Cabal revisions of hackage-security-0.6.2.6
Hackage metadata revisions edit the .cabal file after upload; each diff below is one revision.
revision 1
cabal-version: 1.12 name: hackage-security version: 0.6.2.6+x-revision: 1 synopsis: Hackage security library description: The hackage security library provides both server and build-type: Simple tested-with:+ GHC == 9.10.0 GHC == 9.8.2 GHC == 9.6.4 GHC == 9.4.8 Hackage.Security.Util.Stack Hackage.Security.Util.TypedEmbedded - build-depends: base >= 4.11 && < 4.20,+ build-depends: base >= 4.11 && < 4.21, base16-bytestring >= 0.1.1 && < 1.1, base64-bytestring >= 1.0 && < 1.3, bytestring >= 0.10.8.2 && < 0.13, cryptohash-sha256 >= 0.11 && < 0.12, directory >= 1.3.1.5 && < 1.4, ed25519 >= 0.0 && < 0.1,- filepath >= 1.4.2 && < 1.5,+ filepath >= 1.4.2 && < 1.6, mtl >= 2.2.2 && < 2.4, network-uri >= 2.6 && < 2.7,- network >= 2.6 && < 3.2,+ network >= 2.6 && < 3.3, parsec >= 3.1.13 && < 3.2, pretty >= 1.0 && < 1.2, -- 0.4.2 introduces TarIndex, 0.4.4 introduces more -- functionality, 0.5.0 changes type of serialise tar >= 0.5 && < 0.7, template-haskell >= 2.13 && < 2.22,- time >= 1.8.0.2 && < 1.13,+ time >= 1.8.0.2 && < 1.15, transformers >= 0.3 && < 0.7, zlib >= 0.5 && < 0.8, -- whatever versions are bundled with ghc:
revision 2
-cabal-version: 1.12-name: hackage-security-version: 0.6.2.6-x-revision: 1--synopsis: Hackage security library-description: The hackage security library provides both server and- client utilities for securing the Hackage package server- (<https://hackage.haskell.org/>). It is based on The Update- Framework (<https://theupdateframework.com/>), a set of- recommendations developed by security researchers at- various universities in the US as well as developers on the- Tor project (<https://www.torproject.org/>).- .- The current implementation supports only index signing,- thereby enabling untrusted mirrors. It does not yet provide- facilities for author package signing.- .- The library has two main entry points:- "Hackage.Security.Client" is the main entry point for- clients (the typical example being @cabal@), and- "Hackage.Security.Server" is the main entry point for- servers (the typical example being @hackage-server@).-license: BSD3-license-file: LICENSE-author: Edsko de Vries-maintainer: cabal-devel@haskell.org-copyright: Copyright 2015-2022 Well-Typed LLP-category: Distribution-homepage: https://github.com/haskell/hackage-security-bug-reports: https://github.com/haskell/hackage-security/issues-build-type: Simple--tested-with:- GHC == 9.10.0- GHC == 9.8.2- GHC == 9.6.4- GHC == 9.4.8- GHC == 9.2.8- GHC == 9.0.2- GHC == 8.10.7- GHC == 8.8.4- GHC == 8.6.5- GHC == 8.4.4--extra-source-files:- ChangeLog.md--source-repository head- type: git- location: https://github.com/haskell/hackage-security.git--flag Cabal-syntax- description: Are we using Cabal-syntax?- manual: False- default: False--flag lukko- description: Use @lukko@ for file-locking, otherwise use @GHC.IO.Handle.Lock@- manual: True- default: True--library- -- Most functionality is exported through the top-level entry points .Client- -- and .Server; the other exported modules are intended for qualified imports.- exposed-modules: Hackage.Security.Client- Hackage.Security.Client.Formats- Hackage.Security.Client.Repository- Hackage.Security.Client.Repository.Cache- Hackage.Security.Client.Repository.Local- Hackage.Security.Client.Repository.Remote- Hackage.Security.Client.Repository.HttpLib- Hackage.Security.Client.Verify- Hackage.Security.JSON- Hackage.Security.Key.Env- Hackage.Security.Server- Hackage.Security.Trusted- Hackage.Security.TUF.FileMap- Hackage.Security.Util.Checked- Hackage.Security.Util.Path- Hackage.Security.Util.Pretty- Hackage.Security.Util.Some- Text.JSON.Canonical- other-modules: Hackage.Security.Key- Hackage.Security.Trusted.TCB- Hackage.Security.TUF- Hackage.Security.TUF.Common- Hackage.Security.TUF.FileInfo- Hackage.Security.TUF.Header- Hackage.Security.TUF.Layout.Cache- Hackage.Security.TUF.Layout.Index- Hackage.Security.TUF.Layout.Repo- Hackage.Security.TUF.Mirrors- Hackage.Security.TUF.Paths- Hackage.Security.TUF.Patterns- Hackage.Security.TUF.Root- Hackage.Security.TUF.Signed- Hackage.Security.TUF.Snapshot- Hackage.Security.TUF.Targets- Hackage.Security.TUF.Timestamp- Hackage.Security.Util.Base64- Hackage.Security.Util.Exit- Hackage.Security.Util.IO- Hackage.Security.Util.JSON- Hackage.Security.Util.Lens- Hackage.Security.Util.Stack- Hackage.Security.Util.TypedEmbedded-- build-depends: base >= 4.11 && < 4.21,- base16-bytestring >= 0.1.1 && < 1.1,- base64-bytestring >= 1.0 && < 1.3,- bytestring >= 0.10.8.2 && < 0.13,- containers >= 0.5.11 && < 0.8,- cryptohash-sha256 >= 0.11 && < 0.12,- directory >= 1.3.1.5 && < 1.4,- ed25519 >= 0.0 && < 0.1,- filepath >= 1.4.2 && < 1.6,- mtl >= 2.2.2 && < 2.4,- network-uri >= 2.6 && < 2.7,- network >= 2.6 && < 3.3,- parsec >= 3.1.13 && < 3.2,- pretty >= 1.0 && < 1.2,- -- 0.4.2 introduces TarIndex, 0.4.4 introduces more- -- functionality, 0.5.0 changes type of serialise- tar >= 0.5 && < 0.7,- template-haskell >= 2.13 && < 2.22,- time >= 1.8.0.2 && < 1.15,- transformers >= 0.3 && < 0.7,- zlib >= 0.5 && < 0.8,- -- whatever versions are bundled with ghc:- ghc-prim >= 0.5.2 && < 0.12-- if flag(lukko)- build-depends: lukko >= 0.1 && < 0.2- else- build-depends: base >= 4.11-- if flag(Cabal-syntax)- build-depends: Cabal-syntax >= 3.7 && < 3.14- else- build-depends: Cabal >= 2.2.0.1 && < 2.6- || >= 3.0 && < 3.7,- Cabal-syntax < 3.7-- hs-source-dirs: src- default-language: Haskell2010- default-extensions: DefaultSignatures- DeriveDataTypeable- DeriveFunctor- FlexibleContexts- FlexibleInstances- GADTs- GeneralizedNewtypeDeriving- KindSignatures- MultiParamTypeClasses- NamedFieldPuns- NoImplicitPrelude- NoMonomorphismRestriction- PatternSynonyms- RankNTypes- RecordWildCards- ScopedTypeVariables- StandaloneDeriving- TupleSections- TypeFamilies- TypeOperators- ViewPatterns- other-extensions:- AllowAmbiguousTypes- BangPatterns- CPP- DeriveLift- OverlappingInstances- PackageImports- RoleAnnotations- StaticPointers- UndecidableInstances-- ghc-options: -Wall--test-suite TestSuite- type: exitcode-stdio-1.0- main-is: TestSuite.hs- other-modules: TestSuite.HttpMem- TestSuite.InMemCache- TestSuite.InMemRepo- TestSuite.InMemRepository- TestSuite.JSON- TestSuite.PrivateKeys- TestSuite.Util.StrictMVar-- -- inherited constraints from lib:hackage-security component- build-depends: hackage-security,- base,- containers,- bytestring,- network-uri,- tar,- text,- time,- zlib-- if flag(Cabal-syntax)- build-depends: Cabal >= 3.7 && < 3.14,- Cabal-syntax >= 3.7 && < 3.14- else- build-depends: Cabal >= 2.2.0.1 && < 2.6- || >= 3.0 && < 3.7,- Cabal-syntax < 3.7-- -- dependencies exclusive to test-suite- build-depends: tasty >= 1.1.0.4 && < 1.6,- -- tasty-1.1.0.4 is the version in Stackage LTS 12.26 (GHC 8.4)- tasty-hunit == 0.10.