Safe Haskell | None |
---|---|
Language | Haskell2010 |
An implementation of Repository that talks to repositories over HTTP.
This implementation is itself parameterized over a HttpClient
, so that it
it not tied to a specific library; for instance, HttpClient
can be
implemented with the HTTP
library, the http-client
libary, or others.
It would also be possible to give _other_ Repository implementations that talk to repositories over HTTP, if you want to make other design decisions than we did here, in particular:
- We attempt to do incremental downloads of the index when possible.
- We reuse the Repository.Local to deal with the local cache.
- We download
timestamp.json
andsnapshot.json
together. This is implemented here because: - One level down (HttpClient) we have no access to the local cache
- One level up (Repository API) would require _all_ Repositories to implement this optimization.
Synopsis
- withRepository :: HttpLib -> [URI] -> RepoOpts -> Cache -> RepoLayout -> IndexLayout -> (LogMessage -> IO ()) -> (Repository RemoteTemp -> IO a) -> IO a
- data RepoOpts = RepoOpts {}
- defaultRepoOpts :: RepoOpts
- data RemoteTemp a
- data FileSize
- fileSizeWithinBounds :: Int54 -> FileSize -> Bool
Top-level API
:: HttpLib | Implementation of the HTTP protocol |
-> [URI] | "Out of band" list of mirrors |
-> RepoOpts | Repository options |
-> Cache | Location of local cache |
-> RepoLayout | Repository layout |
-> IndexLayout | Index layout |
-> (LogMessage -> IO ()) | Logger |
-> (Repository RemoteTemp -> IO a) | Callback |
-> IO a |
Initialize the repository (and cleanup resources afterwards)
We allow to specify multiple mirrors to initialize the repository. These
are mirrors that can be found "out of band" (out of the scope of the TUF
protocol), for example in a cabal.config
file. The TUF protocol itself
will specify that any of these mirrors can serve a mirrors.json
file
that itself contains mirrors; we consider these as _additional_ mirrors
to the ones that are passed here.
NOTE: The list of mirrors should be non-empty (and should typically include the primary server).
TODO: In the future we could allow finer control over precisely which
mirrors we use (which combination of the mirrors that are passed as arguments
here and the mirrors that we get from mirrors.json
) as well as indicating
mirror preferences.
Repository options with a reasonable default
Clients should use defaultRepositoryOpts
and override required settings.
RepoOpts | |
|
defaultRepoOpts :: RepoOpts Source #
Default repository options
data RemoteTemp a Source #
Instances
DownloadedFile RemoteTemp Source # | |
Defined in Hackage.Security.Client.Repository.Remote downloadedVerify :: RemoteTemp a -> Trusted FileInfo -> IO Bool Source # downloadedRead :: RemoteTemp Metadata -> IO ByteString Source # downloadedCopyTo :: RemoteTemp a -> Path Absolute -> IO () Source # | |
Pretty (RemoteTemp typ) Source # | |
Defined in Hackage.Security.Client.Repository.Remote pretty :: RemoteTemp typ -> String Source # |
File sizes
FileSizeExact Int54 | For most files we download we know the exact size beforehand (because this information comes from the snapshot or delegated info) |
FileSizeBound Int54 | For some files we might not know the size beforehand, but we might be able to provide an upper bound (timestamp, root info) |