This indicates that a dependency was verified, that the signature matched, but that you don't trust this signature.
If you trust the author of the signature, you need to add the key to the trusted keys.
See the documentation to get more information.
This indicates that a dependency was signed but that the signature verification failed.
This happens when a dependency was compromised or that the signature was made for a different artifact than the one you got.
It's important that you carefully review this problem.
See the documentation to get more information.
This indicates that a dependency was signed with an ignored key.
You must provide at least one checksum so that verification can pass.
See the documentation to get more information.
This indicates that a dependency was signed but that Gradle couldn't download the public key to verify the signature.
You should check if the key is valid, and if so, provide a key server where to download it.
See the documentation to get more information.
This indicates that the dependency verification file doesn't contain at least one checksum for this artifact.
You must provide at least one checksum for artifact verification to pass.
See the documentation to get more information.
This indicates that the dependency verification file failed because the actual checksum of the dependency artifact didn't match the expected checksum declared in the verification metadata.
This happens when a dependency was compromised or that downloaded artifact isn't the one that you expected.
It's important that you carefully review this problem.
See the documentation to get more information.
This error usually indicated that the local dependency cache was tampered with.
This happens when someone manually deletes an artifact from the Gradle dependency cache, which is now corrupt.
See the documentation to get more information.
The signature file for this artifact wasn't found.
Usually it indicates that the signature doesn't exist in the repository the artifact was downloaded from.
In general this is not a problem but you should then declare at least one checksum for verification to pass.
See the documentation to get more information.
Please review the errors reported above carefully. Click on the icons near to the error descriptions for information about how to fix a particular problem. It is recommended that you edit the verification file manually. However, if you are confident that those are false positives, Gradle can help you by generating the missing verification metadata. In this case, you can run with the following command-line:
gradle --write-verification-metadata sha256 help
In any case you must review the result of this operation.
Please refer to the documentation for more information.