Closed maxacarvalho closed 2 years ago
pxpm
commented
2 years ago hey @maxacarvalho do you have repositories in your composer.json ?
If you do have the repositories, do you have a properly setup auth.json either in the root of your project or as a composer global config ?
If all of the above is true, it may be a temporary issue, I've just installed PRO 1 hour ago in a fresh project.
Let me know if I can help you with something more.
Cheers
tabacitu
commented
2 years ago @maxacarvalho , we just changed repo servers yesterday - pretty sure that caused it, the checksums might have changed. I'll take a look right now. Until then, you should be able to fix it with:
composer clearcache
composer update backpack/proThank you for understanding 🙏
maxacarvalho
commented
2 years ago Hi @tabacitu the proposed solution won't work.
Our deployment process runs composer install --no-interaction --prefer-dist --no-progress --no-scripts --no-autoloader, and we get an error every time it tries to install the backpack package:
#10 1.978 Failed to download backpack/pro from dist: The checksum verification of the file failed (downloaded from https://repo.backpackforlaravel.com/dist/backpack/pro/backpack-pro-f921b5ab5c76af1d8869b0d87a21d82ea57210bd-zip-b449a2.zip)
#10 1.978 Now trying to download from source
#10 1.979 - Syncing backpack/pro (1.2.5) into cache
#10 6.199
#10 6.204 In Git.php line 471:
#10 6.204
#10 6.204 Failed to execute git clone --mirror -- 'https://ghp...Oti:x-oauth-basic@gi
#10 6.204 thub.com/Laravel-Backpack/PRO.git' '/root/.composer/cache/vcs/git-github.co
#10 6.204 m-Laravel-Backpack-PRO.git/'
#10 6.204
#10 6.204 Cloning into bare repository '/root/.composer/cache/vcs/git-github.com-Lara
#10 6.204 vel-Backpack-PRO.git'...
#10 6.204 remote: Repository not found.
#10 6.204 fatal: repository 'https://github.com/Laravel-Backpack/PRO.git/' not found
#10 6.204
#10 6.204I can confirm that the auth.json contains the correct values. Our pipeline is broken because of the issue, all deployments are failing.
tabacitu
commented
2 years ago Thank you for your patience, and the details @maxacarvalho 🙏
How about composer update mirrors?
maxacarvalho
commented
2 years ago Hi @tabacitu we are going to give that a try but I don't believe it's going to solve the problem. Our pipeline builds fresh docker images per deploy, we don't have any cached composer during the build process.
tabacitu
commented
2 years ago I've disabled the checksum on our end. My hope is that your next composer install will work normally. Please let me know.
If that doesn't work, please try composer update mirrors then composer install.
In the meantime, I'm working on a way to reproduce the error in my system, so I don't bug you with so many shots in the dark 🙏
Thanks again for reporting this!
tabacitu
commented
2 years ago Update: we've fixed it on our end 🎉
@maxacarvalho the old checksums are back, so you should be able to do composer install and not get the error. Very sorry for having caused this. I'm at fault here. I didn't know if you move Satis on a different server, it will re-generate all archives with different hashes and checksums. Lesson learnt! 😔 Please confirm everything's ok for you now. And again, thank you for your time and patience 🙏
The downside of fixing the problem for @maxacarvalho 's (and thousands of others):
The checksums from yesterday and today have been invalidated. So if you've installed any paid Backpack repo yesterday or today, you might get The checksum verification of the file failed. Please do composer update, that should fix it for you.
maxacarvalho
commented
2 years ago @tabacitu just to understand this better, I should run composer update backpack/pro before attempting a deploy?
I'm asking because we don't run composer update during deployments, I don't think anyone should do that.
Also, that "fix" forces anyone using a non-updated version of the package to update it to the latest version, which is pretty concerning, what if the application needs to run with a specific version that's older than the latest one? This is not our case but I think you get what I mean.
tabacitu
commented
2 years ago Good point. For you @maxacarvalho , who has the old checksum, NOTHING is needed, composer install should work just as it did before. Your deployment should now work again, with zero changes. Can you please try again?
maxacarvalho
commented
2 years ago Hi @tabacitu I can confirm that out deployment jobs are back now, thanks!
tabacitu
commented
2 years ago Pfiew! Thank you and sorry again for the mishap 🙏
tabacitu
commented
2 years ago TLDR (summary):
Are you getting The checksum verification of the file failed when trying to install Backpack's PRO, DevTools or EditableColumns packages? If you've first installed/updated them on 11th/12th of September, you have the wrong checksums, because of a server migration on our end. Please run a composer update --lock or composer update. This will update your composer.lock file with the correct checksums, and it will work afterwards.
If you're still having problems after that, please reply here and let us know. Thank you for understanding and sorry for the trouble 🙏
Bug report
Ran
composer installWhat I expected to happen
Package Backpack PRO to be installed properly
What happened