Describe the bug
I encountered an issue with Dependabot being unable to resolve dependencies because it encounters a checksum mismatch with gorm-crypto.
updater | 2025/09/22 07:24:22 INFO <job_1054829> Handled error whilst updating golang.org/x/text: dependency_file_not_resolvable {message: "verifying github.com/pkasila/gorm-crypto@v1.0.3: checksum mismatch"}
I believe this mismatch is caused by commit a1976c0 which is not included in https://pkg.go.dev/github.com/pkasila/gorm-crypto@v1.0.3 but is tagged as v1.0.3.
I tried using the latest commit on main, and that resolved the Dependabot issue.
To Reproduce
- create a repo with a go project
- include gorm-crypto@v1.0.3
- set up Dependabot in the repo and run a check
Describe the bug
I encountered an issue with Dependabot being unable to resolve dependencies because it encounters a checksum mismatch with gorm-crypto.
I believe this mismatch is caused by commit a1976c0 which is not included in https://pkg.go.dev/github.com/pkasila/gorm-crypto@v1.0.3 but is tagged as v1.0.3.
I tried using the latest commit on main, and that resolved the Dependabot issue.
To Reproduce