Hi, Mark H Weaver skribis: > Starting download of /gnu/store/6lpmknzjk6rwp5xq3pk0b5akd4h3b1jm-uncrustify-0.68.1.zip > From https://github.com/uncrustify/uncrustify/archive/uncrustify-0.68.1.zip... > following redirection to `https://codeload.github.com/uncrustify/uncrustify/zip/uncrustify-0.68.1'... > downloading from https://github.com/uncrustify/uncrustify/archive/uncrustify-0.68.1.zip... > uncrustify-0.68.1.zip 1.0MiB/s 00:02 | 2.3MiB transferred > sha256 hash mismatch for /gnu/store/6lpmknzjk6rwp5xq3pk0b5akd4h3b1jm-uncrustify-0.68.1.zip: > expected hash: 1jb3hmm11m2mgnypapak2lgyyvspnmx9bxd9dxis5swaja2ddxlg > actual hash: 0yamvqhflvzpvvqwc2qilqdsa3hcbmnb6pf9wzggphhywviksc7w > hash mismatch for store item '/gnu/store/6lpmknzjk6rwp5xq3pk0b5akd4h3b1jm-uncrustify-0.68.1.zip' The previous file is at . The diff between the two archives is substantial (attached). I guess upstream modified the Git tag, which in turn led to a new zip file. It would be nice to report it upstream. Note that we’d be in the same situation if we were using ‘git-fetch’ here. The problem really has to do with the mutability of tags: https://issues.guix.info/issue/33432#3 Ludo’.