*,- tasty-quickcheck == 0.10.*,- QuickCheck >= 2.11 && <2.15,- aeson >= 1.4 && < 1.6 || >= 2.0 && < 2.3,- vector >= 0.12 && <0.14,- unordered-containers >=0.2.8.0 && <0.3,- temporary >= 1.2 && < 1.4-- hs-source-dirs: tests- default-language: Haskell2010- default-extensions: FlexibleContexts- GADTs- KindSignatures- RankNTypes- RecordWildCards- ScopedTypeVariables- ghc-options: -Wall+cabal-version: 1.12 +name: hackage-security +version: 0.6.2.6 +x-revision: 2 + +synopsis: Hackage security library +description: The hackage security library provides both server and + client utilities for securing the Hackage package server + (<https://hackage.haskell.org/>). It is based on The Update + Framework (<https://theupdateframework.com/>), a set of + recommendations developed by security researchers at + various universities in the US as well as developers on the + Tor project (<https://www.torproject.org/>). + . + The current implementation supports only index signing, + thereby enabling untrusted mirrors. It does not yet provide + facilities for author package signing. + . + The library has two main entry points: + "Hackage.Security.Client" is the main entry point for + clients (the typical example being @cabal@), and + "Hackage.Security.Server" is the main entry point for + servers (the typical example being @hackage-server@). +license: BSD3 +license-file: LICENSE +author: Edsko de Vries +maintainer: cabal-devel@haskell.org +copyright: Copyright 2015-2022 Well-Typed LLP +category: Distribution +homepage: https://github.com/haskell/hackage-security +bug-reports: https://github.com/haskell/hackage-security/issues +build-type: Simple + +tested-with: + GHC == 9.10.0 + GHC == 9.8.2 + GHC == 9.6.4 + GHC == 9.4.8 + GHC == 9.2.8 + GHC == 9.0.2 + GHC == 8.10.7 + GHC == 8.8.4 + GHC == 8.6.5 + GHC == 8.4.4 + +extra-source-files: + ChangeLog.md + +source-repository head + type: git + location: https://github.com/haskell/hackage-security.git + +flag Cabal-syntax + description: Are we using Cabal-syntax? + manual: False + default: False + +flag lukko + description: Use @lukko@ for file-locking, otherwise use @GHC.IO.Handle.Lock@ + manual: True + default: True + +library + -- Most functionality is exported through the top-level entry points .Client + -- and .Server; the other exported modules are intended for qualified imports. + exposed-modules: Hackage.Security.Client + Hackage.Security.Client.Formats + Hackage.Security.Client.Repository + Hackage.Security.Client.Repository.Cache + Hackage.Security.Client.Repository.Local + Hackage.Security.Client.Repository.Remote + Hackage.Security.Client.Repository.HttpLib + Hackage.Security.Client.Verify + Hackage.Security.JSON + Hackage.Security.Key.Env + Hackage.Security.Server + Hackage.Security.Trusted + Hackage.Security.TUF.FileMap + Hackage.Security.Util.Checked + Hackage.Security.Util.Path + Hackage.Security.Util.Pretty + Hackage.Security.Util.Some + Text.JSON.Canonical + other-modules: Hackage.Security.Key + Hackage.Security.Trusted.TCB + Hackage.Security.TUF + Hackage.Security.TUF.Common + Hackage.Security.TUF.FileInfo + Hackage.Security.TUF.Header + Hackage.Security.TUF.Layout.Cache + Hackage.Security.TUF.Layout.Index + Hackage.Security.TUF.Layout.Repo + Hackage.Security.TUF.Mirrors + Hackage.Security.TUF.Paths + Hackage.Security.TUF.Patterns + Hackage.Security.TUF.Root + Hackage.Security.TUF.Signed + Hackage.Security.TUF.Snapshot + Hackage.Security.TUF.Targets + Hackage.Security.TUF.Timestamp + Hackage.Security.Util.Base64 + Hackage.Security.Util.Exit + Hackage.Security.Util.IO + Hackage.Security.Util.JSON + Hackage.Security.Util.Lens + Hackage.Security.Util.Stack + Hackage.Security.Util.TypedEmbedded + + build-depends: base >= 4.11 && < 4.21, + base16-bytestring >= 0.1.1 && < 1.1, + base64-bytestring >= 1.0 && < 1.3, + bytestring >= 0.10.8.2 && < 0.13, + containers >= 0.5.11 && < 0.8, + cryptohash-sha256 >= 0.11 && < 0.12, + directory >= 1.3.1.5 && < 1.4, + ed25519 >= 0.0 && < 0.1, + filepath >= 1.4.2 && < 1.6, + mtl >= 2.2.2 && < 2.4, + network-uri >= 2.6 && < 2.7, + network >= 2.6 && < 3.3, + parsec >= 3.1.13 && < 3.2, + pretty >= 1.0 && < 1.2, + -- 0.4.2 introduces TarIndex, 0.4.4 introduces more + -- functionality, 0.5.0 changes type of serialise + tar >= 0.5 && < 0.7, + template-haskell >= 2.13 && < 2.23, + time >= 1.8.0.2 && < 1.15, + transformers >= 0.3 && < 0.7, + zlib >= 0.5 && < 0.8, + -- whatever versions are bundled with ghc: + ghc-prim >= 0.5.2 && < 0.12 + + if flag(lukko) + build-depends: lukko >= 0.1 && < 0.2 + else + build-depends: base >= 4.11 + + if flag(Cabal-syntax) + build-depends: Cabal-syntax >= 3.7 && < 3.14 + else + build-depends: Cabal >= 2.2.0.1 && < 2.6 + || >= 3.0 && < 3.7, + Cabal-syntax < 3.7 + + hs-source-dirs: src + default-language: Haskell2010 + default-extensions: DefaultSignatures + DeriveDataTypeable + DeriveFunctor + FlexibleContexts + FlexibleInstances + GADTs + GeneralizedNewtypeDeriving + KindSignatures + MultiParamTypeClasses + NamedFieldPuns + NoImplicitPrelude + NoMonomorphismRestriction + PatternSynonyms + RankNTypes + RecordWildCards + ScopedTypeVariables + StandaloneDeriving + TupleSections + TypeFamilies + TypeOperators + ViewPatterns + other-extensions: + AllowAmbiguousTypes + BangPatterns + CPP + DeriveLift + OverlappingInstances + PackageImports + RoleAnnotations + StaticPointers + UndecidableInstances + + ghc-options: -Wall + +test-suite TestSuite + type: exitcode-stdio-1.0 + main-is: TestSuite.hs + other-modules: TestSuite.HttpMem + TestSuite.InMemCache + TestSuite.InMemRepo + TestSuite.InMemRepository + TestSuite.JSON + TestSuite.PrivateKeys + TestSuite.Util.StrictMVar + + -- inherited constraints from lib:hackage-security component + build-depends: hackage-security, + base, + containers, + bytestring, + network-uri, + tar, + text, + time, + zlib + + if flag(Cabal-syntax) + build-depends: Cabal >= 3.7 && < 3.14, + Cabal-syntax >= 3.7 && < 3.14 + else + build-depends: Cabal >= 2.2.0.1 && < 2.6 + || >= 3.0 && < 3.7, + Cabal-syntax < 3.7 + + -- dependencies exclusive to test-suite + build-depends: tasty >= 1.1.0.4 && < 1.6, + -- tasty-1.1.0.4 is the version in Stackage LTS 12.26 (GHC 8.4) + tasty-hunit == 0.10.