New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
integrity checksum failed when using sha1 - Node v8+ #13635
Comments
|
So the issue here is this warning right? That looks like an npm issue, you should raise this on their tracker (npm/npm). A cursory glance at their tracker suggests this is a duplicate of npm/npm#17146. |
|
I'll close this, comment if I've misunderstood something and I'll reopen. |
|
thanks @gibfahn I'll post it over there. |
|
Troll comment deleted. Next time it's a perma-ban, @chaudharisuresh997. |
Getting error while installing npm package |
|
12256 verbose type OperationalError |
|
Same here 8949 verbose node v8.4.0 |
|
Hi @Rogasch I will suggest you to completely uninstall node and npm. Also delete npm and npm-cache folder. And reinstall using node-v6.11.2-x86.msi installer. |
|
i had the same issue and |
|
I got this problem when I got package-lock.json included in the commit. After removing package-lock.json I could run npm install without errors again. |
|
@GottfridL but how this package-lock,json works? Why is been generated? Because your solution worked for me but when the command finished a message saying that I need a package-lock.json file show up, even though the running was successfully npm notice created a lockfile as package-lock.json. You should commit this file. |
|
We have been getting the same issue on our Travis builds ever since upgrading to Node 8 and including package-lock.json in our commits. npm 5.5.1 |
|
Hi folks, For me, the "clear cache" option worked - but not using the commands npm commands ! (this will be different for everyone, but maybe it helps) TLDR : Clear cache. Do it manually if it still occurs. |
Does |
|
@gibfahn Regarding the Registry, in my case, I think the issue was that the JSON file with info was not able to be saved and so the SHA check could not be performed. |
|
For me there was a running instance of npm hanging in memory. After killing the process the problem disappeared |
|
I guess package-lock.json must stay commited and updated.. Since this file grants that the same packages used and tested in development stage will be the same.. |
|
In other words: removing package-lock.json works, however it's is not the right solution. |
|
I had the same problem after upgrading to nodejs 10.x. I had to npm install npm -g, then delete all the package-lock.json files. This allows us to build more of our application but there are still some incompatibilities somewhere and we are trying to sort them out. |
|
having same issue on my MacBookPro , when I go to my project and issue |
|
close the node server and run command, it's worked for me. |
|
For anyone still having this issue, the problem is with the package-lock.json file. For people working in a team, Don't commit your package-lock.json file so anyone picking up your project will get a freshly generated package-lock.json file after running |
|
Thank you @bunday, it solved the issue for me! |
|
@bunday If you delete the package-lock.json everybody will make updates to the packages on their own. The goal of package-lock is to prevent this. |
|
Deleting package-lock.json is a one-time-fix for this problem, please don't take the advise of:
It is intended to be commit to create some semblance of stability in your dependency tree, it's very useful especially with CI and deploying your project somewhere that installs the node_modules remotely. Committing package-lock.json is better than committing node_modules, which is insane. |
|
npm install -g solved my problem ! |
|
@sudipt1999 in my case, the problem was that we installed from registry A which was saved to package-lock, then sometime later we changed to registry B in .npmrc and tried to install again. For whatever reason, the SHA1 was different between these two registries. The solution was to delete package-lock and node_modules, and then re-generate dependencies and package-lock with npm i. |
|
Had the same problem . Deleting |
@jakewhelan, any issue with not committing package-lock.json and relying on good 'ol package.json? I know this removes some efficiencies gained with package.lock but I'm tired of dealing with developers using different node versions and/or yarn and running into issues where package.lock gets out of sync. The fix seems to always be deleting package.lock. Its not worth the trouble IMHO. I don't think anyone is suggesting committing node_modules ;) |
The issue is that good 'ol package.json only cares about respecting the Semver specification, it doesn't give a crap about whether your app works or not. It also doesn't care about keeping track of your dependency legacy. If you don't commit package-lock.json you run the risk of having different dependencies each time you A further problem is that should you ever need to roll back, or go back to a previous version to debug something all of your dependencies will be different from the last time you were there - you will never be able to reproduce that one dependency-related production issue without package-lock.json because your dependency legacy is lost without package-lock.json. It's a lot of moving parts that personally I'm not comfortable with. In my opinion there are only two sane options that allow for complete confidence in your app:
|
|
To be honest @wrabbit23 our workflow is that each time we install the app for local development, we delete the package-lock.json and node_modules anyway then install fresh. This would solve your problem. As long as the app is still working after you That's the best of both worlds. |
|
We remove ^ and ~ from our versions in all of our package.json files. We want absolute control. It doesn't make any problems for us. |
|
this worked |
It helpful.resolved this proble by using this way. |
|
None of the above worked for me |
This helped me resolve the issue |

The error I'm getting when I run npm install is:
npm install
Some up front info:
package.json
{ "name": "gizmo_web_app", "version": "0.1.0", "engines": { "node": "8.1.0", "npm": "5.0.3" }, "private": true, "dependencies": { "bootstrap": "^3.3.7", "chalk": "^1.1.3", "confidence": "^3.0.2", "lodash": "^4.17.4", "node": "^0.0.0", "prop-types": "^15.5.9", "react": "^15.5.4", "react-bootstrap": "^0.31.0", "react-dom": "^15.5.4", "react-redux": "^5.0.5", "react-router-dom": "^4.1.1", "react-test-renderer": "^15.5.4", "redux": "^3.6.0", "redux-logger": "^3.0.1", "reselect": "^3.0.1", "superagent": "^3.5.2", "zxcvbn": "^4.4.2" }, "devDependencies": { "babel-eslint": "^7.2.3", "babel-plugin-transform-object-rest-spread": "^6.23.0", "babel-preset-es2015": "^6.24.1", "babel-preset-react-app": "^2.2.0", "chai": "^3.5.0", "chai-enzyme": "^0.6.1", "enzyme": "^2.8.2", "eslint": "^3.19.0", "eslint-config-airbnb": "^14.1.0", "eslint-plugin-import": "^2.2.0", "eslint-plugin-jsx-a11y": "^2.2.3", "eslint-plugin-react": "^6.10.3", "jsdom": "^11.0.0", "mocha": "^3.4.1", "nock": "^9.0.13", "react-addons-test-utils": "^15.5.1", "react-scripts": "0.9.5", "redux-mock-store": "^1.2.3", "redux-thunk": "^2.2.0", "sinon": "^2.3.2", "supertest": "^3.0.0" }, "scripts": { "start": "react-scripts start", "build": "react-scripts build", "test": "NODE_ENV=development mocha --recursive --compilers js:babel-core/register src/test/unit --env=jsdom", "test-integration": "NODE_ENV=development mocha --recursive --compilers js:babel-core/register src/test/integration --env=jsdom", "test-integration-deployment": "NODE_ENV=development mocha --timeout 70000 --recursive --compilers js:babel-core/register src/test/integration/deploy", "eject": "react-scripts eject", "lint": "node_modules/.bin/eslint src" }, "babel": { "presets": [ "react-app" ] } }I don't remember why we had node@0.0.0 in there I feel like it had to do with create-react-app or something I think. But even when I remove that, I still get
Never got this before upgrading to Node 8.x.x. I need to use Node 8 as I'm using
util.promisifyin my code already.The text was updated successfully, but these errors were encountered: