PGP signature verification failed! #731

0-x-2-2 · 2023-09-01T15:57:56Z

One artifact failed verification: gradle-git-version-3.0.0.pom (com.palantir.gradle.gitversion:gradle-git-version:3.0.0) from repository gradle
This can indicate that a dependency has been compromised. Please carefully verify the signatures and checksums.

The artifact was signed with key bf3a87d91b70be32cad64a2645d0caa6d26b0f7d (Open Source <[email protected]>) but the signature didn't match

<component group="com.palantir.gradle.gitversion" name="gradle-git-version" version="3.0.0">
         <artifact name="gradle-git-version-3.0.0.jar">
            <pgp value="bf3a87d91b70be32cad64a2645d0caa6d26b0f7d"/>
            <sha256 value="3ed9e1d890829703c18737e6619d0544fb5f9a3c4147c24c29228af42177556f" origin="Generated by Gradle"/>
         </artifact>
         <artifact name="gradle-git-version-3.0.0.pom">
            <sha256 value="55b54781af0fb1a362b1745b73e673c0e520e3b1d43d203f3bcc03cc0d1774a6" origin="Generated by Gradle" reason="PGP signature verification failed!"/>
         </artifact>
      </component>

The text was updated successfully, but these errors were encountered:

0-x-2-2 · 2023-09-28T04:59:15Z

Bump, if anyone knows a contact email for someone who can actually fix the issue with invalid signatures on maven metadata in releases that would be nice.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

PGP signature verification failed! #731

PGP signature verification failed! #731

0-x-2-2 commented Sep 1, 2023

0-x-2-2 commented Sep 28, 2023 •

edited

Loading

PGP signature verification failed! #731

PGP signature verification failed! #731

Comments

0-x-2-2 commented Sep 1, 2023

0-x-2-2 commented Sep 28, 2023 • edited Loading

0-x-2-2 commented Sep 28, 2023 •

edited

Loading