New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Regenerate integrity checks to sha512 #7399

Merged
merged 1 commit into from Jun 21, 2018

Conversation

Projects
None yet
3 participants
@danielbachhuber
Member

danielbachhuber commented Jun 20, 2018

@danielbachhuber danielbachhuber added this to the 3.1 milestone Jun 20, 2018

@danielbachhuber danielbachhuber requested a review from WordPress/gutenberg-core Jun 20, 2018

@gziolo

This comment has been minimized.

Member

gziolo commented Jun 20, 2018

I'm wondering if it all boils down to removing node_modules folder locally and running npm install again. @ntwb, do you happen to know why those sha values change so often between local setups?

At least this is how I was able to resolve the issue with seeing package-lock.json modified after checking out the latest master.

@gziolo gziolo requested a review from ntwb Jun 20, 2018

@danielbachhuber

This comment has been minimized.

Member

danielbachhuber commented Jun 20, 2018

I'm wondering if it all boils down to removing node_modules folder locally and running npm install again.

I was able to regenerate the sha512 values simply with npm install.

@ntwb

This comment has been minimized.

Member

ntwb commented Jun 21, 2018

AFAIK it is a caching issue, if npm had previously downloaded the same package/module version and stored it using a SHA1 hash then that is what is used when updating the lock file.

The typical fix is to npm cache clean --force when you find any patches you create are using SHA1/SHA256 in package-lock.json.

FWIW I enquired about this issue with npm support ~6 months ago as I believed there was anecdotal evidence that downloading from non-USA npm mirrors would cause an increase in instances of this issue, the resolution was to use the fix above and try again /shrug

@ntwb

ntwb approved these changes Jun 21, 2018

@gziolo

This comment has been minimized.

Member

gziolo commented Jun 21, 2018

Thanks @ntwb, let's get it in and try to avoid sha changes in package-json.lock in the future PRs. It should mitigate the issue. I'm sure we had the same issues with npm 5.6 or something.

@gziolo gziolo merged commit 82cfb4f into master Jun 21, 2018

2 checks passed

codecov/project 46.86% remains the same compared to c6cbfb0
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@gziolo gziolo deleted the regenerate-integrity branch Jun 21, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment