regcool uses URL without the version

mandiant / VM-Packages

Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.

Apache License 2.0

123 stars 61 forks source link

regcool uses URL without the version #1004

Closed Ana06 closed 1 month ago

Ana06 commented 2 months ago

Details

regcool uses a URL without the version and breaks with updates. See the last daily run.

emtuls commented 2 months ago

For some reason, it seems that when we don't pass in a checksum, chocolately automatically attempts to validate the checksum of the newly downloaded file against the checksum of the previous package stored in the cache in our sources.

Because we don't want to force all packages to ignore checksums, we could add $env:ChocolateyIgnoreChecksums = $true to the top of the code (inside the try-catch) and this will act as if we set --ignore-checksums for the specific package, allowing it to install correctly.

Ana06 commented 1 month ago

After looking into this in more detail, I realized that the issue is that we decreased the package version in https://github.com/mandiant/VM-Packages/pull/980/files#diff-cd5b9fb4bd04587cd2bc3389242f3113457aee36bf55f78267b859a0a3dde504 and didn't delete the higher versions from MyGet. This was causing that we were installing still the older version, for which the hash verification eventually broke. Screenshot from 2024-05-22 12-03-57

I have fixed this issue by deleting the higher versions:

I am now able to install it without issues:

Ana06 commented 1 month ago

@emtuls did you want to add this package to the default config? :thinking: