npm - using stale package data

Whenever I do an npm install, I get a ton of messages about it using stale package data. What does that mean and is it something I need to worry about?

Here's a small example of the warning messages I get with an npm install. In this particular example I just added "npm install @angular/animations@latest --save":

WARN registry Unexpected warning for https://registry.npmjs.org/: Miscellaneous Warning EINTEGRITY: sha512-Mp+FXEI+FrwY/XYV45b2YD3E8i3HwnEAoFcM0qlZzq/RZ9RwWitt2Y/c7cqRAz70U7hfekqx6qNYthuKFO6K0
g== integrity checksum failed when using sha512: wanted sha512-Mp+FXEI+FrwY/XYV45b2YD3E8i3HwnEAoFcM0qlZzq/RZ9RwWitt2Y/c7cqRAz70U7hfekqx6qNYthuKFO6K0g== but got sha1-2+xJQ20q4V9TYRTnbRRlbNvA9E0
=. (8538 bytes)
WARN registry Using stale package data from https://registry.npmjs.org/ due to a request error during revalidation.
WARN registry Unexpected warning for https://registry.npmjs.org/: Miscellaneous Warning EINTEGRITY: sha512-NnSOmMEYtVR2JVMIGTzynRkkaxtiq1xnFBcdQD/DnNCYPoEPsVJhM98BDyaoNOQIi7p4okdi3E27eN7GQbsUu
g== integrity checksum failed when using sha512: wanted sha512-NnSOmMEYtVR2JVMIGTzynRkkaxtiq1xnFBcdQD/DnNCYPoEPsVJhM98BDyaoNOQIi7p4okdi3E27eN7GQbsUug== but got sha1-wVm41b4PnlpvNG2rlPFs4CIWG4g
=. (3618 bytes)
WARN registry Using stale package data from https://registry.npmjs.org/ due to a request error during revalidation.
WARN registry Unexpected warning for https://registry.npmjs.org/: Miscellaneous Warning EINTEGRITY: sha512-Mp+FXEI+FrwY/XYV45b2YD3E8i3HwnEAoFcM0qlZzq/RZ9RwWitt2Y/c7cqRAz70U7hfekqx6qNYthuKFO6K0
g== integrity checksum failed when using sha512: wanted sha512-Mp+FXEI+FrwY/XYV45b2YD3E8i3HwnEAoFcM0qlZzq/RZ9RwWitt2Y/c7cqRAz70U7hfekqx6qNYthuKFO6K0g== but got sha1-2+xJQ20q4V9TYRTnbRRlbNvA9E0
=. (8538 bytes)
WARN registry Using stale package data from https://registry.npmjs.org/ due to a request error during revalidation.
WARN registry Unexpected warning for https://registry.npmjs.org/: Miscellaneous Warning EINTEGRITY: sha512-NnSOmMEYtVR2JVMIGTzynRkkaxtiq1xnFBcdQD/DnNCYPoEPsVJhM98BDyaoNOQIi7p4okdi3E27eN7GQbsUu
g== integrity checksum failed when using sha512: wanted sha512-NnSOmMEYtVR2JVMIGTzynRkkaxtiq1xnFBcdQD/DnNCYPoEPsVJhM98BDyaoNOQIi7p4okdi3E27eN7GQbsUug== but got sha1-wVm41b4PnlpvNG2rlPFs4CIWG4g
=. (3618 bytes)
WARN registry Using stale package data from https://registry.npmjs.org/ due to a request error during revalidation.

Here is the current package.json file that I have for my project:

{
  "name": "myproject",
  "version": "0.0.1",
  "license": "me",
  "scripts": {
    "ng": "ng",
    "start": "ng serve",
    "build": "ng build --extract-css true",
    "build-prod": "ng build -prod",
    "test": "ng test",
    "lint": "ng lint",
    "e2e": "ng e2e",
    "update:packages": "node wipe-dependencies.js && rm -rf node_modules && npm update --save-dev && npm update --save",
    "prestyleguide": "ng build --extract-css true",
    "styleguide": "rimraf dist/styleguide/ && kss --config kss/kss-config.json --custom hidemarkup --custom hideexample --custom hidedefault --custom fakeexample --placeholder .modifier-class",
    "//": "Build just the styleguide without building the entire app (requires that the app has already been built to the dist/ folder)",
    "build-styleguide": "rimraf dist/styleguide/ && kss --config kss/kss-config.json --custom hidemarkup --custom hideexample --custom hidedefault --custom fakeexample --placeholder .modifier-class"
  },
  "private": true,
  "dependencies": {
    "@angular/animations": "^4.3.3",
    "@angular/common": "^4.3.2",
    "@angular/compiler": "^4.3.2",
    "@angular/core": "^4.3.2",
    "@angular/forms": "^4.3.2",
    "@angular/http": "^4.3.2",
    "@angular/platform-browser": "^4.3.2",
    "@angular/platform-browser-dynamic": "^4.3.2",
    "@angular/router": "^4.3.2",
    "@ng-bootstrap/ng-bootstrap": "^1.0.0-alpha.28",
    "bootstrap": "^4.0.0-alpha.6",
    "classlist.js": "^1.1.20150312",
    "core-js": "^2.4.1",
    "font-awesome": "^4.7.0",
    "ngx-mydatepicker": "^2.0.12",
    "rxjs": "^5.4.2",
    "web-animations-js": "^2.3.1",
    "zone.js": "^0.8.16"
  },
  "devDependencies": {
    "@angular/cli": "^1.2.3",
    "@angular/compiler-cli": "^4.3.2",
    "@types/jasmine": "^2.5.53",
    "@types/node": "^8.0.15",
    "codelyzer": "^3.1.2",
    "fs-extra": "^4.0.0",
    "jasmine-core": "^2.6.4",
    "jasmine-spec-reporter": "^4.1.1",
    "karma": "^1.7.0",
    "karma-chrome-launcher": "^2.2.0",
    "karma-cli": "^1.0.1",
    "karma-coverage-istanbul-reporter": "^1.3.0",
    "karma-jasmine": "^1.1.0",
    "karma-jasmine-html-reporter": "^0.2.2",
    "kss": "^3.0.0-beta.18",
    "protractor": "^5.1.2",
    "random-ext": "^2.5.1",
    "ts-node": "^3.2.1",
    "tslint": "^5.5.0",
    "typedoc": "^0.7.1",
    "typescript": "^2.4.2"
  }
}

Solution 1:

try that and then reinstall all of your project's dependencies

rm ./package-lock.json
rm -r ./node_modules
npm cache clear --force

There is a full thread on github about it, since june I think

Solution 2:

Since npm 5 you don't have full control over the cache, so for npm 5 you could try

npm cache verify

This helped me. I don't think you have to remove package-lock and node_modules as first step.