Skip to content
This repository has been archived by the owner on Jun 15, 2021. It is now read-only.

SHA512 check failing on npm #19

Closed
vigan-abd opened this issue Jun 11, 2021 · 8 comments
Closed

SHA512 check failing on npm #19

vigan-abd opened this issue Jun 11, 2021 · 8 comments

Comments

@vigan-abd
Copy link

Hi @JamesCullum seems that there's an issue in npm with latest release (v2.6.0)

root@scw-221e2d:~/dev# npm i fido2-library@2.6.0
npm ERR! code EINTEGRITY
npm ERR! sha512-rMySX7kJkQaFPNQxkwUEN3RdGFiUqRw8WIZPgggdyRdL1IH7mKjWgOcZwGWoUQBUAKgE6YYbEETGE0N1S7I6VA== integrity checksum failed when using sha512: wanted sha512-rMySX7kJkQaFPNQxkwUEN3RdGFiUqRw8WIZPgggdyRdL1IH7mKjWgOcZwGWoUQBUAKgE6YYbEETGE0N1S7I6VA== but got sha512-VLRAcYdF+nZcgiDBM8AjKRkDyQIe5sNMySr4YaxR210yxsjvqGyOAbM5GW0ZzqOPIRhqQOuAYWxrtFoifphIng==. (93368 bytes)

npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2021-06-11T16_08_04_700Z-debug.log

The issue seemed to happen on different environments, also got a fresh copy of package and compared sha512 manually and it was returning VLRAcYdF+nZcgiDBM8AjKRkDyQIe5sNMySr4YaxR210yxsjvqGyOAbM5GW0ZzqOPIRhqQOuAYWxrtFoifphIng== (hex: 54b440718745fa765c8220c133c023291903c9021ee6c34cc92af861ac51db5d32c6c8efa86c8e01b339196d19cea38f21186a40eb80616c6bb45a227e98489e).
Could you please investigate it further?
@vigan-abd
Copy link
Author

could it be related to experimental node version?

      "_nodeVersion": "15.14.0",
      "_npmVersion": "7.7.6",

See https://registry.npmjs.org/fido2-library for further details

@vigan-abd
Copy link
Author

Hi @JamesCullum, sorry to bother you, could you check if while doing npm publish you might have pushed some additional files? not sure about default npm publish behavior but maybe it pushes also some untracked files by git?

@vigan-abd
Copy link
Author

maybe this article is helpful on debugging the issue: https://blog.npmjs.org/post/165769683050/publishing-what-you-mean-to-publish.html

@JamesCullum
Copy link

Hey vigian, it is pushed via travis, just like many other libraries. You can see the command in the travis file.

@vigan-abd
Copy link
Author

Hi @JamesCullum, not sure what could be the issue but based on this post seems that travis might produce sometimes broken packages, could you please try to unpublish and then publish the version again?
Another post regarding travis issue travis-ci/travis-ci#4738

@vigan-abd
Copy link
Author

If it's ok for you maybe you could temporary grant me write access to package so I could debug the issue and possibly fix it?
https://www.npmjs.com/~vigan-abd

@JamesCullum
Copy link

I published v2.6.2 locally and didn't encounter the EINTEGRITY error - looks like travis is indeed the issue, thanks for raising this.

@vigan-abd
Copy link
Author

np, thanks a lot for publishing new version :)

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JamesCullum @vigan-abd