hackage-security
hackage-security copied to clipboard
haskell
Hackage security framework based on TUF (The Update Framework)
We should do some sanity check on the `root.json` and `mirrors.json` files when we load them into the server.
This should document things such as - Bootstrapping - Key thresholds - How many keys we have of each type - Key validity (expiry time) - Implications for key compromise...
This should document: - [x] Repository layout -- See `RepoLayout` and co - [ ] Order in which files are to be changed and updated - [ ] Which proxy...
Currently we hardcode the order in which we try the mirrors as: the mirrors from the cabal config file in order, and then the mirrors from the TUF mirrors list,...
Currently we hardcode the trailer length as 1024; see `tarTrailer` in `cacheRemoteFile`.
See TODO in `rebuildTarIndex`.
As reported by hvr ``` [09:32:35] well, if you grab the last few bytes of 01-index.tar [09:32:49] the request that would take 1 sec directly to hackage [09:32:54] via the...
[09:42:32] also, the CDN has this nasty effect of delaying all hackage changes by a few minutes [09:42:44] ... which for most people of course doesn't make much of a...