fix(deps): bump sqlite3 3.3.0 → 3.3.1 (libsqlite3mc hash mismatch)#572
Closed
TaprootFreak wants to merge 1 commit into
Closed
fix(deps): bump sqlite3 3.3.0 → 3.3.1 (libsqlite3mc hash mismatch)#572TaprootFreak wants to merge 1 commit into
TaprootFreak wants to merge 1 commit into
Conversation
The android-deploy step on develop (run 26394143332) failed during `flutter build appbundle --release` with: Bad state: Hash of downloaded file libsqlite3mc.arm.android.so is ec426ba2…a4a708, expected 92ec0a14…ae9c7d1b. sqlite3 3.3.1 bumps the bundled SQLite3 Multiple Ciphers binary to 2.3.3 and re-pins the matching hashes. The 3.3.0 hashes no longer match what the upstream CDN serves, so every release build aborted with the mismatch above. Diff is exactly two lines: pubspec.yaml constraint + the resolved sqlite3 entry in pubspec.lock.
Contributor
Author
|
Obsolet: Der vermeintliche sqlite3-Hash-Mismatch war ein transienter Network-Glitch beim binary-download auf dem GH-Actions Ubuntu-Runner, kein echter Versionsfehler. Bewiesen durch erfolgreichen Re-run von run 26394143332 ohne jede Code-Änderung. sqlite3 3.3.0 bleibt korrekt — beide Hashes (3.3.0 und 3.3.1) matchen ihre GitHub-Release-Assets exakt; das fehlerhafte 'ec426ba2…' aus dem ersten Lauf war Truncation/Partial-Download (Dart's HttpClient prüft kein Content-Length gegen received bytes). |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The
Releaseworkflow'sandroid-deployjob has been failing since develop@42f4cc2 (run 26394143332):The previous release on develop@eaac473 still passed with the same
sqlite3 3.3.0pin — the failure was triggered by an upstream binary update on the SQLite3 Multiple Ciphers CDN, not by anything in the #541 stack. The 3.3.0 package has a hardcoded SHA-256 for the downloadedlibsqlite3mc.*.soartifacts; once the served binary changed, every fresh build aborts at the hash check.Fix
sqlite3 3.3.1(released 2026-04) bumps the bundled SQLite3 Multiple Ciphers binary to 2.3.3 and re-pins the matching hashes (changelog). Bumping the constraint + re-resolvingpubspec.lockrealigns our build with what the CDN now serves.Diff
Exactly 2 files, 3 lines each:
pubspec.yaml:sqlite3: ^3.3.0→^3.3.1pubspec.lock: regenerated sqlite3 entry (version + sha256)No other dependency moved (verified with
flutter pub geton dfx01, no transitive churn).Test plan
RealUnit Buildwhich exercisesflutter pub getand analyze)Releaserun on develop succeeds atandroid-deploy