Botched npm Update Crashes Linux Systems, Forces Users to Reinstall

Found on Bleeping Computer on Thursday, 22 February 2018

A bug in npm (Node Package Manager), the most widely used JavaScript package manager, will change ownership of crucial Linux system folders, such as /etc, /usr, /boot.

"This destroyed 3 production server after a single deploy!," one affected user said in a GitHub bug report today. Many others users have taken to Twitter to describe similar issues with dev and production servers, and warn other users not to update.

The bug was first reported a week ago but was left without an answer from npm developers.

Another massive failure coming from npm. This is your reminder that you should never install such a badly designed product that comes with aweful maintenance.

Browse all articles« Previous « » Next »