Feature request: Add config option to prevent accidental installation of packages in directories without package.json

[sryze]

For example, I have a project with a nested structure (monorepo) where frontend code is located a few levels deep in the directory hierarchy:

project/
- module1
--- ...
- module2
--- src
--- frontend-src/
------ package.json
------ package-lock.json
------ node_modules

I often accidentally run npm install to add a new frontend dependency while being in the wrong directory, which results in automatic creation of node_modules, package.json, package-lock.json in the wrong place. I don't how many people besides me run into this problem, maybe everyone else is much more disciplined about checking their CWD.

If indeed it's a common problem, I would like to propose a config flag that could be added to ~/.npmrc to prevent situations like this, i.e. only allow installing non-global packages while inside a directory with an existing package.json file.

install-only-with-package-json = true

[kchindam-infy]

Hi @sryze
Thank you for the suggestion, According to GitHub guidelines, new feature and suggestions are discussed in the npm feedback forum. Recommended to open a discussion in the npm feedback forum. You can visit here https://github.com/npm/feedback/discussions

[sryze]

@kchindam-infy OK, thanks. BTW the correct discussion link seems to be this: https://github.com/orgs/community/discussions/categories/npm?discussions_q=category%3Anpm