Closed SMillerDev closed 7 months ago
burgerrg
commented
1 year ago I retagged the release of Chez Scheme v9.5.8a. I checked that https://github.com/cisco/ChezScheme/archive/v9.5.8a.tar.gz with sha256sum of e333b0e57d2ebcc42d9dbaed47d1964486407027240a5a4a0290f118f9c4ffc4 has not been tampered with. Thanks in advance for submitting a fix for the Homebrew release!
burgerrg
commented
1 year ago P.S. If the homebrew formula used https://github.com/cisco/ChezScheme/releases/download/v9.5.8a/csv9.5.8a.tar.gz, it would install without requiring additional git fetches for the submodules.
gwatt
commented
1 year ago Hey, it looks like the tag v9.5.8a isn't actually part of the cisco ChezScheme repository. If you click on the commit that shows up with that tag, I see:
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
The tag also doesn't show up for me in the git tag listing.
burgerrg
commented
1 year ago Be sure to run git fetch --tags to get the latest tags.
I created a v9.5.8-maintenance branch so that GitHub won't complain about the v9.5.8a commit possibly being outside the repository.
Homebrew has a different hash recorded for the release in https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/chezscheme.rb so I'd like to know if it was a security incident that caused this since the git manual says re-tagging is "the insane thing" to do.