*, + tasty-quickcheck == 0.10.*, + QuickCheck >= 2.11 && <2.15, + aeson >= 1.4 && < 1.6 || >= 2.0 && < 2.3, + vector >= 0.12 && <0.14, + unordered-containers >=0.2.8.0 && <0.3, + temporary >= 1.2 && < 1.4 + + hs-source-dirs: tests + default-language: Haskell2010 + default-extensions: FlexibleContexts + GADTs + KindSignatures + RankNTypes + RecordWildCards + ScopedTypeVariables + ghc-options: -Wall
revision 3
-cabal-version: 1.12 -name: hackage-security -version: 0.6.2.6 -x-revision: 2 - -synopsis: Hackage security library -description: The hackage security library provides both server and - client utilities for securing the Hackage package server - (<https://hackage.haskell.org/>). It is based on The Update - Framework (<https://theupdateframework.com/>), a set of - recommendations developed by security researchers at - various universities in the US as well as developers on the - Tor project (<https://www.torproject.org/>). - . - The current implementation supports only index signing, - thereby enabling untrusted mirrors. It does not yet provide - facilities for author package signing. - . - The library has two main entry points: - "Hackage.Security.Client" is the main entry point for - clients (the typical example being @cabal@), and - "Hackage.Security.Server" is the main entry point for - servers (the typical example being @hackage-server@). -license: BSD3 -license-file: LICENSE -author: Edsko de Vries -maintainer: cabal-devel@haskell.org -copyright: Copyright 2015-2022 Well-Typed LLP -category: Distribution -homepage: https://github.com/haskell/hackage-security -bug-reports: https://github.com/haskell/hackage-security/issues -build-type: Simple - -tested-with: - GHC == 9.10.0 - GHC == 9.8.2 - GHC == 9.6.4 - GHC == 9.4.8 - GHC == 9.2.8 - GHC == 9.0.2 - GHC == 8.10.7 - GHC == 8.8.4 - GHC == 8.6.5 - GHC == 8.4.4 - -extra-source-files: - ChangeLog.md - -source-repository head - type: git - location: https://github.com/haskell/hackage-security.git - -flag Cabal-syntax - description: Are we using Cabal-syntax? - manual: False - default: False - -flag lukko - description: Use @lukko@ for file-locking, otherwise use @GHC.IO.Handle.Lock@ - manual: True - default: True - -library - -- Most functionality is exported through the top-level entry points .Client - -- and .Server; the other exported modules are intended for qualified imports. - exposed-modules: Hackage.Security.Client - Hackage.Security.Client.Formats - Hackage.Security.Client.Repository - Hackage.Security.Client.Repository.Cache - Hackage.Security.Client.Repository.Local - Hackage.Security.Client.Repository.Remote - Hackage.Security.Client.Repository.HttpLib - Hackage.Security.Client.Verify - Hackage.Security.JSON - Hackage.Security.Key.Env - Hackage.Security.Server - Hackage.Security.Trusted - Hackage.Security.TUF.FileMap - Hackage.Security.Util.Checked - Hackage.Security.Util.Path - Hackage.Security.Util.Pretty - Hackage.Security.Util.Some - Text.JSON.Canonical - other-modules: Hackage.Security.Key - Hackage.Security.Trusted.TCB - Hackage.Security.TUF - Hackage.Security.TUF.Common - Hackage.Security.TUF.FileInfo - Hackage.Security.TUF.Header - Hackage.Security.TUF.Layout.Cache - Hackage.Security.TUF.Layout.Index - Hackage.Security.TUF.Layout.Repo - Hackage.Security.TUF.Mirrors - Hackage.Security.TUF.Paths - Hackage.Security.TUF.Patterns - Hackage.Security.TUF.Root - Hackage.Security.TUF.Signed - Hackage.Security.TUF.Snapshot - Hackage.Security.TUF.Targets - Hackage.Security.TUF.Timestamp - Hackage.Security.Util.Base64 - Hackage.Security.Util.Exit - Hackage.Security.Util.IO - Hackage.Security.Util.JSON - Hackage.Security.Util.Lens - Hackage.Security.Util.Stack - Hackage.Security.Util.TypedEmbedded - - build-depends: base >= 4.11 && < 4.21, - base16-bytestring >= 0.1.1 && < 1.1, - base64-bytestring >= 1.0 && < 1.3, - bytestring >= 0.10.8.2 && < 0.13, - containers >= 0.5.11 && < 0.8, - cryptohash-sha256 >= 0.11 && < 0.12, - directory >= 1.3.1.5 && < 1.4, - ed25519 >= 0.0 && < 0.1, - filepath >= 1.4.2 && < 1.6, - mtl >= 2.2.2 && < 2.4, - network-uri >= 2.6 && < 2.7, - network >= 2.6 && < 3.3, - parsec >= 3.1.13 && < 3.2, - pretty >= 1.0 && < 1.2, - -- 0.4.2 introduces TarIndex, 0.4.4 introduces more - -- functionality, 0.5.0 changes type of serialise - tar >= 0.5 && < 0.7, - template-haskell >= 2.13 && < 2.23, - time >= 1.8.0.2 && < 1.15, - transformers >= 0.3 && < 0.7, - zlib >= 0.5 && < 0.8, - -- whatever versions are bundled with ghc: - ghc-prim >= 0.5.2 && < 0.12 - - if flag(lukko) - build-depends: lukko >= 0.1 && < 0.2 - else - build-depends: base >= 4.11 - - if flag(Cabal-syntax) - build-depends: Cabal-syntax >= 3.7 && < 3.14 - else - build-depends: Cabal >= 2.2.0.1 && < 2.6 - || >= 3.0 && < 3.7, - Cabal-syntax < 3.7 - - hs-source-dirs: src - default-language: Haskell2010 - default-extensions: DefaultSignatures - DeriveDataTypeable - DeriveFunctor - FlexibleContexts - FlexibleInstances - GADTs - GeneralizedNewtypeDeriving - KindSignatures - MultiParamTypeClasses - NamedFieldPuns - NoImplicitPrelude - NoMonomorphismRestriction - PatternSynonyms - RankNTypes - RecordWildCards - ScopedTypeVariables - StandaloneDeriving - TupleSections - TypeFamilies - TypeOperators - ViewPatterns - other-extensions: - AllowAmbiguousTypes - BangPatterns - CPP - DeriveLift - OverlappingInstances - PackageImports - RoleAnnotations - StaticPointers - UndecidableInstances - - ghc-options: -Wall - -test-suite TestSuite - type: exitcode-stdio-1.0 - main-is: TestSuite.hs - other-modules: TestSuite.HttpMem - TestSuite.InMemCache - TestSuite.InMemRepo - TestSuite.InMemRepository - TestSuite.JSON - TestSuite.PrivateKeys - TestSuite.Util.StrictMVar - - -- inherited constraints from lib:hackage-security component - build-depends: hackage-security, - base, - containers, - bytestring, - network-uri, - tar, - text, - time, - zlib - - if flag(Cabal-syntax) - build-depends: Cabal >= 3.7 && < 3.14, - Cabal-syntax >= 3.7 && < 3.14 - else - build-depends: Cabal >= 2.2.0.1 && < 2.6 - || >= 3.0 && < 3.7, - Cabal-syntax < 3.7 - - -- dependencies exclusive to test-suite - build-depends: tasty >= 1.1.0.4 && < 1.6, - -- tasty-1.1.0.4 is the version in Stackage LTS 12.26 (GHC 8.4) - tasty-hunit == 0.10.*, - tasty-quickcheck == 0.10.*, - QuickCheck >= 2.11 && <2.15, - aeson >= 1.4 && < 1.6 || >= 2.0 && < 2.3, - vector >= 0.12 && <0.14, - unordered-containers >=0.2.8.0 && <0.3, - temporary >= 1.2 && < 1.4 - - hs-source-dirs: tests - default-language: Haskell2010 - default-extensions: FlexibleContexts - GADTs - KindSignatures - RankNTypes - RecordWildCards - ScopedTypeVariables - ghc-options: -Wall +cabal-version: 1.12+name: hackage-security+version: 0.6.2.6+x-revision: 3++synopsis: Hackage security library+description: The hackage security library provides both server and+ client utilities for securing the Hackage package server+ (<https://hackage.haskell.org/>). It is based on The Update+ Framework (<https://theupdateframework.com/>), a set of+ recommendations developed by security researchers at+ various universities in the US as well as developers on the+ Tor project (<https://www.torproject.org/>).+ .+ The current implementation supports only index signing,+ thereby enabling untrusted mirrors. It does not yet provide+ facilities for author package signing.+ .+ The library has two main entry points:+ "Hackage.Security.Client" is the main entry point for+ clients (the typical example being @cabal@), and+ "Hackage.Security.Server" is the main entry point for+ servers (the typical example being @hackage-server@).+license: BSD3+license-file: LICENSE+author: Edsko de Vries+maintainer: cabal-devel@haskell.org+copyright: Copyright 2015-2022 Well-Typed LLP+category: Distribution+homepage: https://github.com/haskell/hackage-security+bug-reports: https://github.com/haskell/hackage-security/issues+build-type: Simple++tested-with:+ GHC == 9.10.1+ GHC == 9.8.2+ GHC == 9.6.5+ GHC == 9.4.8+ GHC == 9.2.8+ GHC == 9.0.2+ GHC == 8.10.7+ GHC == 8.8.4+ GHC == 8.6.5+ GHC == 8.4.4++extra-source-files:+ ChangeLog.md++source-repository head+ type: git+ location: https://github.com/haskell/hackage-security.git++flag Cabal-syntax+ description: Are we using Cabal-syntax?+ manual: False+ default: False++flag lukko+ description: Use @lukko@ for file-locking, otherwise use @GHC.IO.Handle.Lock@+ manual: True+ default: True++library+ -- Most functionality is exported through the top-level entry points .Client+ -- and .Server; the other exported modules are intended for qualified imports.+ exposed-modules: Hackage.Security.Client+ Hackage.Security.Client.Formats+ Hackage.Security.Client.Repository+ Hackage.Security.Client.Repository.Cache+ Hackage.Security.Client.Repository.Local+ Hackage.Security.Client.Repository.Remote+ Hackage.Security.Client.Repository.HttpLib+ Hackage.Security.Client.Verify+ Hackage.Security.JSON+ Hackage.Security.Key.Env+ Hackage.Security.Server+ Hackage.Security.Trusted+ Hackage.Security.TUF.FileMap+ Hackage.Security.Util.Checked+ Hackage.Security.Util.Path+ Hackage.Security.Util.Pretty+ Hackage.Security.Util.Some+ Text.JSON.Canonical+ other-modules: Hackage.Security.Key+ Hackage.Security.Trusted.TCB+ Hackage.Security.TUF+ Hackage.Security.TUF.Common+ Hackage.Security.TUF.FileInfo+ Hackage.Security.TUF.Header+ Hackage.Security.TUF.Layout.Cache+ Hackage.Security.TUF.Layout.Index+ Hackage.Security.TUF.Layout.Repo+ Hackage.Security.TUF.Mirrors+ Hackage.Security.TUF.Paths+ Hackage.Security.TUF.Patterns+ Hackage.Security.TUF.Root+ Hackage.Security.TUF.Signed+ Hackage.Security.TUF.Snapshot+ Hackage.Security.TUF.Targets+ Hackage.Security.TUF.Timestamp+ Hackage.Security.Util.Base64+ Hackage.Security.Util.Exit+ Hackage.Security.Util.IO+ Hackage.Security.Util.JSON+ Hackage.Security.Util.Lens+ Hackage.Security.Util.Stack+ Hackage.Security.Util.TypedEmbedded++ build-depends: base >= 4.11 && < 4.21,+ base16-bytestring >= 0.1.1 && < 1.1,+ base64-bytestring >= 1.0 && < 1.3,+ bytestring >= 0.10.8.2 && < 0.13,+ containers >= 0.5.11 && < 0.8,+ cryptohash-sha256 >= 0.11 && < 0.12,+ directory >= 1.3.1.5 && < 1.4,+ ed25519 >= 0.0 && < 0.1,+ filepath >= 1.4.2 && < 1.6,+ mtl >= 2.2.2 && < 2.4,+ network-uri >= 2.6 && < 2.7,+ network >= 2.6 && < 3.3,+ parsec >= 3.1.13 && < 3.2,+ pretty >= 1.0 && < 1.2,+ -- 0.4.2 introduces TarIndex, 0.4.4 introduces more+ -- functionality, 0.5.0 changes type of serialise+ tar >= 0.5 && < 0.7,+ template-haskell >= 2.13 && < 2.23,+ time >= 1.8.0.2 && < 1.15,+ transformers >= 0.3 && < 0.7,+ zlib >= 0.5 && < 0.8,+ -- whatever versions are bundled with ghc:+ ghc-prim >= 0.5.2 && < 0.12++ if flag(lukko)+ build-depends: lukko >= 0.1 && < 0.2+ else+ build-depends: base >= 4.11++ if flag(Cabal-syntax)+ build-depends: Cabal-syntax >= 3.7 && < 3.14+ else+ build-depends: Cabal >= 2.2.0.1 && < 2.6+ || >= 3.0 && < 3.7,+ Cabal-syntax < 3.7++ hs-source-dirs: src+ default-language: Haskell2010+ default-extensions: DefaultSignatures+ DeriveDataTypeable+ DeriveFunctor+ FlexibleContexts+ FlexibleInstances+ GADTs+ GeneralizedNewtypeDeriving+ KindSignatures+ MultiParamTypeClasses+ NamedFieldPuns+ NoImplicitPrelude+ NoMonomorphismRestriction+ PatternSynonyms+ RankNTypes+ RecordWildCards+ ScopedTypeVariables+ StandaloneDeriving+ TupleSections+ TypeFamilies+ TypeOperators+ ViewPatterns+ other-extensions:+ AllowAmbiguousTypes+ BangPatterns+ CPP+ DeriveLift+ OverlappingInstances+ PackageImports+ RoleAnnotations+ StaticPointers+ UndecidableInstances++ ghc-options: -Wall++test-suite TestSuite+ type: exitcode-stdio-1.0+ main-is: TestSuite.hs+ other-modules: TestSuite.HttpMem+ TestSuite.InMemCache+ TestSuite.InMemRepo+ TestSuite.InMemRepository+ TestSuite.JSON+ TestSuite.PrivateKeys+ TestSuite.Util.StrictMVar++ -- inherited constraints from lib:hackage-security component+ build-depends: hackage-security,+ base,+ containers,+ bytestring,+ network-uri,+ tar,+ text,+ time,+ zlib++ if flag(Cabal-syntax)+ build-depends: Cabal >= 3.7 && < 3.14,+ Cabal-syntax >= 3.7 && < 3.14+ else+ build-depends: Cabal >= 2.2.0.1 && < 2.6+ || >= 3.0 && < 3.7,+ Cabal-syntax < 3.7++ -- dependencies exclusive to test-suite+ build-depends: tasty >= 1.1.0.4 && < 1.6,+ -- tasty-1.1.0.4 is the version in Stackage LTS 12.26 (GHC 8.4)+ tasty-hunit == 0.10.*,+ tasty-quickcheck >= 0.10 && < 1,+ QuickCheck >= 2.11 && < 2.16,+ aeson >= 1.4 && < 1.6 || >= 2.0 && < 2.3,+ vector >= 0.12 && < 0.14,+ unordered-containers >= 0.2.8.0 && < 0.3,+ temporary >= 1.2 && < 1.4++ hs-source-dirs: tests+ default-language: Haskell2010+ default-extensions: FlexibleContexts+ GADTs+ KindSignatures+ RankNTypes+ RecordWildCards+ ScopedTypeVariables+ ghc-options: -Wall
revision 4
-cabal-version: 1.12-name: hackage-security-version: 0.6.2.6-x-revision: 3--synopsis: Hackage security library-description: The hackage security library provides both server and- client utilities for securing the Hackage package server- (<https://hackage.haskell.org/>). It is based on The Update- Framework (<https://theupdateframework.com/>), a set of- recommendations developed by security researchers at- various universities in the US as well as developers on the- Tor project (<https://www.torproject.org/>).- .- The current implementation supports only index signing,- thereby enabling untrusted mirrors. It does not yet provide- facilities for author package signing.- .- The library has two main entry points:- "Hackage.Security.Client" is the main entry point for- clients (the typical example being @cabal@), and- "Hackage.Security.Server" is the main entry point for- servers (the typical example being @hackage-server@).-license: BSD3-license-file: LICENSE-author: Edsko de Vries-maintainer: cabal-devel@haskell.org-copyright: Copyright 2015-2022 Well-Typed LLP-category: Distribution-homepage: https://github.com/haskell/hackage-security-bug-reports: https://github.com/haskell/hackage-security/issues-build-type: Simple--tested-with:- GHC == 9.10.1- GHC == 9.8.2- GHC == 9.6.5- GHC == 9.4.8- GHC == 9.2.8- GHC == 9.0.2- GHC == 8.10.7- GHC == 8.8.4- GHC == 8.6.5- GHC == 8.4.4--extra-source-files:- ChangeLog.md--source-repository head- type: git- location: https://github.com/haskell/hackage-security.git--flag Cabal-syntax- description: Are we using Cabal-syntax?- manual: False- default: False--flag lukko- description: Use @lukko@ for file-locking, otherwise use @GHC.IO.Handle.Lock@- manual: True- default: True--library- -- Most functionality is exported through the top-level entry points .Client- -- and .Server; the other exported modules are intended for qualified imports.- exposed-modules: Hackage.Security.Client- Hackage.Security.Client.Formats- Hackage.Security.Client.Repository- Hackage.Security.Client.Repository.Cache- Hackage.Security.Client.Repository.Local- Hackage.Security.Client.Repository.Remote- Hackage.Security.Client.Repository.HttpLib- Hackage.Security.Client.Verify- Hackage.Security.JSON- Hackage.Security.Key.Env- Hackage.Security.Server- Hackage.Security.Trusted- Hackage.Security.TUF.FileMap- Hackage.Security.Util.Checked- Hackage.Security.Util.Path- Hackage.Security.Util.Pretty- Hackage.Security.Util.Some- Text.JSON.Canonical- other-modules: Hackage.Security.Key- Hackage.Security.Trusted.TCB- Hackage.Security.TUF- Hackage.Security.TUF.Common- Hackage.Security.TUF.FileInfo- Hackage.Security.TUF.Header- Hackage.Security.TUF.Layout.Cache- Hackage.Security.TUF.Layout.Index- Hackage.Security.TUF.Layout.Repo- Hackage.Security.TUF.Mirrors- Hackage.Security.TUF.Paths- Hackage.Security.TUF.Patterns- Hackage.Security.TUF.Root- Hackage.Security.TUF.Signed- Hackage.Security.TUF.Snapshot- Hackage.Security.TUF.Targets- Hackage.Security.TUF.Timestamp- Hackage.Security.Util.Base64- Hackage.Security.Util.Exit- Hackage.Security.Util.IO- Hackage.Security.Util.JSON- Hackage.Security.Util.Lens- Hackage.Security.Util.Stack- Hackage.Security.Util.TypedEmbedded-- build-depends: base >= 4.11 && < 4.21,- base16-bytestring >= 0.1.1 && < 1.1,- base64-bytestring >= 1.0 && < 1.3,- bytestring >= 0.10.8.2 && < 0.13,- containers >= 0.5.11 && < 0.8,- cryptohash-sha256 >= 0.11 && < 0.12,- directory >= 1.3.1.5 && < 1.4,- ed25519 >= 0.0 && < 0.1,- filepath >= 1.4.2 && < 1.6,- mtl >= 2.2.2 && < 2.4,- network-uri >= 2.6 && < 2.7,- network >= 2.6 && < 3.3,- parsec >= 3.1.13 && < 3.2,- pretty >= 1.0 && < 1.2,- -- 0.4.2 introduces TarIndex, 0.4.4 introduces more- -- functionality, 0.5.0 changes type of serialise- tar >= 0.5 && < 0.7,- template-haskell >= 2.13 && < 2.23,- time >= 1.8.0.2 && < 1.15,- transformers >= 0.3 && < 0.7,- zlib >= 0.5 && < 0.8,- -- whatever versions are bundled with ghc:- ghc-prim >= 0.5.2 && < 0.12-- if flag(lukko)- build-depends: lukko >= 0.1 && < 0.2- else- build-depends: base >= 4.11-- if flag(Cabal-syntax)- build-depends: Cabal-syntax >= 3.7 && < 3.14- else- build-depends: Cabal >= 2.2.0.1 && < 2.6- || >= 3.0 && < 3.7,- Cabal-syntax < 3.7-- hs-source-dirs: src- default-language: Haskell2010- default-extensions: DefaultSignatures- DeriveDataTypeable- DeriveFunctor- FlexibleContexts- FlexibleInstances- GADTs- GeneralizedNewtypeDeriving- KindSignatures- MultiParamTypeClasses- NamedFieldPuns- NoImplicitPrelude- NoMonomorphismRestriction- PatternSynonyms- RankNTypes- RecordWildCards- ScopedTypeVariables- StandaloneDeriving- TupleSections- TypeFamilies- TypeOperators- ViewPatterns- other-extensions:- AllowAmbiguousTypes- BangPatterns- CPP- DeriveLift- OverlappingInstances- PackageImports- RoleAnnotations- StaticPointers- UndecidableInstances-- ghc-options: -Wall--test-suite TestSuite- type: exitcode-stdio-1.0- main-is: TestSuite.hs- other-modules: TestSuite.HttpMem- TestSuite.InMemCache- TestSuite.InMemRepo- TestSuite.InMemRepository- TestSuite.JSON- TestSuite.PrivateKeys- TestSuite.Util.StrictMVar-- -- inherited constraints from lib:hackage-security component- build-depends: hackage-security,- base,- containers,- bytestring,- network-uri,- tar,- text,- time,- zlib-- if flag(Cabal-syntax)- build-depends: Cabal >= 3.7 && < 3.14,- Cabal-syntax >= 3.7 && < 3.14- else- build-depends: Cabal >= 2.2.0.1 && < 2.6- || >= 3.0 && < 3.7,- Cabal-syntax < 3.7-- -- dependencies exclusive to test-suite- build-depends: tasty >= 1.1.0.4 && < 1.6,- -- tasty-1.1.0.4 is the version in Stackage LTS 12.26 (GHC 8.4)- tasty-hunit == 0.10.