From 9152204f2004ba7d482bfd916a11ac0d2aca9672 Mon Sep 17 00:00:00 2001 From: Jens Petersen Date: Sun, 17 Feb 2019 22:44:56 +0800 Subject: [PATCH] refresh to cabal-rpm-0.13 --- ghc-hackage-security.spec | 22 +- hackage-security-0.5.3.0.cabal | 504 ++++++++++++++++----------------- 2 files changed, 269 insertions(+), 257 deletions(-) diff --git a/ghc-hackage-security.spec b/ghc-hackage-security.spec index 80e1d53..4d3794c 100644 --- a/ghc-hackage-security.spec +++ b/ghc-hackage-security.spec @@ -1,4 +1,4 @@ -# generated by cabal-rpm-0.12.5 +# generated by cabal-rpm-0.13 # https://fedoraproject.org/wiki/Packaging:Haskell %global pkg_name hackage-security @@ -8,17 +8,19 @@ Name: ghc-%{pkg_name} Version: 0.5.3.0 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Hackage security library License: BSD Url: https://hackage.haskell.org/package/%{pkg_name} +# Begin cabal-rpm sources: Source0: https://hackage.haskell.org/package/%{pkgver}/%{pkgver}.tar.gz Source1: https://hackage.haskell.org/package/%{pkgver}/%{pkg_name}.cabal#/%{pkgver}.cabal +# End cabal-rpm sources +# Begin cabal-rpm deps: BuildRequires: ghc-Cabal-devel BuildRequires: ghc-rpm-macros -# Begin cabal-rpm deps: BuildRequires: ghc-base16-bytestring-devel BuildRequires: ghc-base64-bytestring-devel BuildRequires: ghc-bytestring-devel @@ -84,17 +86,22 @@ documentation. %prep +# Begin cabal-rpm setup: %setup -q -n %{pkgver} -cp -p %{SOURCE1} %{pkg_name}.cabal - +cp -bp %{SOURCE1} %{pkg_name}.cabal +# End cabal-rpm setup %build +# Begin cabal-rpm build: %ghc_lib_build +# End cabal-rpm build %install +# Begin cabal-rpm install %ghc_lib_install +# End cabal-rpm install grep -v "%{_docdir}/ghc/html/libraries/%{pkgver}" %{name}-devel.files > %{name}-devel-nodoc.files %if %{undefined without_haddock} grep "%{_docdir}/ghc/html/libraries/%{pkgver}" %{name}-devel.files > %{name}-devel-doc.files @@ -114,7 +121,9 @@ grep "%{_docdir}/ghc/html/libraries/%{pkgver}" %{name}-devel.files > %{name}-dev %files -f %{name}.files +# Begin cabal-rpm files: %license LICENSE +# End cabal-rpm files %files devel -f %{name}-devel-nodoc.files @@ -128,6 +137,9 @@ grep "%{_docdir}/ghc/html/libraries/%{pkgver}" %{name}-devel.files > %{name}-dev %changelog +* Sun Feb 17 2019 Jens Petersen - 0.5.3.0-5 +- refresh to cabal-rpm-0.13 + * Thu Jan 31 2019 Fedora Release Engineering - 0.5.3.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild diff --git a/hackage-security-0.5.3.0.cabal b/hackage-security-0.5.3.0.cabal index ef59955..8bd32b7 100644 --- a/hackage-security-0.5.3.0.cabal +++ b/hackage-security-0.5.3.0.cabal @@ -1,252 +1,252 @@ -cabal-version: 1.12 -name: hackage-security -version: 0.5.3.0 -x-revision: 1 - -synopsis: Hackage security library -description: The hackage security library provides both server and - client utilities for securing the Hackage package server - (). It is based on The Update - Framework (), a set of - recommendations developed by security researchers at - various universities in the US as well as developers on the - Tor project (). - . - The current implementation supports only index signing, - thereby enabling untrusted mirrors. It does not yet provide - facilities for author package signing. - . - The library has two main entry points: - "Hackage.Security.Client" is the main entry point for - clients (the typical example being @cabal@), and - "Hackage.Security.Server" is the main entry point for - servers (the typical example being @hackage-server@). -license: BSD3 -license-file: LICENSE -author: Edsko de Vries -maintainer: cabal-devel@haskell.org -copyright: Copyright 2015-2016 Well-Typed LLP -category: Distribution -homepage: https://github.com/haskell/hackage-security -bug-reports: https://github.com/haskell/hackage-security/issues -build-type: Simple - -extra-source-files: - ChangeLog.md - -source-repository head - type: git - location: https://github.com/haskell/hackage-security.git - -flag base48 - description: Are we using @base@ 4.8 or later? - manual: False - -flag use-network-uri - description: Are we using @network-uri@? - manual: False - -flag old-directory - description: Use @directory@ < 1.2 and @old-time@ - manual: False - default: False - -library - -- Most functionality is exported through the top-level entry points .Client - -- and .Server; the other exported modules are intended for qualified imports. - exposed-modules: Hackage.Security.Client - Hackage.Security.Client.Formats - Hackage.Security.Client.Repository - Hackage.Security.Client.Repository.Cache - Hackage.Security.Client.Repository.Local - Hackage.Security.Client.Repository.Remote - Hackage.Security.Client.Repository.HttpLib - Hackage.Security.Client.Verify - Hackage.Security.JSON - Hackage.Security.Key.Env - Hackage.Security.Server - Hackage.Security.Trusted - Hackage.Security.TUF.FileMap - Hackage.Security.Util.Checked - Hackage.Security.Util.IO - Hackage.Security.Util.Lens - Hackage.Security.Util.Path - Hackage.Security.Util.Pretty - Hackage.Security.Util.Some - Text.JSON.Canonical - other-modules: Hackage.Security.Key - Hackage.Security.Trusted.TCB - Hackage.Security.TUF - Hackage.Security.TUF.Common - Hackage.Security.TUF.FileInfo - Hackage.Security.TUF.Header - Hackage.Security.TUF.Layout.Cache - Hackage.Security.TUF.Layout.Index - Hackage.Security.TUF.Layout.Repo - Hackage.Security.TUF.Mirrors - Hackage.Security.TUF.Paths - Hackage.Security.TUF.Patterns - Hackage.Security.TUF.Root - Hackage.Security.TUF.Signed - Hackage.Security.TUF.Snapshot - Hackage.Security.TUF.Targets - Hackage.Security.TUF.Timestamp - Hackage.Security.Util.Base64 - Hackage.Security.Util.Exit - Hackage.Security.Util.FileLock - Hackage.Security.Util.JSON - Hackage.Security.Util.Stack - Hackage.Security.Util.TypedEmbedded - Prelude - -- We support ghc 7.4 (bundled with Cabal 1.14) and up - build-depends: base >= 4.5 && < 4.12, - base16-bytestring >= 0.1.1 && < 0.2, - base64-bytestring >= 1.0 && < 1.1, - bytestring >= 0.9 && < 0.11, - Cabal >= 1.14 && < 2.4, - containers >= 0.4 && < 0.6, - ed25519 >= 0.0 && < 0.1, - filepath >= 1.2 && < 1.5, - mtl >= 2.2 && < 2.3, - parsec >= 3.1 && < 3.2, - pretty >= 1.0 && < 1.2, - cryptohash-sha256 >= 0.11 && < 0.12, - -- 0.4.2 introduces TarIndex, 0.4.4 introduces more - -- functionality, 0.5.0 changes type of serialise - tar >= 0.5 && < 0.6, - time >= 1.2 && < 1.9, - transformers >= 0.4 && < 0.6, - zlib >= 0.5 && < 0.7, - -- whatever versions are bundled with ghc: - template-haskell, - ghc-prim - if flag(old-directory) - build-depends: directory >= 1.1.0.2 && < 1.2, - old-time >= 1 && < 1.2 - else - build-depends: directory >= 1.2 && < 1.4 - build-tool-depends: hsc2hs:hsc2hs >= 0.67 && <0.69 - - hs-source-dirs: src - default-language: Haskell2010 - default-extensions: DefaultSignatures - DeriveDataTypeable - DeriveFunctor - FlexibleContexts - FlexibleInstances - GADTs - GeneralizedNewtypeDeriving - KindSignatures - MultiParamTypeClasses - NamedFieldPuns - NoMonomorphismRestriction - RankNTypes - RecordWildCards - ScopedTypeVariables - StandaloneDeriving - TupleSections - TypeFamilies - TypeOperators - ViewPatterns - other-extensions: BangPatterns - CPP - OverlappingInstances - PackageImports - UndecidableInstances - - -- use the new stage1/cross-compile-friendly Quotes subset of TH for new GHCs - if impl(ghc >= 8.0) - other-extensions: TemplateHaskellQuotes - else - other-extensions: TemplateHaskell - - ghc-options: -Wall - - if flag(base48) - build-depends: base >= 4.8 - else - build-depends: base < 4.8, old-locale == 1.0.* - - -- The URI type got split out off the network package after version 2.5, and - -- moved to a separate network-uri package. Since we don't need the rest of - -- network here, it would suffice to rely only on network-uri: - -- - -- > if flag(use-network-uri) - -- > build-depends: network-uri >= 2.6 && < 2.7 - -- > else - -- > build-depends: network >= 2.5 && < 2.6 - -- - -- However, if we did the same in hackage-security-HTTP, Cabal would consider - -- those two flag choices (hackage-security:use-network-uri and - -- hackage-security-HTTP:use-network-uri) to be completely independent; but - -- they aren't: if it links hackage-security against network-uri and - -- hackage-security-HTTP against network, we will get type errors when - -- hackage-security-HTTP tries to pass a URI to hackage-security. - -- - -- It might seem we can solve this problem by re-exporting the URI type in - -- hackage-security and avoid the dependency in hackage-security-HTTP - -- altogether. However, this merely shifts the problem: hackage-security-HTTP - -- relies on the HTTP library which--surprise!--makes the same choice between - -- depending on network or network-uri. Cabal will not notice that we cannot - -- build hackage-security and hackage-security-HTTP against network-uri but - -- HTTP against network. - -- - -- We solve the problem by explicitly relying on network-2.6 when choosing - -- network-uri. This dependency is redundant, strictly speaking. However, it - -- serves as a proxy for forcing flag choices: since all packages in a - -- solution must be linked against the same version of network, having one - -- version of network in one branch of the conditional and another version of - -- network in the other branch forces the choice to be consistent throughout. - -- (Note that the HTTP library does the same thing, though in this case the - -- dependency in network is not redundant.) - if flag(use-network-uri) - build-depends: network-uri >= 2.6 && < 2.7, - network >= 2.6 && < 2.8 - else - build-depends: network >= 2.5 && < 2.6 - - if impl(ghc >= 7.8) - other-extensions: RoleAnnotations - - if impl(ghc >= 7.10) - other-extensions: AllowAmbiguousTypes - StaticPointers - -test-suite TestSuite - type: exitcode-stdio-1.0 - main-is: TestSuite.hs - other-modules: TestSuite.HttpMem - TestSuite.InMemCache - TestSuite.InMemRepo - TestSuite.InMemRepository - TestSuite.JSON - TestSuite.PrivateKeys - TestSuite.Util.StrictMVar - - -- inherited constraints from lib:hackage-security component - build-depends: hackage-security, - base, - Cabal, - containers, - bytestring, - network-uri, - tar, - time, - zlib - - -- dependencies exclusive to test-suite - build-depends: tasty == 1.0.*, - tasty-hunit == 0.10.*, - tasty-quickcheck == 0.10.*, - QuickCheck == 2.9.*, - temporary == 1.2.* - - hs-source-dirs: tests - default-language: Haskell2010 - default-extensions: FlexibleContexts - GADTs - KindSignatures - RankNTypes - RecordWildCards - ScopedTypeVariables - ghc-options: -Wall +cabal-version: 1.12 +name: hackage-security +version: 0.5.3.0 +x-revision: 3 + +synopsis: Hackage security library +description: The hackage security library provides both server and + client utilities for securing the Hackage package server + (). It is based on The Update + Framework (), a set of + recommendations developed by security researchers at + various universities in the US as well as developers on the + Tor project (). + . + The current implementation supports only index signing, + thereby enabling untrusted mirrors. It does not yet provide + facilities for author package signing. + . + The library has two main entry points: + "Hackage.Security.Client" is the main entry point for + clients (the typical example being @cabal@), and + "Hackage.Security.Server" is the main entry point for + servers (the typical example being @hackage-server@). +license: BSD3 +license-file: LICENSE +author: Edsko de Vries +maintainer: cabal-devel@haskell.org +copyright: Copyright 2015-2016 Well-Typed LLP +category: Distribution +homepage: https://github.com/haskell/hackage-security +bug-reports: https://github.com/haskell/hackage-security/issues +build-type: Simple + +extra-source-files: + ChangeLog.md + +source-repository head + type: git + location: https://github.com/haskell/hackage-security.git + +flag base48 + description: Are we using @base@ 4.8 or later? + manual: False + +flag use-network-uri + description: Are we using @network-uri@? + manual: False + +flag old-directory + description: Use @directory@ < 1.2 and @old-time@ + manual: False + default: False + +library + -- Most functionality is exported through the top-level entry points .Client + -- and .Server; the other exported modules are intended for qualified imports. + exposed-modules: Hackage.Security.Client + Hackage.Security.Client.Formats + Hackage.Security.Client.Repository + Hackage.Security.Client.Repository.Cache + Hackage.Security.Client.Repository.Local + Hackage.Security.Client.Repository.Remote + Hackage.Security.Client.Repository.HttpLib + Hackage.Security.Client.Verify + Hackage.Security.JSON + Hackage.Security.Key.Env + Hackage.Security.Server + Hackage.Security.Trusted + Hackage.Security.TUF.FileMap + Hackage.Security.Util.Checked + Hackage.Security.Util.IO + Hackage.Security.Util.Lens + Hackage.Security.Util.Path + Hackage.Security.Util.Pretty + Hackage.Security.Util.Some + Text.JSON.Canonical + other-modules: Hackage.Security.Key + Hackage.Security.Trusted.TCB + Hackage.Security.TUF + Hackage.Security.TUF.Common + Hackage.Security.TUF.FileInfo + Hackage.Security.TUF.Header + Hackage.Security.TUF.Layout.Cache + Hackage.Security.TUF.Layout.Index + Hackage.Security.TUF.Layout.Repo + Hackage.Security.TUF.Mirrors + Hackage.Security.TUF.Paths + Hackage.Security.TUF.Patterns + Hackage.Security.TUF.Root + Hackage.Security.TUF.Signed + Hackage.Security.TUF.Snapshot + Hackage.Security.TUF.Targets + Hackage.Security.TUF.Timestamp + Hackage.Security.Util.Base64 + Hackage.Security.Util.Exit + Hackage.Security.Util.FileLock + Hackage.Security.Util.JSON + Hackage.Security.Util.Stack + Hackage.Security.Util.TypedEmbedded + Prelude + -- We support ghc 7.4 (bundled with Cabal 1.14) and up + build-depends: base >= 4.5 && < 4.13, + base16-bytestring >= 0.1.1 && < 0.2, + base64-bytestring >= 1.0 && < 1.1, + bytestring >= 0.9 && < 0.11, + Cabal >= 1.14 && < 2.6, + containers >= 0.4 && < 0.7, + ed25519 >= 0.0 && < 0.1, + filepath >= 1.2 && < 1.5, + mtl >= 2.2 && < 2.3, + parsec >= 3.1 && < 3.2, + pretty >= 1.0 && < 1.2, + cryptohash-sha256 >= 0.11 && < 0.12, + -- 0.4.2 introduces TarIndex, 0.4.4 introduces more + -- functionality, 0.5.0 changes type of serialise + tar >= 0.5 && < 0.6, + time >= 1.2 && < 1.9, + transformers >= 0.4 && < 0.6, + zlib >= 0.5 && < 0.7, + -- whatever versions are bundled with ghc: + template-haskell, + ghc-prim + if flag(old-directory) + build-depends: directory >= 1.1.0.2 && < 1.2, + old-time >= 1 && < 1.2 + else + build-depends: directory >= 1.2 && < 1.4 + build-tool-depends: hsc2hs:hsc2hs >= 0.67 && <0.69 + + hs-source-dirs: src + default-language: Haskell2010 + default-extensions: DefaultSignatures + DeriveDataTypeable + DeriveFunctor + FlexibleContexts + FlexibleInstances + GADTs + GeneralizedNewtypeDeriving + KindSignatures + MultiParamTypeClasses + NamedFieldPuns + NoMonomorphismRestriction + RankNTypes + RecordWildCards + ScopedTypeVariables + StandaloneDeriving + TupleSections + TypeFamilies + TypeOperators + ViewPatterns + other-extensions: BangPatterns + CPP + OverlappingInstances + PackageImports + UndecidableInstances + + -- use the new stage1/cross-compile-friendly Quotes subset of TH for new GHCs + if impl(ghc >= 8.0) + other-extensions: TemplateHaskellQuotes + else + other-extensions: TemplateHaskell + + ghc-options: -Wall + + if flag(base48) + build-depends: base >= 4.8 + else + build-depends: base < 4.8, old-locale == 1.0.* + + -- The URI type got split out off the network package after version 2.5, and + -- moved to a separate network-uri package. Since we don't need the rest of + -- network here, it would suffice to rely only on network-uri: + -- + -- > if flag(use-network-uri) + -- > build-depends: network-uri >= 2.6 && < 2.7 + -- > else + -- > build-depends: network >= 2.5 && < 2.6 + -- + -- However, if we did the same in hackage-security-HTTP, Cabal would consider + -- those two flag choices (hackage-security:use-network-uri and + -- hackage-security-HTTP:use-network-uri) to be completely independent; but + -- they aren't: if it links hackage-security against network-uri and + -- hackage-security-HTTP against network, we will get type errors when + -- hackage-security-HTTP tries to pass a URI to hackage-security. + -- + -- It might seem we can solve this problem by re-exporting the URI type in + -- hackage-security and avoid the dependency in hackage-security-HTTP + -- altogether. However, this merely shifts the problem: hackage-security-HTTP + -- relies on the HTTP library which--surprise!--makes the same choice between + -- depending on network or network-uri. Cabal will not notice that we cannot + -- build hackage-security and hackage-security-HTTP against network-uri but + -- HTTP against network. + -- + -- We solve the problem by explicitly relying on network-2.6 when choosing + -- network-uri. This dependency is redundant, strictly speaking. However, it + -- serves as a proxy for forcing flag choices: since all packages in a + -- solution must be linked against the same version of network, having one + -- version of network in one branch of the conditional and another version of + -- network in the other branch forces the choice to be consistent throughout. + -- (Note that the HTTP library does the same thing, though in this case the + -- dependency in network is not redundant.) + if flag(use-network-uri) + build-depends: network-uri >= 2.6 && < 2.7, + network >= 2.6 && < 2.9 + else + build-depends: network >= 2.5 && < 2.6 + + if impl(ghc >= 7.8) + other-extensions: RoleAnnotations + + if impl(ghc >= 7.10) + other-extensions: AllowAmbiguousTypes + StaticPointers + +test-suite TestSuite + type: exitcode-stdio-1.0 + main-is: TestSuite.hs + other-modules: TestSuite.HttpMem + TestSuite.InMemCache + TestSuite.InMemRepo + TestSuite.InMemRepository + TestSuite.JSON + TestSuite.PrivateKeys + TestSuite.Util.StrictMVar + + -- inherited constraints from lib:hackage-security component + build-depends: hackage-security, + base, + Cabal, + containers, + bytestring, + network-uri, + tar, + time, + zlib + + -- dependencies exclusive to test-suite + build-depends: tasty == 1.0.*, + tasty-hunit == 0.10.*, + tasty-quickcheck == 0.10.*, + QuickCheck == 2.9.*, + temporary == 1.2.* + + hs-source-dirs: tests + default-language: Haskell2010 + default-extensions: FlexibleContexts + GADTs + KindSignatures + RankNTypes + RecordWildCards + ScopedTypeVariables + ghc-options: -Wall