Re: [Haskell-cafe] Ongoing IHG work to improve Hackage security

On Thu, 2015-04-16 at 15:14 +0200, Mikhail Glushenkov wrote:

Hi,

On 16 April 2015 at 11:33, Duncan Coutts wrote:

...

All,

The IHG members identified Hackage security as an important issue some time ago and myself and my colleague Austin have been working on a design and implementation.

The details are in this blog post:

http://www.well-typed.com/blog/2015/04/improving-hackage-security

Thank you, this is very exciting. But won't the post-release .cabal update feature interfere with "package index as an append-only log" concept? IIUC, right now it is implemented as a destructive update of the corresponding package index entry, so making the package index immutable will break backwards compatibility.

Yes, we can use the tar file in an append-only way while allowing metadata updates because that's the tar file format supports that. The tar file format was originally designed for tape drives where rewinding and updating old entries was far too expensive. So the tar file format allows appending updated file entries to the end of the archive. Compliant tar tools (including the standard unix tools, and cabal-install) understand this and take the last entry in the archive as the current file content. -- Duncan Coutts, Haskell Consultant Well-Typed LLP, http://www.well-typed.com/