redesigned-carnival: Package for dependency confusion
Dependency confusion is a software supply chain attack described at https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610. This package was created to investigate whether Cabal is vulnerable to this kind of attack, and possible mitigations.
Downloads
- redesigned-carnival-1.0.0.0.tar.gz [browse] (Cabal source package)
- Package description (as included in the package)
Maintainer's Corner
For package maintainers and hackage trustees
Candidates
- No Candidates
Versions [RSS] | 0.3.0.0, 0.4.0.0, 0.4.0.1, 1.0.0.0 |
---|---|
Change log | CHANGELOG.md |
Dependencies | base (>=4 && <5) [details] |
License | LicenseRef-PublicDomain |
Author | Fraser Tweedale |
Maintainer | frase@frase.id.au |
Category | ACME |
Uploaded | by frasertweedale at 2021-02-11T07:16:11Z |
Distributions | NixOS:1.0.0.0 |
Downloads | 494 total (21 in the last 30 days) |
Rating | (no votes yet) [estimated by Bayesian average] |
Your Rating | |
Status | Docs available [build log] Last success reported on 2021-02-11 [all 1 reports] |