[BUG] integrity sha512 is different for git repo between windows and mac

[HarelM]

Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

CI failure can be seen here (scroll down) when running npm install:
https://ci.appveyor.com/project/IsraelHikingHost/site/builds/40938498

Expected Behavior

It shouldn't fail as this sha512 was generated just before this run on my machine.

Steps To Reproduce

1. The following is the relevant project: https://github.com/IsraelHikingMap/Site/tree/0d479d3018db9a5bb478c243d0a3929f91151c8e/IsraelHiking.Web
2. On MacOS
3. Delete package.lock file
4. Run npm install
5. Check-in lock-file
6. On the CI (windows machine)
7. run npm install
8. ---> failure due to different integrity sha signature.

I've downgraded to version 6 where this doesn't happen as it seems that the git repo don't have the integrity value in the lock file...

Environment

• OS: MacOS 11.5.2 and Windows image of appveyor
• Node: 14.17
• npm: 7.24

[Zenexer]

Also different between macOS and Linux. NPM 8.3.0 and node 17.3.0 on both devices. Both are ARM64.

This causes repos with package-lock.json committed to fail to install.

[stszap]

Looks like a duplicate #2846

[nlf]

as of npm 8.5.2 we no longer compare the integrity value for git dependencies, see npm/rfcs#525