<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jan 2, 2018 at 11:47 AM, Sven Panne <span dir="ltr"><<a href="mailto:svenpanne@gmail.com" target="_blank">svenpanne@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><span class="">2018-01-02 2:24 GMT+01:00 Gershom B <span dir="ltr"><<a href="mailto:gershomb@gmail.com" target="_blank">gershomb@gmail.com</a>></span>:<br></span><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="">A recent update to hackage, which fixed up the 01-index.tar.gz file,<br>
revealed a bug in existing versions of cabal-install, when index files<br>
are cleaned up. This bug means that the `cabal update` command, which<br>
updates the hackage index file, will fail silently and leave the old<br>
file in place. It is easy to get things working again, but it requires<br></span>
manual intervention. [...]</blockquote><div><br></div><div>Quick question: Are stack users affected, too, or only cabal users? I'm just asking because as a stack user you have ~/.stack/indices/Hackage/01-<wbr>index.* files lying around, too...</div></div></div></div>
<br></blockquote><div><br></div><div>Hey Sven,</div><div><br></div><div>Gershom sent me an email about this earlier, and I looked into it. As far as I can tell, Stack is _not_ affected by this, since—although it uses the same hackage-security library as cabal-install—it follows a different codepath outside of hackage-security for downloading tarballs. I'm not 100% certain Stack is immune, however, so if someone notices a problem, please report it.</div><div><br></div><div>Michael<br></div></div></div></div>