FlorianIragne
commented
5 months ago ok, this isn't an issue neither with pipenv nor pendulum, just my local pypi mirror that has an issue. Sorry for the noise
Closed FlorianIragne closed 5 months ago
FlorianIragne
commented
5 months ago ok, this isn't an issue neither with pipenv nor pendulum, just my local pypi mirror that has an issue. Sorry for the noise
Hi,
trying to install pendulum using pipenv for a new venv, i got the following error:
[pipenv.exceptions.InstallError]: ERROR: THESE PACKAGES DO NOT MATCH THE HASHES FROM THE REQUIREMENTS FILE. If you have updated the package versions, please update the hashes. Otherwise, examine the package contents carefully; someone may have tampered with them. [pipenv.exceptions.InstallError]: pendulum==3.0.0 from https://files.pythonhosted.org/packages/84/3a/5e36479e199a034adcf6a1a95c691f0a2781ea55b9ac3bcb887e2f97d82b/pendulum-3.0.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (from -r /tmp/pipenv-b5ue2v6u-requirements/pipenv-_e2fme7m-hashed-reqs.txt (line 29)): [pipenv.exceptions.InstallError]: Expected sha256 03080a6b7f1b500b4b966d0f107f19e12386fbd8df477ed2aca9f2c1ea0f0a71 [pipenv.exceptions.InstallError]: Expected or 075de865e31876d39831f5ce224849b4ced217b0368d58ab1a155622494031b8 [pipenv.exceptions.InstallError]: Expected or 0814e93270e5370ee2b5342ce4e91c4162d06b122de81fac88f92e5d8504f9e5 [pipenv.exceptions.InstallError]: Expected or 0876f05544a08a73df5c68d6adfe86b080bac91ba95c5c65396fb92b6d3b8deaI've installed it quite a lot of times through pipenv without issues these past weeks and months, so i'm a bit puzzled by this warning. The wheel used with this install seems exactly the same as the one available on this github. So, Is it a security/hack issue ?
Thanks