This repository has been archived by the owner. It is now read-only.

npm install produces different lockfiles on different computes #16938

Closed
ianwremmel opened this Issue Jun 3, 2017 · 30 comments

Comments

Projects
None yet
@ianwremmel

ianwremmel commented Jun 3, 2017

I'm opening this issue because:

  • npm is crashing.
  • npm is producing an incorrect install.
  • npm is doing something I don't understand.
  • Other (see below for feature requests):

What's going wrong?

How can the CLI team reproduce the problem?

I'm running npm install against the same SHA of the same repo on two different computes. One computer installs as expected and produces no changes. The other computer installs as expected but produces the diff below.

diff --git a/package-lock.json b/package-lock.json
index d09cba3..215d709 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -150,7 +150,7 @@
         "glob": {
           "version": "7.1.2",
           "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz",
-          "integrity": "sha1-wZyd+aAocC1nhhI4SmVSQExjbRU=",
+          "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==",
           "dev": true
         }
       }
@@ -164,7 +164,7 @@
         "glob": {
           "version": "7.1.2",
           "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz",
-          "integrity": "sha1-wZyd+aAocC1nhhI4SmVSQExjbRU=",
+          "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==",
           "dev": true
         }
       }
@@ -326,7 +326,7 @@
         "glob": {
           "version": "7.1.2",
           "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz",
-          "integrity": "sha1-wZyd+aAocC1nhhI4SmVSQExjbRU=",
+          "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==",
           "dev": true
         },
         "source-map": {
@@ -1648,7 +1648,7 @@
         "glob": {
           "version": "7.1.2",
           "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz",
-          "integrity": "sha1-wZyd+aAocC1nhhI4SmVSQExjbRU=",
+          "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==",
           "dev": true
         },
         "strip-bom": {
@@ -2966,7 +2966,7 @@
         "glob": {
           "version": "7.1.2",
           "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz",
-          "integrity": "sha1-wZyd+aAocC1nhhI4SmVSQExjbRU=",
+          "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==",
           "dev": true
         },
         "object-assign": {
@@ -2986,7 +2986,7 @@
         "glob": {
           "version": "7.1.2",
           "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz",
-          "integrity": "sha1-wZyd+aAocC1nhhI4SmVSQExjbRU=",
+          "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==",
           "dev": true
         },
         "lodash": {
@@ -3983,7 +3983,7 @@
     "minimatch": {
       "version": "3.0.4",
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz",
-      "integrity": "sha1-UWbihkV/AzBgZL5Ul+jbsMPTIIM="
+      "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA=="
     },
     "minimist": {
       "version": "0.0.10",
@@ -4220,7 +4220,7 @@
         "glob": {
           "version": "7.1.2",
           "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz",
-          "integrity": "sha1-wZyd+aAocC1nhhI4SmVSQExjbRU=",
+          "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==",
           "dev": true
         }
       }
@@ -4308,7 +4308,7 @@
     "npmlog": {
       "version": "4.1.0",
       "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-4.1.0.tgz",
-      "integrity": "sha1-3Fm+6F9k8A7UJO+yrweD3yXRwLU=",
+      "integrity": "sha512-ocolIkZYZt8UveuiDS0yAkkIjid1o7lPG8cYm05yNYzBn8ykQtaiPMEGp8fY9tKdDgm8okpdKzkvu1y9hUYugA==",
       "dev": true
     },
     "number-is-nan": {
@@ -5031,7 +5031,7 @@
         "glob": {
           "version": "7.1.2",
           "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz",
-          "integrity": "sha1-wZyd+aAocC1nhhI4SmVSQExjbRU=",
+          "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==",
           "dev": true
         }
       }
@@ -5187,7 +5187,7 @@
         "glob": {
           "version": "7.1.2",
           "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz",
-          "integrity": "sha1-wZyd+aAocC1nhhI4SmVSQExjbRU=",
+          "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==",
           "dev": true
         }
       }
@@ -5814,7 +5814,7 @@
         "glob": {
           "version": "7.1.2",
           "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.2.tgz",
-          "integrity": "sha1-wZyd+aAocC1nhhI4SmVSQExjbRU=",
+          "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==",
           "dev": true
         },
         "inquirer": {
@@ -5888,7 +5888,7 @@
     "wide-align": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/wide-align/-/wide-align-1.1.2.tgz",
-      "integrity": "sha1-Vx4PGwYEY268DfwhsDObvjE0FxA=",
+      "integrity": "sha512-ijDLlyQ7s6x1JgCLur53osjm/UXUYD9+0PbYKrBsYisYXzCxN+HC3mYDNy/dWdmf3AwqwU3CXwDCvsNgGK1S0w==",
       "dev": true
     },
     "window-size": {

supporting information:

  • npm -v prints: 5.0.2
  • node -v prints: v7.10.0
  • npm config get registry prints: https://registry.npmjs.org/
  • Windows, OS X/macOS, or Linux?: macOS 10.12.4
  • Network issues:
    • Geographic location where npm was run:
    • I use a proxy to connect to the npm registry.
    • I use a proxy to connect to the web.
    • I use a proxy when downloading Git repos.
    • I access the npm registry via a VPN
    • I don't use a proxy, but have limited or unreliable internet access.
  • Container:
    • I develop using Vagrant on Windows.
    • I develop using Vagrant on OS X or Linux.
    • I develop / deploy using Docker.
    • I deploy to a PaaS (Triton, Heroku).
@ianwremmel

This comment has been minimized.

ianwremmel commented Jun 3, 2017

Interestingly, deleting node modules and installing everything from scratch made the problem go away.

@adamjmurray

This comment has been minimized.

adamjmurray commented Jun 22, 2017

My team encountered this behavior, and deleting node_modules and reinstalling cleared up the problem.

I suspect a mismatch was introduced between package-lock and the individual node_module's integrity field, because some of my teammates are switching between a branch using Node 6 / npm 4 and a branch using Node 8 / npm 5.

