npm 安装:提取时验证失败
[英]npm install: Verfication failed while extracting
问题描述
READ BEFORE ANSWER: I've already solved this issue.
回答前阅读:我已经解决了这个问题。 It was a caching issue on the npm servers.这是 npm 服务器上的缓存问题。 Everything works fine after switching to GitHub packages.切换到 GitHub 封装后一切正常。 I've already accepted my own answer .我已经接受了我自己的答案。
I have a project, which I want to deploy to elastic beanstalk but sometimes the deploy fails on the npm install script with the following message:我有一个项目,我想将其部署到弹性 beanstalk,但有时在 npm 安装脚本上部署失败,并显示以下消息:
npm ERR! code EINTEGRITY
npm ERR! Verification failed while extracting @my-package@^1.2.0:
npm ERR! Verification failed while extracting @my-package@^1.2.0:
npm ERR! sha512-lQ...HA== integrity checksum failed when using sha512: wanted sha512-lQ...HA== but got sha512-nH...ow==. (4835509 bytes)
It fails even on packages which are severel weeks old.它甚至在严重几周前的包裹上也失败了。
I've tried:我试过了:
npm cache clean --forcenpm cache verifynode_modulesis in.npmignorenode_modules在.npmignorepackage-lock.jsonis in.npmignorepackage-lock.json在.npmignoreWriting a mail to support@npmjs.com, but they replying always with some helpless default replies without any solution or intention to help.
写一封邮件给 support@npmjs.com,但他们总是回复一些无助的默认回复,没有任何解决方案或帮助的意图。
It fails even on new elastic beanstalk instances.即使在新的弹性 beantalk 实例上它也会失败。
I have no idea how to solve this problem.我不知道如何解决这个问题。
EDIT: I've also tried to delete the npm cache while preinstall script, but it doesn't work either.编辑:我还尝试在预安装脚本时删除 npm 缓存,但它也不起作用。
EDIT2: My repo has no package-lock.json . EDIT2:我的仓库没有package-lock.json 。
EDIT3: My .npmrc file has the following content EDIT3:我的.npmrc文件具有以下内容
//registry.npmjs.org/:_authToken=${NPM_TOKEN}
unsafe-perm=true
package-lock=false
strict-ssl=false
EDIT4: I think it wasn't clear: It's a private package on the official npm registry. EDIT4:我认为还不清楚:这是官方 npm 注册表上的私有 package。 And it doesn't fail always.而且它并不总是失败。 The current publish process includes several attempts to deploy on aws instance so long as it's succeed.当前的发布过程包括多次尝试在 aws 实例上部署,只要它成功即可。
8 个解决方案
解决方案1
12 2019-11-21 03:25:52
Have u try to delete package-lock.json?您是否尝试删除 package-lock.json?
OR或者
Try to delete npm and npm-cache folders尝试删除 npm 和 npm-cache 文件夹
THEN然后
re-run npm install重新运行 npm 安装
解决方案2
4 2020-05-29 00:53:27
Not exactly your case, but for those who run into the "integrity checksum failed" error the following might help.不完全是您的情况,但对于那些遇到“完整性校验和失败”错误的人,以下可能会有所帮助。 But first make sure you understand what's going on.但首先要确保你了解发生了什么。 npm tells you that the checksum from https://registry.npm.org doesn't match the one from package-lock.json . npm告诉您来自https://registry.npm.org的校验和与来自package-lock.json的校验和不匹配。 Either it changed in the registry, or...要么它在注册表中更改,要么...
Consider a line from the output:考虑 output 中的一行:
npm ERR!
