Integrity checking for cabal
M. Schulte
melanie at gnu.org
Fri Apr 20 15:04:14 CEST 2012
Hello,
I'm pretty new to Haskell and I hope this list is the appropriate place to ask
the following question:
When I use cabal to install a libary or a program, are there any integrity checks done?
Preferably, are there digital signatures checked?
So far I couldn't find anything related to integrity checking in cabal -- but I found it
a bit hard to believe that there is no such mechanism at all.
If there is none, are there any plans on adding such a mechanism? For instance, one could
configure cabal to complain whenever a package's signature could not be checked and
implement some light-weigth signature checking via pgp-keys.
Thanks,
m.
More information about the Libraries
mailing list