Closed ratijas closed 4 years ago
// @Slayug
@sindresorhus https://github.com/sindresorhus/guides/pull/57
One downside to concatenating to PATH is that the recommended npm
upgrades no longer take effect:
From time to time npm
asks to update itself:
╭───────────────────────────────────────────────────────────────╮ │ │ │ New major version of npm available! 6.14.11 → 7.6.2 │ │ Changelog: https://github.com/npm/cli/releases/tag/v7.6.2 │ │ Run npm install -g npm to update! │ │ │ ╰───────────────────────────────────────────────────────────────╯
If npm
is installed globally (e.g. through homebrew or using the installer from nodejs.org) it will appear earlier in the path.
$ which npm
/usr/local/bin/npm
Following the instructions and running npm install -g npm
will update the version in the local directory rather than the global version, and since the global version is earlier in the path the newer version will never be used.
@apowers313 I guess having multiple installations is out of scope of this guide. That's a job for virtual environment managers. I'm not much into js world lately, but at least in Python ecosystem there are tools like virtualenv and virtualenvwrapper for that.
Also, at least in *NIX world, why would anyone upgrade npm
itself in any other way than through their system package manager, e.g. apt-get, apk, dnf, pacman, rpm etc.? That's prone to breakages, and highly likely that official support wouldn't take issues filed against custom installation problems.
Prepending to $PATH implies binaries in the added directory will take precedence ('overwrite') those in $PATH already. More often than not, such behavior is not desired and may even be a dangerous vulnerability. Especially in the case of untrusted packages from npm.