项目没有包相关的变动,再跑流水线时候,执行npm ci报错:
npm ERR! code EINTEGRITY
npm ERR! Verification failed while extracting [email protected]:
npm ERR! Verification failed while extracting [email protected]:
npm ERR! sha1-9B3LGvJYKvNpLaNvxVy9jhBBxCY= integrity checksum failed when using sha1: wanted sha1-9B3LGvJYKvNpLaNvxVy9jhBBxCY= but got sha512-+ux3lx6peh0BpvY0JebGyZoiR4D+oYzdPZMKJwkZ+sFkNJzpL7tXc/wehS49gUAxg3tmMHPHZkA8JU2rhhgDHw== sha1-Z79X9HWPAu3oj7KhcS/vTRU1i+M=. (649719 bytes)
npm WARN tarball tarball data for [email protected] (sha1-P17WZYPM1vQAtaANtvfoYTY+OI8=) seems to be corrupted. Trying one more time.
npm WARN tarball tarball data for [email protected] (sha1-P17WZYPM1vQAtaANtvfoYTY+OI8=) seems to be corrupted. Trying one more time.
package-lock.json 片段:
"fsevents": {
"version": "1.2.4",
"resolved": "http://registry.npm.taobao.org/fsevents/download/fsevents-1.2.4.tgz",
"integrity": "sha1-9B3LGvJYKvNpLaNvxVy9jhBBxCY=",
"optional": true,
"requires": {
"nan": "^2.9.2",
"node-pre-gyp": "^0.10.0"
},
"dependencies": {
"abbrev": {
"version": "1.1.1",
"bundled": true,
从 resolved 地址下载下来,用 sha1+base64 计算后,和 integrity 是一致的。 看网上有人说网络问题也会导致 integrity 不一致,但是我手动下载包挺快的,难道我手动从 resolved 地址下载,和 npm 的下载机制不一样?
直接删掉 package-lock.json ,装新版本倒是可以,但是项目太老了,严重依赖这个版本 package-lock.json ,更新后会出现一堆别的问题。以前遇到过类似的情况,等个几天,传说中的网络情况好转后就正常了。关键不懂 npm 的机制,不太懂是哪到哪的网络不稳定。
