<div dir="ltr"><br><br><div class="gmail_quote">On Wed, Apr 15, 2015 at 8:50 AM Gershom B <<a href="mailto:gershomb@gmail.com">gershomb@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On April 15, 2015 at 1:43:42 AM, Michael Snoyman (<a href="mailto:michael@snoyman.com" target="_blank">michael@snoyman.com</a>) wrote:<br>
> > There's a lot of stuff going on inside of Hackage which we have<br>
> no insight into or control over. The simplest is that we can't<br>
> review a log of revisions. Improving that is a good thing, and<br>
> I hope Hackage does so. Nonetheless, I'd still prefer a fully<br>
> open, auditable system, which isn't possible with "just tack<br>
> it on to Hackage.”<br>
<br>
Ok, I’m going to ignore everything else and just focus on this, because it seems to be the only thing related to hackage, and therefore should be thought of separately from everything else.<br>
<br>
What _else_ goes on that “we have no insight or control over”? Can we document the full list. Can we specify what we mean by insight? I take that to mean auditability. Can we specify what we mean by “control? (There I have no idea).<br>
<br>
(With regards to revision logs, revisions are still a relatively new feature and there’s lots of bits and bobs missing, and I agree this is low hanging fruit to improve).<br>
<br><br></blockquote><div><br></div><div>I'm not intimately familiar with the Hackage API, so I can't give a point-by-point description of what information is and is not auditable. However, *all* of that is predicated on trusting Hackage to properly authenticate users and be immune to attacks. For example, even if I can ask Hackage who uploaded a certain package/version, there's no way I can audit that that's actually the case, besides going and asking that person. And I can't even do *that* reliably, since the only identification for an uploader is the Hackage username, and I can't verify that someone actually owns that username without asking for his/her password also.</div><div><br></div><div>One feature Hackage could add that would make the latter a bit better would be to verify identity claims from people (ala OpenID), though that still leaves us in the position of needing to fully trust Hackage.</div><div><br></div><div>Michael</div></div></div>