The npm Bug
-
Show-stopping bug appears in npm Node.js package manager
Are you a developer who uses npm as the package manager for your JavaScript or Node.js code? If so, do not -- I repeat do not -- upgrade to npm 5.7.0. Nothing good can come of it. As one user reported, "This destroyed 3 production servers after a single deploy!"
So, what happened here? According to the npm GitHub bug report, "By running sudo npm under a non-root user (root users do not have the same effect), filesystem permissions are being heavily modified. For example, if I run sudo npm --help or sudo npm update -g, both commands cause my filesystem to change ownership of directories such as /etc, /usr, /boot, and other directories needed for running the system. It appears that the ownership is recursively changed to the user currently running npm."
-
Botched npm Update Crashes Linux Systems, Forces Users to Reinstall
A bug in npm (Node Package Manager), the most widely used JavaScript package manager, will change ownership of crucial Linux system folders, such as /etc, /usr, /boot.
Changing ownership of these files either crashes the system, various local apps, or prevents the system from booting, according to reports from users who installed npm v5.7.0. —the buggy npm update.
- Login or register to post comments
- Printer-friendly version
- 5344 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Unlucky Linux boxes trampled by NPM code update, patch zapped
Unlucky Linux boxes trampled by NPM code update, patch zapped
Buggy update to JavaScript package manager npm...
Buggy update to JavaScript package manager npm is crashing Linux systems
Framed as security issue
NPM update changes critical Linux filesystem permissions, breaks everything
Npm Update Crashes Linux Systems