Upgraded npm from 8.5.5 to 8.15.0 (via node upgrade), noticed that npm now attempts running scripts from temp dir #635
Replies: 1 comment
-
|
Starting from npm v8.11.0, npm uses a new feature called "Secure Fetch" to improve the security of package installations. This involves creating and running scripts in a temporary directory, and it seems to be causing issues in your case due to your company's GPO policy and AppLocker restrictions. To force npm to use a different temporary directory, you can set the Replace This will temporarily set the Alternatively, you can set the
Keep in mind that changing environment variables may affect other processes, so it's essential to be cautious and test the changes in your specific environment. Also, remember that this is a workaround, and you might want to check for updates or changes in npm that address these issues in the future. |
Beta Was this translation helpful? Give feedback.
-
So as the title says, I recently upgraded from node 16.15.1 to node 16.17.0. and with it npm got upgraded from 8.5.5 to 8.15.0.
I immediately noticed npm now creates the scripts it needs to run in
%LOCALAPPDATA%\Temp\<number>\and attempts to run them from there ( I am on windows 10). My company's gpo policy and applocker prevent running scripts from this particular location. now nothing runs anymore. I can't find the entry in the change log related to this. anyone has an explanation?The solution I have in mind is to force a different temp dir for node/npm to work around the situation, but that won't work if node.exe is explicitly called . Is there a way to tell node to use a certain temp folder, different than the OS's mandated one?
Beta Was this translation helpful? Give feedback.
All reactions