pkg: checksum mismatch

Occasionally an error will crop up regarding a checksum mismatch for installed packages. You might see something like the following in your daily security email.

Checking for packages with mismatched checksums:
py39-certifi-2022.12.7: /usr/local/lib/python3.9/site-packages/certifi/__pycache__/__main__.cpython-39.pyc
py39-certifi-2022.12.7: /usr/local/lib/python3.9/site-packages/certifi/__pycache__/core.cpython-39.opt-1.pyc
py39-certifi-2022.12.7: /usr/local/lib/python3.9/site-packages/certifi/__pycache__/core.cpython-39.pyc
py39-cffi-1.15.1: /usr/local/lib/python3.9/site-packages/cffi/__pycache__/__init__.cpython-39.opt-1.pyc
py39-cffi-1.15.1: /usr/local/lib/python3.9/site-packages/cffi/__pycache__/__init__.cpython-39.pyc
:

Verify that it is not a real security issue.

This sometimes happens when a package is reverted. If it's not a real security issue, and you don't want to just ignore it, you will want to correct it.

# check for mismatched checksum
pkg check -sa

# if there were any, the following will recalculate the checksums
# MAKE SURE THERE ISN'T A REAL SECURITY ISSUE FIRST
pkg check -r

# you can check again to be sure
pkg check -sa

Thanks to felix on the FreeBSD forums.

Note that you may be able to force a reinstall of the problematic package as well which should fix the issue. The above is faster if there are a lot of packages involved.