Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

plantuml: use new sha256 for source jar #133037

Closed
wants to merge 1 commit into from
Closed

plantuml: use new sha256 for source jar #133037

wants to merge 1 commit into from

Conversation

gibfahn
Copy link
Contributor

@gibfahn gibfahn commented Jun 7, 2023
edited
Loading

  • Have you followed the guidelines for contributing?
  • Have you ensured that your commits follow the commit style guide?
  • Have you checked that there aren't other open pull requests for the same formula update/change?
  • Have you built your formula locally with brew install --build-from-source <formula>, where <formula> is the name of the formula you're submitting?
  • Is your test running fine brew test <formula>, where <formula> is the name of the formula you're submitting?
  • Does your build pass brew audit --strict <formula> (after doing brew install --build-from-source <formula>)? If this is a new formula, does it pass brew audit --new <formula>?

Upstream issue: plantuml/plantuml#1447

Commits (oldest to newest)

6f7d0cd plantuml: use new sha256 for source jar

Not sure why this changed, but it looks like the release has a new
shasum now. I got the same result by downloading through the browser.

I guess the plantuml devs republished the same release.

brew fetch -s --formula Formula/plantuml.rb
==> Downloading https://github.com/plantuml/plantuml/releases/download/v1.2023.8/plantuml-1.2023.8.jar
Warning: Formula reports different sha256: 4d4084ce85dbb1072fb2cfeae5100ef3a7b712e17b54b87eb612593e74d62f1f
Already downloaded: /Users/gib/Library/Caches/Homebrew/downloads/fd6842251850d5bfc5138b2106b024c8f9110487b2c73438c664317d917090eb--plantuml-1.2023.8.jar
SHA256: 0a200db6e485c18206fc98e3ba1b44876c31bcec167ec0d5f152eb67c87aad46

@gibfahn
plantuml: use new sha256 for source jar
6f7d0cd 
Not sure why this changed, but it looks like the release has a new
shasum now. I got the same result by downloading through the browser.

I guess the plantuml devs republished the same release.

```console
❯ brew fetch -s --formula Formula/plantuml.rb
==> Downloading https://github.com/plantuml/plantuml/releases/download/v1.2023.8/plantuml-1.2023.8.jar
Warning: Formula reports different sha256: 4d4084ce85dbb1072fb2cfeae5100ef3a7b712e17b54b87eb612593e74d62f1f
Already downloaded: /Users/gib/Library/Caches/Homebrew/downloads/fd6842251850d5bfc5138b2106b024c8f9110487b2c73438c664317d917090eb--plantuml-1.2023.8.jar
SHA256: 0a200db6e485c18206fc98e3ba1b44876c31bcec167ec0d5f152eb67c87aad46
```
@github-actions github-actions bot added the java Java use is a significant feature of the PR or issue label Jun 7, 2023
@carlocab carlocab added the checksum mismatch SHA-256 doesn't match the download label Jun 7, 2023
@carlocab
Copy link
Member

carlocab commented Jun 7, 2023

Can you check with upstream about why the checksum changed? This is a potential security issue, so we should verify the change with them before proceeding.

@carlocab carlocab added the CI-no-fail-fast Continue CI tests despite failing GitHub Actions matrix builds. label Jun 7, 2023
@gibfahn gibfahn mentioned this pull request Jun 7, 2023
Closed
@gibfahn
Copy link
Contributor Author

gibfahn commented Jun 7, 2023

Yep, was just filing that (plantuml/plantuml#1447)

@chenrui333 chenrui333 added the upstream issue An upstream issue report is needed label Jun 7, 2023
@chenrui333
Copy link
Member

Since they have made a new release, we can cover this up in the new PR. Thanks for the PR though.

@chenrui333 chenrui333 closed this Jun 14, 2023
@chenrui333
Copy link
Member

@chenrui333
Copy link
Member

#133691

@chenrui333 chenrui333 added the superseded PR was replaced by another PR label Jun 14, 2023
@github-actions github-actions bot added the outdated PR was locked due to age label Jul 15, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 15, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
checksum mismatch SHA-256 doesn't match the download CI-no-fail-fast Continue CI tests despite failing GitHub Actions matrix builds. java Java use is a significant feature of the PR or issue outdated PR was locked due to age superseded PR was replaced by another PR upstream issue An upstream issue report is needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@gibfahn @carlocab @chenrui333