ATTENTION, Public Service Announcement: Do not upgrade your npm. Do not upgrade to 5.7.0, released yesterday.

It changes file permissions of /etc, /boot, /user, … when run with sudo. Avoid, duck, cover, whimper.

github.com/npm/npm/issues/1988

Follow

@rixx this is something I was waiting to happen since devs migrated off Linuxes and their system-wide user-respecting package managers and adopted the practice of running random shit from Internet with sudo.

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!