hackage-security: Hackage security library
The hackage security library provides both server and client utilities for securing the Hackage package server (http://hackage.haskell.org/). It is based on The Update Framework (http://theupdateframework.com/), a set of recommendations developed by security researchers at various universities in the US as well as developers on the Tor project (https://www.torproject.org/).
The current implementation supports only index signing, thereby enabling untrusted mirrors. It does not yet provide facilities for author package signing.
The library has two main entry points:
Hackage.Security.Client is the main entry point for
clients (the typical example being cabal), and
Hackage.Security.Server is the main entry point for
servers (the typical example being hackage-server).
| Versions [faq] | 0.1.0.0, 0.2.0.0, 0.3.0.0, 0.5.0.0, 0.5.0.1, 0.5.0.2, 0.5.1.0, 0.5.2.0, 0.5.2.1, 0.5.2.2, 0.5.3.0, 0.6.0.0, 0.6.0.1 |
|---|---|
| Change log | ChangeLog.md |
| Dependencies | base (>=4.5 && <4.15), base16-bytestring (>=0.1.1 && <1.1), base64-bytestring (>=1.0 && <1.3), bytestring (>=0.9 && <0.11), Cabal (>=1.14 && <1.26 || >=2.0 && <2.6 || >=3.0 && <3.6), containers (>=0.4 && <0.7), cryptohash-sha256 (==0.11.*), directory (>=1.1.0.2 && <1.4), ed25519 (==0.0.*), filepath (>=1.2 && <1.5), ghc-prim, lukko (==0.1.*), mtl (>=2.1 && <2.3), mtl-compat (==0.2.*), network (>=2.5 && <2.9 || >=3.0 && <3.2), network-uri (==2.6.*), old-locale (==1.0.*), old-time (>=1 && <1.2), parsec (==3.1.*), pretty (>=1.0 && <1.2), tar (==0.5.*), template-haskell (>=2.7 && <2.17), time (>=1.2 && <1.11), transformers (>=0.3 && <0.6), zlib (>=0.5 && <0.7) [details] |
| License | BSD-3-Clause |
| Copyright | Copyright 2015-2016 Well-Typed LLP |
| Author | Edsko de Vries |
| Maintainer | cabal-devel@haskell.org |
| Revised | Revision 4 made by phadej at 2020-09-17T08:55:42Z |
| Category | Distribution |
| Home page | https://github.com/haskell/hackage-security |
| Bug tracker | https://github.com/haskell/hackage-security/issues |
| Source repo | head: git clone https://github.com/haskell/hackage-security.git |
| Uploaded | by HerbertValerioRiedel at 2020-04-06T20:54:35Z |
| Distributions | Arch:0.6.0.1, Debian:0.5.3.0, Fedora:0.6.0.1, LTSHaskell:0.5.3.0, NixOS:0.6.0.1, Stackage:0.5.3.0, openSUSE:0.6.0.1 |
| Downloads | 43681 total (645 in the last 30 days) |
| Rating | (no votes yet) [estimated by Bayesian average] |
| Your Rating | |
| Status | Docs available [build log] Last success reported on 2020-04-06 [all 1 reports] |
Modules
[Index] [Quick Jump]
- Hackage
- Text
Flags
| Name | Description | Default | Type |
|---|---|---|---|
| base48 | Are we using | Enabled | Automatic |
| use-network-uri | Are we using | Enabled | Automatic |
| old-directory | Use | Disabled | Automatic |
| mtl21 | Use | Disabled | Automatic |
| lukko | Use | Enabled | Manual |
Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info
Downloads
- hackage-security-0.6.0.1.tar.gz [browse] (Cabal source package)
- Package description (revised from the package)
Note: This package has metadata revisions in the cabal description newer than included in the tarball. To unpack the package including the revisions, use 'cabal get'.