From d8ac68c90c3bb6f4be2538dba9ca551721656c84 Mon Sep 17 00:00:00 2001
From: nlf <quitlahok@gmail.com>
Date: Wed, 1 Sep 2021 10:27:11 -0700
Subject: [PATCH] fix: sanitize env before spawning npm subprocess

---
 lib/install.js | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/lib/install.js b/lib/install.js
index f8ee7b32..929f733e 100644
--- a/lib/install.js
+++ b/lib/install.js
@@ -15,7 +15,15 @@ const devDeps = [
 ]
 
 const npm = (root, args) => {
+  const env = {}
+  for (const [key, value] of Object.entries(process.env)) {
+    if (!key.startsWith('npm_')) {
+      env[key] = value
+    }
+  }
+
   return spawn('npm', args, {
+    env,
     cwd: root,
     stdioString: true,
   })