Closed lthms closed 3 years ago
Hi! Observing the same issue!
Checksum for 0.14.3 is different between the downloaded archive and opam
file.
> opam info ppx_optcomp.v0.14.3
<><> ppx_optcomp: information on all versions <><><><><><><><><><><><><><><><><>
name ppx_optcomp
all-installed-versions v0.14.1
[...]
all-versions v0.14.3
<><> Version-specific details <><><><><><><><><><><><><><><><><><><><><><><><><>
version v0.14.3
repository tezos
url.src: "https://github.com/janestreet/ppx_optcomp/archive/v0.14.3.tar.gz"
url.checksum:
"md5=2d012df62dd0bc82d2ea4ab25b628992"
homepage: "https://github.com/janestreet/ppx_optcomp"
bug-reports: "https://github.com/janestreet/ppx_optcomp/issues"
dev-repo: "git+https://github.com/janestreet/ppx_optcomp.git"
authors: "Jane Street Group, LLC <opensource@janestreet.com>"
maintainer: "opensource@janestreet.com"
license: "MIT"
depends: "ocaml" {>= "4.08"}
"base" {>= "v0.14" & < "v0.15"}
"stdio" {>= "v0.14" & < "v0.15"}
"dune" {>= "2.0.0"}
"ppxlib" {>= "0.18.0"}
synopsis Optional compilation for OCaml
``
Such tag update happen on a regular base in various ocaml repositories....
Let me cite the git tag
man page:
... No. Find and read it yourself and find the relevant paragraph about such wrongdoing...
This also shows a flaw in opam itself.
It should not use mutable git tags, but rather immutable git revisions to refer to a specific version. There is still git push --force
, which may invalidate a git revision after a while. And I can tell you: such forced pushes happen as well...
Dear
ppx_optcomp
maintainers.If I am not mistaken, you have overwritten the
0.14.3
tag yesterday, which means GitHub created a new archive with different md5 checksum, which then means theopam
file inocaml/opam-repository
is outdated. And indeed, if I download the 0.14.3 archive has not the same checksum as the one mentioned in the opam file in the repository.If I am right, I would advise against overwritten git tags, for these kind of reasons 😅.
Thanks!