sindresorhus
commented
4 years ago // @Slayug
Closed ratijas closed 4 years ago
sindresorhus
commented
4 years ago // @Slayug
Slayug
commented
4 years ago @sindresorhus https://github.com/sindresorhus/guides/pull/57
apowers313
commented
3 years ago One downside to concatenating to PATH is that the recommended npm upgrades no longer take effect:
From time to time npm asks to update itself:
╭───────────────────────────────────────────────────────────────╮ │ │ │ New major version of npm available! 6.14.11 → 7.6.2 │ │ Changelog: https://github.com/npm/cli/releases/tag/v7.6.2 │ │ Run npm install -g npm to update! │ │ │ ╰───────────────────────────────────────────────────────────────╯
If npm is installed globally (e.g. through homebrew or using the installer from nodejs.org) it will appear earlier in the path.
$ which npm
/usr/local/bin/npmFollowing the instructions and running npm install -g npm will update the version in the local directory rather than the global version, and since the global version is earlier in the path the newer version will never be used.
ratijas
commented
3 years ago @apowers313 I guess having multiple installations is out of scope of this guide. That's a job for virtual environment managers. I'm not much into js world lately, but at least in Python ecosystem there are tools like virtualenv and virtualenvwrapper for that.
ratijas
commented
3 years ago Also, at least in *NIX world, why would anyone upgrade npm itself in any other way than through their system package manager, e.g. apt-get, apk, dnf, pacman, rpm etc.? That's prone to breakages, and highly likely that official support wouldn't take issues filed against custom installation problems.
Prepending to $PATH implies binaries in the added directory will take precedence ('overwrite') those in $PATH already. More often than not, such behavior is not desired and may even be a dangerous vulnerability. Especially in the case of untrusted packages from npm.