Around 2024-08-21, the following tag appeared: https://github.com/facebook/rocksdb/releases/tag/v9.5.2
The GitHub release is titled "v9.5.2 - SupplyChainAttackPoC for Meta BB". This might be an an extremely unlucky choice of a release label, a joke, or what it sais it is. The two previous tags claimed in the release notes were not pushed. From the archive pages I see the short commit for this tag changed from d1826fb to a7e70f9. https://web.archive.org/web/20240821151922/https://github.com/facebook/rocksdb/releases/tag/v9.5.2 https://web.archive.org/web/20240822053615/https://github.com/facebook/rocksdb/releases/tag/v9.5.2 Similarly the cached preview images, and possibly the github internal title, seem to changed in the 14 minutes timestamp diff between two social media posts: https://x.com/RocksDB/status/1826276807060173257 https://www.facebook.com/groups/rocksdb.dev/posts/8216045841827191/ The diff points to a fat-fingered release that missed some changes and was quickly corrected. https://github.com/facebook/rocksdb/compare/d1826fb..a7e70f9 Violates at least the principle to never reuse release numbers or make changes to public tags. Let's not do that. The only other thing I saw that the project stopped using the meta git bot not so recently. That's all I know. Andreas