*,- tasty-quickcheck >= 0.10 && < 1,- QuickCheck >= 2.11 && < 2.16,- aeson >= 1.4 && < 1.6 || >= 2.0 && < 2.3,- vector >= 0.12 && < 0.14,- unordered-containers >= 0.2.8.0 && < 0.3,- temporary >= 1.2 && < 1.4-- hs-source-dirs: tests- default-language: Haskell2010- default-extensions: FlexibleContexts- GADTs- KindSignatures- RankNTypes- RecordWildCards- ScopedTypeVariables- ghc-options: -Wall+cabal-version: 1.12 +name: hackage-security +version: 0.6.2.6 +x-revision: 4 + +synopsis: Hackage security library +description: The hackage security library provides both server and + client utilities for securing the Hackage package server + (<https://hackage.haskell.org/>). It is based on The Update + Framework (<https://theupdateframework.com/>), a set of + recommendations developed by security researchers at + various universities in the US as well as developers on the + Tor project (<https://www.torproject.org/>). + . + The current implementation supports only index signing, + thereby enabling untrusted mirrors. It does not yet provide + facilities for author package signing. + . + The library has two main entry points: + "Hackage.Security.Client" is the main entry point for + clients (the typical example being @cabal@), and + "Hackage.Security.Server" is the main entry point for + servers (the typical example being @hackage-server@). +license: BSD3 +license-file: LICENSE +author: Edsko de Vries +maintainer: cabal-devel@haskell.org +copyright: Copyright 2015-2022 Well-Typed LLP +category: Distribution +homepage: https://github.com/haskell/hackage-security +bug-reports: https://github.com/haskell/hackage-security/issues +build-type: Simple + +tested-with: + GHC == 9.10.1 + GHC == 9.8.2 + GHC == 9.6.5 + GHC == 9.4.8 + GHC == 9.2.8 + GHC == 9.0.2 + GHC == 8.10.7 + GHC == 8.8.4 + GHC == 8.6.5 + GHC == 8.4.4 + +extra-source-files: + ChangeLog.md + +source-repository head + type: git + location: https://github.com/haskell/hackage-security.git + +flag Cabal-syntax + description: Are we using Cabal-syntax? + manual: False + default: False + +flag lukko + description: Use @lukko@ for file-locking, otherwise use @GHC.IO.Handle.Lock@ + manual: True + default: True + +library + -- Most functionality is exported through the top-level entry points .Client + -- and .Server; the other exported modules are intended for qualified imports. + exposed-modules: Hackage.Security.Client + Hackage.Security.Client.Formats + Hackage.Security.Client.Repository + Hackage.Security.Client.Repository.Cache + Hackage.Security.Client.Repository.Local + Hackage.Security.Client.Repository.Remote + Hackage.Security.Client.Repository.HttpLib + Hackage.Security.Client.Verify + Hackage.Security.JSON + Hackage.Security.Key.Env + Hackage.Security.Server + Hackage.Security.Trusted + Hackage.Security.TUF.FileMap + Hackage.Security.Util.Checked + Hackage.Security.Util.Path + Hackage.Security.Util.Pretty + Hackage.Security.Util.Some + Text.JSON.Canonical + other-modules: Hackage.Security.Key + Hackage.Security.Trusted.TCB + Hackage.Security.TUF + Hackage.Security.TUF.Common + Hackage.Security.TUF.FileInfo + Hackage.Security.TUF.Header + Hackage.Security.TUF.Layout.Cache + Hackage.Security.TUF.Layout.Index + Hackage.Security.TUF.Layout.Repo + Hackage.Security.TUF.Mirrors + Hackage.Security.TUF.Paths + Hackage.Security.TUF.Patterns + Hackage.Security.TUF.Root + Hackage.Security.TUF.Signed + Hackage.Security.TUF.Snapshot + Hackage.Security.TUF.Targets + Hackage.Security.TUF.Timestamp + Hackage.Security.Util.Base64 + Hackage.Security.Util.Exit + Hackage.Security.Util.IO + Hackage.Security.Util.JSON + Hackage.Security.Util.Lens + Hackage.Security.Util.Stack + Hackage.Security.Util.TypedEmbedded + + build-depends: base >= 4.11 && < 4.21, + base16-bytestring >= 0.1.1 && < 1.1, + base64-bytestring >= 1.0 && < 1.3, + bytestring >= 0.10.8.2 && < 0.13, + containers >= 0.5.11 && < 0.8, + cryptohash-sha256 >= 0.11 && < 0.12, + directory >= 1.3.1.5 && < 1.4, + ed25519 >= 0.0 && < 0.1, + filepath >= 1.4.2 && < 1.6, + mtl >= 2.2.2 && < 2.4, + network-uri >= 2.6 && < 2.7, + network >= 2.6 && < 3.3, + parsec >= 3.1.13 && < 3.2, + pretty >= 1.0 && < 1.2, + -- 0.4.2 introduces TarIndex, 0.4.4 introduces more + -- functionality, 0.5.0 changes type of serialise + tar >= 0.5 && < 0.7, + template-haskell >= 2.13 && < 2.23, + time >= 1.8.0.2 && < 1.15, + transformers >= 0.3 && < 0.7, + zlib >= 0.5 && < 0.8, + -- whatever versions are bundled with ghc: + ghc-prim >= 0.5.2 && < 0.12 + + if flag(lukko) + build-depends: lukko >= 0.1 && < 0.2 + else + build-depends: base >= 4.11 + + if flag(Cabal-syntax) + build-depends: Cabal-syntax >= 3.7 && < 3.16 + else + build-depends: Cabal >= 2.2.0.1 && < 2.6 + || >= 3.0 && < 3.7, + Cabal-syntax < 3.7 + + hs-source-dirs: src + default-language: Haskell2010 + default-extensions: DefaultSignatures + DeriveDataTypeable + DeriveFunctor + FlexibleContexts + FlexibleInstances + GADTs + GeneralizedNewtypeDeriving + KindSignatures + MultiParamTypeClasses + NamedFieldPuns + NoImplicitPrelude + NoMonomorphismRestriction + PatternSynonyms + RankNTypes + RecordWildCards + ScopedTypeVariables + StandaloneDeriving + TupleSections + TypeFamilies + TypeOperators + ViewPatterns + other-extensions: + AllowAmbiguousTypes + BangPatterns + CPP + DeriveLift + OverlappingInstances + PackageImports + RoleAnnotations + StaticPointers + UndecidableInstances + + ghc-options: -Wall + +test-suite TestSuite + type: exitcode-stdio-1.0 + main-is: TestSuite.hs + other-modules: TestSuite.HttpMem + TestSuite.InMemCache + TestSuite.InMemRepo + TestSuite.InMemRepository + TestSuite.JSON + TestSuite.PrivateKeys + TestSuite.Util.StrictMVar + + -- inherited constraints from lib:hackage-security component + build-depends: hackage-security, + base, + containers, + bytestring, + network-uri, + tar, + text, + time, + zlib + + if flag(Cabal-syntax) + build-depends: Cabal >= 3.7 && < 3.16, + Cabal-syntax >= 3.7 && < 3.16 + else + build-depends: Cabal >= 2.2.0.1 && < 2.6 + || >= 3.0 && < 3.7, + Cabal-syntax < 3.7 + + -- dependencies exclusive to test-suite + build-depends: tasty >= 1.1.0.4 && < 1.6, + -- tasty-1.1.0.4 is the version in Stackage LTS 12.26 (GHC 8.4) + tasty-hunit == 0.10.*, + tasty-quickcheck >= 0.10 && < 1, + QuickCheck >= 2.11 && < 2.16, + aeson >= 1.4 && < 1.6 || >= 2.0 && < 2.3, + vector >= 0.12 && < 0.14, + unordered-containers >= 0.2.8.0 && < 0.3, + temporary >= 1.2 && < 1.4 + + hs-source-dirs: tests + default-language: Haskell2010 + default-extensions: FlexibleContexts + GADTs + KindSignatures + RankNTypes + RecordWildCards + ScopedTypeVariables + ghc-options: -Wall
revision 5
-cabal-version: 1.12 -name: hackage-security -version: 0.6.2.6 -x-revision: 4 - -synopsis: Hackage security library -description: The hackage security library provides both server and - client utilities for securing the Hackage package server - (<https://hackage.haskell.org/>). It is based on The Update - Framework (<https://theupdateframework.com/>), a set of - recommendations developed by security researchers at - various universities in the US as well as developers on the - Tor project (<https://www.torproject.org/>). - . - The current implementation supports only index signing, - thereby enabling untrusted mirrors. It does not yet provide - facilities for author package signing. - . - The library has two main entry points: - "Hackage.Security.Client" is the main entry point for - clients (the typical example being @cabal@), and - "Hackage.Security.Server" is the main entry point for - servers (the typical example being @hackage-server@). -license: BSD3 -license-file: LICENSE -author: Edsko de Vries -maintainer: cabal-devel@haskell.org -copyright: Copyright 2015-2022 Well-Typed LLP -category: Distribution -homepage: https://github.com/haskell/hackage-security -bug-reports: https://github.com/haskell/hackage-security/issues -build-type: Simple - -tested-with: - GHC == 9.10.1 - GHC == 9.8.2 - GHC == 9.6.5 - GHC == 9.4.8 - GHC == 9.2.8 - GHC == 9.0.2 - GHC == 8.10.7 - GHC == 8.8.4 - GHC == 8.6.5 - GHC == 8.4.4 - -extra-source-files: - ChangeLog.md - -source-repository head - type: git - location: https://github.com/haskell/hackage-security.git - -flag Cabal-syntax - description: Are we using Cabal-syntax? - manual: False - default: False - -flag lukko - description: Use @lukko@ for file-locking, otherwise use @GHC.IO.Handle.Lock@ - manual: True - default: True - -library - -- Most functionality is exported through the top-level entry points .Client - -- and .Server; the other exported modules are intended for qualified imports. - exposed-modules: Hackage.Security.Client - Hackage.Security.Client.Formats - Hackage.Security.Client.Repository - Hackage.Security.Client.Repository.Cache - Hackage.Security.Client.Repository.Local - Hackage.Security.Client.Repository.Remote - Hackage.Security.Client.Repository.HttpLib - Hackage.Security.Client.Verify - Hackage.Security.JSON - Hackage.Security.Key.Env - Hackage.Security.Server - Hackage.Security.Trusted - Hackage.Security.TUF.FileMap - Hackage.Security.Util.Checked - Hackage.Security.Util.Path - Hackage.Security.Util.Pretty - Hackage.Security.Util.Some - Text.JSON.Canonical - other-modules: Hackage.Security.Key - Hackage.Security.Trusted.TCB - Hackage.Security.TUF - Hackage.Security.TUF.Common - Hackage.Security.TUF.FileInfo - Hackage.Security.TUF.Header - Hackage.Security.TUF.Layout.Cache - Hackage.Security.TUF.Layout.Index - Hackage.Security.TUF.Layout.Repo - Hackage.Security.TUF.Mirrors - Hackage.Security.TUF.Paths - Hackage.Security.TUF.Patterns - Hackage.Security.TUF.Root - Hackage.Security.TUF.Signed - Hackage.Security.TUF.Snapshot - Hackage.Security.TUF.Targets - Hackage.Security.TUF.Timestamp - Hackage.Security.Util.Base64 - Hackage.Security.Util.Exit - Hackage.Security.Util.IO - Hackage.Security.Util.JSON - Hackage.Security.Util.Lens - Hackage.Security.Util.Stack - Hackage.Security.Util.TypedEmbedded - - build-depends: base >= 4.11 && < 4.21, - base16-bytestring >= 0.1.1 && < 1.1, - base64-bytestring >= 1.0 && < 1.3, - bytestring >= 0.10.8.2 && < 0.13, - containers >= 0.5.11 && < 0.8, - cryptohash-sha256 >= 0.11 && < 0.12, - directory >= 1.3.1.5 && < 1.4, - ed25519 >= 0.0 && < 0.1, - filepath >= 1.4.2 && < 1.6, - mtl >= 2.2.2 && < 2.4, - network-uri >= 2.6 && < 2.7, - network >= 2.6 && < 3.3, - parsec >= 3.1.13 && < 3.2, - pretty >= 1.0 && < 1.2, - -- 0.4.2 introduces TarIndex, 0.4.4 introduces more - -- functionality, 0.5.0 changes type of serialise - tar >= 0.5 && < 0.7, - template-haskell >= 2.13 && < 2.23, - time >= 1.8.0.2 && < 1.15, - transformers >= 0.3 && < 0.7, - zlib >= 0.5 && < 0.8, - -- whatever versions are bundled with ghc: - ghc-prim >= 0.5.2 && < 0.12 - - if flag(lukko) - build-depends: lukko >= 0.1 && < 0.2 - else - build-depends: base >= 4.11 - - if flag(Cabal-syntax) - build-depends: Cabal-syntax >= 3.7 && < 3.16 - else - build-depends: Cabal >= 2.2.0.1 && < 2.6 - || >= 3.0 && < 3.7, - Cabal-syntax < 3.7 - - hs-source-dirs: src - default-language: Haskell2010 - default-extensions: DefaultSignatures - DeriveDataTypeable - DeriveFunctor - FlexibleContexts - FlexibleInstances - GADTs - GeneralizedNewtypeDeriving - KindSignatures - MultiParamTypeClasses - NamedFieldPuns - NoImplicitPrelude - NoMonomorphismRestriction - PatternSynonyms - RankNTypes - RecordWildCards - ScopedTypeVariables - StandaloneDeriving - TupleSections - TypeFamilies - TypeOperators - ViewPatterns - other-extensions: - AllowAmbiguousTypes - BangPatterns - CPP - DeriveLift - OverlappingInstances - PackageImports - RoleAnnotations - StaticPointers - UndecidableInstances - - ghc-options: -Wall - -test-suite TestSuite - type: exitcode-stdio-1.0 - main-is: TestSuite.hs - other-modules: TestSuite.HttpMem - TestSuite.InMemCache - TestSuite.InMemRepo - TestSuite.InMemRepository - TestSuite.JSON - TestSuite.PrivateKeys - TestSuite.Util.StrictMVar - - -- inherited constraints from lib:hackage-security component - build-depends: hackage-security, - base, - containers, - bytestring, - network-uri, - tar, - text, - time, - zlib - - if flag(Cabal-syntax) - build-depends: Cabal >= 3.7 && < 3.16, - Cabal-syntax >= 3.7 && < 3.16 - else - build-depends: Cabal >= 2.2.0.1 && < 2.6 - || >= 3.0 && < 3.7, - Cabal-syntax < 3.7 - - -- dependencies exclusive to test-suite - build-depends: tasty >= 1.1.0.4 && < 1.6, - -- tasty-1.1.0.4 is the version in Stackage LTS 12.26 (GHC 8.4) - tasty-hunit == 0.10.