You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi. I am a maintainer of the Homebrew package manager.
We noticed that the checksum of the 0.3.1 release has changed from (sha256): 8d880bdd2a4f0c6817c71d5da4e22c5ba5dafa2cec712101950fce530f20ea12 to 72b86f11f0674e88c01753e262947425e8ff4396aacfe03ddb7d3bf17b89e8dd
This is a major security issue as upstream release checksums are not supposed to change. Did you retag the release (which is something that should never been done, see https://git-scm.com/docs/git-tag#_discussion). Or did someone gain access to your repo?
Hi. I am a maintainer of the Homebrew package manager.
We noticed that the checksum of the 0.3.1 release has changed from (sha256): 8d880bdd2a4f0c6817c71d5da4e22c5ba5dafa2cec712101950fce530f20ea12 to 72b86f11f0674e88c01753e262947425e8ff4396aacfe03ddb7d3bf17b89e8dd
This is a major security issue as upstream release checksums are not supposed to change. Did you retag the release (which is something that should never been done, see https://git-scm.com/docs/git-tag#_discussion). Or did someone gain access to your repo?
See Homebrew/homebrew-core#95105 for the issue on our side.
The text was updated successfully, but these errors were encountered: