File: hackage-security.cabal

package info (click to toggle)
haskell-hackage-security 0.6.0.1-2
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bullseye, sid
  • size: 508 kB
  • sloc: haskell: 5,919; makefile: 6
file content (278 lines) | stat: -rw-r--r-- 11,987 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
cabal-version:       1.12
name:                hackage-security
version:             0.6.0.1

synopsis:            Hackage security library
description:         The hackage security library provides both server and
                     client utilities for securing the Hackage package server
                     (<http://hackage.haskell.org/>).  It is based on The Update
                     Framework (<http://theupdateframework.com/>), a set of
                     recommendations developed by security researchers at
                     various universities in the US as well as developers on the
                     Tor project (<https://www.torproject.org/>).
                     .
                     The current implementation supports only index signing,
                     thereby enabling untrusted mirrors. It does not yet provide
                     facilities for author package signing.
                     .
                     The library has two main entry points:
                     "Hackage.Security.Client" is the main entry point for
                     clients (the typical example being @cabal@), and
                     "Hackage.Security.Server" is the main entry point for
                     servers (the typical example being @hackage-server@).
license:             BSD3
license-file:        LICENSE
author:              Edsko de Vries
maintainer:          cabal-devel@haskell.org
copyright:           Copyright 2015-2016 Well-Typed LLP
category:            Distribution
homepage:            https://github.com/haskell/hackage-security
bug-reports:         https://github.com/haskell/hackage-security/issues
build-type:          Simple
tested-with:         GHC==8.10.1, GHC==8.8.3, GHC==8.6.5, GHC==8.4.4, GHC==8.2.2, GHC==8.0.2,
                     GHC==7.10.3, GHC==7.8.4, GHC==7.6.3, GHC==7.4.2


extra-source-files:
  ChangeLog.md

source-repository head
  type: git
  location: https://github.com/haskell/hackage-security.git

flag base48
  description: Are we using @base@ 4.8 or later?
  manual: False

flag use-network-uri
  description: Are we using @network-uri@?
  manual: False

flag old-directory
  description: Use @directory@ < 1.2 and @old-time@
  manual:      False
  default:     False

flag mtl21
  description: Use @mtl@ < 2.2 and @mtl-compat@
  manual:      False
  default:     False

flag lukko
  description: Use @lukko@ for file-locking, otherwise use @GHC.IO.Handle.Lock@
  manual:      True
  default:     True

library
  -- Most functionality is exported through the top-level entry points .Client
  -- and .Server; the other exported modules are intended for qualified imports.
  exposed-modules:     Hackage.Security.Client
                       Hackage.Security.Client.Formats
                       Hackage.Security.Client.Repository
                       Hackage.Security.Client.Repository.Cache
                       Hackage.Security.Client.Repository.Local
                       Hackage.Security.Client.Repository.Remote
                       Hackage.Security.Client.Repository.HttpLib
                       Hackage.Security.Client.Verify
                       Hackage.Security.JSON
                       Hackage.Security.Key.Env
                       Hackage.Security.Server
                       Hackage.Security.Trusted
                       Hackage.Security.TUF.FileMap
                       Hackage.Security.Util.Checked
                       Hackage.Security.Util.Path
                       Hackage.Security.Util.Pretty
                       Hackage.Security.Util.Some
                       Text.JSON.Canonical
  other-modules:       Hackage.Security.Key
                       Hackage.Security.Trusted.TCB
                       Hackage.Security.TUF
                       Hackage.Security.TUF.Common
                       Hackage.Security.TUF.FileInfo
                       Hackage.Security.TUF.Header
                       Hackage.Security.TUF.Layout.Cache
                       Hackage.Security.TUF.Layout.Index
                       Hackage.Security.TUF.Layout.Repo
                       Hackage.Security.TUF.Mirrors
                       Hackage.Security.TUF.Paths
                       Hackage.Security.TUF.Patterns
                       Hackage.Security.TUF.Root
                       Hackage.Security.TUF.Signed
                       Hackage.Security.TUF.Snapshot
                       Hackage.Security.TUF.Targets
                       Hackage.Security.TUF.Timestamp
                       Hackage.Security.Util.Base64
                       Hackage.Security.Util.Exit
                       Hackage.Security.Util.IO
                       Hackage.Security.Util.JSON
                       Hackage.Security.Util.Lens
                       Hackage.Security.Util.Stack
                       Hackage.Security.Util.TypedEmbedded
                       Prelude
  -- We support ghc 7.4 (bundled with Cabal 1.14) and up
  build-depends:       base              >= 4.5     && < 4.15,
                       base16-bytestring >= 0.1.1   && < 0.2,
                       base64-bytestring >= 1.0     && < 1.1,
                       bytestring        >= 0.9     && < 0.11,
                       Cabal             >= 1.14    && < 1.26
                                      || >= 2.0     && < 2.6
                                      || >= 3.0     && < 3.4,
                       containers        >= 0.4     && < 0.7,
                       ed25519           >= 0.0     && < 0.1,
                       filepath          >= 1.2     && < 1.5,
                       parsec            >= 3.1     && < 3.2,
                       pretty            >= 1.0     && < 1.2,
                       cryptohash-sha256 >= 0.11    && < 0.12,
                       -- 0.4.2 introduces TarIndex, 0.4.4 introduces more
                       -- functionality, 0.5.0 changes type of serialise
                       tar               >= 0.5     && < 0.6,
                       template-haskell  >= 2.7     && < 2.17,
                       time              >= 1.2     && < 1.10,
                       transformers      >= 0.3     && < 0.6,
                       zlib              >= 0.5     && < 0.7,
                       -- whatever versions are bundled with ghc:
                       ghc-prim
  if flag(old-directory)
    build-depends:     directory  >= 1.1.0.2 && < 1.2,
                       old-time   >= 1 &&       < 1.2
  else
    build-depends:     directory  >= 1.2 && < 1.4

