From this site: Index of /Distribution/sonar-scanner-cli
Downloaded: sonar-scanner-cli-4.6.2.2472-linux.zip
Also downloaded: sonar-scanner-cli-4.6.2.2472-linux.zip.md5
Also downloaded: sonar-scanner-cli-4.6.2.2472-linux.zip.sha256
Neither checksum matches the linux.zip download. Tried the same steps with the Windows zip file, just as a test, and those do not match either.
Used both the Win10 ‘Powershell’ method and the Win10 ‘certutil’ method to generate checksums on the downloaded sonar-scanner-cli ZIP files… which we use on all downloads. This is a rare time when the values do not match.
This is quite odd. I (we) download 10-12 items per week, same process, same web-browsers, same everything… and in 13 years never had a mis-match with any product. Here, nothing matches, yet your process for testing shows all is OK.
I have tired 3 difference web-browsers, on different days, from different workstations… all my results are the same, and all are mismatches.
Note that we are air-gapped, and we are downloading the ‘scanner-cli’ (for Linux) ZIP file to Internet-connected Win10 systems… verifying the checksum there… before then burning the SQ product to media to get them to the production (Linux) networks.
The reason for the mismatch on the checksum values (regardless of which checksum value was used) was:
The web-browser used to download the “sonar-scanner-cli” ZIP file… MATTERED!
Chrome: good download (Download size: 42,090 KB)
FireFox: bad download (Download size: 42,110 KB)
Edge: bad download (Download size: 42,110 KB)
There was a small size difference for all ZIP file downloads done with FFox or Edge as compared to the download via Chrome.
Oddly, the ZIP file itself was the only item that had a different sized download based on the browser used. The checksum files themselves (albeit simple text files) are all the same regardless of the browser used.
Edge and FFox produced identical results in their download of the ZIP file (and identical checksum values). But Chrome’s download differed and matched the staged MD5 and SHA256 checksum files.
I am happy to hear, that you solved the issue.
On a linux machine I cannot confirm the issue in any of the listed browsers. It seems to be a specific issue within your setup.