Detected a change in checksum for 0.1.0 on Jan 30 2023

Question

Detected a change in checksum for 0.1.0 on Jan 30 2023

plaird opened this issue 2 years ago · 1 comments

This seems to be a false alarm, but posting here to note that we are still looking into an issue as a user (not a committer).

This artifact:
https://github.com/ob/rules_kubebuilder/archive/refs/tags/v0.1.0.tar.gz

Our builds started failing as of this morning because the SHA256 checksum is now:
087af23f803ba41b6654f71e776cf8374f646eb3f711c51b226ead4492ab54f2

whereas previously it was:
50ce5afefd208f265701bf9b682a894f39c0824243fa5ca7668799ff477d6a65

It seems like the old/new artifacts are the same inside. There is a previous incident of GitHub artifacts checksums changing due to an OS upgrade.

Anyone else seeing this, can validate our findings that the artifacts are still the same?

Answer 1 · 2023-01-31T00:14:41.000Z

This is a widespread problem for build systems that enforce checksums (like Bazel) - GitHub has apparently broken all sorts of projects. This was just the first for us.