[Hackage] #214: Package security
Hackage
trac at galois.com
Tue May 20 14:31:40 EDT 2008
#214: Package security
----------------------------+-----------------------------------------------
Reporter: duncan | Owner:
Type: task | Status: new
Priority: normal | Milestone:
Component: miscellaneous | Version: 1.2.3.0
Severity: normal | Resolution:
Keywords: | Difficulty: project(> week)
Ghcversion: 6.8.2 | Platform:
----------------------------+-----------------------------------------------
Comment (by guest):
Replying to [comment:9 myself]:
> Password protecting packages as discussed on the libraries list
Actually I liked the idea of limiting the uploaders of packages better,
because it has a smaller impact on the authors' workflow, and paves the
way for trusting packages by their base name (which is what {{{cabal-
install}}} uses to find packages.)
In a way it's similar to what CPAN does. They force their authors to
register the namespace they are going to use, and their package names are
tied to the namespace. (http://www.cpan.org/modules/04pause.html) They
also have co-maintainers for packages, and they require admin intervention
for taking over orphaned packages.
(http://www.nntp.perl.org/group/perl.cvs.perlfaq/2007/07/msg393.html) -
int-e
--
Ticket URL: <http://hackage.haskell.org/trac/hackage/ticket/214#comment:12>
Hackage <http://haskell.org/cabal/>
Hackage: Cabal and related projects
More information about the cabal-devel
mailing list