When I run `npm install`, it returns with `ERR! code EINTEGRITY` (npm 5.3.0)

Question

I am getting this error while running sudo npm install. On my server, npm was installed earlier. I've tried to delete the package-lock.json file, and ran npm cache clean --force, but it didn't work.

My npm version is 5.3.0.

The error:

npm ERR! code EINTEGRITY
npm ERR! sha512-MKiLiV+I1AA596t9w1sQJ8jkiSr5+ZKi0WKrYGUn6d1Fx+Ij4tIj+m2WMQSGczs5jZVxV339chE8iwk6F64wjA== integrity checksum failed when using sha512: wanted sha512-MKiLiV+I1AA596t9w1sQJ8jkiSr5+ZKi0WKrYGUn6d1Fx+Ij4tIj+m2WMQSGczs5jZVxV339chE8iwk6F64wjA== but got sha512-WXI95kpJrxw4Nnx8vVI90PuUhrQjnNgghBl5tn54rUNKZYbxv+4ACxUzPVpJEtWxKmeDwnQrzjc0C2bYmRJVKg==. (65117 bytes)

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/ubuntu/.npm/_logs/2017-11-29T05_33_52_182Z-debug.log

Answer 1

The issue occurred for me during an upgrade to node 18 - my package-lock file was holding onto a stale resolution from a custom registry our team no longer used.

Unforutnately, removing package lock, clearing the cache and running npm install were not enough.

Deleting the stale resolutions in package-lock followed by npm install fix the issue for me.

Here I deleted the line beginning with "resolved":

// package-lock.json

     "node_modules/closest-file-data": {
       "version": "0.1.4",
-      "resolved": "https://foo.foobar.io/foo/api/npm/npm-dev/closest-file-data/-/closest-file-data-0.1.4.tgz"
,
       "integrity": "sha1-l1+HwTLymdJKA3W59jyj+4j3Kzo=",

Generally you want to avoid manual changes to this file but my machine kept insisting I use the cached package

Answer 2

Updating nodejs version worked for me.

curl -fsSL https://deb.nodesource.com/setup_12.x | sudo -E bash - sudo apt-get install -y nodejs

Answer 3

The issue was indeed in package-lock.json, and after replacing it with a working version from another branch it worked.

What's interesting is seeing the diff:

So there really is some integrity checksum in the package-lock.json and it was replaced in our package-lock.json with a SHA1 instead of a SHA-512 checksum. See here for more info.

In case you don't have a working version in another branch. Consider the message

npm ERR! code EINTEGRITY
npm ERR!
  sha512-MKiLiV+I1AA596t9w1sQJ8jkiSr5+ZKi0WKrYGUn6d1Fx+Ij4tIj+m2WMQSGczs5jZVxV339chE8iwk6F64wjA==
integrity checksum failed when using sha512: wanted
  sha512-MKiLiV+I1AA596t9w1sQJ8jkiSr5+ZKi0WKrYGUn6d1Fx+Ij4tIj+m2WMQSGczs5jZVxV339chE8iwk6F64wjA==
but got
  sha512-WXI95kpJrxw4Nnx8vVI90PuUhrQjnNgghBl5tn54rUNKZYbxv+4ACxUzPVpJEtWxKmeDwnQrzjc0C2bYmRJVKg==
. (65117 bytes)

Find the package in package-lock.json using the first checksum:

sha512-MKiLiV+I1AA596t9w1sQJ8jkiSr5+ZKi0WKrYGUn6d1Fx+Ij4tIj+m2WMQSGczs5jZVxV339chE8iwk6F64wjA==

and put the third checksum into its "integrity" field:

sha512-WXI95kpJrxw4Nnx8vVI90PuUhrQjnNgghBl5tn54rUNKZYbxv+4ACxUzPVpJEtWxKmeDwnQrzjc0C2bYmRJVKg==

A more detailed description is here.

Answer 4

See https://github.com/npm/npm/issues/16861

This worked for me:
npm cache verify

Then I re-ran:
npm install -g create-react-app

And it installed as expected: Issue resolved.

---

Other solutions mentioned in the GitHub issue include:

npm cache clean --force

OR

Deleting npm and npm-cache folders in Users%username%\AppData\Roaming (Windows 7 and Windows 10) and running npm install

OR

Update npm by via npm i -g npm

OR

Delete package-lock.json

OR

npm cache clean

OR

Do these steps to fix the problem:

1. Find all outdated packages and update theme:
   npm outdated -g
sudo npm i -g outDatedPKG
2. Upgrade npm to latest version with:
   sudo npm i -g npm
3. Delete package-lock.json file.
4. Delete _cacache directory in ~/.npm: npm cache verify
5. Every time I get that error, do steps 2 & 3.
6. If you still get the error, clear npm's cache:
   npm cache clean --force

OR

1. Add proxy to .npmrc in ~ directory:

proxy=http://localhost:8123
https-proxy=http://localhost:8123

2. Try again! slow internet connection and censorship may cause this ugly problem.

OR

npm cache clear --force && npm install --no-shrinkwrap --update-binary

OR

npm config set package-lock false

Answer 5

If none of the above solved your problem, then just upgrade your npm verion and try. It worked for me.

