Release archives hash changed #2511
Comments
|
Could it be because we changed the name of the repository last week from
USD to OpenUSD?
On Wed, Jun 28, 2023 at 5:42 AM Michael ***@***.***> wrote:
Description of Issue
We are using VCPKG to install USD and it uses github direct download link
internally, like this one:
https://github.com/PixarAnimationStudios/USD/archive/v23.05.tar.gz
For some reason, the sha512 hash of the downloaded have changed recently.
It was
fd3e7a90f837a5d016d94be34747b2c1daed3f01f252e4b1aa5cb195f32acaecca9373b8f5c7be9c235148f04b0afa47da9462b357ef1dd1e11cf20a7225ae66
before, and became
6669191c3497e244c958949b62a749958ab01e8e1edc7b3476d59c31395e147acf6f4ba7aae069c5ceab7fe2eb321e81e4e5f66beb72814be36e0fec98d3d034
.
This was observed on different computers.
Have you changed anything in the repository configuration that could
explain it? (e.g. inclusion of LFS files in the archive)
—
Reply to this email directly, view it on GitHub
<#2511>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABPOU2BV3WD4LGAKX4PP2G3XNQRE3ANCNFSM6AAAAAAZXCK6T4>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
--
--spiffiPhone
|
|
Probably yes since the root folder is now |
|
OK, so that's a one-time thing, at least. @michaelmigliore , thanks for referencing your vcpkg Issue... can you let us know when that gets executed so we can close this Issue? |
|
Filed as internal issue #USD-8452 |
|
This also hit us with the blender deps builder, officially released tar balls should never change, just to be sure, is this change permanent? That's ok, I just want to be sure we don't start a game of "what's the hash this week?" |
|
Yes, it is permanent and one-time (if indeed the cause is the repository getting renamed). We weren't aware of this potential fallout of renaming a gitHub repo... it might be good if GitHub added mention of it in their docs on renaming repos? |
|
I submitted a PR to fix VCPKG package, but all the previous versions are broken, so it will force VCPKG users to update to |
|
Fixed the issue on our end as well. As for prevention in the future, other projects generally upload an actual tar.gz/zip file for the source, rather than relying on github not to change anything down the road in their automated system. An example of this would be OpenImageDenoise's releases. |
|
Thanks, @michaelmigliore and @LazyDodo ! |
Description of Issue
We are using VCPKG to install USD and it uses github direct download link internally, like this one:
For some reason, the sha512 hash of the downloaded have changed recently. It was
fd3e7a90f837a5d016d94be34747b2c1daed3f01f252e4b1aa5cb195f32acaecca9373b8f5c7be9c235148f04b0afa47da9462b357ef1dd1e11cf20a7225ae66before, and became6669191c3497e244c958949b62a749958ab01e8e1edc7b3476d59c31395e147acf6f4ba7aae069c5ceab7fe2eb321e81e4e5f66beb72814be36e0fec98d3d034.This was observed on different computers.
Have you changed anything in the repository configuration that could explain it? (e.g. inclusion of LFS files in the archive)
The text was updated successfully, but these errors were encountered: