Tobias Nießen 0ae8bf8dbc msi: do not create AppData\Roaming\npm ... This effectively reverts e431cae7e7 due to security concerns. The directory is being created with elevated privileges but its path may depend on an unprivileged user's environment variables. Creating a directory in certain sensitive locations can cause Windows to become inoperable. Creating AppData\Roaming\npm was an intentional addition in order to resolve https://github.com/nodejs/node-v0.x-archive/issues/8141, which appears to have been a common issue for users of npm. However, this was implemented before 4cfe5eb9af, which changed the MSI installation scope to perMachine. There were concerns about creating the npm directory in that PR, albeit not related to security (see https://github.com/nodejs/node-v0.x-archive/pull/25640). Refs: https://github.com/nodejs/node-v0.x-archive/issues/8141 Refs: https://github.com/nodejs/node-v0.x-archive/pull/8838 Refs: https://github.com/nodejs/node-v0.x-archive/pull/25640 PR-URL: https://github.com/nodejs-private/node-private/pull/408 Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> CVE-ID: CVE-2023-30585		2023-06-20 17:30:15 -03:00
..
custom_actions	msi: migrate to WiX4	2023-03-22 22:16:57 +00:00
nodemsi	msi: do not create AppData\Roaming\npm	2023-06-20 17:30:15 -03:00
nodemsi.sln	msi: migrate to WiX4	2023-03-22 22:16:57 +00:00
NuGet.Config	msi: migrate to WiX4	2023-03-22 22:16:57 +00:00