Can't upload a package named "oath" to Hackage

Fumiaki Kinoshita fumiexcel at gmail.com
Thu Dec 9 01:15:13 UTC 2021


If typo-squatting is a thing, they should be done against existing
packages, not for non-existing ones... I don't think it should prevent
uploading an innocent package anyway.

Btw there are way more confusing ones, like promise vs. promises, future
vs. futures...

2021年12月9日(木) 6:59 David Feuer <david.feuer at gmail.com>:

> How are the trustees to know whether someone "deserves" to take a security
> sensitive name? And "typos" can often be intentional when two packages each
> deserve similar names. I think it's reasonable for trustees to step in if a
> name is actually abused, but I don't support squatting.
>
> On Wed, Dec 8, 2021, 4:53 PM Carter Schonwald <carter.schonwald at gmail.com>
> wrote:
>
>> Yeah. Typo squatting is or case squatting in helping preventing weird
>> security / bug issues sounds sane to me
>>
>> On Wed, Dec 8, 2021 at 3:00 PM Jon Purdy <evincarofautumn at gmail.com>
>> wrote:
>>
>>>
>>> On Fri, Dec 3, 2021 at 6:34 AM Fumiaki Kinoshita <fumiexcel at gmail.com>
>>> wrote:
>>>
>>>> Looking at other "reserved package names in the list, "all", "project",
>>>> "test" are understandable but it's hard to think of any reason why oath
>>>> should be reserved.
>>>>
>>>
>>> When I first saw this thread, I guessed that it was reserved to prevent
>>> typosquatting for “oauth” (OAuth <https://en.wikipedia.org/wiki/OAuth>).
>>>
>>> _______________________________________________
>>> Libraries mailing list
>>> Libraries at haskell.org
>>> http://mail.haskell.org/cgi-bin/mailman/listinfo/libraries
>>>
>> _______________________________________________
>> Libraries mailing list
>> Libraries at haskell.org
>> http://mail.haskell.org/cgi-bin/mailman/listinfo/libraries
>>
> _______________________________________________
> Libraries mailing list
> Libraries at haskell.org
> http://mail.haskell.org/cgi-bin/mailman/listinfo/libraries
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.haskell.org/pipermail/libraries/attachments/20211209/e0207f4f/attachment.html>


More information about the Libraries mailing list