Problem
The sign-macos job in .github/workflows/release.yml uses the same flag-based awk script for patching Homebrew cask checksums that was found to be broken in Dewey (dewey#67).
The awk script assumes url appears before sha256 in GoReleaser-generated cask sections. If GoReleaser's floating version resolves to a version that produces sha256-before-url, checksums will be silently placed on the wrong platform lines.
Recommendation
Replace the flag-based awk approach with the order-agnostic extraction + sed replacement pattern implemented in Dewey. See the Dewey fix for the exact approach.
Problem
The
sign-macosjob in.github/workflows/release.ymluses the same flag-based awk script for patching Homebrew cask checksums that was found to be broken in Dewey (dewey#67).The awk script assumes
urlappears beforesha256in GoReleaser-generated cask sections. If GoReleaser's floating version resolves to a version that producessha256-before-url, checksums will be silently placed on the wrong platform lines.Recommendation
Replace the flag-based awk approach with the order-agnostic extraction +
sedreplacement pattern implemented in Dewey. See the Dewey fix for the exact approach.