Skip to content

Write blog posts about having security in the official release of cabal #147

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
edsko opened this issue Jan 7, 2016 · 2 comments
Closed

Write blog posts about having security in the official release of cabal #147

edsko opened this issue Jan 7, 2016 · 2 comments
Labels
cabal-install
Milestone
Support in releas...

Comments

@edsko
Copy link
Contributor

edsko commented Jan 7, 2016

... and mention that enabling security is also a way of enabling mirroring.

(If the nix stuff makes it in before the next release, that obviously deserves a blog post as well.)
@hvr
Copy link
Member

hvr commented Apr 17, 2016

(If the nix stuff makes it in before the next release, that obviously deserves a blog post as well.)

See haskell/cabal#3316 for that :-)

@hvr
Copy link
Member

hvr commented Dec 12, 2017
edited
Loading

I think this one is the closest we got to address this issue:

https://www.well-typed.com/blog/2016/09/hackage-reliability-via-mirroring/

For the record,

  • cabal 1.24 shipped with optional/experimental opt-in support, while
  • cabal 2.0 was the first release to fully embrace hackage-security by default

@hvr hvr closed this as completed Dec 12, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
cabal-install
Projects
None yet
Milestone
Support in released cabal-install
Development

No branches or pull requests
2 participants
@hvr @edsko