In this case, I expected npm 5 to update my node_modules to match the package-lock, rather than modify the integrity fields inside the package-lock to match the currently installed node_modules.

@gillesdemey

This comment has been minimized.

gillesdemey commented Jul 31, 2017

@zkat Any pointers on where to start looking? Might be able to make some time to track this down :)

@Raigen

This comment has been minimized.

Raigen commented Aug 16, 2017

Deleting node_modules does not solve this issue for me.
Our package-lock.json was generated on a Mac, I am using Windows 10. Another colleague with Windows 10 does not have the same issue. Like this I am not able to contribute new dependencies to the project because it will not just add new packages to packages-lock.json but also changes all integrity fields in the whole file. Why is it changing the package-lock.json in the first place? And why is it producing different files on different systems? This is not the way a lock-file should behave.

I completly removed and reinstalled npm and node. I removed <user>/AppData/Roaming/npm and <user>/AppData/Roaming/npm-cache and still have the problem that npm i is changing all integrity fields in the package-lock.json. This way we still can not switch to npm@5. It is already on version 5.3.0 and still not usable at all it seems.

$ node -v
v8.4.0
$ npm -v
5.3.0
$ git diff
[...]
@@ -1398,7 +1398,7 @@
     "babel-preset-env": {
       "version": "1.6.0",
       "resolved": "https://registry.npmjs.org/babel-preset-env/-/babel-preset-env-1.6.0.tgz",
-      "integrity": "sha512-OVgtQRuOZKckrILgMA5rvctvFZPv72Gua9Rt006AiPoB0DJKGN07UmaQA+qRrYgK71MVct8fFhT0EyNWYorVew==",
+      "integrity": "sha1-LeHHgqeAoKXWBdGZyVdZbaQ8ROQ=",
       "dev": true,
       "requires": {
         "babel-plugin-check-es2015-constants": "6.22.0",
@@ -1549,7 +1549,7 @@
     "babylon": {
       "version": "6.17.4",
       "resolved": "https://registry.npmjs.org/babylon/-/babylon-6.17.4.tgz",
-      "integrity": "sha512-kChlV+0SXkjE0vUn9OZ7pBMWRFd8uq3mZe8x1K6jhuNcAFAtEnjchFAqB+dYEXKyd+JpT6eppRR78QAr5gTsUw==",
+      "integrity": "sha1-Pot0AriNIsNCPhN6FXeIOxX/hpo=",
       "dev": true
     },
     "balanced-match": {
@@ -1560,7 +1560,7 @@
     "base64-js": {
       "version": "1.2.1",
       "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.2.1.tgz",
-      "integrity": "sha512-dwVUVIXsBZXwTuwnXI9RK8sBmgq09NDHzyR9SAph9eqk76gKK2JSQmZARC2zRC81JC2QTtxD0ARU5qTS25gIGw==",
+      "integrity": "sha1-qRlH2h9KUW6jjltOwOw3c2deCIY=",
       "dev": true
     },
     "base64url": {
@@ -1650,7 +1650,7 @@
[...]
@Butterfly

This comment has been minimized.

Butterfly commented Aug 16, 2017

Where @Raigen says:

Like this I am not able to contribute new dependencies to the project because it will not just add new packages to packages-lock.json but also changes all integrity fields in the whole file.

Could you please give me a better idea of what is changing?

This may be moot (non-existent) now because I upgraded last night, but I was having a problem with dependencies removing each other REPEATEDLY.

If it happens again, I could compare what mine is doing to what @Raigen has seen to see if the same or similar is happening in my case. My problem is that I am so new, I don't know what is normal or to be expected versus the system wrongly editing files.

Thank you in advance if anyone has any tips 😄

@yelworc

This comment has been minimized.

yelworc commented Sep 7, 2017

FWIW, I had the same issue (integrity field flipping between sha1 and sha512 values on new module installation) between two different Debian systems (stretch and jessie), both using npm 5.3.0. Deleting the contents of node_modules and running npm i on both systems fixed the problem for me as well.

@bjester-ss

This comment has been minimized.

bjester-ss commented Oct 13, 2017

My team is having a similar issue. We're all on Fedora 26 using the same node -v and npm -v, but running an install we're producing differing package-lock.json. We've tried removing node_modules and doing a clean install to no avail.

@drewlustro

This comment has been minimized.

drewlustro commented Oct 17, 2017

I'm also having this issue.

MacOS 10.11 produces a sha1 integrity, whereas Ubuntu 17.10 produces a sha512 integrity hash, thus busting the package-lock.json file and creating a ton of noise.

Both machines have:

npm version = 5.4.2
node version = 7.10.1

@BrendanFDMoore

This comment has been minimized.

BrendanFDMoore commented Oct 23, 2017

Im seeing this as well, not sure where it's coming from.

npm 5.4.2, node 8.6.0, osx 10.12

@AndyCJ

This comment has been minimized.

AndyCJ commented Oct 26, 2017

We're also seeing this.

The one machine prefers sha512, the other sha1.

Both machines: npm 5.3.0, node 8.6.0, Windows 10.

@BrendanFDMoore

This comment has been minimized.

BrendanFDMoore commented Oct 27, 2017

For our team, this appears to have resolved the issue (or its current incarnation, at least):

  1. Ensure matching node/npm versions as a team: node -v and npm -v (and install matching versions if different)
  2. Remove your node modules: rm -rf node_modules/
  3. Clean your npm cache: npm cache clean --force
  4. Revert the changes in your package-lock.json file (and this file only).
  5. Install dependencies again: npm i

While this might be a bit heavy handed, it did solve the issue I was seeing and the integrity hash diffs went away.

Other reporters can try this and share results. Maybe we can learn more about the root cause.

@AndyCJ

This comment has been minimized.

AndyCJ commented Oct 27, 2017

We ran through that procedure and the two machines now keep the lock file in sync.

npm 5.4.2, node 8.8.1.

