hackage-security: Hackage security library
The hackage security library provides both server and client utilities for securing the Hackage package server (https://hackage.haskell.org/). It is based on The Update Framework (https://theupdateframework.com/), a set of recommendations developed by security researchers at various universities in the US as well as developers on the Tor project (https://www.torproject.org/).
The current implementation supports only index signing, thereby enabling untrusted mirrors. It does not yet provide facilities for author package signing.
The library has two main entry points:
Hackage.Security.Client is the main entry point for
clients (the typical example being cabal), and
Hackage.Security.Server is the main entry point for
servers (the typical example being hackage-server).
Modules
[Index] [Quick Jump]
- Hackage
- Text
Flags
Manual Flags
| Name | Description | Default |
|---|---|---|
| lukko | Use | Enabled |
Automatic Flags
| Name | Description | Default |
|---|---|---|
| base48 | Are we using | Enabled |
| use-network-uri | Are we using | Enabled |
| cabal-syntax | Are we using Cabal-syntax? | Disabled |
| old-directory | Use | Disabled |
| mtl21 | Use | Disabled |
Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info
Downloads
- hackage-security-0.6.2.2.tar.gz [browse] (Cabal source package)
- Package description (revised from the package)
Note: This package has metadata revisions in the cabal description newer than included in the tarball. To unpack the package including the revisions, use 'cabal get'.
Maintainer's Corner
For package maintainers and hackage trustees
Candidates
| Versions [RSS] | 0.1.0.0, 0.2.0.0, 0.3.0.0, 0.5.0.0, 0.5.0.1, 0.5.0.2, 0.5.1.0, 0.5.2.0, 0.5.2.1, 0.5.2.2, 0.5.3.0, 0.6.0.0, 0.6.0.1, 0.6.1.0, 0.6.2.0, 0.6.2.1, 0.6.2.2, 0.6.2.3, 0.6.2.4, 0.6.2.5, 0.6.2.6 |
|---|---|
| Change log | ChangeLog.md |
| Dependencies | base (>=4.5 && <4.18), base16-bytestring (>=0.1.1 && <1.1), base64-bytestring (>=1.0 && <1.3), bytestring (>=0.9 && <0.12), Cabal (>=1.14 && <1.26 || >=2.0 && <2.6 || >=3.0 && <3.7), Cabal-syntax (<3.10), containers (>=0.4 && <0.7), cryptohash-sha256 (>=0.11 && <0.12), directory (>=1.1.0.2 && <1.4), ed25519 (>=0.0 && <0.1), filepath (>=1.2 && <1.5), ghc-prim, lukko (>=0.1 && <0.2), mtl (>=2.1 && <2.3), mtl-compat (>=0.2 && <0.3), network (>=2.5 && <2.9 || >=3.0 && <3.2), network-uri (>=2.6 && <2.7), old-locale (>=1.0 && <1.1), old-time (>=1 && <1.2), parsec (>=3.1 && <3.2), pretty (>=1.0 && <1.2), tar (>=0.5 && <0.6), template-haskell (>=2.7 && <2.20), time (>=1.2 && <1.13), transformers (>=0.3 && <0.7), zlib (>=0.5 && <0.7) [details] |
| License | BSD-3-Clause |
| Copyright | Copyright 2015-2022 Well-Typed LLP |
| Author | Edsko de Vries |
| Maintainer | cabal-devel@haskell.org |
| Revised | Revision 2 made by Bodigrim at 2022-11-19T21:01:02Z |
| Category | Distribution |
| Home page | https://github.com/haskell/hackage-security |
| Bug tracker | https://github.com/haskell/hackage-security/issues |
| Source repo | head: git clone https://github.com/haskell/hackage-security.git |
| Uploaded | by MikolajKonarski at 2022-08-13T10:29:04Z |
| Distributions | Arch:0.6.2.4, Debian:0.6.0.1, Fedora:0.6.2.3, LTSHaskell:0.6.2.4, NixOS:0.6.2.4, Stackage:0.6.2.6, openSUSE:0.6.2.4 |
| Reverse Dependencies | 6 direct, 5 indirect [details] |
| Downloads | 60026 total (483 in the last 30 days) |
| Rating | (no votes yet) [estimated by Bayesian average] |
| Your Rating | |
| Status | Docs available [build log] Last success reported on 2022-08-13 [all 1 reports] |