cabal-version: 1.12 name: hackage-security version: 0.6.2.6 x-revision: 2 synopsis: Hackage security library description: The hackage security library provides both server and client utilities for securing the Hackage package server (). It is based on The Update Framework (), a set of recommendations developed by security researchers at various universities in the US as well as developers on the Tor project (). . The current implementation supports only index signing, thereby enabling untrusted mirrors. It does not yet provide facilities for author package signing. . The library has two main entry points: "Hackage.Security.Client" is the main entry point for clients (the typical example being @cabal@), and "Hackage.Security.Server" is the main entry point for servers (the typical example being @hackage-server@). license: BSD3 license-file: LICENSE author: Edsko de Vries maintainer: cabal-devel@haskell.org copyright: Copyright 2015-2022 Well-Typed LLP category: Distribution homepage: https://github.com/haskell/hackage-security bug-reports: https://github.com/haskell/hackage-security/issues build-type: Simple tested-with: GHC == 9.10.0 GHC == 9.8.2 GHC == 9.6.4 GHC == 9.4.8 GHC == 9.2.8 GHC == 9.0.2 GHC == 8.10.7 GHC == 8.8.4 GHC == 8.6.5 GHC == 8.4.4 extra-source-files: ChangeLog.md source-repository head type: git location: https://github.com/haskell/hackage-security.git flag Cabal-syntax description: Are we using Cabal-syntax? manual: False default: False flag lukko description: Use @lukko@ for file-locking, otherwise use @GHC.IO.Handle.Lock@ manual: True default: True library -- Most functionality is exported through the top-level entry points .Client -- and .Server; the other exported modules are intended for qualified imports. exposed-modules: Hackage.Security.Client Hackage.Security.Client.Formats Hackage.Security.Client.Repository Hackage.Security.Client.Repository.Cache Hackage.Security.Client.Repository.Local Hackage.Security.Client.Repository.Remote Hackage.Security.Client.Repository.HttpLib Hackage.Security.Client.Verify Hackage.Security.JSON Hackage.Security.Key.Env Hackage.Security.Server Hackage.Security.Trusted Hackage.Security.TUF.FileMap Hackage.Security.Util.Checked Hackage.Security.Util.Path Hackage.Security.Util.Pretty Hackage.Security.Util.Some Text.JSON.Canonical other-modules: Hackage.Security.Key Hackage.Security.Trusted.TCB Hackage.Security.TUF Hackage.Security.TUF.Common Hackage.Security.TUF.FileInfo Hackage.Security.TUF.Header Hackage.Security.TUF.Layout.Cache Hackage.Security.TUF.Layout.Index Hackage.Security.TUF.Layout.Repo Hackage.Security.TUF.Mirrors Hackage.Security.TUF.Paths Hackage.Security.TUF.Patterns Hackage.Security.TUF.Root Hackage.Security.TUF.Signed Hackage.Security.TUF.Snapshot Hackage.Security.TUF.Targets Hackage.Security.TUF.Timestamp Hackage.Security.Util.Base64 Hackage.Security.Util.Exit Hackage.Security.Util.IO Hackage.Security.Util.JSON Hackage.Security.Util.Lens Hackage.Security.Util.Stack Hackage.Security.Util.TypedEmbedded build-depends: base >= 4.11 && < 4.21, base16-bytestring >= 0.1.1 && < 1.1, base64-bytestring >= 1.0 && < 1.3, bytestring >= 0.10.8.2 && < 0.13, containers >= 0.5.11 && < 0.8, cryptohash-sha256 >= 0.11 && < 0.12, directory >= 1.3.1.5 && < 1.4, ed25519 >= 0.0 && < 0.1, filepath >= 1.4.2 && < 1.6, mtl >= 2.2.2 && < 2.4, network-uri >= 2.6 && < 2.7, network >= 2.6 && < 3.3, parsec >= 3.1.13 && < 3.2, pretty >= 1.0 && < 1.2, -- 0.4.2 introduces TarIndex, 0.4.4 introduces more -- functionality, 0.5.0 changes type of serialise tar >= 0.5 && < 0.7, template-haskell >= 2.13 && < 2.23, time >= 1.8.0.2 && < 1.15, transformers >= 0.3 && < 0.7, zlib >= 0.5 && < 0.8, -- whatever versions are bundled with ghc: ghc-prim >= 0.5.2 && < 0.12 if flag(lukko) build-depends: lukko >= 0.1 && < 0.2 else build-depends: base >= 4.11 if flag(Cabal-syntax) build-depends: Cabal-syntax >= 3.7 && < 3.14 else build-depends: Cabal >= 2.2.0.1 && < 2.6 || >= 3.0 && < 3.7, Cabal-syntax < 3.7 hs-source-dirs: src default-language: Haskell2010 default-extensions: DefaultSignatures DeriveDataTypeable DeriveFunctor FlexibleContexts FlexibleInstances GADTs GeneralizedNewtypeDeriving KindSignatures MultiParamTypeClasses NamedFieldPuns NoImplicitPrelude NoMonomorphismRestriction PatternSynonyms RankNTypes RecordWildCards ScopedTypeVariables StandaloneDeriving TupleSections TypeFamilies TypeOperators ViewPatterns other-extensions: AllowAmbiguousTypes BangPatterns CPP DeriveLift OverlappingInstances PackageImports RoleAnnotations StaticPointers UndecidableInstances ghc-options: -Wall test-suite TestSuite type: exitcode-stdio-1.0 main-is: TestSuite.hs other-modules: TestSuite.HttpMem TestSuite.InMemCache TestSuite.InMemRepo TestSuite.InMemRepository TestSuite.JSON TestSuite.PrivateKeys TestSuite.Util.StrictMVar -- inherited constraints from lib:hackage-security component build-depends: hackage-security, base, containers, bytestring, network-uri, tar, text, time, zlib if flag(Cabal-syntax) build-depends: Cabal >= 3.7 && < 3.14, Cabal-syntax >= 3.7 && < 3.14 else build-depends: Cabal >= 2.2.0.1 && < 2.6 || >= 3.0 && < 3.7, Cabal-syntax < 3.7 -- dependencies exclusive to test-suite build-depends: tasty >= 1.1.0.4 && < 1.6, -- tasty-1.1.0.4 is the version in Stackage LTS 12.26 (GHC 8.4) tasty-hunit == 0.10.*, tasty-quickcheck == 0.10.*, QuickCheck >= 2.11 && <2.15, aeson >= 1.4 && < 1.6 || >= 2.0 && < 2.3, vector >= 0.12 && <0.14, unordered-containers >=0.2.8.0 && <0.3, temporary >= 1.2 && < 1.4 hs-source-dirs: tests default-language: Haskell2010 default-extensions: FlexibleContexts GADTs KindSignatures RankNTypes RecordWildCards ScopedTypeVariables ghc-options: -Wall