#214: Package security ----------------------------+----------------------------------------------- Reporter: duncan | Owner: Type: task | Status: new Priority: normal | Milestone: Component: miscellaneous | Version: 1.2.3.0 Severity: normal | Resolution: Keywords: | Difficulty: project(> week) Ghcversion: 6.8.2 | Platform: ----------------------------+----------------------------------------------- Comment (by guest): I worry about the idea of providing "security" or some notion of safety or trust only if one behaves "as expected". That seems slightly odd to me. Secondly, there has to be a first person or a first five people that grab the package to try it out and to give it its initial "rating". And those five could be 500 if it's suitably advertised, an oft requested feature or a popular idea. Try adding a package to Hackage that claims it adds a dependently typed system to Haskell and watch the number of downloads! And if such a package as that is trojaned... -- matthew -- Ticket URL: http://hackage.haskell.org/trac/hackage/ticket/214#comment:10 Hackage http://haskell.org/cabal/ Hackage: Cabal and related projects