@rainboxx

This comment has been minimized.

rainboxx commented Nov 8, 2017

@AndyCJ Do you mean the procedure from @BrendanFDMoore?

@AndyCJ

This comment has been minimized.

AndyCJ commented Nov 8, 2017

@rainboxx Yep.

uptownnickbrown added a commit to MetaSeek-Sequencing-Data-Discovery/metaseek that referenced this issue Nov 13, 2017

Trying to resolve a super annoying npm bug
npm/npm#16938 /
npm/npm#17749

npm using sha1’s on my machine and sha512’s on @ahoarfrost ’s for
integrity checks. wtf.
@uptownnickbrown

This comment has been minimized.

uptownnickbrown commented Nov 13, 2017

+1 what @BrendanFDMoore suggested worked here as well.

Two Mac machines, npm 5.5.1, node 6.12.0.

@thijstriemstra

This comment has been minimized.

thijstriemstra commented Dec 5, 2017

I'm surprised this kind of bug creeped in, isn't this bound to happen to a 'lockfile' and easy to test?

@BrendanFDMoore

This comment has been minimized.

BrendanFDMoore commented Dec 5, 2017

Is anybody else experiencing this on a project which includes packages from a private npm repo/proxy?

Of all the things I'm working on, that project is the only one where I see this happen.

@patrickhousley

This comment has been minimized.

patrickhousley commented Dec 7, 2017

Hey maintainers. Thanks for the hard work. I was just wondering if this was fixed with the 5.6 release and, if not, is there a timeline.

@rainboxx

This comment has been minimized.

rainboxx commented Dec 7, 2017

We saw it fixed when we upgraded to 5.5.1. No issues since then anymore, but we had to delete all node_modules folders and do a fresh install. See also: #16938 (comment)

@drewlustro

This comment has been minimized.

drewlustro commented Dec 7, 2017

@patrickhousley - I can verify this is fixed as long as you follow instructions by @BrendanFDMoore

npm@5.6

@zkat

This comment has been minimized.

Member

zkat commented Dec 8, 2017

This should be resolved as of npm@5.6. You may need to start fresh with the steps mentioned in #16938 (comment) but it might be fine even without that now. Give it a whirl. I believe the core issue (accidentally defaulting to sha1 in some cases) has been resolved now, so I'm gonna close this. Cheers.

@zkat zkat closed this Dec 8, 2017

@uptownnickbrown

This comment has been minimized.

uptownnickbrown commented Dec 28, 2017

@brad I see a mix of sha1 and sha256 in the resolved file, but it looks like I only see sha256 being used for any new hashes.

See this commit + diff: MetaSeek-Sequencing-Data-Discovery/metaseek@266609c#diff-a357eeafe4d42d4d291125cb288f2cee

Existing hashes were unchanged (and they were sha1's) but new hashes all used sha256 (eg. line 71).

@brad

This comment has been minimized.

brad commented Dec 29, 2017

Thanks @uptownnickbrown, that's super helpful 👍

frankieroberto added a commit to racedisparityaudit/ethnicity-facts-and-figures-publisher that referenced this issue Jan 2, 2018

Bump NPM version
npm v5.6.0 is out:
http://blog.npmjs.org/post/167963735925/v560-2017-11-27

This also seems to fix a bug whereby sha1 hashes were being generated
instead of sha512, which is reportedly now fixed:
npm/npm#16938 (comment)

pento added a commit to WordPress/gutenberg that referenced this issue Jan 17, 2018

Improve the build scripts (#4465)
There's a bunch of stuff that can be automated when setting up a local development environment. Here's some polish, etc.

Notable changes:

- Automatically check for and install NVM, update to the correct version of Node.
- Add some extra information to Docker checks.
- Add a check and fix for npm/npm#16938, which is super annoying.
- Switch to using Docker for Composer scripts.
- Defining the WordPress URL port in docker-compose.yml now defines it everywhere, including Cypress e2e tests.
- Generally clean up and hide the spammy status messages that don't benefit anyone.
- Add a welcome message at the end of the setup process.
@marekr

This comment has been minimized.

marekr commented Jan 21, 2018

Node 8.9.4 and npm 5.6.0 both fresh on a Windows 10 and Windows Server 2016 machine.

Npm on Windows 10 is generating sha1 hashes in a brand new package-lock file.

Npm on the windows server is updating the package-lock file on npm install to sha512.

What the bloody duck?

schlessera added a commit to WordPress/gutenberg that referenced this issue Jan 23, 2018

Refresh patch
Squashed commit of the following:

commit 4e0358e
Merge: 5f6e8c6 73612cb
Author: Joen Asmussen <joen@automattic.com>
Date:   Tue Jan 23 11:19:02 2018 +0100

    Merge pull request #4631 from WordPress/try/new-mover-icons

    Try smaller up/down arrows, and focus management

commit 73612cb
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Tue Jan 23 10:28:59 2018 +0100

    Adjust test to not look for the icon

    The icon is now an SVG passed on

commit 5f6e8c6
Author: Herb Miller <herb@bobbingwide.com>
Date:   Tue Jan 23 04:06:21 2018 +0000

    Fixes #4541 (#1) (#4542)

    * Fixes #4541 (#1)

    * Update ISSUE_TEMPLATE.md

commit 25d90ca
Author: Stephen Edgar <stephen@netweb.com.au>
Date:   Mon Jan 22 11:26:46 2018 +1100

    Scrips: Update verbiage and comments in `install-node-nvm.sh` script (#4624)

commit 456f28a
Author: Andrew Duthie <aduthie7@gmail.com>
Date:   Sat Jan 20 17:13:37 2018 -0500

    Components: Ensure isLoading set to false after request error (#4525)

commit 5760b63
Author: Ramon <Rahmon@users.noreply.github.com>
Date:   Sat Jan 20 19:33:25 2018 -0200

    Update "Edit Link" to "Insert/edit link" (#4471)

commit d967017
Merge: 62a9e7b 9da45da
Author: Miguel Fonseca <miguelcsf@gmail.com>
Date:   Fri Jan 19 18:36:35 2018 +0000

