Reputation: 31
Yarn install - bad hash behind private registry - Jhipster v5 upgrade
I report an issue with Yarn and the installation of Javascript dependencies from a Jhipster v4 to Jhipser v5.0.1 (Angular stack) throug a private Nexus Npm proxy and private Artifactory registry
However, I am experiencing sha1sum errors when installing javascript dependencies with Yarn
Exemple :
> [INFO] [1/5] Validating package.json...
> [INFO] [2/5] Resolving packages...
> [INFO] [3/5] Fetching packages...
> [ERROR] error http://registry.npmjs.org/compression/-/compression-1.7.2.tgz: Fetch
> succeeded for undefined. However, extracting
> "http://registry.npmjs.org/compression/-/compression-1.7.2.tgz"
> resulted in hash "b0850fe39bd92980d49335a26b3deb4fcc71a64d", which did
> not match the requested hash "aaffbcd6aaf854b44ebb280353d5ad1651f59a69".
Sometimes it's with these libraries:
- follow-redirects-1.5.1
- onetime-1.1.0
- compression-1.7.2
With Node v8.9.4 or v8.11.3 Whether with Yarn 1.6.0, 1.7.0 or 1.8.0
I of course did that:
- Do a
yarn cache clean - Delete node_modules/
- Remove yarn.lock
- Add the Yarn flag --skip-integrity-check
Whith an curl http://private-artifactory/compression/-/compression-1.7.2.tgz the sha1sum is OK It's also OK with an direct internet access (without corporate Npm proxy)
Same mistake on our dev posts or our Jenkins docker CI-CD (Debian 9) The issue is the same with our Nexus proxy or our private registry Artifactory
Also no problem with our code branch stayed in Jhipster v4
Yarn closed ticket did not help us : https://github.com/yarnpkg/yarn/issues/3354
And the way around that I found is to use the --update-checksums flag on every Yarn commands
yarn install --update-checksums
and with Maven frontend-maven-plugin eirslett in the pom.xml :
<goals>
<goal>install-node-and-yarn</goal>
<goal>yarn</goal>
</goals>
<configuration>
<arguments>install --update-checksums</arguments>
</configuration>
I would be happy to receive any help or explanations :)
UPDATE:
Return to normal with Yarn v1.9.4 :)
Upvotes: 3
Views: 2491
Answers (1)
Reputation: 881
I had similar issue with modernizr. So I removed it from package.json, then did:
yarn install
and then
yarn add modernizr
So the idea basically to remove wrong package, and then add it after installation.
Upvotes: 0
Related Questions
- Yarn can't find private Github npm registry
- yarn workspace has problem with private npm registry
- Upgrading jhipster from v5.0.1 to the latest
- Update of jhipster generator won't work
- yarn start fails after jhipster 5.0.1 upgrade
- yarn does not start in Jhipster generated project
- JHipster - warnings on new project generation
- Error when adding generator-jhipster via YARN
- Yarn package won't upgrade globally (after migrating from NPM)
- Previously installed jhipster 3.12 found after yarn installed 4.0.6