sha512-lQ...HA==
integrity checksum failed when using sha512: wanted
sha512-lQ...HA==
but got
sha512-nH...ow==
. (4835509 bytes)
Find the package in package-lock.json by the first two integrity checksums ( sha512-lQ...HA== ), and put the third one ( sha512-nH...ow== ) into its "integrity" field.通过前两个完整性校验和( sha512-lQ...HA== )在package-lock.json中找到 package ,并将第三个( sha512-nH...ow== )放入其“完整性”字段。
解决方案3
2 已采纳 2020-01-08 16:28:16
It seems to be a caching issue at the npm servers.这似乎是 npm 服务器的缓存问题。 We've switched from npm to GitHub packages, everything works fine there.我们已经从 npm 切换到 GitHub 包,一切正常。
解决方案4
0 2019-11-15 11:58:20
It could be that the version of NPM on these instances are out of date.可能是这些实例上的 NPM 版本已过期。 Could you try either: npm install -g npm你可以试试: npm install -g npm
Have you made sure that when this is deployed to beanstalk that the package-lock file is not on the instance?您是否确保将其部署到 beanstalk 时,包锁定文件不在实例上? - If you have a bad lock file it needs to be deleted and re-generated. - 如果你有一个坏锁文件,它需要被删除并重新生成。
Short of that, would need more information as you seem to have exhausted a lot of options.除此之外,您似乎已经用尽了很多选择,因此需要更多信息。
解决方案5
0 2019-11-18 17:16:04
This can happen if you request a version that is not available on the registry.如果您请求的版本在注册表中不可用,则可能会发生这种情况。
With @my-package@^1.2.0 you're requesting a version between >=1.2.0 and <2.0.0.使用@my-package@^1.2.0 ,您请求的版本介于 >=1.2.0 和 <2.0.0 之间。 Could it be that on this registry there is only a version that is older than 1.2.0 or newer than 2.0.0?难道这个注册表上只有一个早于 1.2.0 或高于 2.0.0 的版本? Npm will install whatever it gets and not raise an error here. Npm 将安装它得到的任何东西,并且不会在此处引发错误。
You can check the version you get in an npm install by looking into node_modules/my-package/package.json .您可以通过查看node_modules/my-package/package.json来检查您在 npm 安装中获得的版本。
If this is not happening when doing a local npm install , check wether the npm registry Amazon uses is containing your my-package package.如果在执行本地npm install时没有发生这种情况,请检查 Amazon 使用的 npm 注册表是否包含您的my-package package。
You could try to add the official npm registry to your Beanstalk project to check if it was the Amazon npm registry that did not contain your package.您可以尝试将官方 npm 注册表添加到您的 Beanstalk 项目中,以检查它是否是不包含您的 package 的 Amazon npm 注册表。 See How to use a private npm registry on Elastic Beanstalk?请参阅如何在 Elastic Beanstalk 上使用私有 npm 注册表? how to do this.这个怎么做。
解决方案6
0 2019-11-20 10:30:52
If you have not pushed package-lock.json in your repo, it will be generated while running npm install.如果你没有在你的仓库中推送 package-lock.json ,它将在运行 npm 安装时生成。 So it is always better to add package-lock.json in the repo to avoid inconsistent package-lock.json files across local machine and deployment machine.所以最好在 repo 中添加 package-lock.json 以避免本地机器和部署机器之间的 package-lock.json 文件不一致。
Could you please try pushing a fresh package-lock.json file to the repo and try?您能否尝试将新的 package-lock.json 文件推送到 repo 并尝试?
解决方案7
0 2019-11-20 19:17:57
Have you tried bumping the version of my-package and then directly specifying an exact version rather than a range?您是否尝试过修改my-package的版本,然后直接指定确切的版本而不是范围?
解决方案8
0 2019-11-21 05:01:12
As a workaround, follow the below steps:作为一种解决方法,请按照以下步骤操作:
- Go to the project directory Go 到工程目录
- Remove the node_modules directory: rm -rf node_modules.删除 node_modules 目录:rm -rf node_modules。
- Remove package-lock.json file: rm package-lock.json删除 package-lock.json 文件:rm package-lock.json
- Clear the cache: npm cache clean --force清除缓存:npm cache clean --force
- Run npm install --verbose运行 npm install --verbose
If after following the above steps still the issue exists then please provide us the output of installation command with --verbose.如果按照上述步骤操作后问题仍然存在,请使用 --verbose 向我们提供安装命令的 output。
解决方案9
0 2021-02-09 13:51:03
In my case, as razki alludes to, the version of npm/node on the build server differed significantly from the version on the developer's local computer.就我而言,正如 razki 所暗示的那样,构建服务器上的 npm/node 版本与开发人员本地计算机上的版本有很大不同。 Updating to a close enough version got rid of this problem.更新到足够接近的版本摆脱了这个问题。
For example:例如:
The build server had: npm/6.13.4 node/v12.14.1构建服务器有:npm/6.13.4 node/v12.14.1
The developer has: npm/6.14.8 node/v14.15.1.开发者有:npm/6.14.8 node/v14.15.1。
The build server now: npm/6.14.10 node/v14.15.4现在构建服务器:npm/6.14.10 node/v14.15.4
It seems the different versions calculate the sha differently for the same package.似乎不同的版本对相同的 package 计算 sha 的方式不同。 This is why removing the package-lock.json file can work in this particular situation - at least for a while, until the computer with the different version tries to build the project again.这就是为什么删除 package-lock.json 文件可以在这种特殊情况下工作的原因 - 至少在一段时间内,直到具有不同版本的计算机再次尝试构建项目。
解决方案10
-1 2021-01-26 09:38:40
Basically its concern about npm registery, Some home npm registery has been updated to another url.基本上它对 npm 寄存器的关注,一些家庭 npm 寄存器已更新为另一个 url。
You can run below command to see npm registery您可以运行以下命令查看 npm 注册
npm config get registry
It should be set it应该设置它
If its not then run below command如果不是,则在命令下方运行
npm config set registry https://registry.npmjs.org/
It will set npm registery.它将设置 npm 寄存器。 Now you can try again for现在你可以再试一次
npm i
and it will install package successfully.它将成功安装 package。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.