don't allow execution of post installation scripts (vulnerability)

npm config set ignore-scripts true