brew install --build-from-source unison fails with hash mismatch #35795
Comments
I'm not super-sure why we're using such an old version, to be honest. The current stable version is 2.48.3, which MacPorts is shipping. Draw up a PR to fix this, if you like. But indeed, the upstream SHA seems to have changed. Can replicate that locally. Hopefully it's just a stealth update rather than anything else, although it may be worth checking upstream. |
2.48 was promoted from a dev branch to a stable branch sometime in the last few weeks. I've applied to join their -users mailing list to ask what's up. |
2.48.x was pulled. |
This issue is not resolved yet? brew install --build-from-source unison |
It was. The upstream checksum has actually changed here. Someone needs to report it to them and make sure nobody's changed things nefariously. |
Issue persists. Upstream mailing lists require membership, and are pretty dead regardless. Not sure quite where to push the SHA failure at this point. |
Any update on this? |
@LotusWeb No. Please contact Unison and see if they were hacked or if they changed this package on purpose. |
This is the answer from group: |
Should be safe to tee up a PR to change the old SHA1 to the new SHA256 then, if you like. |
I posted a request for the expected SHA1 hash of unison-2.48.3.tar.gz to the unison-hackers list. Presumably my message will appear at http://lists.seas.upenn.edu/pipermail/unison-hackers/2015-June/thread.html when that index gets updated. |
Just to close the loop, the Unison maintainers confirmed the SHA256 hash at http://lists.seas.upenn.edu/pipermail/unison-hackers/2015-June/001835.html |
If I change the formula to use 5165a1c61a4f323ed0639e8fb891cfa86eb1d463 then I get a different error:
Luckily I had the old tar.gz with bf18f64fa30bd04234e864d42190294e0d9a2910 on another system so I am using that for now
The text was updated successfully, but these errors were encountered: