#214: Package security ----------------------------+----------------------------------------------- Reporter: duncan | Owner: Type: task | Status: new Priority: normal | Milestone: Component: miscellaneous | Version: 1.2.3.0 Severity: normal | Resolution: Keywords: | Difficulty: project(> week) Ghcversion: 6.8.2 | Platform: ----------------------------+----------------------------------------------- Comment (by guest): Replying to [comment:9 myself]:
Password protecting packages as discussed on the libraries list
Actually I liked the idea of limiting the uploaders of packages better, because it has a smaller impact on the authors' workflow, and paves the way for trusting packages by their base name (which is what {{{cabal- install}}} uses to find packages.) In a way it's similar to what CPAN does. They force their authors to register the namespace they are going to use, and their package names are tied to the namespace. (http://www.cpan.org/modules/04pause.html) They also have co-maintainers for packages, and they require admin intervention for taking over orphaned packages. (http://www.nntp.perl.org/group/perl.cvs.perlfaq/2007/07/msg393.html) - int-e -- Ticket URL: http://hackage.haskell.org/trac/hackage/ticket/214#comment:12 Hackage http://haskell.org/cabal/ Hackage: Cabal and related projects