search

vericast / conda-mirror

Mirror upstream conda channels
BSD 3-Clause "New" or "Revised" License
72 stars 60 forks source link

Issues with sha256 checksums #88

Open MWigger opened 5 years ago

MWigger commented 5 years ago

Hello, since a few days we have an issue that the sha256 checksums are not currectly written into the repodata.json This results in the following message on client side:


CondaMultiError: ChecksumMismatchError: Conda detected a mismatch between the expected content and downloaded content
for url 'http://internal-mirror/conda/anaconda/linux-64/pyqt-5.9.2-py27h05f1152_2.tar.bz2'.
  download saved to:[...] pyqt-5.9.2-py27h05f1152_2.tar.bz2
  expected sha256: 9aa0fa86d8331b06286f0da0b1bef3d32780d65a69c29433a434b46abdb84e13
  actual sha256: 999239e84ec2163de3094909cd4c05dd18fa28182a03bead3f5f3c4e9f853f58

(happened with several packages) From what we see the download is correct and the upstream repodata.json includes the correct sha256 checksum. also the md5sum is correct. we updated now from 0.7.2. to 0.8.0, but the issue remains

dcendents commented 5 years ago

We have the same problem.

pandas-profiling-1.4.1-py36_0.tar.bz2 sha256 is d882cccd4861fd6b5deca8b25ffafe94a050860045d536e48d181c8d3735b3c9

in repodata.json in the conda-mirror, the value is set to: 7afe3715c7b3dbfe43428630eea5de3e49d0279efff68ecd44404c1751d1d234

This is in a brand new mirror. I can't understand where that value comes from...

dcendents commented 5 years ago

I've found a workaround, by using the full URL, the sha256 field is ok. I really don't understand why, but it works.

This will mirror the anaconda repo and the sha256 values will be wrong in repodata.json: conda-mirror --upstream-channel anaconda ...

The following command will work: conda-mirror --upstream-channel https://conda.anaconda.org/anaconda ...