Re: Can't upload a package named "oath" to Hackage

How are the trustees to know whether someone "deserves" to take a security sensitive name? And "typos" can often be intentional when two packages each deserve similar names. I think it's reasonable for trustees to step in if a name is actually abused, but I don't support squatting. On Wed, Dec 8, 2021, 4:53 PM Carter Schonwald wrote:

Yeah. Typo squatting is or case squatting in helping preventing weird security / bug issues sounds sane to me

On Wed, Dec 8, 2021 at 3:00 PM Jon Purdy wrote:

...

On Fri, Dec 3, 2021 at 6:34 AM Fumiaki Kinoshita wrote:

...

Looking at other "reserved package names in the list, "all", "project", "test" are understandable but it's hard to think of any reason why oath should be reserved.

When I first saw this thread, I guessed that it was reserved to prevent typosquatting for “oauth” (OAuth https://en.wikipedia.org/wiki/OAuth).

_______________________________________________ Libraries mailing list Libraries@haskell.org http://mail.haskell.org/cgi-bin/mailman/listinfo/libraries

_______________________________________________ Libraries mailing list Libraries@haskell.org http://mail.haskell.org/cgi-bin/mailman/listinfo/libraries