blob: 9f0ec91b240020578bd63147798b07db51ea7750 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="project">
<email>haskell@gentoo.org</email>
<name>Gentoo Haskell</name>
</maintainer>
<use>
<flag name="network-uri">Get Network.URI from the network-uri package.</flag>
<flag name="lukko">Use @lukko@ for file-locking, otherwise use @GHC.IO.Handle.Lock@</flag>
</use>
<longdescription>
The hackage security library provides both server and
client utilities for securing the Hackage package server
(<http://hackage.haskell.org/>). It is based on The Update
Framework (<http://theupdateframework.com/>), a set of
recommendations developed by security researchers at
various universities in the US as well as developers on the
Tor project (<https://www.torproject.org/>).
The current implementation supports only index signing,
thereby enabling untrusted mirrors. It does not yet provide
facilities for author package signing.
The library has two main entry points:
"Hackage.Security.Client" is the main entry point for
clients (the typical example being @cabal@), and
"Hackage.Security.Server" is the main entry point for
servers (the typical example being @hackage-server@).
</longdescription>
</pkgmetadata>
|