Run npm and yarn inside docker [1]. Infact, do this for all risky tools[2] 1 - h...

anpat · 2025-11-24T19:39:01 1764013141

I think it's better to not run npm as root user on container. I would suggest adding --user 1000 to your docker run command.

ashishb · 2025-11-24T20:04:42 1764014682

> I think it's better to not run npm as root user on container. I would suggest adding --user 1000 to your docker run command.

Good point. Here's the improvement that work for me

https://github.com/ashishb/dotfiles/commit/fe4fb15fe867bf77a...

jayknight · 2025-11-24T20:59:35 1764017975

It gets tricky with private dependencies, then you have to pass some sort of token into the container to authenticate with the host when installing dependencies.

ashishb · 2025-11-24T21:25:00 1764019500

Definitely.

Would you prefer doing those tricks or exposing everything on your machine to random npm packages?