Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix sha512 checksum for NPM dependency cdav-library (Fixes: #2362) #2363

Closed
wants to merge 1 commit into from

Conversation

mejo-
Copy link
Member

@mejo- mejo- commented Jul 20, 2021

The sha512 checksum for cdav-library commit 0d82618 in
package-lock.json was wrong.

@mejo- mejo- linked an issue Jul 20, 2021 that may be closed by this pull request
@mejo- mejo- added the 3. to review Waiting for reviews label Jul 20, 2021
@mejo- mejo- requested a review from skjnldsv July 20, 2021 11:04
The sha512 checksum for cdav-library commit 0d82618 in
`package-lock.json` was wrong.

Signed-off-by: Jonas Meurer <jonas@freesources.org>
@codecov
Copy link

codecov bot commented Jul 20, 2021

Codecov Report

Merging #2363 (66c5ccf) into master (b8dc17d) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##             master    #2363   +/-   ##
=========================================
  Coverage     69.25%   69.25%           
  Complexity      246      246           
=========================================
  Files            22       22           
  Lines           696      696           
=========================================
  Hits            482      482           
  Misses          214      214           

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b8dc17d...66c5ccf. Read the comment docs.

@mejo-
Copy link
Member Author

mejo- commented Jul 20, 2021

I was able to track down the issue to the NPM version being installed: with NPM 7.7.0 or newer installed, the existing integrity checksum is calculated, with NPM 7.6.4 or older, the other one. I suspect the change regarding npm publish in NPM 7.7.0 to be the reason for this.

In other words, there's no problem with the package-lock.json as it is right now, but it requires NPM >= 7.7.0. Sorry for the noise.

I's always so much fun (not!) to debug the toolchain only to realize that something backwards-incompatible changed "somewhere" 😢

@mejo- mejo- closed this Jul 20, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
3. to review Waiting for reviews
Projects
None yet
Development

Successfully merging this pull request may close these issues.

npm ci fails due to wrong cdav-library tarball checksum.
1 participant