[BUG] npx executing runsv cli

[pandasoli]

Is there an existing issue for this?

• I have searched the existing issues

This issue exists in the latest npm version

• I am using the latest npm

Current Behavior

Running npx sv create my-app runs /usr/bin/sv which is runit (service-manager)'s cli interface.

Expected Behavior

I expected to download and run the sveltekit cli (https://npmjs.com/package/sv).

Steps To Reproduce

1. On KISS linux (https://kisslinux.github.io) - But might also work on any other system with runit
2. Run npx sv create my-app
3. See a non-expected answer like:

fail: my-app: can't change to service directory: No such file or directory

Which is the result of running sv create my-app manually.

Environment

• npm: 11.2.0
• Node.js: v23.9.0
• OS Name: KISS
• System Model Name: PC
• npm config:

; node bin location = /usr/bin/node
; node version = v23.9.0
; npm local prefix = /home/eli
; npm version = 11.2.0
; cwd = /home/eli
; HOME = /home/eli
; Run `npm config ls -l` to show all defaults.

[pandasoli]

Maybe this could be fixed by looking for executable files only in the path where npm installs them and when it comes to /usr/bin only allow execution of files installed by npm.

This would avoid execution of any executable file, which might also be a security issue. npx ls runs /usr/bin/ls, so it might also be able to run programs the user would not have permission to.

[milaninfy]

Closing this as duplicate/similer of #8190