Answer 6

Easy and fast fix for me was to npm install the specific package on which it said the sha is wrong. Say your package is called awesome-package.

My solution was:

npm i awesome-package

This updated my sha within the package-lock.json.

Answer 7

In my case the sha command was missing from my linux distro; steps were

• added the packages for sha512 (on my distro sudo apt install hashalot)
• npm cache verify
• rm -rf node_modules
• npm install

Answer 8

What worked for me was npm cache verify then re-run your command. All should be good.

Answer 9

After going through all the answers and executing most of them. Although I resisted to try the Restart magic, eventually, the issue is solved after restart on my macbook(MacOS Catalina Ver. 10.15.7).

It seems like a cache issue indeed but none of the commands that I have executed cleared the cache.

Answer 10

I had the same issue. I used yarn instead of npm to install the dependencies and it worked.

yarn add *****

Answer 11

This Worked for me . open the project in CMD the run

npm cache verify 
npm install 
npm start

Answer 12

None of the above answers worked for me. The solution to my issue was to change the way the snapshot dependency was consumed inside the package.json. Use the following template to pull in the snapshot dependency that you need

"dependency": "git+http://github.com/[pathtoproject].git#[branchname]",

Answer 13

all solutions failed for me till i checked router settings; it was set to only IPV4.. i changed and put ipv4v6 and all is working fine now.

Answer 14

I faced this issue. It was my network connectivity. I changed network (from Broadband WiFi to 4G WiFi) and tried. It worked.

My broadband ISP was blocking all http requests. That might be the reason I guess in my case.

Answer 15

Before i was running this command

npm install typescript -g

after changing the command it worked perfectly.

npm install -g typescript

Answer 16

I faced same issue. Plus while I was trying to resolve from picking solutions from other devs, I faced few more issues like one listed here.

Angular 9 ng new myapp gives error The Schematic workflow failed

https://medium.com/@codewin/npm-warn-deprecated-request-2-88-2-b6da20766fd7

Finally after trying cache clean and verify and reinstall node of different versions and npm update, nvm and many other solution like set proxy and better internet connection, I still could not arrive to a resolve.

What worked for me is : I browsed a bit inside my C:\Users--- folder, I found package-lock.json and .npmrc files. I deleted those and reinstalled angular and tried. npm install and uninstall of different modules started working.

Answer 17

You should check Connection-specific DNS Suffix when type “ipconfig” or “ifconfig” in terminal

Answer 18

This was not yet mentioned but make sure that your SYSTEM TIME is correct. If it is too out of sync it will cause a EINTEGRITY error. When you are doing npm publish / install.

Answer 19

Updating .npmrc and the registry to https:// worked for me

registry=https://registry.npmjs.org/

Answer 20

Try this

  Step-1) Delete package-lock.json from root folder.
  Step-2) Delete node_modules folder
  Step-3) run npm install command in root

Answer 21

I was stuck at this for a long time and this is what helped me.

Try this:

npm cache clean --force
npm install --update-binary --no-shrinkwrap

Found this answer after digging into GitHub issues!!

Answer 22

We had this problem multiple times in the company I work at. Deleting the node_modules folder from the .nvm folder fixed the problem:

rm -rf ~/.nvm/versions/node/v8.6.0/lib/node_modules

Answer 23

I was using private npm registry and trying to install private npm module. Logging to npm local registry fixed it (used command npm --add-user)

Answer 24

My problem was 2 things:

1. Bad package-lock.json file
2. The existance of npm-shrinkwrap.json together with the package-lock.json file

What i did is:

1. Deleted the package-lock.json file
2. Delete the npm-shrinkwrap.json file
3. Ran npm install again (which recreated a good package-lock file)

Fixed my error!

Answer 25

As a workaround, follow the below steps:

1. Go to the project directory
2. Remove the node_modules directory: rm -rf node_modules
3. Remove package-lock.json file: rm package-lock.json
4. Clear the cache: npm cache clean --force
5. Run npm install --verbose If after following the above steps still the issue exists then please provide us the output of installation command with --verbose.

Answer 26

I am behind my organization's proxy, running the following commands fixed the issue for me

npm config set proxy http://proxy.yourproxydomain.com:port
npm config set https-proxy http://proxy.yourproxydomain.com:port
npm config set strict-ssl false
npm config set registry https://registry.npmjs.org/

Answer 27

Try the following:

npm cache clean --force

This has worked for me.

Answer 28

Run the commands below on your project..

npm rm -rf node_modules && npm rm package-lock.json && npm rm -rf ~/.npm && npm install --update-binary --no-shrinkwrap

Answer 29

I had a very similar problem, and in my case it worked by doing:

npm clean

This is the nuclear option since it clears every package from the cache as expained here.

Answer 30

There are several valid and helpful responses here, but I would like to add that in my case the simplest solution was:

1. Delete package-lock.json;
2. Remove folder AppData\Local\npm\cache or AppData\Roaming\npm\cache;
3. Remove folder node_modules.staging;
4. Run npm install again.

After that everything ran smoothly.