redesigned-carnival: Package for dependency confusion
This is a package candidate release! Here you can preview how this package release will appear once published to the main package index (which can be accomplished via the 'maintain' link below). Please note that once a package has been published to the main package index it cannot be undone! Please consult the package uploading documentation for more information.
Dependency confusion is a software supply chain attack described at https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610. This package was created to investigate whether Cabal is vulnerable to this kind of attack, and possible mitigations.
Properties
| Versions | 0.3.0.0, 0.4.0.0, 0.4.0.1, 0.4.0.2, 0.4.0.2, 1.0.0.0 |
|---|---|
| Change log | CHANGELOG.md |
| Dependencies | base (>=4 && <5) [details] |
| License | LicenseRef-PublicDomain |
| Author | Fraser Tweedale |
| Maintainer | frase@frase.id.au |
| Category | ACME |
| Uploaded | by frasertweedale at 2025-04-14T13:33:26Z |
Modules
[Index] [Quick Jump]
Downloads
- redesigned-carnival-0.4.0.2.tar.gz [browse] (Cabal source package)
- Package description (as included in the package)
Maintainer's Corner
Package maintainers
For package maintainers and hackage trustees