Lockfile漂移检测与安装一致性治理（node_modules-校验）最佳实践

实现示例type LockEntry = { name: string; version: string; integrity?: string }

type ModuleEntry = { name: string; version: string }

function parseSri(integrity?: string): { alg: 'sha256'; b64: string } | null { if (!integrity) return null; const m = /^sha256-([A-Za-z0-9+/=]+)$/.exec(integrity); return m ? { alg: 'sha256', b64: m[1] } : null }

function compare(lock: LockEntry[], mods: ModuleEntry[]): { ok: boolean; diffs: string[] } {

const lm = new Map<string, LockEntry>()

for (const l of lock) lm.set(l.name, l)

const diffs: string[] = []

for (const m of mods) {

const le = lm.get(m.name)

if (!le) { diffs.push(`missing:${m.name}`); continue }

if (le.version !== m.version) diffs.push(`version:${m.name}`)

const sri = parseSri(le.integrity || '')

if (!sri) diffs.push(`integrity:${m.name}`)

}

return { ok: diffs.length === 0, diffs }

}

审计与CI门禁记录漂移清单与哈希缺失；不一致阻断并提示重新安装或锁定。构建强制 `ci` 模式与离线缓存。