Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
When you run npm prune it will display warn allow-scripts messages for packages configured in allowScripts as approved scripts.
Expected Behavior
No warn allow-scripts messages should appear during npm prune if the package is configured in allowScripts as an approved script.
Steps To Reproduce
- Create a folder and add the following
package.json:
{
"devDependencies": { "dtrace-provider": "0.8.8" },
"allowScripts": { "dtrace-provider": true }
}
- Run
npm prune
- The following output is displayed:
up to date, audited 3 packages in 652ms
found 0 vulnerabilities
npm warn allow-scripts 1 package has install scripts not yet covered by allowScripts:
npm warn allow-scripts dtrace-provider@0.8.8 (install: node-gyp rebuild)
npm warn allow-scripts
npm warn allow-scripts Run `npm approve-scripts --allow-scripts-pending` to review, or `npm approve-scripts <pkg>` to allow.
Environment
- npm: 11.16.0
- Node.js: v26.2.0
- OS Name: macOS 26.5
- System Model Name: iMac
- npm config:
Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
When you run
npm pruneit will displaywarn allow-scriptsmessages for packages configured inallowScriptsas approved scripts.Expected Behavior
No
warn allow-scriptsmessages should appear duringnpm pruneif the package is configured inallowScriptsas an approved script.Steps To Reproduce
package.json:{ "devDependencies": { "dtrace-provider": "0.8.8" }, "allowScripts": { "dtrace-provider": true } }npm pruneEnvironment