Keywords: PowerShell | TypeScript | Execution Policy | tsc.ps1 | npm
Abstract: This article delves into the error "tsc.ps1 cannot be loaded because running scripts is disabled on this system" encountered when executing the TypeScript compiler tsc in PowerShell. It begins by analyzing the root cause, highlighting that this is due to PowerShell's default execution policy restrictions, and explains the new feature introduced by npm starting from version 7, which uses PowerShell scripts (.ps1) instead of traditional batch files (.cmd). The article then presents two main solutions: first, modifying the execution policy to RemoteSigned with administrator privileges, which is the recommended best practice; second, temporarily using tsc.cmd as an alternative command. It also discusses the security implications and applicability of these methods, helping developers choose the appropriate approach based on their needs. Through code examples and step-by-step guides, the article ensures readers can resolve this issue safely and effectively.
Problem Background and Error Analysis
When executing the TypeScript compiler command tsc in a PowerShell environment, users may encounter the error message: "tsc.ps1 cannot be loaded because running scripts is disabled on this system." This error is not accidental but stems from PowerShell's security mechanisms. PowerShell defaults to the Restricted execution policy, designed to prevent unauthorized execution of malicious scripts, thereby protecting system security. When attempting to run .ps1 script files, this policy triggers security warnings or outright blocks execution.
It is important to note that this issue is closely related to updates in npm (Node Package Manager). Starting from npm version 7, to improve cross-platform compatibility and script functionality, npm began using PowerShell scripts (.ps1) instead of traditional Windows batch files (.cmd). This change means that on Windows systems, the TypeScript compiler (tsc) installed via npm now defaults to calling tsc.ps1 rather than tsc.cmd. Therefore, even if the tsc command worked fine in the past, upgrading npm may cause this error to appear for the first time, reflecting the dynamic evolution of the software ecosystem.
Core Solution: Modifying PowerShell Execution Policy
To permanently resolve this issue, the most effective method is to adjust PowerShell's execution policy. The execution policy defines the permission levels for running scripts in PowerShell, with several options such as Restricted (default, prohibits all scripts), RemoteSigned (allows local scripts and signed remote scripts), Unrestricted (allows all scripts but with warnings), etc. For most development scenarios, the RemoteSigned policy is recommended as it balances security and convenience, allowing local scripts (e.g., tsc.ps1) to execute freely while restricting only unsigned scripts from the internet.
Modifying the execution policy requires administrator privileges to ensure system security is not arbitrarily compromised. Here are the specific steps and code examples: First, open PowerShell as an administrator. This can be done by typing "PowerShell" in the Windows search bar, right-clicking on "Windows PowerShell" and selecting "Run as administrator." Then, execute the following command:
Set-ExecutionPolicy -ExecutionPolicy RemoteSignedThis command sets the execution policy to RemoteSigned. After execution, PowerShell will prompt for confirmation; enter Y and press Enter. To verify that the setting has taken effect, run:
Get-ExecutionPolicyIf the output displays RemoteSigned, it indicates the policy has been successfully updated. Thereafter, the tsc command should execute normally without additional intervention. This method is based on Answer 1 (score 10.0) and is recognized as best practice in official documentation and the community, as it fundamentally resolves script execution barriers while maintaining reasonable security protections.
Alternative Approach: Using the tsc.cmd Command
If users prefer not to modify system-wide execution policies or need only a temporary solution, they can use tsc.cmd as an alternative command. In npm version 7 and above, although tsc.ps1 has become the default entry point, the tsc.cmd file typically still exists in the TypeScript installation directory (e.g., node_modules\.bin\). By explicitly calling tsc.cmd, users can bypass PowerShell's restrictions on .ps1 scripts, as .cmd files are executed by the Windows command processor (cmd.exe) and are not affected by PowerShell policies.
Here are usage examples: To check the TypeScript compiler version, run:
tsc.cmd -vTo initialize a TypeScript configuration file, run:
tsc.cmd --initThis method is based on Answer 2 (score 6.8) and is suitable for quick testing or temporary use, but it may not be a long-term solution as it relies on the presence of specific files and could be deprecated in future npm updates. Additionally, it requires users to remember to use the .cmd suffix, adding operational complexity.
Security Considerations and Best Practices
When implementing the above solutions, security should always be a primary concern. While modifying the execution policy to RemoteSigned is convenient, users must understand its implications: this policy allows local scripts to run without restrictions, so scripts should only be installed and run from trusted sources (e.g., the official npm repository). If the system is used in high-security environments, it is advisable to regularly review execution policies and use Get-ExecutionPolicy -List to check settings across all scopes (e.g., MachinePolicy, UserPolicy).
For development teams, it is recommended to document PowerShell configuration requirements in project documentation or use scripts to automate settings. For example, an installation script can be created to check and adjust the execution policy when a project is first run. A code example is as follows:
if ((Get-ExecutionPolicy) -ne "RemoteSigned") {
Write-Host "Adjusting PowerShell execution policy..."
Set-ExecutionPolicy RemoteSigned -Scope CurrentUser -Force
}This script modifies the policy only in the current user scope, minimizing system-wide impact. In summary, by combining the permanence of the RemoteSigned policy with the temporariness of tsc.cmd, developers can flexibly choose based on specific needs, ensuring a smooth and secure TypeScript development workflow.