security/ experimental packages? authorization uncomon source
locations, hackage db?
Marc Weber
marco-oweber at gmx.de
Sat Jan 6 06:38:43 EST 2007
I've read the discussion about who is able to upload packages..
This is nice if you want to install most common packages..
But the packaging system is intended to save time. Thus what about
I want to install an experimntal synthesizer which uses an experimental
haskore interface from a person who hasn't registered his lib on
hackage-db yet?
In short:
Would it be useful to allow speciyfing different download locations for
dependencies in a cabal file?
-- Lib.cabal --
depends: ExperimentalLib > 2.0 { location: http://person/haskell/ExperimentalLib.cabal }
[...]
This would give much more freedom ..
I agree that it might be useful to "mask" those packages ...
But its much more convinient to do
cabal-install --allow-non-hackage-locations Lib
than downloading/ installing/ updating those libs manually ?
I think if you need total security you won't use this flag or use
someithing like chroot (already mentioned) or user mode linux .. ;)
But this issue adresses the question:
What is hackage about:
an automated installation system
or
an automated installation system + package list (centralized at
hackagedb ?)
Marc
More information about the cabal-devel
mailing list