Maybe not. But I'm not going to if I can help it, which is entirely doable by using Debian's package manager. And I avoid running things as root if I can help it. It's bad enough I need to run apt as root. The recent recent news hasn't increased my trust in npm.
Upstreams often mention distros in which their software is packaged, how the package is called and sometimes even the commands to install it.
In telling you how to install it. That's kind of the point - they all assume you're going to use npm to install it.
Doesn't seem very far fetched to use a node package manager to install a node package tho?
Maybe not. But I'm not going to if I can help it, which is entirely doable by using Debian's package manager. And I avoid running things as root if I can help it. It's bad enough I need to run apt as root. The recent recent news hasn't increased my trust in npm.