arrow: Update to 23.0.1#27945
Conversation
…hashing instead of not official GitHub URL
| "${MINGW_PACKAGE_PREFIX}-pkgconf") | ||
| options=('staticlibs' 'strip' 'emptydirs') | ||
| source=("https://github.com/apache/arrow-adbc/archive/refs/tags/apache-arrow-adbc-${pkgver}.tar.gz" | ||
| source=("https://www.apache.org/dyn/closer.lua?action=download&filename=arrow/apache-arrow-adbc-${pkgver}/apache-arrow-adbc-${pkgver}.tar.gz" |
There was a problem hiding this comment.
This should use the official download URL recommended by ASF not the GitHub one. This is the same type of URL used on Arrow. See more details here:
apache/arrow-adbc#3947
| "https://www.apache.org/dyn/closer.lua?action=download&filename=arrow/apache-arrow-adbc-${pkgver}/apache-arrow-adbc-${pkgver}.tar.gz.asc" | ||
| "0001-Update-gir-version-with-pkgconfig.patch") | ||
| sha256sums=('55e4129a76ead89a868fa9267e8be2ec7fcb7c41ac44a55e70c2d3591fa0b227' | ||
| sha256sums=('48b19d70a734e789da99e3c53ebad57389c914b85fdc9c509188e5f50896b07c' |
There was a problem hiding this comment.
I've had to update the sha256sum. It seems to be related to the issue that was raised on the Arrow mailing list about ADBC's GitHub sha having changed and being different than the official one. For more details on the issue see this thread:
https://lists.apache.org/thread/3z30djzt18fogozj1klotxgqmnx12v18
I've downloaded form https://www.apache.org/dyn/closer.lua which should be the download URL used with stable checksum instead of GitHub and I've validated this is the correct one. Pinging other ARROW PMC members FYI: @lidavidm @amoeba
|
Weird, I've added the signature check for ADBC and it is rejecting @lidavidm signature: I've validated this is the signature on the KEYS file (https://dlcdn.apache.org/arrow/KEYS): Maybe I should remove the addition of the Key is valid here: |
|
Afaict, you'd need to add a line like the following in the Preferably just above the |
|
Thanks @mmuetzel I've learnt something new :) |
|
thanks |
3 participants
No description provided.