    Merge pull request #4349 from WordPress/fix/3839-undelayed-slot-prop-update

    fix/3839: Move slot.forceUpdate() to fill's render to fix prop propagation

commit 9da45da
Author: James Johnson <james.johnson@ephox.com>
Date:   Mon Jan 8 16:40:09 2018 +1000

    Move slot.forceUpdate() call into componentWillUpdate

    - Fixes prop propagation across Slot boundary.

commit 62a9e7b
Author: Andrew Duthie <aduthie7@gmail.com>
Date:   Fri Jan 19 12:27:40 2018 -0500

    Block List: Select block only if not already selected (#4586)

commit 8d57578
Author: Andrew Duthie <aduthie7@gmail.com>
Date:   Fri Jan 19 12:24:29 2018 -0500

    Block List: Start multi-selection tracking on mousemove (#4585)

    * Block List: Start multi-selection tracking on mousemove

    * State: Abort state update if multi-select action has no effect

commit d591e58
Author: Ella Van Dorpe <iseulde@automattic.com>
Date:   Fri Jan 19 18:00:06 2018 +0100

    Add subhead block (#2091)

commit 3568fc4
Author: Jorge <jorge.costa@developer.pt>
Date:   Fri Jan 19 16:37:09 2018 +0000

    Added text align feature to cover image. (#4066)

commit 6dd01de
Author: Riad Benguella <benguella@gmail.com>
Date:   Fri Jan 19 14:41:36 2018 +0100

    MetaBoxes: Remove dirty-checking metaboxes state (#4184)

    * MetaBoxes: Remove dirty-checking metaboxes state
    * MetaBoxes: compare meta boxes HTML while leaving the editor to warn about unsaved changes
    * Meta Boxes: Changing the way we save metaboxes
    Hidden metaboxes (side) were not saved before

commit 036f60a
Author: Riad Benguella <benguella@gmail.com>
Date:   Fri Jan 19 14:34:17 2018 +0100

    Blocks: Showing a preview of the block immediately after drag and drop (#4567)

commit 060200c
Merge: df24fd0 0e6fb4b
Author: Miguel Fonseca <miguelcsf@gmail.com>
Date:   Fri Jan 19 11:35:24 2018 +0000

    Merge pull request #4549 from WordPress/add/copy-content-as-extension

    Refactor CopyContentButton as core extension

commit df24fd0
Author: Ella Van Dorpe <iseulde@automattic.com>
Date:   Fri Jan 19 11:57:40 2018 +0100

    Add HTML handler to dropzone (#4577)

    * Add HTML handler to dropzone

    * Add HTML handler to image placeholder

    * Merge ifs

commit 993561d
Author: mac <rileyabrook@gmail.com>
Date:   Thu Jan 18 09:29:19 2018 -0700

    Image Block Link Label Copy Change

commit 5ab37b7
Author: Ella Van Dorpe <iseulde@automattic.com>
Date:   Fri Jan 19 11:12:51 2018 +0100

    Remove "Open in new window" link option (#4583)

    Reverts #2628.

commit 6ed1573
Author: Grzegorz (Greg) Ziółkowski <grzegorz@gziolo.pl>
Date:   Fri Jan 19 09:49:04 2018 +0100

    Docs: Update title for the scaffolding blocks document (#4596)

commit 91cb16c
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Fri Jan 19 09:47:32 2018 +0100

    Try new icons for movers

    These icons are smaller and less obtrusive, which makes them less heavy to look at.

    This PR also employs a workaround to achieve the effect that `:focusring` would, were it implemented (see https://www.youtube.com/watch?v=ilj2P5-5CjI). This is applied only to the mover icons.

    GIF: https://cldup.com/5lyhf0iSTp.gif

commit f43140e
Author: Riad Benguella <benguella@gmail.com>
Date:   Fri Jan 19 09:44:04 2018 +0100

    Block versioning: Introduce a migration function (#3673)

commit aa5e157
Author: Jason Caldwell <jas@src.works>
Date:   Mon Jan 15 03:28:47 2018 -0900

    Improve `useOnce` documentation.

    #3695

commit 85be4c7
Author: Gary Pendergast <gary@pento.net>
Date:   Fri Jan 19 14:40:26 2018 +1100

    Use docker-compose for all Docker commands (#4592)

commit a2d64e1
Author: Andrew Duthie <aduthie7@gmail.com>
Date:   Thu Jan 18 12:52:56 2018 -0500

    Block: Move drag handling to instance-bound handler (#4582)

commit 0e6fb4b
Author: Miguel Fonseca <miguelcsf@gmail.com>
Date:   Wed Jan 17 15:18:28 2018 +0000

    Refactor CopyContentButton as core extension

    * Use withState & compose, drop class component

    * Cache CopyContentButton element for EditorActions filter

commit 6c256dd
Author: Jorge <jorge.costa@developer.pt>
Date:   Tue Jan 16 21:00:01 2018 +0000

    Don't persist mobile and publish sidebar to localStorage.

    Mobile and publish sidebars should when page reloads, even if they were open before.

commit 4d6af27
Author: Jorge <jorge.costa@developer.pt>
Date:   Tue Jan 16 20:58:46 2018 +0000

    Implemented mechanism to allow reducers to customise what information gets serialised to localStorage; Changed mechanism to load defaults in loadAndPersist.

commit 1fa9344
Author: Jorge <jorge.costa@developer.pt>
Date:   Tue Jan 16 20:43:27 2018 +0000

    Removed old mechanism to avoid mobile sidebar persistence.

