The hackage security library provides both server and client utilities for securing the Hackage package server (<http://hackage.haskell.org/>). It is based on The Update Framework (<http://theupdateframework.com/>), a set of recommendations developed by security researchers at various universities in the US as well as developers on the Tor project (<https://www.torproject.org/>).
The current implementation supports only index signing, thereby enabling untrusted mirrors. It does not yet provide facilities for author package signing.
The library has two main entry points: "Hackage.Security.Client" is the main entry point for clients (the typical example being 'cabal'), and "Hackage.Security.Server" is the main entry point for servers (the typical example being 'hackage-server').
| Package Version | Update ID | Released | Package Hub Version | Platforms | Subpackages |
|---|---|---|---|---|---|
| 0.6.2.0-bp155.2.15 info | GA Release | 2023-05-22 | 15 SP5 |
|
|
| 0.6.2.0-bp154.1.12 info | GA Release | 2022-05-09 | 15 SP4 |
|
|
| 0.6.0.1-bp153.1.20 info | GA Release | 2021-04-08 | 15 SP3 |
|
|
| 0.6.0.1-bp152.1.2 info | GA Release | 2020-06-16 | 15 SP2 |
|
|
| 0.5.3.0-bp151.2.2 info | GA Release | 2019-07-17 | 15 SP1 |
|
|
| 0.5.3.0-bp151.1.10 info | GA Release | 2019-05-31 | 15 SP1 |
|
|
| 0.5.2.2-bp150.2.4 info | GA Release | 2018-08-01 | 15 |
|
|
| 0.5.2.2-bp150.2.6 info | GA Release | 2018-07-31 | 15 |
|
|
| 0.5.2.2-bp150.2.5 info | GA Release | 2018-07-30 | 15 |
|
|