ATTENTION, Public Service Announcement: Do not upgrade your npm. Do not upgrade to 5.7.0, released yesterday.

It changes file permissions of /etc, /boot, /user, … when run with sudo. Avoid, duck, cover, whimper.

github.com/npm/npm/issues/1988

Follow

@rixx I find it disturbing that npm does not use the proper semver for pre-releases. "5.7.0" for me means "minor release", regardless of a tag in the delivery mechanism.

Sign in to participate in the conversation
chaos.social

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!