[Bug?]: Checksum mismatch between corepack and non-corepack installs because of newline in package.json #4917
Labels
broken-repro
The reproduction in this issue is broken
bug
Something isn't working
upholded
Real issues without formal reproduction
Self-service
Describe the bug
When switching between
corepack enable
andcorepack disable
, Yarn complains about a checksum mismatch on a package installed with thegit:
protocol. This seems to be because the packing happens with a different version of Yarn, which adds / removes an extra newline at the end of thepackage.json
of the dependency.I had a similar problem before with Yarn 3.2.1 (adding a
packageManager
field to the package.json, IIRC). I upgraded to v3.2.3, which should have resolved that problem, but now I have this.To reproduce
Steps to reproduce:
package.json
:yarn set version berry
oryarn set version from sources
(I could reproduce with both)corepack disable
yarn
corepack enable
(you can switch these around - first enable, then disable fails for me too)rm -rf node_modules
yarn cache clean --all
yarn
-> fails withYN0018: │ timecop@https://github.com/jamesarosen/Timecop.js.git#commit=d421df9b00386266bda93eb9c2ea15fedc888761: The remote archive doesn't match the expected checksum
I tried to make a reproducible case with Sherlock, as suggested - I made this, but it works fine there:
As an alternative, I put these steps in a Dockerfile, which does fail on the last step:
with the following package.json:
Environment
Additional context
I managed to get the zip archives from the Yarn cache, as well as the logs from the
yarn pack
:As you can see, the version used for
yarn pack
is different:Note that I have a global Yarn install from Homebrew:
The same happens when Yarn is installed through npm (as per the Dockerfile repro).
Another interesting finding: no matter if Corepack is enabled or disabled, the Yarn binary & version stays the same:
The text was updated successfully, but these errors were encountered: