hackage-security
hackage-security copied to clipboard
haskell
Hackage security framework based on TUF (The Update Framework)
The `&& impl(ghc >= 8.2)` workaround can then be removed, because the underlying problem is fixed on master and 3.8 branch. Actually, it's also worked around as a Cabal-syntax revision...
Perhaps we should just drop 8.0.2 in CI. Otherwise, we'd need to conditionally (based on `base` version) ban newer basement, I guess.
Shouldn't we just delete that and use Aeson?
*tbd*
When trying to build `hackage-security-0.6.0.1` in nixpkgs we get this error: ``` Canonical JSON prop_roundtrip_canonical: OK (0.37s) +++ OK, passed 100 tests. prop_roundtrip_pretty: OK (0.47s) +++ OK, passed 100 tests....
As discussed with Mikhail last year on cabal-devel, I now would like to present a minimal patch to enable pure(r) Haskell cryptographic signatures. He expressed possible acceptance of a default-off...
We're trying to configure `stack` to use a private Hackage instance, and we kept seeing the message: ``` Could not deserialize /root.json: Schema error: Expected field "signed" ``` Adding `trace`...
I'm a bit confused why TUF isn't its own library. It seems heavily intertwined here with cabal/hackage specific stuff, but the specification isn't. I wanted to use TUF in ghcup,...
The README expresses nearly everything in the future tense: > Phase 1 of the project will implement the basic TUF framework, but leave out author signing; support for author signed...