    With the last code changes this mechanism is not being used anymore.

commit e24460c
Author: Grzegorz (Greg) Ziółkowski <grzegorz@gziolo.pl>
Date:   Thu Jan 18 12:37:14 2018 +0100

    Docs: Add page explaining how to scaffold blocks (#4404)

commit b866d21
Merge: 57280d0 d04b78d
Author: Joen Asmussen <joen@automattic.com>
Date:   Thu Jan 18 12:01:35 2018 +0100

    Merge pull request #3996 from WordPress/try/gallery-markup-tweaks

    Try new gallery markup

commit 57280d0
Merge: e97b65f eb954da
Author: Stephen Edgar <stephen@netweb.com.au>
Date:   Thu Jan 18 21:41:59 2018 +1100

    Merge pull request #4563 from WordPress/update/eslint-jsdoc

    JSDoc fixes

commit d04b78d
Author: Riad Benguella <benguella@gmail.com>
Date:   Thu Jan 18 11:38:04 2018 +0100

    Gallery Block: Fix tests

commit 91b2504
Author: Riad Benguella <benguella@gmail.com>
Date:   Thu Jan 18 11:26:34 2018 +0100

    Gallery Block: Fix deprecated version

commit 450f716
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Thu Jan 18 11:15:01 2018 +0100

    Try adjusting deprecated attributes

    Also re-add the deprecated CSS class.

commit e97b65f
Merge: f9486f1 5d50586
Author: Joen Asmussen <joen@automattic.com>
Date:   Thu Jan 18 11:13:11 2018 +0100

    Merge pull request #4512 from WordPress/try/new-focus-outlines

    Try new button outline & focus styles

commit 5d50586
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Thu Jan 18 10:59:27 2018 +0100

    Tweak styles further from revert.

commit eb954da
Merge: 968e87f 48780ab
Author: Stephen Edgar <stephen@netweb.com.au>
Date:   Thu Jan 18 20:55:46 2018 +1100

    Merge branch 'update/eslint-jsdoc' of github.com:WordPress/gutenberg into update/eslint-jsdoc

commit 968e87f
Author: Stephen Edgar <stephen@netweb.com.au>
Date:   Thu Jan 18 20:54:39 2018 +1100

    More JSDoc fixes

commit 1cea78d
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Thu Jan 18 10:53:27 2018 +0100

    Revert tabindex fix, and reverse active & hover states.

commit 48780ab
Merge: 596ff36 f9486f1
Author: Stephen Edgar <stephen@netweb.com.au>
Date:   Thu Jan 18 20:24:59 2018 +1100

    Merge branch 'master' into update/eslint-jsdoc

commit 3da0798
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Thu Jan 18 09:49:39 2018 +0100

    Replace all instances of blocks-gallery-image

commit 4466445
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Thu Jan 18 09:29:05 2018 +0100

    Address feedback

    - Move li outside of component
    - Fix CSS typo
    - Add deprecated section

commit d8eaefb
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Thu Dec 14 09:56:47 2017 +0100

    Try new gallery markup

    This is a new version of the PR by #3441 by @samikeijonen. It's just basically "rebased".

    It seems to be working fine in practice, the chief purpose is to make the gallery be list based.

    I'm getting "modified externally" warnings, though.

commit f9486f1
Author: Stephen Edgar <stephen@netweb.com.au>
Date:   Thu Jan 18 19:23:33 2018 +1100

    chore: remove `eslines` (#4565)

    * chore: remove `eslines`

    * chore: remove `eslines` from `eslint` npm script

    * chore: remove JSON formatter from `eslint` npm script

commit e9f38ae
Author: Grzegorz (Greg) Ziółkowski <grzegorz@gziolo.pl>
Date:   Thu Jan 18 09:12:51 2018 +0100

    Components: Force update when new filter added or removed when using withFilters HOC (#4428)

commit cda269d
Author: jaswrks <jaswrks@users.noreply.github.com>
Date:   Wed Jan 17 22:48:30 2018 -0900

    Remove danger warning from plugin header (#4552)

    see: #4185

commit 596ff36
Author: Stephen Edgar <stephen@netweb.com.au>
Date:   Thu Jan 18 18:46:05 2018 +1100

    JSDoc fixes

commit e826be5
Author: Lara Schenck <laras126@gmail.com>
Date:   Wed Jan 17 23:33:35 2018 -0800

    Add more context to Templates sample code (#4557)

    * Add function and add_action call to sample code

    * Better function name

commit b8566d7
Merge: 64b6017 c442f0e
Author: Robert Anderson <robert@noisysocks.com>
Date:   Thu Jan 18 09:52:08 2018 +1100

    Merge pull request #4497 from WordPress/update/move-logic-out-of-inserter

    Move data logic out of the inserter

commit c442f0e
Author: Robert Anderson <robert@noisysocks.com>
Date:   Wed Jan 17 16:33:23 2018 +1100

    Add a unique id to inserter items

    This lets the inserter do faster string comparison between inserter
    items rather than deep object comparison.

commit 6759f55
Author: Robert Anderson <robert@noisysocks.com>
Date:   Tue Jan 16 13:00:54 2018 +1100

    Move data logic out of the inserter

    Moves the logic that determines which items should appear in the
    inserter into dedicated selector functions. This way, the logic is
    easier to test and can be re-used.

commit 64b6017
Author: Ella Van Dorpe <iseulde@automattic.com>
Date:   Wed Jan 17 17:18:25 2018 +0100

    Ensure editor still exists after timeout (#4524)

    * Ensure editor still exists after timeout

    * Add doc for setSafeTimeout

commit 0940478
Author: Ella Van Dorpe <iseulde@automattic.com>
Date:   Wed Jan 17 15:24:32 2018 +0100

    Allow copying text in block (non input) (#4531)

commit 79e9552
Merge: add336f d129a6c
Author: Joen Asmussen <joen@automattic.com>
Date:   Wed Jan 17 12:51:28 2018 +0100

    Merge pull request #4313 from WordPress/fix/blinking-focus-outline

    Fix issue where black rectangle would briefly blink on new paragraphs

commit add336f
Author: Riad Benguella <benguella@gmail.com>
Date:   Wed Jan 17 12:23:31 2018 +0100

