dev-python/cvxopt-1.2.2: download verification failed

[gagern]

>>> Downloading 'https://github.com/cvxopt/cvxopt/archive/1.2.2.tar.gz'
--2018-11-11 20:12:51--  https://github.com/cvxopt/cvxopt/archive/1.2.2.tar.gz
Resolving github.com (github.com)... 192.30.253.112, 192.30.253.113
Connecting to github.com (github.com)|192.30.253.112|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://codeload.github.com/cvxopt/cvxopt/tar.gz/1.2.2 [following]
--2018-11-11 20:12:52--  https://codeload.github.com/cvxopt/cvxopt/tar.gz/1.2.2
Resolving codeload.github.com (codeload.github.com)... 192.30.253.120, 192.30.253.121
Connecting to codeload.github.com (codeload.github.com)|192.30.253.120|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/x-gzip]
Saving to: ‘/usr/portage/distfiles/cvxopt-1.2.2.tar.gz’

/usr/portage/distfi     [    <=>             ]   1,80M  2,15MB/s    in 0,8s    

2018-11-11 20:12:53 (2,15 MB/s) - ‘/usr/portage/distfiles/cvxopt-1.2.2.tar.gz’ saved [1889708]

!!! Fetched file: cvxopt-1.2.2.tar.gz VERIFY FAILED!
!!! Reason: Filesize does not match recorded size
!!! Got:      1889708
!!! Expected: 1889717
Refetching... File renamed to '/usr/portage/distfiles/cvxopt-1.2.2.tar.gz._checksum_failure_.bylsb65w'

Downloading manually the tarball from https://github.com/cvxopt/cvxopt/releases/tag/1.2.2 I too get a file of size 1889708 bytes, with SHA512 checksum

fc4c8cf7f53fe68b043548fbf5ea810fab3f1a6ad0a1539fe425eec054ac01ea9770abd0138da25d4b868360b257abc855242cc49467807e72aba04a36997604

Apparenlty 5d9d3dfde2b756f5b52afb3533e0b6e576afcd22 was based off a different file. If you still have that file around, I would welcome you checking for an actual difference in content.

[kiwifb]

Inspecting now. I'd probably should switch to pypi rather than github anyway.

[kiwifb]

I will fix all that up shortly. Here is the diff

fbissey@moonloop ~/sandbox $ diff -Naur cvxopt-1.2.2-old/ cvxopt-1.2.2/
diff -Naur cvxopt-1.2.2-old/src/python/_version.py cvxopt-1.2.2/src/python/_version.py
--- cvxopt-1.2.2-old/src/python/_version.py     2018-10-19 03:11:40.000000000 +1300
+++ cvxopt-1.2.2/src/python/_version.py 2018-10-19 03:11:40.000000000 +1300
@@ -23,7 +23,7 @@
     # setup.py/versioneer.py will grep for the variable names, so they must
     # each be defined on a line of their own. _version.py will just call
     # get_keywords().
-    git_refnames = " (HEAD -> master, tag: 1.2.2)"
+    git_refnames = " (tag: 1.2.2)"
     git_full = "afc6d959c50965be7f7c322424879dfcb200a649"
     keywords = {"refnames": git_refnames, "full": git_full}
     return keywords

[gagern]

Wow, that was a really quick reply, thanks!

https://github.com/cvxopt/cvxopt/blob/master/src/python/_version.py#L26-L27 suggests they are using keyword substitution. So presumably the content of that string changes whenever the master HEAD moves beyond the release. Hopefully pypi wouldn't have that problem.

[kiwifb]

Fixed by a7874b496faa619a694bfde0ebb8733c93266890

[kiwifb]

I also discovered that the way we were running the tests are outdated compared to upstream. And best of all it needed unlisted dependencies to run. The last issue is valid for the version in the main tree as well. I am making it a revision bump, sorry for the noise if you don't run tests.