redesigned-carnival: Package for dependency confusion

[ acme, library ] [ Propose Tags ] [ Report a vulnerability ]

Dependency confusion is a software supply chain attack described at https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610. This package was created to investigate whether Cabal is vulnerable to this kind of attack, and possible mitigations.

Downloads

Maintainer's Corner

Package maintainers

For package maintainers and hackage trustees

Candidates

  • No Candidates
Versions [RSS] 0.3.0.0, 0.4.0.0, 0.4.0.1, 1.0.0.0
Change log CHANGELOG.md
Dependencies base (>=4 && <5) [details]
License LicenseRef-PublicDomain
Author Fraser Tweedale
Maintainer frase@frase.id.au
Category ACME
Uploaded by frasertweedale at 2021-02-11T07:16:11Z
Distributions NixOS:1.0.0.0
Downloads 494 total (21 in the last 30 days)
Rating (no votes yet) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Docs available [build log]
Last success reported on 2021-02-11 [all 1 reports]