github.com/google/cadvisor checksum failing

[djaglowski]

Component(s)

No response

Describe the issue you're reporting

We're seeing CI failures which appear to be related to google/cadvisor#3508. The earliest failure on main appears to be after merging #32368, though CI passed on that PR.

Running target 'moddownload' in module 'receiver/azuremonitorreceiver' as part of group 'all'
make --no-print-directory -C receiver/azuremonitorreceiver moddownload
go: downloading github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2
go: downloading github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c
go: downloading github.com/golang-jwt/jwt/v5 v5.2.1
verifying github.com/google/cadvisor@v0.49.1: checksum mismatch
	downloaded: h1:L9S9Pdb/uu1HA2PGmgBG4q/V3s9Ct3VWsLicarHVvfQ=
	go.sum:     h1:9M++63nWvdq6Oci6wUDuAfQNTZpuz1ZObln0Bhs9xN0=

SECURITY ERROR
This download does NOT match an earlier download recorded in go.sum.
The bits may have been replaced on the origin server, or an attacker may
have intercepted the download attempt.

Example

[crobert-1]

I believe this is a duplicate of #32381, we can keep the other as the original and add a reference 👍