[BUG] Unable to install 11.1.0 with corepack

[jensenbox]

Is there an existing issue for this?

• I have searched the existing issues

This issue exists in the latest npm version

• I am using the latest npm

Current Behavior

We have tried with the the docker 22 release as well as locally but running:

corepack prepare npm@latest --activate

or
corepack prepare [email protected] --activate

both fail with the same following error:

Preparing [email protected] for immediate activation...
Internal Error: Cannot find matching keyid: {"signatures":[{"sig":"MEYCIQCKqkTMp8Lr/s6dqmOOdG9bdpCWzPLUL3typxXxDW1gFwIhANdhRHLzpYGy2An4pE+1amOBppTlN1oqN72/PEzSZN1M","keyid":"SHA256:DhQ8wR5APBvFHLF/+Tc+AYvPOdTpcIDqOhxsBHRwC7U"}],"keys":[{"expires":null,"keyid":"SHA256:jl3bwswu80PjjokCgh0o2w5c2U4LhQAE57gj9cz1kzA","keytype":"ecdsa-sha2-nistp256","scheme":"ecdsa-sha2-nistp256","key":"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1Olb3zMAFFxXKHiIkQO5cJ3Yhl5i6UPp+IhuteBJbuHcA5UogKo0EWtlWwW6KSaKoTNEYL7JlCQiVnkhBktUgg=="}]}
    at verifySignature (/home/christian/.local/share/fnm/node-versions/v22.12.0/installation/lib/node_modules/corepack/dist/lib/corepack.cjs:21535:47)
    at installVersion (/home/christian/.local/share/fnm/node-versions/v22.12.0/installation/lib/node_modules/corepack/dist/lib/corepack.cjs:21882:7)
    at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
    at async Engine.ensurePackageManager (/home/christian/.local/share/fnm/node-versions/v22.12.0/installation/lib/node_modules/corepack/dist/lib/corepack.cjs:22310:32)
    at async PrepareCommand.execute (/home/christian/.local/share/fnm/node-versions/v22.12.0/installation/lib/node_modules/corepack/dist/lib/corepack.cjs:23019:27)
    at async PrepareCommand.validateAndExecute (/home/christian/.local/share/fnm/node-versions/v22.12.0/installation/lib/node_modules/corepack/dist/lib/corepack.cjs:19835:22)
    at async _Cli.run (/home/christian/.local/share/fnm/node-versions/v22.12.0/installation/lib/node_modules/corepack/dist/lib/corepack.cjs:20772:18)
    at async Object.runMain (/home/christian/.local/share/fnm/node-versions/v22.12.0/installation/lib/node_modules/corepack/dist/lib/corepack.cjs:23091:19)

Expected Behavior

No error

Steps To Reproduce

1. Ensure you have Node 22 installed
2. run fnm exec corepack prepare [email protected] --activate

Environment

• npm: 10.9.0
• node: v22.12.0
• OS Name: Linux Mint
• npm config:

; node bin location = /home/christian/.local/share/fnm/node-versions/v22.12.0/installation/bin/node
; node version = v22.12.0
; npm local prefix = /home/christian/projects/test
; npm version = 10.9.0
; cwd = /home/christian/projects/test
; HOME = /home/christian
; Run `npm config ls -l` to show all defaults.

; "default" config from default values

_auth = (protected)
access = null
all = false
allow-same-version = false
also = null
audit = true
audit-level = null
auth-type = "web"
before = null
bin-links = true
browser = null
ca = null
cache = "/home/christian/.npm"
cache-max = null
cache-min = 0
cafile = null
call = ""
cert = null
cidr = null
color = true
commit-hooks = true
cpu = null
depth = null
description = true
dev = false
diff = []
diff-dst-prefix = "b/"
diff-ignore-all-space = false
diff-name-only = false
diff-no-prefix = false
diff-src-prefix = "a/"
diff-text = false
diff-unified = 3
dry-run = false
editor = "vi"
engine-strict = false
expect-result-count = null
expect-results = null
fetch-retries = 2
fetch-retry-factor = 10
fetch-retry-maxtimeout = 60000
fetch-retry-mintimeout = 10000
fetch-timeout = 300000
force = false
foreground-scripts = false
format-package-lock = true
fund = true
git = "git"
git-tag-version = true
global = false
global-style = false
globalconfig = "/home/christian/.local/share/fnm/node-versions/v22.12.0/installation/etc/npmrc"
heading = "npm"
https-proxy = null
if-present = false
ignore-scripts = false
include = []
include-staged = false
include-workspace-root = false
init-author-email = ""
init-author-name = ""
init-author-url = ""
init-license = "ISC"
init-module = "/home/christian/.npm-init.js"
init-version = "1.0.0"
init.author.email = ""
init.author.name = ""
init.author.url = ""
init.license = "ISC"
init.module = "/home/christian/.npm-init.js"
init.version = "1.0.0"
install-links = false
install-strategy = "hoisted"
json = false
key = null
legacy-bundling = false
legacy-peer-deps = false
libc = null
link = false
local-address = null
location = "user"
lockfile-version = null
loglevel = "notice"
logs-dir = null
logs-max = 10
; long = false ; overridden by cli
maxsockets = 15
message = "%s"
node-options = null
noproxy = [""]
npm-version = "10.9.0"
offline = false
omit = []
omit-lockfile-registry-resolved = false
only = null
optional = null
os = null
otp = null
pack-destination = "."
package = []
package-lock = true
package-lock-only = false
parseable = false
prefer-dedupe = false
prefer-offline = false
prefer-online = false
prefix = "/home/christian/.local/share/fnm/node-versions/v22.12.0/installation"
preid = ""
production = null
progress = true
provenance = false
provenance-file = null
proxy = null
read-only = false
rebuild-bundle = true
registry = "https://registry.npmjs.org/"
replace-registry-host = "npmjs"
save = true
save-bundle = false
save-dev = false
save-exact = false
save-optional = false
save-peer = false
save-prefix = "^"
save-prod = false
sbom-format = null
sbom-type = "library"
scope = ""
script-shell = null
searchexclude = ""
searchlimit = 20
searchopts = ""
searchstaleness = 900
shell = "/bin/bash"
shrinkwrap = true
sign-git-commit = false
sign-git-tag = false
strict-peer-deps = false
strict-ssl = true
tag = "latest"
tag-version-prefix = "v"
timing = false
umask = 0
unicode = true
update-notifier = true
usage = false
user-agent = "npm/{npm-version} node/{node-version} {platform} {arch} workspaces/{workspaces} {ci}"
userconfig = "/home/christian/.npmrc"
version = false
versions = false
viewer = "man"
which = null
workspace = []
workspaces = null
workspaces-update = true
yes = null

; "cli" config from command line options

long = true

[LucienLeMagicien]

Relevant/related issues:

• Newly published versions of package managers distributed from npm cannot be installed due to key id mismatch nodejs/corepack#612
• Installing pnpm 10.1.0 on windows fails with cannot find matching keyid pnpm/pnpm#9014

See also this nodejs/corepack#616 (comment) for the rundown. In particular:

The workarounds are to set the environment variable COREPACK_INTEGRITY_KEYS=0, to manually update to [email protected] or to install it using knowledge of the release's hash.

You can manually update corepack by running npm install -g corepack@latest.

(If you'd rather "install it using knowledge of the release's hash", see his other comment here: nodejs/corepack#612 (comment) : run npm view [email protected] dist.shasum to get the hash.)

[MikeMcC399]

@jensenbox

You can use the same principle I found for pnpm. The following should unblock you:

SHA_SUM=$(npm view [email protected] dist.shasum)
corepack install -g [email protected]+sha1.$SHA_SUM

I'm completely new to this. So this really is just peer-to-peer support!

[wraithgar]

This not a bug w/ npm it was an issue w/ corepack. The newest version of corepack was updated and can now validate things signed w/ the latest npm registry key.

[djakielski]

It's also happening on npm version 20

[MikeMcC399]

@djakielski

It's also happening on npm version 20

There is no npm version 20. Perhaps you mean Node.js 20?

Are you asking for help or just reporting your issue?

[troyere]

Same here by using nvm, node 22.13.1 in .nvmrc, and pnpm 9.15.5 in package.json :

nvm install
corepack prepare

[ricardo-rumble]

What we did for now was in our Dockerfile

FROM node:20.18-bookworm AS base

# ... some of our configuration here

RUN install --owner=node --group=node --directory /src/frontend/${SUBDIR}/ /src/frontend/.pnpm-store/ \
- && corepack enable pnpm \ 
+ && npm i -g [email protected] \

# ... rest of our Dockerfile

This works for us, as corepack was only used to install pnpm, but it's a temporary workaround.

[MikeMcC399]

@troyere

Same here by using nvm, node 22.13.1 in .nvmrc, and pnpm 9.15.5 in package.json :

nvm install
corepack prepare

• Your issue is discussed in Newly published versions of package managers distributed from npm cannot be installed due to key id mismatch nodejs/corepack#612 (comment)

[MikeMcC399]

@ricardo-rumble

What we did for now was in our Dockerfile

FROM node:20.18-bookworm AS base

# ... some of our configuration here

RUN install --owner=node --group=node --directory /src/frontend/${SUBDIR}/ /src/frontend/.pnpm-store/ \
- && corepack enable pnpm \ 
+ && npm i -g [email protected] \

# ... rest of our Dockerfile

This works for us, as corepack was only used to install pnpm, but it's a temporary workaround.

This has the same root cause as the issue installing [email protected] with Corepack, however you are in the wrong issue list if your problem is with pnpm installation with Corepack.

I have however seen other users working around the issue in Docker with

&& npm install -g corepack@latest && corepack enable pnpm

• The related Corepack issue is Newly published versions of package managers distributed from npm cannot be installed due to key id mismatch nodejs/corepack#612

[apichai1moby]

corepack enable && corepack prepare [email protected] --activate

It's work!!!

[uday-octanom]

corepack enable && corepack prepare [email protected] --activate

It's work!!!

Thanks @apichai1moby, I was able to resume my deployment coz of this.

[0ctothorp]

You can also store your preferred pnpm version in package.json:

"packageManager": "[email protected]"

Then in the CI script:

corepack enable
corepack prepare --activate

This way, you'll always use the same version of pnpm locally and on your CI.

[MikeMcC399]

@ymolists

That is quite a different issue and you should probably be asking your question in a separate issue in the https://github.com/nodejs/corepack/issues list to see if Corepack is supported in a NixOS environment, which is quite special. Or check the NixOS issues for guidance.

[jerohero]

npm i -g corepack fixed it for me