The EINTEGRITY error occurs when a downloaded package doesn't match its expected checksum. Clear npm cache and delete package-lock.json to resolve corrupted integrity hashes.
The EINTEGRITY error is npm's security feature detecting a mismatch between the expected checksum (stored in package-lock.json) and the actual downloaded package. This prevents installation of potentially corrupted or tampered packages. This typically happens when the npm cache becomes corrupted, when switching between npm versions that use different hash algorithms (SHA1 vs SHA512), or when network issues cause incomplete downloads.
Start with cache verification:
# Verify cache integrity
npm cache verify
# If issues found, force clean
npm cache clean --force
# Retry installation
npm installDelete corrupted files and reinstall:
# Remove node_modules and lockfile
rm -rf node_modules package-lock.json
# Clean npm cache
npm cache clean --force
# Verify cache
npm cache verify
# Reinstall
npm installIf error mentions a specific package:
# Remove and reinstall the package
npm uninstall <package-name>
npm install <package-name>
# Or update to latest version
npm update <package-name>Different npm versions use different hash algorithms:
# Check npm version
npm -v
# Update npm to latest
npm install -g npm@latest
# Regenerate lockfile
rm package-lock.json
npm installOnce lockfile is regenerated, use npm ci in CI:
# For reproducible installs
npm cinpm ci is stricter about integrity and fails fast on mismatches.
Verify you're using the correct registry:
# Check current registry
npm config get registry
# Reset to default if needed
npm config set registry https://registry.npmjs.org/
# Clear cache after registry change
npm cache clean --forceThe integrity field in package-lock.json uses "algorithm-hash" format (e.g., sha512-xxxxx==). npm v5+ uses SHA512 by default, while older versions used SHA1.
Cache locations:
- Linux/macOS: ~/.npm
- Windows: %AppData%\npm-cache
For CI/CD environments, this error is common when cache is shared across different npm versions. Clear cache at the start of builds or use npm ci which is more strict about integrity verification.
If the error persists after all fixes, the package itself might have been republished with different content (rare but possible). Check the package's npm page for recent updates.
npm notice access token expired or revoked. Please try logging in again.
Token has expired - npm authentication failure
npm ERR! code EAI_AGAIN
How to fix "EAI_AGAIN" in npm
npm error code E403 npm error 403 Forbidden - PUT https://registry.npmjs.org/<package>
How to fix 'E403 Forbidden' error in npm
npm ERR! code EUSAGE npm ERR! Usage error
How to fix "npm ERR! code EUSAGE" in Node.js projects
npm ERR! code E401 npm ERR! 401 Unauthorized
How to fix "E401 Unauthorized" in npm