Closed t-richards closed 7 years ago
Just had the exact same problem occur and same error message, was fine yesterday.
I'm getting the same issue here too, tried the workaround but doesn't seem to work
@pathawks think this was your release... any idea what's up?
No idea. I can try to cut a new Gem tonight and try again :shrug:
That'd be great, @pathawks. Getting this too.
I just pushed up v1.1.1 which has the SHA256 checksum e2dacd4bb0a4decbc7d20c9ee700b6bfa642fd219354177b3afbce4f2674e83a both online and when downloaded.
Thanks @parkr
👋 Hey there,
v1.1.0 should work again too.
The root cause for this is a bug in RubyGems.org combined with the way you have Travis publishing the gems. Each job in the Travis build will attempt to push the same gem and when they finish at the same time there's a race condition where one gem file is saved and the sha from the other one is saved. Full details are in that issue.
This is totally our fault but you can prevent this from happening again by only trying to publish the gem from one of the Travis jobs. (You can add a condition like this).
And just to be clear this was not a security issue and the gem was not tampered with. I've gone back and fixed v1.1.0 so the SHA matches and users won't see the warning anymore.
@dwradcliffe Thank you so much for looking into that for us! I think having a dedicated Travis build for pushing gems would make sense to avoid this race. @pathawks, would you be able to tackle that work? Thank you again! ❤️
This issue has been automatically marked as stale because it has not been commented on for at least two months.
The resources of the Jekyll team are limited, and so we are asking for your help.
If this is a bug and you can still reproduce this error on the master
branch, please reply with all of the information you have about it in order to keep the issue open.
If this is a feature request, please consider whether it can be accomplished in another way. If it cannot, please elaborate on why it is core to this project and why you feel more than 80% of users would find this beneficial.
This issue will automatically be closed in two months if no further activity occurs. Thank you for all your contributions.
would you be able to tackle that work?
If I can find some time, I would very much like to fix this :+1:
:ok_hand: thanks!
I'm trying to install v1.1.0 via Bundler. This is my
Gemfile
:When running
$ bundle install
, Bundler produces a long scary error message in red and prevents me from installing the gem:I have tried removing the cached
.gem
file and uninstalling all versions, but this does not solve the problem.Installing directly via
gem
is successful, however.