Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Install is failing in Travis CI - Packages do not match the hash from Pipfile.lock

See original GitHub issue

I’m getting this error when running pipenv install in my TravisCI build step.

$ pipenv install
Installing dependencies from Pipfile.lock (4d9d13)…
An error occurred while installing numpy==1.13.3! Will try again.
An error occurred while installing pandas==0.20.3! Will try again.
  🐍   ▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉ 10/10 — 00:00:05
Installing initially–failed dependencies…
Collecting numpy==1.13.3 
  Using cached numpy-1.13.3-cp36-cp36m-manylinux1_x86_64.whl
THESE PACKAGES DO NOT MATCH THE HASHES FROM Pipfile.lock!. If you have updated the package versions, please update the hashes. Otherwise, examine the package contents carefully; someone may have tampered with them.
    numpy==1.13.3 from (from -r /tmp/pipenv-fah3kcyp-requirement.txt (line 1)):
        Expected sha256 fa656dccfa9141774440575a6e7875d08b93f4a332eb5ae40877b26bed291c01
             Got        e8e0e75db757e41463888939d26c8058b4ecd25e563c597e9119f512dc0ee1da
  ☤  ▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉ 0/2 — 00:00:01
The command "pipenv install" failed and exited with 1 during .
Your build has been stopped.


url = ""
verify_ssl = true

bs4 = "*"
pandas = "*"
pytest = "*"

Travis CI yml:

language: python
  - "3.6.2"
  - pip3 install pipenv
  - pipenv install
  - pytest

Please let me know what other information would be helpful.

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:13 (8 by maintainers)

github_iconTop GitHub Comments

nateprewittcommented, Oct 3, 2017

@brandonmbanks, I took another look at this and realized you have a very old lock file. It looks like this was generated back in the 5.X versions or earlier. What version of pipenv are you using and could you generate a new lockfile with the latest version?

There should be at least 3 hashes for numpy on Linux.

kennethreitzcommented, Oct 1, 2017

This is good! This means that hashes are working 😃

Read more comments on GitHub >

github_iconTop Results From Across the Web

python - pipenv: packages do not match the hashes from the ...
I recently installed O365 and shortuuid packages using following command, which got executed with no problems on Mac M1. pipenv install --keep- ...
Read more >
pipenv Documentation
By default, the Pipfile. lock will be generated with the sha256 hashes of each downloaded package. This will allow pip to guarantee you're....
Read more >
Customizing the Build - Travis CI Docs
Allowed failures are jobs in your build matrix that are allowed to fail without causing the entire build to fail. This lets you...
Read more >
pipenv Documentation - manpages.ubuntu!
Generates and checks file hashes for locked dependencies. ... Automatically install required Pythons, if pyenv is available. ... Automatically finds your project ...
Read more >
Advanced Usage of Pipenv - Python Packaging Authority
Dependencies of wheels provided in a Pipfile will not be captured by $ pipenv lock . There are some known issues with using...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found