Using sudo with npm install is actually a bad idea. It is better to just install to a directory that you own.
Using sudo with `npm install` is actually a bad idea. It is better to just install to a directory that you own.
Thanks for the suggestion! I've sent it to the writer and PM for review.
Cool. I'm pretty sure that this advice is correct but I'm not a world expert at npm haha.
So reading a bit more on this, it looks like this may have been how things once were, but aren't anymore (not an npm expert either.) Anyway, looking at https://github.com/npm/npm, it notes that npm will downgrade itself to nobody if ran using sudo, to prevent running arbitrary scripts as root. This seems to solve the problem.
Just wanted to follow up on this thread. It looks like we're okay with leaving the text as-is for now? @NickHeiner, @Blackmist, agreed?
Closer per the thread discussing the proposed change.