From npm version v6.11.0, npm install --unsafe-perm no works.
Would you please follow the bug template, or at least clarify what you expected --unsafe-perm to do that is not working?
There were some pretty big changes around file ownership in v6.11.0 which might have affected this, but I didn’t see --unsafe-perm mentioned in the release notes: Release: 6.11.0
What I Wanted to Do
As root run “npm install --unsafe-perm” npm should not drop to another user
What Happened Instead
npm install --unsafe-perm seems to be ignored the option and drops to another user.
Add a package to dependencies that shows the uid when being install and comfirm that v6.10.3 works and v6.11.0 does not.
Seems to break also on docker node:alpine images now.
“npm WARN tar ENOENT: no such file or directory, open ‘… /node_modules/.staging/ …”
Just quick fix I run “npm install -g email@example.com” on Dockerfile as else npm (6.11) package install will fail as root.