https://bugzilla.redhat.com/show_bug.cgi?id=1359412
--- Comment #15 from Kamil Dudka <[email protected]> --- (In reply to David Kaspar [Dee'Kej] from comment #13) > Okay, so for some reason the SHA256 hashes still don't match for the package > I have downloaded and the package fedore-review has downloaded. > > However, doing manual check on both of these sources, I get the same result: > 271ea0d473fbbbbc921db65cbc38e74e3bde42a095a38dbac0207e199dfda705 > gawkextlib-1.0.2.tar.gz > > This looks like some issue of fedora-review package. It can be caused by the fact that the source URL points to a multi-level redirection to the actual URL containing the data: $ curl -svo/dev/null http://sourceforge.net/projects/gawkextlib/files/gawkextlib-1.0.2.tar.gz -L 2>&1 | grep Location < Location: https://sourceforge.net/projects/gawkextlib/files/gawkextlib-1.0.2.tar.gz < Location: https://sourceforge.net/projects/gawkextlib/files/gawkextlib-1.0.2.tar.gz/download < Location: https://downloads.sourceforge.net/project/gawkextlib/gawkextlib-1.0.2.tar.gz?r=&ts=1495634539&use_mirror=master < Location: https://master.dl.sourceforge.net/project/gawkextlib/gawkextlib-1.0.2.tar.gz I am not sure if fedora-review follows these redirects while checking hashes. Anyway, it is a good practice to use https:// source URL where possible. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- [email protected] To unsubscribe send an email to [email protected]
