Following instructions here: npm throws error without sudo
I went ahead and run the following command in the terminal (admittedly I should have been more cautious):
sudo chown -R $(whoami) ~/.npm
Being new to these sort of commands, I'm now concerned that this may have caused a security issue on my system.
Is there anything I should be concerned about? If so, any way to fix it?
Thank you in advance.
No, ~/.npm is already in your home folder hence the ~ character. If you require sudo to install npm modules then you probably have node and npm install system wide. When you do this it puts the application data into /usr/local path, because this path is in your $PATH which means you shell looks for executables there. Its also readable by all users, so all users can use node/npm. You're not creating a security flaw with what you've done. You would, however, create a minor security problem if you were to chown your /usr/local/ directory. If you chown just the node_module global directory you wouldn't really create much of a security problem, but it would likely mean that you should just install node/npm on your user's account(in your home directory) where you have write access.
NVM is useful for this, it installs node/npm to your user account and adds its install path to your $PATH in your .bashrc. I don't recommend using NVM in production however, production is another ball game altogether, where you should probably learn how to create system services/daemons appropriately.
