[node] - Install pnpm as non-root user to prevent root-owned npm cache#1625
Conversation
Kaniska244
left a comment
Kaniska244
left a comment
There was a problem hiding this comment.
Hi @brianhelba
Thank you for the contribution. Would you kindly bump the node feature version.
|
@Kaniska244 Done. This is simply a bugfix and doesn't add or remove features, so I bumped the patch version. |
Kaniska244
left a comment
Kaniska244
left a comment
There was a problem hiding this comment.
To be further reviewed by maintainers.
Hi @brianhelba Would you please accept the above license agreement. |
|
@Kaniska244 Sorry, I'm awaiting approval from my employer. I'm hoping this will be quick. |
|
@microsoft-github-policy-service agree company="Kitware, Inc." |
|
@Kaniska244 All done. |
abdurriq
left a comment
abdurriq
left a comment
There was a problem hiding this comment.
Thank you for your contribution! I've left a couple comments which I would appreciate if you could review and address.
|
@abdurriq I've left responses to all feedback. Could you please review? |
Currently, the pnpm installation block runs `npm install -g pnpm` in
a bare subshell as root, unlike every other npm/nvm operation in the
script which uses `su ${USERNAME}`. This causes the npm cache directory
to be created owned by `root:root`, leading to `EACCES` errors for the
non-root user on subsequent npm operations.
This is particularly reproducible on macOS with Rosetta 2 emulation,
where the cache directory may not already exist from prior steps.
Note, the explicit setting of proxy env vars (`http_proxy`, `https_proxy`,
`no_proxy`) is likely a workaround for npm/cli#6835.
No other commands in this script use that workaround anymore, so this change
uses the same `su` syntax as all other commands.
|
@abdurriq I've rebased this to fix merge conflicts. I've also replied to all of your feedback. If you disagree with any of my responses and want me to make specific changes, please let me know. I'd like to get this bug fixed any way possible. |
abdurriq
left a comment
abdurriq
left a comment
There was a problem hiding this comment.
LGTM, I've just bumped the minor version to make it more clear that this could be a change that breaks existing config.
3 participants
Currently, the pnpm installation block runs
npm install -g pnpmin a bare subshell as root, unlike every other npm/nvm operation in the script which usessu ${USERNAME}. This causes the npm cache directory to be created owned byroot:root, leading toEACCESerrors for the non-root user on subsequent npm operations.This is particularly reproducible on macOS with Rosetta 2 emulation, where the cache directory may not already exist from prior steps.
Note, the explicit setting of proxy env vars (
http_proxy,https_proxy,no_proxy) is likely a workaround for npm/cli#6835. No other commands in this script use that workaround anymore, so this change uses the samesusyntax as all other commands.