A command to verify or reinstall node_modules

[denexapp]

Hi, it would be great if there was a way to verify contents of the packages in the node_modules (and store?).

Scenario: I accidentally changed a file when i was exploring source code of a dependency. I use pnpm workspaces. Currently there's no easy way to fix this cause:

• packages can be located in different node_modules - either root or workspace node_modules (probably store as well?)
• adding/removing a dependency may not help - the package can be used by another app in a different workspace
• pnpm store prune doesn't remove existing packages in node_modules
• node_modules aren't tracked by Git - it's not easy to manually find what file was affected

Idea: add a command to verify or reinstall contents of node_modules (and store?). It can be based on checksum

[tt-a1i]

This would be useful. As a workaround, here are some current options:

1. Reinstall specific package

# Remove and reinstall
pnpm remove some-package && pnpm add some-package

2. Prune store + reinstall

rm -rf node_modules
pnpm store prune
pnpm install

3. Verify via checksums (manual)
The lockfile has integrity hashes. You could theoretically:

# Get expected hash from lockfile
grep -A5 "package-name" pnpm-lock.yaml | grep integrity

# Compare with actual
sha512sum node_modules/.pnpm/package-name@version/node_modules/package-name/file.js

4. Use --force flag

pnpm install --force

This should relink everything from store, though it won't fix store corruption.

Feature request idea:

# Verify integrity of all installed packages
pnpm verify

# Verify and fix mismatches
pnpm verify --fix

# Verify specific package
pnpm verify lodash

This could compare actual file hashes against lockfile integrity, report mismatches, and optionally re-extract from store or redownload.