Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Markupsafe dependency hash doesn't match #26

Open
MelissaAutumn opened this issue Apr 12, 2024 · 0 comments
Open

Markupsafe dependency hash doesn't match #26

MelissaAutumn opened this issue Apr 12, 2024 · 0 comments

Comments

@MelissaAutumn
Copy link
Member

Installing requirements leads to

Collecting markupsafe==1.0 (from -r requirements.txt (line 18))
  Downloading MarkupSafe-1.0.tar.gz (14 kB)
ERROR: THESE PACKAGES DO NOT MATCH THE HASHES FROM THE REQUIREMENTS FILE. If you have updated the package versions, please update the hashes. Otherwise, examine the package contents carefully; someone may have tampered with them.
    markupsafe==1.0 from https://files.pythonhosted.org/packages/4d/de/32d741db316d8fdb7680822dd37001ef7a448255de9699ab4bfcbdf4172b/MarkupSafe-1.0.tar.gz (from -r requirements.txt (line 18)):
        Expected sha256 a4ec1aff59b95a14b45eb2e23761a0179e98319da5a7eb76b56ea8cdc7b871c3
             Got        a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665

Updated hash does indeed match the one on PyPi
https://pypi.org/project/MarkupSafe/1.0/#copy-hash-modal-c08f00c4-fe6b-401f-a4a8-7cbe8b96bca4

Considering thunderbird-website uses markupsafe==2.1.3 we can probably just upgrade this right?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MelissaAutumn