-
Notifications
You must be signed in to change notification settings - Fork 160
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SHA-1's of Maven and GitHub jars don't match #83
Comments
Ubehebe
added a commit
to Ubehebe/grpc-java
that referenced
this issue
Dec 19, 2018
the fundamental issue is that the sha-1 sums for the github and maven jars for re2j are different. (see google/re2j#83 for discussion.) the sha used at grpc-java head corresponds to the github jar, but the target itself refers to the maven jar. the reason no one has noticed is that @com_google_re2j//jar is not actually used as a dependency in any bazel target in this repo. this will change once the services/ directory becomes a bazel package. (the source files in services/ do depend on re2j.)
carl-mastrangelo
pushed a commit
to grpc/grpc-java
that referenced
this issue
Dec 19, 2018
the fundamental issue is that the sha-1 sums for the github and maven jars for re2j are different. (see google/re2j#83 for discussion.) the sha used at grpc-java head corresponds to the github jar, but the target itself refers to the maven jar. the reason no one has noticed is that @com_google_re2j//jar is not actually used as a dependency in any bazel target in this repo. this will change once the services/ directory becomes a bazel package. (the source files in services/ do depend on re2j.)
This is fixed now, sorry for the delay. The github copies of RE2/J 1.2 now match the ones in Maven Central and JCenter. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
After extracting the jars and doing a recursive diff, I get:
Doing a sample decompilation of corresponding class files:
So the GitHub jar has some APIs that the Maven jar doesn't. I also confirmed this via the Maven source jar for 1.2.
Hopefully this is just a hiccup in the release process (I notice the prior release was from 2015). Can someone double-check my work, verify that nothing serious is going on here, and possibly re-publish one or both artifacts? Thanks!
The text was updated successfully, but these errors were encountered: