Hello community, here is the log from the commit of package ghc-hackage-security for openSUSE:Factory checked in at 2017-03-20 17:07:02 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ghc-hackage-security (Old) and /work/SRC/openSUSE:Factory/.ghc-hackage-security.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ghc-hackage-security" Mon Mar 20 17:07:02 2017 rev:4 rq:477448 version:0.5.2.2 Changes: -------- --- /work/SRC/openSUSE:Factory/ghc-hackage-security/ghc-hackage-security.changes 2016-10-19 13:04:13.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ghc-hackage-security.new/ghc-hackage-security.changes 2017-03-20 17:07:04.498946937 +0100 @@ -1,0 +2,10 @@ +Mon Feb 20 08:42:31 UTC 2017 - psim...@suse.com + +- Update to version 0.5.2.2 revision 2 with cabal2obs. + +------------------------------------------------------------------- +Wed Dec 28 11:40:49 UTC 2016 - psim...@suse.com + +- Update to version 0.5.2.2 revision 1 with cabal2obs. + +------------------------------------------------------------------- New: ---- hackage-security.cabal ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ghc-hackage-security.spec ++++++ --- /var/tmp/diff_new_pack.ngTp84/_old 2017-03-20 17:07:05.438814228 +0100 +++ /var/tmp/diff_new_pack.ngTp84/_new 2017-03-20 17:07:05.442813663 +0100 @@ -1,7 +1,7 @@ # # spec file for package ghc-hackage-security # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,6 +26,7 @@ Group: Development/Languages/Other Url: https://hackage.haskell.org/package/%{pkg_name} Source0: https://hackage.haskell.org/package/%{pkg_name}-%{version}/%{pkg_name}-%{version}.tar.gz +Source1: https://hackage.haskell.org/package/%{pkg_name}-%{version}/revision/2.cabal#/%{pkg_name}.cabal BuildRequires: ghc-Cabal-devel BuildRequires: ghc-base16-bytestring-devel BuildRequires: ghc-base64-bytestring-devel @@ -87,6 +88,7 @@ %prep %setup -q -n %{pkg_name}-%{version} +cp -p %{SOURCE1} %{pkg_name}.cabal %build %ghc_lib_build ++++++ hackage-security.cabal ++++++ name: hackage-security version: 0.5.2.2 x-revision: 2 -- xrevision:1 integrates -- https://github.com/well-typed/hackage-security/commit/e4bff90a82a588ff2d0beedfc50d5fdf75861d48 synopsis: Hackage security library description: The hackage security library provides both server and client utilities for securing the Hackage package server (<http://hackage.haskell.org/>). It is based on The Update Framework (<http://theupdateframework.com/>), a set of recommendations developed by security researchers at various universities in the US as well as developers on the Tor project (<https://www.torproject.org/>). . The current implementation supports only index signing, thereby enabling untrusted mirrors. It does not yet provide facilities for author package signing. . The library has two main entry points: "Hackage.Security.Client" is the main entry point for clients (the typical example being @cabal@), and "Hackage.Security.Server" is the main entry point for servers (the typical example being @hackage-server@). license: BSD3 license-file: LICENSE author: Edsko de Vries maintainer: ed...@well-typed.com copyright: Copyright 2015-2016 Well-Typed LLP category: Distribution homepage: https://github.com/well-typed/hackage-security bug-reports: https://github.com/well-typed/hackage-security/issues build-type: Simple cabal-version: >=1.10 extra-source-files: ChangeLog.md source-repository head type: git location: https://github.com/well-typed/hackage-security.git flag base48 description: Are we using base 4.8 or later? manual: False flag use-network-uri description: Are we using network-uri? manual: False Flag old-directory description: Use directory < 1.2 and old-time manual: False default: False library -- Most functionality is exported through the top-level entry points .Client -- and .Server; the other exported modules are intended for qualified imports. exposed-modules: Hackage.Security.Client Hackage.Security.Client.Formats Hackage.Security.Client.Repository Hackage.Security.Client.Repository.Cache Hackage.Security.Client.Repository.Local Hackage.Security.Client.Repository.Remote Hackage.Security.Client.Repository.HttpLib Hackage.Security.Client.Verify Hackage.Security.JSON Hackage.Security.Key.Env Hackage.Security.Server Hackage.Security.Trusted Hackage.Security.TUF.FileMap Hackage.Security.Util.Checked Hackage.Security.Util.IO Hackage.Security.Util.Lens Hackage.Security.Util.Path Hackage.Security.Util.Pretty Hackage.Security.Util.Some Text.JSON.Canonical other-modules: Hackage.Security.Key Hackage.Security.Trusted.TCB Hackage.Security.TUF Hackage.Security.TUF.Common Hackage.Security.TUF.FileInfo Hackage.Security.TUF.Header Hackage.Security.TUF.Layout.Cache Hackage.Security.TUF.Layout.Index Hackage.Security.TUF.Layout.Repo Hackage.Security.TUF.Mirrors Hackage.Security.TUF.Paths Hackage.Security.TUF.Patterns Hackage.Security.TUF.Root Hackage.Security.TUF.Signed Hackage.Security.TUF.Snapshot Hackage.Security.TUF.Targets Hackage.Security.TUF.Timestamp Hackage.Security.Util.Base64 Hackage.Security.Util.JSON Hackage.Security.Util.Stack Hackage.Security.Util.TypedEmbedded Prelude -- We support ghc 7.4 (bundled with Cabal 1.14) and up build-depends: base >= 4.5 && < 5, base16-bytestring >= 0.1.1 && < 0.2, base64-bytestring >= 1.0 && < 1.1, bytestring >= 0.9 && < 0.11, Cabal >= 1.14 && < 2.2, containers >= 0.4 && < 0.6, directory >= 1.1.0.2 && < 1.4, ed25519 >= 0.0 && < 0.1, filepath >= 1.2 && < 1.5, mtl >= 2.2 && < 2.3, parsec >= 3.1 && < 3.2, pretty >= 1.0 && < 1.2, cryptohash-sha256 >= 0.11 && < 0.12, -- 0.4.2 introduces TarIndex, 0.4.4 introduces more -- functionality, 0.5.0 changes type of serialise tar >= 0.5 && < 0.6, time >= 1.2 && < 1.7, transformers >= 0.4 && < 0.6, zlib >= 0.5 && < 0.7, -- whatever versions are bundled with ghc: template-haskell, ghc-prim if flag(old-directory) build-depends: directory < 1.2, old-time >= 1 && < 1.2 else build-depends: directory >= 1.2 hs-source-dirs: src default-language: Haskell2010 default-extensions: DefaultSignatures DeriveDataTypeable DeriveFunctor FlexibleContexts FlexibleInstances GADTs GeneralizedNewtypeDeriving KindSignatures MultiParamTypeClasses NamedFieldPuns NoMonomorphismRestriction RankNTypes RecordWildCards ScopedTypeVariables StandaloneDeriving TupleSections TypeFamilies TypeOperators ViewPatterns other-extensions: BangPatterns CPP OverlappingInstances PackageImports UndecidableInstances -- use the new stage1/cross-compile-friendly Quotes subset of TH for new GHCs if impl(ghc >= 8.0) -- place holder until Hackage allows to edit in the new extension token -- other-extensions: TemplateHaskellQuotes other-extensions: else other-extensions: TemplateHaskell ghc-options: -Wall if flag(base48) build-depends: base >= 4.8 else build-depends: old-locale >= 1.0 -- The URI type got split out off the network package after version 2.5, and -- moved to a separate network-uri package. Since we don't need the rest of -- network here, it would suffice to rely only on network-uri: -- -- > if flag(use-network-uri) -- > build-depends: network-uri >= 2.6 && < 2.7 -- > else -- > build-depends: network >= 2.5 && < 2.6 -- -- However, if we did the same in hackage-security-HTTP, Cabal would consider -- those two flag choices (hackage-security:use-network-uri and -- hackage-security-HTTP:use-network-uri) to be completely independent; but -- they aren't: if it links hackage-security against network-uri and -- hackage-security-HTTP against network, we will get type errors when -- hackage-security-HTTP tries to pass a URI to hackage-security. -- -- It might seem we can solve this problem by re-exporting the URI type in -- hackage-security and avoid the dependency in hackage-security-HTTP -- altogether. However, this merely shifts the problem: hackage-security-HTTP -- relies on the HTTP library which--surprise!--makes the same choice between -- depending on network or network-uri. Cabal will not notice that we cannot -- build hackage-security and hackage-security-HTTP against network-uri but -- HTTP against network. -- -- We solve the problem by explicitly relying on network-2.6 when choosing -- network-uri. This dependency is redundant, strictly speaking. However, it -- serves as a proxy for forcing flag choices: since all packages in a -- solution must be linked against the same version of network, having one -- version of network in one branch of the conditional and another version of -- network in the other branch forces the choice to be consistent throughout. -- (Note that the HTTP library does the same thing, though in this case the -- dependency in network is not redundant.) if flag(use-network-uri) build-depends: network-uri >= 2.6 && < 2.7, network >= 2.6 && < 2.7 else build-depends: network >= 2.5 && < 2.6 if impl(ghc >= 7.8) other-extensions: RoleAnnotations if impl(ghc >= 7.10) other-extensions: AllowAmbiguousTypes -- StaticPointers -- ^^^ Temporarily disabled because Hackage doesn't know yet about this -- extension and will therefore reject this package. test-suite TestSuite type: exitcode-stdio-1.0 main-is: TestSuite.hs other-modules: TestSuite.HttpMem TestSuite.InMemCache TestSuite.InMemRepo TestSuite.InMemRepository TestSuite.JSON TestSuite.PrivateKeys TestSuite.Util.StrictMVar build-depends: base, Cabal, containers, HUnit, bytestring, hackage-security, network-uri, tar, tasty, tasty-hunit, tasty-quickcheck, QuickCheck, temporary, time, zlib hs-source-dirs: tests default-language: Haskell2010 default-extensions: FlexibleContexts GADTs KindSignatures RankNTypes RecordWildCards ScopedTypeVariables ghc-options: -Wall