n\n```bash\nnpm run add -- --block-sync-pkg=colors\nnpm run add -- --block-sync-scope=@sdjkals\n```\n\n## License\n\n[MIT](LICENSE)\n\n## Contributors\n\n[![Contributors](https://contrib.rocks/image?repo=cnpm/unpkg-white-list)](https://github.com/cnpm/unpkg-white-list/graphs/contributors)\n\nMade with [contributors-img](https://contrib.rocks).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcnpm%2Funpkg-white-list","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcnpm%2Funpkg-white-list","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcnpm%2Funpkg-white-list/lists"}