How to have Artifactory provide the same artifact checksums as registry.npmjs.org?

About

Asked 14/10, 2019 at 22:51 Answered 14/10, 2019 at 22:51

When switching to Artifactory the npm install produces the package-lock.json file with only SHA1 digests for artifacts checksums. Without Artifactory (i.e. using registry.npmjs.org) npm combines SHA1 and SHA512 (latter is used for packages published with npm version 5 and above, according to npm community). Is there a configuration option to use SHA512 vs SHA1?

Lebbie answered 14/10, 2019 at 22:51 Comment(1)

I'm having issues with packages flip-flopping between sha1 and sha512. causes lockfile conflicts that are really annoying on a big team. Would love a way to force one or the other. – Gaffe 21/11, 2022 at 18:26

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags