Why did package-lock.json change the integrity hash from sha1 to sha512?

Question

I just generated a new npm lockfile, package-lock.json, as part of my typical workflow. But I noticed that this time all of the integrity hashes have been changed from sha1 to s

Answer 1

See also https://github.com/npm/npm/issues/17749 which although claims the issue is 'fixed', it isn't. Removing node_modules is a workaround.

There may be a relationship with operating systems. We're hitting this right now with developers on Linux and Windows platforms.