When I run `npm install`, it returns with `ERR! code EINTEGRITY` (npm 5.3.0)

ubuntu node.js npm

Solution 1:

See https://github.com/npm/npm/issues/16861

This worked for me:
npm cache verify

Then I re-ran:
npm install -g create-react-app

And it installed as expected: Issue resolved.

Other solutions mentioned in the GitHub issue include:

npm cache clean --force

OR

Deleting npm and npm-cache folders in Users%username%\AppData\Roaming (Windows 7 and Windows 10) and running npm install

OR

Update npm by via npm i -g npm

OR

Delete package-lock.json

OR

npm cache clean

OR

Do these steps to fix the problem:

  1. Find all outdated packages and update theme:
    npm outdated -g
    sudo npm i -g outDatedPKG
  2. Upgrade npm to latest version with:
    sudo npm i -g npm
  3. Delete package-lock.json file.
  4. Delete _cacache directory in ~/.npm: npm cache verify
  5. Every time I get that error, do steps 2 & 3.
  6. If you still get the error, clear npm's cache:
    npm cache clean --force

OR

  1. Add proxy to .npmrc in ~ directory:

proxy=http://localhost:8123
https-proxy=http://localhost:8123

  1. Try again! slow internet connection and censorship may cause this ugly problem.

OR

npm cache clear --force && npm install --no-shrinkwrap --update-binary

OR

npm config set package-lock false

Solution 2:

Delete package-lock.json file and then try to install

Solution 3:

Actually the above is related to the network connectivity in side the server. When I've good connectivity in the server, the npm install gone good and didn't throw any error

Solution 4:

The issue was indeed in package-lock.json, and after replacing it with a working version from another branch it worked.

What's interesting is seeing the diff:

diff

So there really is some integrity checksum in the package-lock.json to verify that the file you are downloading hasn't been tampered with. It's just that somehow the integrity checksum was replaced in our package-lock.json with a SHA1 instead of a SHA-512 checksum. I have no idea how this happened.

In case you don't have a working version in another branch. Consider the message

npm ERR! code EINTEGRITY
npm ERR!
  sha512-MKiLiV+I1AA596t9w1sQJ8jkiSr5+ZKi0WKrYGUn6d1Fx+Ij4tIj+m2WMQSGczs5jZVxV339chE8iwk6F64wjA==
integrity checksum failed when using sha512: wanted
  sha512-MKiLiV+I1AA596t9w1sQJ8jkiSr5+ZKi0WKrYGUn6d1Fx+Ij4tIj+m2WMQSGczs5jZVxV339chE8iwk6F64wjA==
but got
  sha512-WXI95kpJrxw4Nnx8vVI90PuUhrQjnNgghBl5tn54rUNKZYbxv+4ACxUzPVpJEtWxKmeDwnQrzjc0C2bYmRJVKg==
. (65117 bytes)

Find the package in package-lock.json using the first checksum:

sha512-MKiLiV+I1AA596t9w1sQJ8jkiSr5+ZKi0WKrYGUn6d1Fx+Ij4tIj+m2WMQSGczs5jZVxV339chE8iwk6F64wjA==

and put the third checksum into its "integrity" field:

sha512-WXI95kpJrxw4Nnx8vVI90PuUhrQjnNgghBl5tn54rUNKZYbxv+4ACxUzPVpJEtWxKmeDwnQrzjc0C2bYmRJVKg==

A more detailed description is here.

Solution 5:

My problem was 2 things:

  1. Bad package-lock.json file
  2. The existance of npm-shrinkwrap.json together with the package-lock.json file

What i did is:

  1. Deleted the package-lock.json file
  2. Delete the npm-shrinkwrap.json file
  3. Ran npm install again (which recreated a good package-lock file)

Fixed my error!

Related

Github permission denied: ssh add agent has no identities
Search and replace in bash using regular expressions
How can I sort a List alphabetically?
Is there a way to automate the Android SDK installation?
Iterate a list with indexes in Python
How to change Android version and code version number?
how to write setTimeout with params by Coffeescript
How to alter SQL in "Edit Top 200 Rows" in SSMS 2008
Suppress echo of command invocation in makefile?
Using GitLab token to clone without authentication
What is the difference between Spring's GA, RC and M2 releases?
Delete all the queues from RabbitMQ?