Today we experienced a failure resolving commons-pool-1.4-sources.jar
from Maven central due to a sha1 error. The sha1sum in the
respository matches what Ivy computed, and also what I manually computed
locally. We're trying to understand what happened.
The only odd thing I find is that the .sha1 file in the repo contains a
bit of additional text. If you look in
http://repo2.maven.org/maven2/commons-pool/commons-pool/1.4/commons-pool-1.4-sources.jar.sha1
it looks like this:
SHA1(commons-pool-1.4-sources.jar)= ad142feebc0d8c7a72b5a79c0a7d8776ce10c90a
Ivy is clearly reading that text from that file:
[ivy:resolve] [FAILED ]
commons-pool#commons-pool;1.4!commons-pool.jar(source): invalid sha1:
expected=sha1(commons-pool-1.4-sources.jar)=
computed=ad142feebc0d8c7a72b5a79c0a7d8776ce10c90a (2049ms)
[ivy:resolve] [FAILED ]
commons-pool#commons-pool;1.4!commons-pool.jar(source): invalid sha1:
expected=sha1(commons-pool-1.4-sources.jar)=
computed=ad142feebc0d8c7a72b5a79c0a7d8776ce10c90a (2049ms)
It seems clear enough that Ivy is choking on the additional metadata
'sha1(commons-pool-1.4-sources.jar)', but why is it just one user that
is having a problem? We have dozens of other developers and CI builds
who are resolving the same jar with no problem.
Thanks,
Carlton