    Data Module: Expose state using selectors (#4105)

commit 47c36a5
Author: Riad Benguella <benguella@gmail.com>
Date:   Fri Jan 12 14:41:18 2018 +0100

    Meta Boxes: Allow collapsing/sorting the meta boxes panels

commit 8d3a673
Author: Josh Pollock <jpollock412@gmail.com>
Date:   Sat Jan 13 15:30:08 2018 -0500

    Add links to specific sections of Redux docs

    #4452

commit 6e2e944
Author: Robert Anderson <robert@noisysocks.com>
Date:   Wed Jan 17 18:28:48 2018 +1100

    Only minimize -rtl files in production (#4536)

    This improves incremental developmnet build performance by about 3.5x!

commit 9d28bac
Merge: acd3d22 d216fe1
Author: Robert Anderson <robert@noisysocks.com>
Date:   Wed Jan 17 16:59:04 2018 +1100

    Merge pull request #4538 from WordPress/fix/snapshot-tests

    Fix snapshot tests

commit d216fe1
Author: Robert Anderson <robert@noisysocks.com>
Date:   Wed Jan 17 16:51:01 2018 +1100

    Fix snapshot tests

commit acd3d22
Author: Walter Ebert <walterebert@users.noreply.github.com>
Date:   Wed Jan 17 04:24:52 2018 +0100

    Remove Vine embed (#4521)

    Vine is no longer a supported oembed provider since WordPress 4.9.0, it can be removed from Gutenberg to match.

commit c433d76
Author: Gary Pendergast <gary@pento.net>
Date:   Wed Jan 17 13:54:24 2018 +1100

    Improve the build scripts (#4465)

    There's a bunch of stuff that can be automated when setting up a local development environment. Here's some polish, etc.

    Notable changes:

    - Automatically check for and install NVM, update to the correct version of Node.
    - Add some extra information to Docker checks.
    - Add a check and fix for npm/npm#16938, which is super annoying.
    - Switch to using Docker for Composer scripts.
    - Defining the WordPress URL port in docker-compose.yml now defines it everywhere, including Cypress e2e tests.
    - Generally clean up and hide the spammy status messages that don't benefit anyone.
    - Add a welcome message at the end of the setup process.

commit 7f7b607
Author: Helen Hou-Sandi <helen.y.hou@gmail.com>
Date:   Tue Jan 16 17:44:57 2018 -0500

    Insert `@username` for user mention autocomplete (#4444)

    Rather than inserting a static link and the display name, both of which may change over time and lead to stale content, follow the pattern of existing user mentions in WordPress projects and insert a plaintext mention using the username.

commit 2e276ad
Author: Thorsten Frommen <info@tfrommen.de>
Date:   Tue Jan 16 22:27:50 2018 +0100

    Simplify control flow. (#4458)

commit 8cad9ae
Author: Thorsten Frommen <info@tfrommen.de>
Date:   Tue Jan 16 22:25:59 2018 +0100

    Remove stray word. (#4459)

commit fdd1568
Author: Sören Wrede <soerenwrede@gmail.com>
Date:   Tue Jan 16 22:04:58 2018 +0100

    Remove colon from audio and video block placeholder. (#4431)

commit 75d81e9
Author: Andrew Duthie <aduthie7@gmail.com>
Date:   Tue Jan 16 14:53:00 2018 -0500

    Blocks: Reduce sibling inserter initial height (#4384)

commit 3e08d83
Author: Riad Benguella <benguella@gmail.com>
Date:   Tue Jan 16 13:35:21 2018 +0100

    Media: Refactor the MediaUploadButton to be agnostic to its rendered UI

commit 8e87182
Author: Jason Caldwell <jas@src.works>
Date:   Mon Jan 15 04:32:21 2018 -0900

    fix: `applyOrUnset()` consistency.

    See: #3859

commit 8f0aab9
Author: Riad Benguella <benguella@gmail.com>
Date:   Tue Jan 16 14:30:50 2018 +0100

    Documentation: change default post type term

commit b86cbe2
Author: Riad Benguella <benguella@gmail.com>
Date:   Tue Jan 16 14:14:44 2018 +0100

    Documentation: Clarifies how to assign a template to a default Post Type

commit 513534d
Author: Sören Wrede <soerenwrede@gmail.com>
Date:   Tue Jan 16 14:19:33 2018 +0100

    Update copyright year to 2018 in license.md (#4511)

commit 14f76e5
Author: Jb Audras <audrasjb@gmail.com>
Date:   Tue Jan 16 14:01:42 2018 +0100

    Add missing alt attribute to image (and gallery) blocks when alt return an empty value (#4363)

commit 789f955
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Tue Jan 16 13:10:34 2018 +0100

    Polish focus styles further

commit 6c65025
Merge: 64a4cf7 8a12860
Author: Joen Asmussen <joen@automattic.com>
Date:   Tue Jan 16 12:39:20 2018 +0100

    Merge pull request #4508 from WordPress/update/theme-progress-bar

    Update theme progress color bar to match theme

commit 64a4cf7
Author: Stephen Edgar <stephen@netweb.com.au>
Date:   Tue Jan 16 22:36:00 2018 +1100

    Remove ESLint JSDoc checks, for now (#4510)

commit 8a12860
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Tue Jan 16 12:01:15 2018 +0100

    Update theme progress color bar to match theme

    This makes it so the animated updater matches the WordPress admin color scheme.

commit 030dec3
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Tue Jan 16 11:38:58 2018 +0100

    Fix focus issue with SVGs

commit adbdbb7
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Tue Jan 16 11:35:57 2018 +0100

    Try a different approach for styling movers

commit db533fa
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Tue Jan 16 11:12:39 2018 +0100

    Try new focus styles

commit f4fb4ad
Author: Grzegorz (Greg) Ziółkowski <grzegorz@gziolo.pl>
Date:   Tue Jan 16 08:59:59 2018 +0100