*, - tasty-quickcheck >= 0.10 && < 1, - QuickCheck >= 2.11 && < 2.16, - aeson >= 1.4 && < 1.6 || >= 2.0 && < 2.3, - vector >= 0.12 && < 0.14, - unordered-containers >= 0.2.8.0 && < 0.3, - temporary >= 1.2 && < 1.4 - - hs-source-dirs: tests - default-language: Haskell2010 - default-extensions: FlexibleContexts - GADTs - KindSignatures - RankNTypes - RecordWildCards - ScopedTypeVariables - ghc-options: -Wall +cabal-version: 1.12+name: hackage-security+version: 0.6.2.6+x-revision: 5++synopsis: Hackage security library+description: The hackage security library provides both server and+ client utilities for securing the Hackage package server+ (<https://hackage.haskell.org/>). It is based on The Update+ Framework (<https://theupdateframework.com/>), a set of+ recommendations developed by security researchers at+ various universities in the US as well as developers on the+ Tor project (<https://www.torproject.org/>).+ .+ The current implementation supports only index signing,+ thereby enabling untrusted mirrors. It does not yet provide+ facilities for author package signing.+ .+ The library has two main entry points:+ "Hackage.Security.Client" is the main entry point for+ clients (the typical example being @cabal@), and+ "Hackage.Security.Server" is the main entry point for+ servers (the typical example being @hackage-server@).+license: BSD3+license-file: LICENSE+author: Edsko de Vries+maintainer: cabal-devel@haskell.org+copyright: Copyright 2015-2022 Well-Typed LLP+category: Distribution+homepage: https://github.com/haskell/hackage-security+bug-reports: https://github.com/haskell/hackage-security/issues+build-type: Simple++tested-with:+ GHC == 9.12.1+ GHC == 9.10.1+ GHC == 9.8.2+ GHC == 9.6.6+ GHC == 9.4.8+ GHC == 9.2.8+ GHC == 9.0.2+ GHC == 8.10.7+ GHC == 8.8.4+ GHC == 8.6.5+ GHC == 8.4.4++extra-source-files:+ ChangeLog.md++source-repository head+ type: git+ location: https://github.com/haskell/hackage-security.git++flag Cabal-syntax+ description: Are we using Cabal-syntax?+ manual: False+ default: False++flag lukko+ description: Use @lukko@ for file-locking, otherwise use @GHC.IO.Handle.Lock@+ manual: True+ default: True++library+ -- Most functionality is exported through the top-level entry points .Client+ -- and .Server; the other exported modules are intended for qualified imports.+ exposed-modules: Hackage.Security.Client+ Hackage.Security.Client.Formats+ Hackage.Security.Client.Repository+ Hackage.Security.Client.Repository.Cache+ Hackage.Security.Client.Repository.Local+ Hackage.Security.Client.Repository.Remote+ Hackage.Security.Client.Repository.HttpLib+ Hackage.Security.Client.Verify+ Hackage.Security.JSON+ Hackage.Security.Key.Env+ Hackage.Security.Server+ Hackage.Security.Trusted+ Hackage.Security.TUF.FileMap+ Hackage.Security.Util.Checked+ Hackage.Security.Util.Path+ Hackage.Security.Util.Pretty+ Hackage.Security.Util.Some+ Text.JSON.Canonical+ other-modules: Hackage.Security.Key+ Hackage.Security.Trusted.TCB+ Hackage.Security.TUF+ Hackage.Security.TUF.Common+ Hackage.Security.TUF.FileInfo+ Hackage.Security.TUF.Header+ Hackage.Security.TUF.Layout.Cache+ Hackage.Security.TUF.Layout.Index+ Hackage.Security.TUF.Layout.Repo+ Hackage.Security.TUF.Mirrors+ Hackage.Security.TUF.Paths+ Hackage.Security.TUF.Patterns+ Hackage.Security.TUF.Root+ Hackage.Security.TUF.Signed+ Hackage.Security.TUF.Snapshot+ Hackage.Security.TUF.Targets+ Hackage.Security.TUF.Timestamp+ Hackage.Security.Util.Base64+ Hackage.Security.Util.Exit+ Hackage.Security.Util.IO+ Hackage.Security.Util.JSON+ Hackage.Security.Util.Lens+ Hackage.Security.Util.Stack+ Hackage.Security.Util.TypedEmbedded++ build-depends: base >= 4.11 && < 4.22,+ base16-bytestring >= 0.1.1 && < 1.1,+ base64-bytestring >= 1.0 && < 1.3,+ bytestring >= 0.10.8.2 && < 0.13,+ containers >= 0.5.11 && < 0.8,+ cryptohash-sha256 >= 0.11 && < 0.12,+ directory >= 1.3.1.5 && < 1.4,+ ed25519 >= 0.0 && < 0.1,+ filepath >= 1.4.2 && < 1.6,+ mtl >= 2.2.2 && < 2.4,+ network-uri >= 2.6 && < 2.7,+ network >= 2.6 && < 3.3,+ parsec >= 3.1.13 && < 3.2,+ pretty >= 1.0 && < 1.2,+ -- 0.4.2 introduces TarIndex, 0.4.4 introduces more+ -- functionality, 0.5.0 changes type of serialise+ tar >= 0.5 && < 0.7,+ template-haskell >= 2.13 && < 2.24,+ time >= 1.8.0.2 && < 1.15,+ transformers >= 0.3 && < 0.7,+ zlib >= 0.5 && < 0.8,+ -- whatever versions are bundled with ghc:+ ghc-prim >= 0.5.2 && < 0.14++ if flag(lukko)+ build-depends: lukko >= 0.1 && < 0.2+ else+ build-depends: base >= 4.11++ if flag(Cabal-syntax)+ build-depends: Cabal-syntax >= 3.7 && < 3.16+ else+ build-depends: Cabal >= 2.2.0.1 && < 2.6+ || >= 3.0 && < 3.7,+ Cabal-syntax < 3.7++ hs-source-dirs: src+ default-language: Haskell2010+ default-extensions: DefaultSignatures+ DeriveDataTypeable+ DeriveFunctor+ FlexibleContexts+ FlexibleInstances+ GADTs+ GeneralizedNewtypeDeriving+ KindSignatures+ MultiParamTypeClasses+ NamedFieldPuns+ NoImplicitPrelude+ NoMonomorphismRestriction+ PatternSynonyms+ RankNTypes+ RecordWildCards+ ScopedTypeVariables+ StandaloneDeriving+ TupleSections+ TypeFamilies+ TypeOperators+ ViewPatterns+ other-extensions:+ AllowAmbiguousTypes+ BangPatterns+ CPP+ DeriveLift+ OverlappingInstances+ PackageImports+ RoleAnnotations+ StaticPointers+ UndecidableInstances++ ghc-options: -Wall++test-suite TestSuite+ type: exitcode-stdio-1.0+ main-is: TestSuite.hs+ other-modules: TestSuite.HttpMem+ TestSuite.InMemCache+ TestSuite.InMemRepo+ TestSuite.InMemRepository+ TestSuite.JSON+ TestSuite.PrivateKeys+ TestSuite.Util.StrictMVar++ -- inherited constraints from lib:hackage-security component+ build-depends: hackage-security,+ base,+ containers,+ bytestring,+ network-uri,+ tar,+ text,+ time,+ zlib++ if flag(Cabal-syntax)+ build-depends: Cabal >= 3.7 && < 3.16,+ Cabal-syntax >= 3.7 && < 3.16+ else+ build-depends: Cabal >= 2.2.0.1 && < 2.6+ || >= 3.0 && < 3.7,+ Cabal-syntax < 3.7++ -- dependencies exclusive to test-suite+ build-depends: tasty >= 1.1.0.4 && < 1.6,+ -- tasty-1.1.0.4 is the version in Stackage LTS 12.26 (GHC 8.4)+ tasty-hunit == 0.10.*,+ tasty-quickcheck >= 0.10 && < 1,+ QuickCheck >= 2.11 && < 2.16,+ aeson >= 1.4 && < 1.6 || >= 2.0 && < 2.3,+ vector >= 0.12 && < 0.14,+ unordered-containers >= 0.2.8.0 && < 0.3,+ temporary >= 1.2 && < 1.4++ hs-source-dirs: tests+ default-language: Haskell2010+ default-extensions: FlexibleContexts+ GADTs+ KindSignatures+ RankNTypes+ RecordWildCards+ ScopedTypeVariables+ ghc-options: -Wall