npm ERR! code EPERM

Q: How do I prevent npm:EPERM in CI?

Keep npm cache and project directories owned by the build user. Avoid running project installs as root unless you know exactly why you need it. Ensure CI runners have enough disk space and sensible file descriptor limits.

Q: How can I manually validate npm:EPERM?

Check ownership/permissions for the failing path: `ls -la `.

What This Error Means

npm hit EPERM because the operating system denied the filesystem operation, commonly due to permissions, locks, antivirus, or Windows file handling.

Read this as a precise clue about which part of the workflow broke first. Once you know the failing layer, the fix path gets much shorter.

How to Fix It

The fastest fixes here come from checking the immediate failing layer before you change anything unrelated. Make one correction at a time and re-test from the same environment.

Identify the path npm is failing on (look for the last referenced file path in the error output).

Avoid sudo npm install for project installs. It often causes mixed ownership inside node_modules.

Fix ownership of npm cache and project folder (example:sudo chown -R $(whoami) ~/.npm).

If the error is for global installs, use a user-writable prefix (example:npm config set prefix ~/.npm-global) and ensure PATH includes it.

Retry after cleaning local state when safe (common:remove node_modules and retry install).

Why It Happens

The current user does not have permission to write to the project folder, npm cache, or global prefix.

Verify the Fix

Re-run the original command and confirm the filesystem error no longer appears.

If this is a permission fix, confirm new files in node_modules are owned by the expected user.

Manual filesystem checks

Check ownership/permissions for the failing path:ls -la <path>

Examples

npm ERR! code EPERM
npm ERR! errno EPERM

How npm writes files during install

This is the part worth understanding if the quick fix did not hold. It explains what npm is trying to do at the moment the error appears.

npm is reporting a failure at a specific layer of the workflow:local environment, configuration, remote service access, or artifact metadata.

The fastest path is to identify which layer broke first, then verify that layer directly instead of retrying the same high-level command and hoping for a different result.

Prevent It From Coming Back

To prevent this, keep npm cache and project directories owned by the build user, avoid running project installs as root unless you know exactly why you need it, and ensure CI runners have enough disk space and sensible file descriptor limits.

Docs and source code

github.com/npm/cli/blob/417daa72b09c5129e7390cd12743ef31bf3ddb83/workspaces/libnpmexec/lib/with-lock.js

Open-source npm CLI code reference tied to this error code. - GitHub

    try {
      await fs.mkdir(lockPath)
    } catch (err) {
      if (err.code !== 'EEXIST' && err.code !== 'EBUSY' && err.code !== 'EPERM') {
        throw err
      }