hackage-security
hackage-security copied to clipboard
haskell
Hackage security framework based on TUF (The Update Framework)
Steps to reproduce: 1. Run hackage-repo-tool bootstrap on a directory that doesn't exist. Get: ``` ezyang@sabre:~/Dev/labs/localrepo$ /srv/code/hackage-security/dist-newstyle/build/x86_64-linux/ghc-7.10.3/hackage-repo-tool-0.1.1/c/hackage-repo-tool/build/hackage-repo-tool/hackage-repo-tool bootstrap --keys keys --repo repo /srv/code/labs/localrepo/repo: getDirectoryContents: does not exist (No such file...
There appears to be a corner-case where hackage-security's sync logic doesn't recover automatically during a mirror-fallback-scenario when there's an outtage when the cache-folder is missing certain files (because e.g. a...
I don't know why this happened, and I cannot reproduce it; but in the course of installing dependencies for some project I got ``` Invalid hash for /package/string-conversions-0.4.tar.gz ``` halfway...
We'd like to add redirects to hackage-server to allow both efficient CDN usage _and_ correct download statistics (https://github.com/haskell/hackage-server/pull/698). However, downstream clients will need to be able to follow redirects. I...
This regression was introduced via d91afd37deb0eb8494400be90072edf0dc493fc4 and this ticket is primarily a reminder to address this.
Based on https://github.com/commercialhaskell/stack/issues/3073 , I suspected hackage-security wasn't handling async exceptions quite right. Indeed, a search for SomeException led me to find the following spots where SomeException gets caught and...
Not sure how to reproduce this, but it seems that sometimes hackage-security gets stuck in a state of having an invalid hash https://github.com/commercialhaskell/stack/issues/3771 . It seems like it's downloading it,...
See this stack issue: https://github.com/commercialhaskell/stack/issues/3572 Assuming it's from a relatively recent version of stack, this is likely a bug in hackage-security.
Perhaps I'm misusing the library, but I believe this is the current behavior of Hackage Security: 1. Perform a check, get all of the latest files 2. Delete 01-index.tar manually...
