mirror of
https://github.com/denoland/deno.git
synced 2024-12-01 16:51:13 -05:00
4f80d83774
This changes the lockfile to not store JSR specifiers in the "remote" section. Instead a single JSR integrity is stored per package in the lockfile, which is a hash of the version's `x.x.x_meta.json` file, which contains hashes for every file in the package. The hashes in this file are then compared against when loading. Additionally, when using `{ "vendor": true }` in a deno.json, the files can be modified without causing lockfile errors—the checksum is only checked when copying into the vendor folder and not afterwards (eventually we should add this behaviour for non-jsr specifiers as well). As part of this change, the `vendor` folder creation is not always automatic in the LSP and running an explicit cache command is necessary. The code required to track checksums in the LSP would have been too complex for this PR, so that all goes through deno_graph now. The vendoring is still automatic when running from the CLI.
12 lines
477 B
Text
12 lines
477 B
Text
Download [WILDCARD]
|
|
error: Integrity check failed for package: "npm:@babel/parser@7.19.0". Unable to verify that the package
|
|
is the same as when the lockfile was generated.
|
|
|
|
Actual: sha512-74bEXKX2h+8rrfQUfsBfuZZHzsEs6Eql4pqy/T4Nn6Y9wNPggQOqD6z6pn5Bl8ZfysKouFZT/UXEH94ummEeQw==
|
|
Expected: sha512-foobar!
|
|
|
|
This could be caused by:
|
|
* the lock file may be corrupt
|
|
* the source itself may be corrupt
|
|
|
|
Use "--lock-write" flag to regenerate the lockfile at "[WILDCARD]lock.json".
|