    Blocks: Add regression check for block edit using snapshot testing (#4399)

commit 34930ca
Merge: af74fa6 35b8e04
Author: Anton Timmermans <email@atimmer.com>
Date:   Tue Jan 16 08:14:03 2018 +0100

    Merge pull request #4493 from WordPress/update/jsdoc-returns-follow-up

    docs: add preceding line break and remove superfluous spacing in JSDoc `@returns` descriptions

commit 35b8e04
Author: Stephen Edgar <stephen@netweb.com.au>
Date:   Tue Jan 16 09:34:20 2018 +1100

    docs: add preceding line break and remove superfluous spacing in JSDoc `@returns` descriptions

commit af74fa6
Merge: 3f54b38 a6b45ad
Author: Robert Anderson <robert@noisysocks.com>
Date:   Tue Jan 16 09:20:47 2018 +1100

    Merge pull request #4395 from WordPress/fix/trigger-typing-mode-on-enter

    Trigger typing mode when ENTER is pressed

commit 3f54b38
Author: Jorge <jorge.costa@developer.pt>
Date:   Mon Jan 15 17:24:48 2018 +0000

    Fixed erros when adding duplicate tags/flat terms. (#4487)

    If we get an error saying we have a duplicate tag/flat term (tag may have been added by other used since last time we fetched), we search the server for the new tag and we add it to our list.

commit 2bdab14
Author: Tammie Lister <tammie@automattic.com>
Date:   Mon Jan 15 11:56:20 2018 +0000

    Added in thrijith as contributor

commit 79bb46e
Author: Thrijith Thankachan <thrijith13@gmail.com>
Date:   Mon Jan 15 17:24:31 2018 +0530

    Video Block: Change block description (#4448)

commit ea36aa5
Author: Stephen Edgar <stephen@netweb.com.au>
Date:   Mon Jan 15 19:51:14 2018 +1100

    chore: add `cypress.env.json` to `.gitignore` (#4466)

commit a418f56
Merge: eb468a8 a2e070a
Author: Joen Asmussen <joen@automattic.com>
Date:   Mon Jan 15 09:21:44 2018 +0100

    Merge pull request #4462 from rileybrook/update/conributing.md-workflow

    Update workflow steps in CONTRIBUTING.md documentation

commit eb468a8
Author: Stephen Edgar <stephen@netweb.com.au>
Date:   Mon Jan 15 19:21:07 2018 +1100

    chore: remove unused `react-markdown` npm module (#4461)

commit 1e81e41
Author: Stephen Edgar <stephen@netweb.com.au>
Date:   Mon Jan 15 19:20:37 2018 +1100

    docs: use `@returns` over `@return` JSDoc tag (#4464)

    Fixes per WordPress JavaScript Inline Coding Standards:

    • Use `@returns` over `@return` JSDoc tag fixing ESLint `jsdoc/check-tag-names` "Invalid JSDoc tag" warnings
    • Ensures there is a blank new line before the `@returns` JSDoc tag
    • Ensures the `@returns` JSDoc tag description ends with a period.

    See https://make.wordpress.org/core/handbook/best-practices/inline-documentation-standards/javascript/

commit a6b45ad
Author: Robert Anderson <robert@noisysocks.com>
Date:   Fri Jan 12 12:01:43 2018 +1100

    Trigger typing mode when BACKSPACE is pressed

commit 394c89b
Author: Robert Anderson <robert@noisysocks.com>
Date:   Thu Jan 11 15:50:22 2018 +1100

    Trigger typing mode when ENTER is pressed

    Splitting a block or inserting a new paragraph block by pressing ENTER
    should engage typing mode.

commit a2e070a
Author: mac <rileyabrook@gmail.com>
Date:   Sun Jan 14 19:41:18 2018 -0700

    Update workflow steps in contributing.md documentation

commit 38300ff
Merge: 8ee2b1a 5d4e19d
Author: Robert Anderson <robert@noisysocks.com>
Date:   Mon Jan 15 10:53:43 2018 +1100

    Merge pull request #4304 from WordPress/fix/content-sanitization

    Enable TinyMCE sanitization when setting HTML content

commit 8ee2b1a
Author: Gary Pendergast <gary@pento.net>
Date:   Mon Jan 15 09:04:18 2018 +1100

    Force wp-api.js (via Backbone settings) to use HTTP/1.0 methods only. (#4396)

commit 9fe1ddc
Author: Gary Pendergast <gary@pento.net>
Date:   Mon Jan 15 09:00:10 2018 +1100

    Build Tools: Add support for docker-compose.override.yml (#4457)

    As we don't actually use the `docker` directory to contain anything, the `docker-compose.yml` file has also been moved to the root directory. This tidies up a bunch of commands that used to have to refer to the special file location.

commit ae9b07f
Author: iseulde <ella@iseulde.com>
Date:   Fri Jan 12 17:16:05 2018 +0100

    Remove BR logic from list block

commit 8ac6cc8
Author: Riley Brook <rileyabrook@gmail.com>
Date:   Fri Jan 12 09:37:26 2018 -0700

    Size to Level (#4440)

    Changes copy from "Size" to Level" displayed within Heading block settings.

commit 440d278
Merge: 66303b3 f0b7447
Author: Miguel Fonseca <miguelcsf@gmail.com>
Date:   Fri Jan 12 13:32:04 2018 +0100

    Merge pull request #4429 from WordPress/fix/gutenberg-activation-undefined-constant-warning

    Fix warning plugin activation

commit f0b7447
Author: Miguel Fonseca <miguelcsf@gmail.com>
Date:   Fri Jan 12 13:27:14 2018 +0100

    Fix warning plugin activation

    Guard against undefined constant GUTENBERG_DEVELOPMENT_MODE.

commit 66303b3
Author: Ella Van Dorpe <iseulde@automattic.com>
Date:   Fri Jan 12 13:12:39 2018 +0100

    Image: set width if aligned but unresized (#4356)

commit cd7aa52
Author: Robert Anderson <robert@noisysocks.com>
Date:   Fri Jan 12 23:09:18 2018 +1100

    Fix the Custom Color button from appearing flat (#4392)

    This is a regression caused by #3958.

commit 4d1ad21
Author: Matias Ventura <mv@matiasventura.com>
Date:   Fri Jan 12 12:47:03 2018 +0100

    Increase version to 2.0.0. (#4424)

commit e495f6e
Merge: d937d3a e81ab0a
Author: Miguel Fonseca <miguelcsf@gmail.com>
Date:   Fri Jan 12 12:16:25 2018 +0100

    Merge pull request #4323 from WordPress/update/copy-from-ellipsis

    Ellipsis: Add button to copy entire document

commit d937d3a
Author: Riad Benguella <benguella@gmail.com>
Date:   Thu Jan 11 15:44:41 2018 +0100

    Blocks: Style the "footer" in quotes to ensure backwards compatibility

commit e81ab0a
Author: Miguel Fonseca <miguelcsf@gmail.com>
Date:   Thu Jan 4 19:58:52 2018 +0000

    Ellipsis: Add button to copy entire document

    * Scrap `copyAll` shenanigan, use ClipboardButton

    * ClipboardButton: Accept additional onFinishCopy callback

    * Add component EditorActions below ModeSwitcher

    * Don't close menu on copy, show "Copied!" instead

    * MenuItems: Make it more reusable

    * Allow passing extra `classNames` to MenuItemsGroup, don't require a
    `label`

    * Change classes in MenuItemsToggle from `components-menu-items__toggle`
    to `components-menu-items__button is-toggle`

    * EllipsisMenu: Adopt areas Editor, Settings, Tools

commit 27e6fa8
Author: Stephen Edgar <stephen@netweb.com.au>
Date:   Fri Jan 12 18:43:28 2018 +1100

    Use tabs for indentation in build tools JSON files per WP Coding Standards (#4419)

    * chore: Update `.editorconfig` to match WordPress' upstream

    * chore: Use tabs for indentation in `package.json` and `package-lock.json` files

    * chore: Use tabs for indentation in `.eslines.json` file

    * chore: Use tabs for indentation in `composer.lock` file

commit 9212841
Author: Grzegorz (Greg) Ziółkowski <grzegorz@gziolo.pl>
Date:   Fri Jan 12 08:18:57 2018 +0100

    Docs: Update info about test fixtures (#4401)

commit d129a6c
Author: Joen Asmussen <asmussen@gmail.com>
Date:   Fri Jan 5 11:21:41 2018 +0100

    Fix issue where black rectangle would briefly blink on new paragraphs

    In master, if you press enter a lot and type a lot, a black rectangle sometimes briefly appears. This is the isEditing rectangle we use to indicate where the cursor is, if it's not in text, i.e. if you have a placeholder selected.

    This PR adds a teensy delay to this so it shouldn't show up.

commit 5d4e19d
Author: Robert Anderson <robert@noisysocks.com>
Date:   Fri Jan 5 11:01:29 2018 +1100

    Enable TinyMCE sanitization when setting HTML content

    We were previously disabling TinyMCE sanitization by calling setContent
    with `{ format: 'raw' }`. Doing so, however, causes issues when
    setContent is called with prettified HTML, e.g. when a list block is
    updated.

konstin added a commit to meine-stadt-transparent/meine-stadt-transparent that referenced this issue Jan 31, 2018

@Wirone

This comment has been minimized.

Wirone commented Feb 6, 2018

node v9.4.0
npm 5.6.0

Got sha1 hashes instead of sha512 when I was developing Rocket.Chat locally, installed packages and THEN used npm install <package> --save. After removing node_modules and running npm install again, I got only my new package in package-lock.json's diff.

@rainboxx

This comment has been minimized.

rainboxx commented Feb 6, 2018

If you face this issue, please follow the instructions from this comment #16938 (comment).

@DimaRGB

This comment has been minimized.

DimaRGB commented Feb 7, 2018

you can check this steps, at least it works for me: https://gist.github.com/DimaRGB/5482e1e8bd3cc82d97511b65a2ae44a2

smalls added a commit to smalls/arcs that referenced this issue Mar 16, 2018

update npm packages
Using `npm update`. Also, an attempt to resolve hash differences (SHA1
vs SHA512) in `package-lock.json` following instructions here:
npm/npm#16938 (comment)

smalls added a commit to PolymerLabs/arcs that referenced this issue Mar 16, 2018

update npm packages
Using `npm update`. Also, an attempt to resolve hash differences (SHA1
vs SHA512) in `package-lock.json` following instructions here:
npm/npm#16938 (comment)
@alanmanderson

This comment has been minimized.

alanmanderson commented May 31, 2018

I think it is worth noting that on our project, we have fought with this for quite a while which has resulted in our package-lock file containing some sha1 hashes and some sha512. Now pull requests that change the package-lock file, have the hash switching regardless to which has was used.

For example the below changes are from the same PR. Notice the first one goes from sha512 to sha1 and the second does the opposite:

-      "integrity": "sha512-Y+c3F4eM6BwVWH4AFK3kQXfrRgi5OjaUCfc+vgzCNXtGipNrOmBYN9LHTD0W2ssSzmCBZLw2fniy/gF2pJAadA=="
+      "integrity": "sha1-+JJWHPqZSrqqKxdO1vKDrZ6qxVU="
...
-      "integrity": "sha1-+PLIh60Qv2f2NPAFtph/7TF5qsg="
+      "integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q=="
@zkat

This comment has been minimized.

Member

zkat commented Jun 1, 2018

I'm going to consider this resolved based on previous messages, and I have to emphasize that in order to fully clear it up, you'll need to follow #16938 (comment).

If you're still experiencing this on the latest version of npm (npm i -g npm@latest), feel free to file a new bug report in npm.community, which is where we're going to be moving our support stuff.

In the meantime, I'm gonna lock this to prevent future confusion.

@npm npm locked as resolved and limited conversation to collaborators Jun 1, 2018

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.