and yet it does for some reason. also in the windows for the programs it says it's using superuser even though no password was entered. how is this not a huge security risk?
nix, pip, npm, vim plugin manager, many other package manager can install without password.
user-wide packages meant to work like that.