hackage-security: Hackage security library

[ bsd3, distribution, library ] [ Propose Tags ]

The hackage security library provides both server and client utilities for securing the Hackage package server (http://hackage.haskell.org/). It is based on The Update Framework (http://theupdateframework.com/), a set of recommendations developed by security researchers at various universities in the US as well as developers on the Tor project (https://www.torproject.org/).

The current implementation supports only index signing, thereby enabling untrusted mirrors. It does not yet provide facilities for author package signing.

The library has two main entry points: Hackage.Security.Client is the main entry point for clients (the typical example being cabal), and Hackage.Security.Server is the main entry point for servers (the typical example being hackage-server).

Versions 0.1.0.0, 0.2.0.0, 0.3.0.0, 0.5.0.0, 0.5.0.1, 0.5.0.2, 0.5.1.0, 0.5.2.0, 0.5.2.1, 0.5.2.2, 0.5.3.0
Change log ChangeLog.md
Dependencies base (>=4.5 && <4.13), base16-bytestring (>=0.1.1 && <0.2), base64-bytestring (==1.0.*), bytestring (>=0.9 && <0.11), Cabal (>=1.14 && <2.6), containers (>=0.4 && <0.7), cryptohash-sha256 (==0.11.*), directory (>=1.1.0.2 && <1.4), ed25519 (==0.0.*), filepath (>=1.2 && <1.5), ghc-prim, mtl (==2.2.*), network (>=2.5 && <2.9), network-uri (==2.6.*), old-locale (==1.0.*), old-time (>=1 && <1.2), parsec (==3.1.*), pretty (>=1.0 && <1.2), tar (==0.5.*), template-haskell, time (>=1.2 && <1.9), transformers (>=0.4 && <0.6), zlib (>=0.5 && <0.7) [details]
License BSD-3-Clause
Copyright Copyright 2015-2016 Well-Typed LLP
Author Edsko de Vries
Maintainer cabal-devel@haskell.org
Revised Revision 3 made by HerbertValerioRiedel at Wed Sep 19 09:43:15 UTC 2018
Category Distribution
Home page https://github.com/haskell/hackage-security
Bug tracker https://github.com/haskell/hackage-security/issues
Source repo head: git clone https://github.com/haskell/hackage-security.git
Uploaded by HerbertValerioRiedel at Sun Mar 25 23:41:56 UTC 2018
Distributions Arch:0.5.3.0, Fedora:0.5.3.0, LTSHaskell:0.5.3.0, NixOS:0.5.3.0, Stackage:0.5.3.0, openSUSE:0.5.3.0
Downloads 24723 total (306 in the last 30 days)
Rating (no votes yet) [estimated by rule of succession]
Your Rating
  • λ
  • λ
  • λ
Status Docs available [build log]
Last success reported on 2018-03-26 [all 1 reports]
Hackage Matrix CI

Modules

[Index]

Flags

NameDescriptionDefaultType
base48

Are we using base 4.8 or later?

EnabledAutomatic
use-network-uri

Are we using network-uri?

EnabledAutomatic
old-directory

Use directory < 1.2 and old-time

DisabledAutomatic

Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info

Downloads

Note: This package has metadata revisions in the cabal description newer than included in the tarball. To unpack the package including the revisions, use 'cabal get'.

Maintainer's Corner

For package maintainers and hackage trustees