Incorrect sha for dependency "double-conversion"?

[cbi42]

Hi, I encountered the following error in RocksDB CI:

Traceback (most recent call last):
  File "build/fbcode_builder/getdeps.py", line 1275, in <module>
    sys.exit(main())
  File "build/fbcode_builder/getdeps.py", line 1258, in main
    return args.func(args)
  File "build/fbcode_builder/getdeps.py", line 109, in run
    self.run_project_cmd(args, loader, manifest)
  File "build/fbcode_builder/getdeps.py", line 577, in run_project_cmd
    reconfigure, sources_changed = self.compute_source_change_status(
  File "build/fbcode_builder/getdeps.py", line 711, in compute_source_change_status
    change_status = fetcher.update()
  File "/root/project/third-party/folly/build/fbcode_builder/getdeps/fetcher.py", line 790, in update
    self._download()
  File "/root/project/third-party/folly/build/fbcode_builder/getdeps/fetcher.py", line 754, in _download
    self._verify_hash()
  File "/root/project/third-party/folly/build/fbcode_builder/getdeps/fetcher.py", line 740, in _verify_hash
    raise Exception(
Exception: https://github.com/google/double-conversion/archive/v3.1.4.tar.gz: expected sha256 95004b65e43fefc6100f337a25da27bb99b9ef8d4071a36a33b5e83eb1f82021 but got b22bd095b1f74efc4ecd873bdc71a626c78cd57e66c2e9d8a2ac5d52ac81bbbb
make: *** [Makefile:2437: build_folly] Error 1

I'm wondering if the following sha is incorrect: https://github.com/facebook/folly/blob/22b89282c9d3bb56a625b7def37f42e8cdd93dd0/build/fbcode_builder/manifests/double-conversion#L5-L6

The result on my machine also matches the CI result:

curl -L https://github.com/google/double-conversion/archive/refs/tags/v3.1.4.tar.gz | shasum -a 256
b22bd095b1f74efc4ecd873bdc71a626c78cd57e66c2e9d8a2ac5d52ac81bbbb

[anand1976]

I'm also seeing a few other sha256 mismatches reported by build/fbcode_builder/getdeps.py build -

Exception: https://github.com/ninja-build/ninja/archive/v1.10.2.tar.gz: expected sha256 ce35865411f0490368a8fc383f29071de6690cbadc27704734978221f25e2bed but got 6336600d529aaf59769218e17179ad2b8bf98c2ce94f1215950d12c496aebd20

Exception: https://github.com/google/double-conversion/archive/v3.1.4.tar.gz: expected sha256 95004b65e43fefc6100f337a25da27bb99b9ef8d4071a36a33b5e83eb1f82021 but got b22bd095b1f74efc4ecd873bdc71a626c78cd57e66c2e9d8a2ac5d52ac81bbbb

Exception: https://github.com/google/glog/archive/v0.5.0.tar.gz: expected sha256 eede71f28371bf39aa69b45de23b329d37214016e2055269b3b5e7cfd40b59f5 but got 0b68034228e54aabe308534988f324d61abe4250c030ec63452a51c74a0d59af

Exception: https://github.com/lz4/lz4/archive/v1.8.3.tar.gz: expected sha256 33af5936ac06536805f9745e0b6d61da606a1f8b4cc5c04dd3cbaca3b9b4fc43 but got 027d4676741f39d546301b882dbf3e2ce04457ce724c084c41943ad711f906d5

Exception: https://github.com/google/snappy/archive/1.1.7.tar.gz: expected sha256 3dfa02e873ff51a11ee02b9ca391807f0c8ea0529a4924afa645fbf97163f9d4 but got 4f756b9cc1984453e1c3e860cc9e452524b20838a7f647f6de89147d4914612f

[Orvid]

This has been stable and working for at least the last 6 months, if the hash of the archive has changed, then something has changed about the archive, so I would be wary of using those archives until the change in hash can be explained.

[Orvid]

It looks like this was an intentional change on Github's side that is now being reverted:

https://github.blog/changelog/2023-01-30-git-archive-checksums-may-change/

[cbi42]

Thanks @Orvid, tests are passing on our end now.