checksum mismatch on "go get github.com/VictoriaMetrics/fastcache@v1.13.0" with goproxy.io proxy #232
Description
Why did I encounter the following error when using "export GOPROXY=https://goproxy.io,direct"
root@1729051cdfab:/go# # Set the GOPROXY environment variable
export GOPROXY=https://goproxy.io,direct
# Set environment variable allow bypassing the proxy for specified repos (optional)
export GOPRIVATE=git.mycompany.com,github.com/my/private
root@1729051cdfab:/go#
root@1729051cdfab:~/aa# go mod init aaa
go: creating new go.mod: module aaa
root@1729051cdfab:~/aa# go get github.com/VictoriaMetrics/fastcache@v1.13.0
go: downloading github.com/VictoriaMetrics/fastcache v1.13.0
**go: github.com/VictoriaMetrics/fastcache@v1.13.0: verifying module: checksum mismatch
downloaded: h1:yd0yRtcfGrRIwOCg/YrA399k42v0nRJyvWBcz0pZQ5E=
sum.golang.org: h1:AW4mheMR5Vd9FkAPUv+NH6Nhw+fmbTMGMsNAoA/+4G0=
SECURITY ERROR
This download does NOT match the one reported by the checksum server.
The bits may have been replaced on the origin server, or an attacker may
have intercepted the download attempt.**
but did not encounter it when not setting goproxy.io instead of default setting.
root@f8448cfef94c:/go# go get github.com/VictoriaMetrics/fastcache@v1.13.0
go: warning: ignoring go.mod in $GOPATH /go
go: downloading github.com/VictoriaMetrics/fastcache v1.13.0
go: downloading golang.org/x/sys v0.34.0
go: downloading github.com/golang/snappy v1.0.0
go: downloading github.com/cespare/xxhash/v2 v2.3.0
go: added github.com/VictoriaMetrics/fastcache v1.13.0
go: added github.com/cespare/xxhash/v2 v2.3.0
go: added github.com/golang/snappy v1.0.0
go: added golang.org/x/sys v0.34.0
root@f8448cfef94c:/go#