So today it finally happened.

Npm modules broke my system and / or endangered the security of my system.

Installed a global cli utility
That utility depends on package A
That depends on package B

That fucking install a bin called sudo

Yeah.. You heard it right a bin called sudo.

This bin goes in the global module folder that is piped in your path variable.

Now everytime you type sudo you are running somebody else code instead of your system utility.

I am shivering and at loss of swear words.

Opened an issue on the cli that started this matrioska game of horror.

Who the fuck tought that a bin called sudo would be a good fucking idea?

Oh and yes is even an harmless package that try to provide the sudo experience for windows (I went in to check the code of course..)

And I frigging need that cli for work

For now I aliased the sudo in my bashrc still i feel vulnerable and naked now.

Fixing the npm permissions..
This should be covered by a giant red light and skulls.
If you don't see the warning you broke sudo