How to handle a Swift Package's dependent artifact checksum?

Question

Using Xcode 12 beta and swift-tools-version 5.3, you can link to a framework, like this:

        .binaryTarget(
            name: "Stripe",
            url: "https://github.com/stripe/stripe-ios/releases/download/v19.3.0/Stripe.xcframework.zip",
            checksum: "fe459dd443beee5140018388fd6933e09b8787d5b473ec9c2234d75ff0d968bd"
        )

But when I needed to update the checksum (I had it wrong) I get

: artifact of binary target 'Stripe' has changed checksum; this is a potential security risk so the new artifact won't be downloaded

How can I reset this, or override it when I need to change the checksum?

Sorry, maybe i didn't understand. The checksum is only declared in the library, and updated whenever a new artifact is generated. So every new binary will have its own checksum stated on library's side, Package.swift. You should be able to update this checksum on Library's side. — khose, Jul 20 '20 at 15:19
I had to remove items related to "bitbucket.org" from macOS Keychain in order to eliminate checksum error. See details in my comment: https://github.com/facebook/facebook-ios-sdk/issues/2059#issuecomment-1144019427 — Vlad, Jun 01 '22 at 19:09

score 15 · Answer 1 · answered Sep 25 '20 at 19:05

15

In order to get rid of the error, you need to purge Xcode's local package caches.

In Xcode's File menu, select 'Swift Packages' and then 'Reset Package Caches'

answered Sep 25 '20 at 19:05

Morten Bek Ditlevsen

558
1
5
7

How to handle a Swift Package's dependent artifact checksum?

1 Answers1

Linked