  if flag(mtl21)
    build-depends:     mtl        >= 2.1     && < 2.2,
                       mtl-compat >= 0.2     && < 0.3
  else
    build-depends:     mtl        >= 2.2     && < 2.3

  if flag(lukko)
    build-depends:     lukko      >= 0.1     && < 0.2
  else
    build-depends:     base       >= 4.10

  hs-source-dirs:      src
  default-language:    Haskell2010
  default-extensions:  DefaultSignatures
                       DeriveDataTypeable
                       DeriveFunctor
                       FlexibleContexts
                       FlexibleInstances
                       GADTs
                       GeneralizedNewtypeDeriving
                       KindSignatures
                       MultiParamTypeClasses
                       NamedFieldPuns
                       NoMonomorphismRestriction
                       RankNTypes
                       RecordWildCards
                       ScopedTypeVariables
                       StandaloneDeriving
                       TupleSections
                       TypeFamilies
                       TypeOperators
                       ViewPatterns
  other-extensions:    BangPatterns
                       CPP
                       OverlappingInstances
                       PackageImports
                       UndecidableInstances

  -- use the new stage1/cross-compile-friendly DeriveLift extension for GHC 8.0+
  if impl(ghc >= 8.0)
    other-extensions: DeriveLift
  else
    other-extensions: TemplateHaskell

  ghc-options:         -Wall

  if flag(base48)
    build-depends: base >= 4.8
  else
    build-depends: base < 4.8, old-locale == 1.0.*

  -- The URI type got split out off the network package after version 2.5, and
  -- moved to a separate network-uri package. Since we don't need the rest of
  -- network here, it would suffice to rely only on network-uri:
  --
  -- > if flag(use-network-uri)
  -- >   build-depends: network-uri >= 2.6 && < 2.7
  -- > else
  -- >   build-depends: network     >= 2.5 && < 2.6
  --
  -- However, if we did the same in hackage-security-HTTP, Cabal would consider
  -- those two flag choices (hackage-security:use-network-uri and
  -- hackage-security-HTTP:use-network-uri) to be completely independent; but
  -- they aren't: if it links hackage-security against network-uri and
  -- hackage-security-HTTP against network, we will get type errors when
  -- hackage-security-HTTP tries to pass a URI to hackage-security.
  --
  -- It might seem we can solve this problem by re-exporting the URI type in
  -- hackage-security and avoid the dependency in hackage-security-HTTP
  -- altogether. However, this merely shifts the problem: hackage-security-HTTP
  -- relies on the HTTP library which--surprise!--makes the same choice between
  -- depending on network or network-uri. Cabal will not notice that we cannot
  -- build hackage-security and hackage-security-HTTP against network-uri but
  -- HTTP against network.
  --
  -- We solve the problem by explicitly relying on network-2.6 when choosing
  -- network-uri. This dependency is redundant, strictly speaking. However, it
  -- serves as a proxy for forcing flag choices: since all packages in a
  -- solution must be linked against the same version of network, having one
  -- version of network in one branch of the conditional and another version of
  -- network in the other branch forces the choice to be consistent throughout.
  -- (Note that the HTTP library does the same thing, though in this case the
  -- dependency in network is not redundant.)
  if flag(use-network-uri)
    build-depends: network-uri >= 2.6 && < 2.7,
                   network     >= 2.6 && < 2.9
                            || >= 3.0 && < 3.2
  else
    build-depends: network     >= 2.5 && < 2.6

  if impl(ghc >= 7.8)
     other-extensions: RoleAnnotations

  if impl(ghc >= 7.10)
     other-extensions: AllowAmbiguousTypes
                       StaticPointers

test-suite TestSuite
  type:                exitcode-stdio-1.0
  main-is:             TestSuite.hs
  other-modules:       TestSuite.HttpMem
                       TestSuite.InMemCache
                       TestSuite.InMemRepo
                       TestSuite.InMemRepository
                       TestSuite.JSON
                       TestSuite.PrivateKeys
                       TestSuite.Util.StrictMVar

  -- inherited constraints from lib:hackage-security component
  build-depends:       hackage-security,
                       base,
                       Cabal,
                       containers,
                       bytestring,
                       network-uri,
                       tar,
                       time,
                       zlib

  -- dependencies exclusive to test-suite
  build-depends:       tasty            == 1.2.*,
                       tasty-hunit      == 0.10.*,
                       tasty-quickcheck == 0.10.*,
                       QuickCheck       >= 2.11 && <2.14,
                       aeson            == 1.4.*,
                       vector           == 0.12.*,
                       unordered-containers >=0.2.8.0 && <0.3,
                       temporary        >= 1.2 && < 1.4

  hs-source-dirs:      tests
  default-language:    Haskell2010
  default-extensions:  FlexibleContexts
                       GADTs
                       KindSignatures
                       RankNTypes
                       RecordWildCards
                       ScopedTypeVariables
  ghc-options:         -Wall