Checking wrong checksum "invalid registry source archive checksum" #8981
Description
Is it reproducible with SwiftPM command-line tools: swift build, swift test, swift package etc?
- Confirmed reproduction steps with SwiftPM CLI. The description text must include reproduction steps with either of command-line SwiftPM commands,
swift build,swift test,swift packageetc.
Description
Hi!
We are use selfhosted swiftPm registry
For at least 2 major xcode versions, sometimes catch a bug with wrong check sum validation ( but not every time )
Additional info:
we have specific version for package like
1.0.5-foobar0.21.1-foobar0.8.1-foobar327.0.2 - semver valid format
It seems the swiftPm rewrite new package version fingerprint file with old checksum.
Expected behavior
Assumed the checksum
Actual behavior
Have error
Steps to reproduce
- Have a specific (with
exactdeclaration in manifest ) package version with checksum 8a47d50c7e1c26224bd871be7b28136dd07fb6bed6db9410c88bf219632082cf ( as example ) - up version to next
- Catch exception like
invalid registry source archive checksum '8a47d50c7e1c26224bd871be7b28136dd07fb6bed6db9410c88bf219632082cf', expected 'aa4b63025c7c87a9fea2d0924737123d9ba8b13e2b9569b4b8dc2f86f85cd35b'"
Swift Package Manager version/commit hash
Swift Package Manager - Swift 6.0.3
Swift & OS version (output of swift --version ; uname -a)
swift-driver version: 1.115.1 Apple Swift version 6.0.3 (swiftlang-6.0.3.1.10 clang-1600.0.30.1)
Target: arm64-apple-macosx15.0
Darwin vyachkuzn-OSX 24.5.0 Darwin Kernel Version 24.5.0: Tue Apr 22 19:54:29 PDT 2025; root:xnu-11417.121.6~2/RELEASE_ARM64_T6030 arm64