Download jira-cli failure due to checksum mismatch. #876
Description
Describe the bug
The module checksum for v1.6.0 in this repository does not match the checksum recorded in Go's checksum database. This might indicate that the module has been retagged or the source code has been modified after the initial release.
When trying to download the module directly from github, the following error occurs:
$ GOPROXY=direct go get github.com/ankitpokhrel/[email protected]
go: downloading github.com/ankitpokhrel/jira-cli v1.6.0
go: github.com/ankitpokhrel/[email protected]: verifying module: checksum mismatch
downloaded: h1:wkLZuB4Z+W9hNhuEvcP1a7wcqihwE8Np7JhiHKbExkI=
sum.golang.org: h1:PYgRDzpVd1xq2wQQloU0p1kR6j6FeErK3SYlgLt24RU=
SECURITY ERROR
This download does NOT match the one reported by the checksum server.
The bits may have been replaced on the origin server, or an attacker may
have intercepted the download attempt.
For more information, see 'go help module-auth'.
Possible causes
- The tag was deleted and recreated pointing to different commits
- Source code was modified after the tag was created
- Repository was force-pushed affecting the tagged commit
Expected behavior
The module should download successfully without checksum verification errors.
Proposed solution
- If legitimate, release a new version to resolve the issue
- Avoid retagging existing versions to maintain checksum integrity