Verify latest release
pnpm version
11.5.2
Which area(s) of pnpm are affected? (leave empty if unsure)
No response
Link to the code that reproduces this issue or a replay of the bug
https://github.com/jwadolowski/pnpm-tsx-pipe-einval
Reproduction steps
- Use a project with a single git-hosted dependency, e.g. using the following
package.json
{
"name": "app",
"private": true,
"dependencies": {
"@brave/leo": "github:brave/leo#55d9ea6e182df22dc046f693576c499aec25166d"
}
}
- Run
pnpm install as root inside a container
Describe the Bug
The issue happens when these things combine:
- the
pnpm install was started by root (this is key; everything works flawlessly for regular users)
- an IPC socket file is involved (the path to the file is limited to 108 characters - see docs)
- a
tsx process that creates an IPC server using the aforementioned file (the file is placed inside the TMPDIR)
- and finally,
pnpm itself that sets the TMPDIR (inside the pnpm store) to a fairly long path when executed in the root context
npm-install: > @brave/leo@0.0.1 prepare
npm-install: > npm run build
npm-install: > @brave/leo@0.0.1 build
npm-install: > npm run transform-tokens && npm run skiafy-icons && npm run android-icons && rollup -c rollup.config.js
npm-install: > @brave/leo@0.0.1 transform-tokens
npm-install: > tsx ./src/tokens/transformTokens.ts && tsc -p ./tsconfig-tokens.json
npm-install: node:net:1986
npm-install: const error = new UVExceptionWithHostPort(rval, 'listen', address, port);
npm-install: ^
npm-install: Error: listen EINVAL: invalid argument /root/.local/share/pnpm/store/v11/tmp/_tmp_7_3bb017a0e1b2c3bd1dcb930422244988/node_modules/.tmp/tsx-0/123.pipe
npm-install: at Server.setupListenHandle [as _listen2] (node:net:1986:21)
npm-install: at listenInCluster (node:net:2065:12)
npm-install: at Server.listen (node:net:2187:5)
npm-install: at file:///root/.local/share/pnpm/store/v11/tmp/_tmp_7_3bb017a0e1b2c3bd1dcb930422244988/node_modules/tsx/dist/cli.mjs:53:31537
npm-install: at new Promise (<anonymous>)
npm-install: at createIpcServer (file:///root/.local/share/pnpm/store/v11/tmp/_tmp_7_3bb017a0e1b2c3bd1dcb930422244988/node_modules/tsx/dist/cli.mjs:53:31515)
npm-install: at async file:///root/.local/share/pnpm/store/v11/tmp/_tmp_7_3bb017a0e1b2c3bd1dcb930422244988/node_modules/tsx/dist/cli.mjs:55:459 {
npm-install: code: 'EINVAL',
npm-install: errno: -22,
npm-install: syscall: 'listen',
npm-install: address: '/root/.local/share/pnpm/store/v11/tmp/_tmp_7_3bb017a0e1b2c3bd1dcb930422244988/node_modules/.tmp/tsx-0/123.pipe',
npm-install: port: -1
npm-install: }
npm-install: Node.js v24.16.0
npm-install: npm error code 1
npm-install: npm error path /root/.local/share/pnpm/store/v11/tmp/_tmp_7_3bb017a0e1b2c3bd1dcb930422244988
npm-install: npm error command failed
npm-install: npm error command sh -c npm run build
npm-install: npm notice
npm-install: npm notice New minor version of npm available! 11.13.0 -> 11.16.0
npm-install: npm notice Changelog: https://github.com/npm/cli/releases/tag/v11.16.0
npm-install: npm notice To update run: npm install -g npm@11.16.0
npm-install: npm notice
npm-install: npm error A complete log of this run can be found in: /root/.npm/_logs/2026-06-05T12_27_33_348Z-debug-0.log
npm-install: Failed
[ERR_PNPM_PREPARE_PACKAGE] Failed to prepare git-hosted package fetched from "https://codeload.github.com/brave/leo/tar.gz/55d9ea6e182df22dc046f693576c499aec25166d": @brave/leo@0.0.1 npm-install: `npm install`
The generated <pid>.pipe file path exceeds the 108-byte limit (effectively it's a 107-byte limit as the path has to be null-terminated):
$ echo -n '/root/.local/share/pnpm/store/v11/tmp/_tmp_7_3bb017a0e1b2c3bd1dcb930422244988/node_modules/.tmp/tsx-0/123.pipe' | wc -c
110
Noteworthy information - the exact same pnpm install works fine on my local machine and inside a container when a regular (non-root) user is used.
Expected Behavior
pnpm explicitly sets the TMPDIR whenever opts.unsafePerm is false, which is the case for root user. In most cases, this approach works fine, but whenever TMPDIR-stored files have some length constraints, this can lead to issues. I'm not entirely sure what should be the best way to move forward (there must be a reason why root's TMPDIR is set inside pnpm's store), but a TMPDIR path should account for that.
Which Node.js version are you using?
24.16.0
Which operating systems have you used?
If your OS is a Linux based, which one it is? (Include the version if relevant)
Debian 12
Verify latest release
pnpm version
11.5.2
Which area(s) of pnpm are affected? (leave empty if unsure)
No response
Link to the code that reproduces this issue or a replay of the bug
https://github.com/jwadolowski/pnpm-tsx-pipe-einval
Reproduction steps
package.json{ "name": "app", "private": true, "dependencies": { "@brave/leo": "github:brave/leo#55d9ea6e182df22dc046f693576c499aec25166d" } }pnpm installasrootinside a containerDescribe the Bug
The issue happens when these things combine:
pnpm installwas started byroot(this is key; everything works flawlessly for regular users)tsxprocess that creates an IPC server using the aforementioned file (the file is placed inside theTMPDIR)pnpmitself that sets theTMPDIR(inside thepnpmstore) to a fairly long path when executed in therootcontextThe generated
<pid>.pipefile path exceeds the 108-byte limit (effectively it's a 107-byte limit as the path has to be null-terminated):Noteworthy information - the exact same
pnpm installworks fine on my local machine and inside a container when a regular (non-root) user is used.Expected Behavior
pnpmexplicitly sets theTMPDIRwheneveropts.unsafePermisfalse, which is the case forrootuser. In most cases, this approach works fine, but wheneverTMPDIR-stored files have some length constraints, this can lead to issues. I'm not entirely sure what should be the best way to move forward (there must be a reason whyroot'sTMPDIRis set insidepnpm's store), but aTMPDIRpath should account for that.Which Node.js version are you using?
24.16.0
Which operating systems have you used?
If your OS is a Linux based, which one it is? (Include the version if relevant)
Debian 12