npm command - sudo or not?

Question

Currently I always run sudo npm install but as I understand it\'s not correct.

I want to have opportunity not to use it as root/Adm

Answer 1

I have found this to be a better solution

sudo chown -R $USER /Users/$USER

This will just change the owner of your user to you and npm should be installed under your user on OS X. Everything that I have been reading says sudo for npm installs is bad and I would have to agree with them as you open yourself up to malicious scripts.

Answer 2

In my opinion is the cleanest way to specify the npm prefix:

npm config set prefix ~/.node_modules

And then to add the following to you .bash_profile

export PATH=$HOME/.node_modules/bin:$PATH

Now the packages will install into your user directory and no permissions will be harmend.

---

EDIT: If you can't install yeoman, create a bash file in one of your PATH directories named yodoctor with the following contents

#!/bin/bash
yo doctor

Make the file executable with

chmod +x yodoctor

And now you should be able to install yeoman.

Answer 3

The two solutions offered here are are not something I would recommend because they are brute force solutions. Instead, I recommend reading One does not simply sudo npm

Answer 4

You can also do:

sudo chown -R $USER /usr/local

and recursively change the files to your current user.

Answer 5

It's possible (and advisable) to npm install -g node modules without sudo.

Check the permission of your /usr/local/share/npm/bin folder. I had installed node and npm through brew (without sudo) and that particular folder ended up being owned by root.

This fixed it for once and for all:

$ sudo chown $(whoami) /usr/local/share/npm/bin

(As for disallowing sudo with npm: you'd have to tweak npm for that. Your own node code could make use of https://npmjs.org/package/sudo-block, npm install sudo-block)

EDIT: even though this works, I no longer use -g. Instead use prefix (see next answer), or better yet use NIX https://unix.stackexchange.com/a/381797 (even on OSX)