-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove operational and mirror keys from bootstrap key set #53
Remove operational and mirror keys from bootstrap key set #53
Conversation
The list of keys passed to the Hackage Security setup should be the bootstrap root keys, rather than all keys used. There are three kinds of keys used with Hackage Security today: * root keys, which are the community roots of trust, kept offline and distributed among trusted community members, * operational keys, which are kept in memory on Hackage and used for ongoing cryptographic signatures of the timestamp file and index, * and mirror keys, which are used to sign the mirror list. Tools that wish to interact with Hackage need to carry a bootstrap set of root keys to solve the chicked-and-egg problem. These are five root keys that are implicitly trusted. These keys are used to sign root.json in Hackage, which then specifies which additional keys are available and used. The list here, however, contains all the keys, rather than just the bootstrap root keys.
The keys seem to be used here: Lines 151 to 154 in 7330161
which is using them for bootstrap. Cf https://github.com/haskell/cabal/blob/c024065b2104fab366ea14775ca4191764d382bd/cabal-install/src/Distribution/Client/Config.hs#L683-L690 for the corresponding bit in For more context, please see my README PR to |
I'll be relying on CI to make sure that this interpretation of how the data is being used is correct. The bootstrapping process is a bit stateful, and I'm not sure how to ensure that everything is OK on my local machine. |
I rebuilt Stack using this version, set |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
I've released pantry 0.5.6 to Hackage and opened a matching Stack PR: commercialhaskell/stack#5785 |
…keys Bump pantry to 0.5.6 commercialhaskell/pantry#53
ARATA Mizuki (1): Use capi calling convention for ioctl Dan Brooks (4): Concrete types in complicatedOptions function Make more types concrete Extract functions to top level with type signatures Only load config once when using `stack path` Danila Danko (1): move relevant sentence closer to the example Emanuel Borsboom (1): v2.7.6 Felix Paulusma (1): import Data.List qualified as "-Wcompat-unqualified-imports" says Fraser Murray (3): enable allow-newer to only apply to specific packages name expanded allow-newer `allow-newer-deps` instead for backwards compatibility mark `allow-newer-deps` as experimental HallowedDust5 (1): Fix get_isa logic Idris Raja (1): Update nix_integration.md Josh Soref (91): spelling: ambiguity spelling: ambiguous spelling: and spelling: assistance spelling: below spelling: can spelling: collapse spelling: commercialhaskell spelling: committed spelling: communication spelling: concating spelling: continuous spelling: default spelling: degradation spelling: dependencies spelling: dependency spelling: different spelling: directory spelling: each other spelling: earch spelling: enabled spelling: exclusive spelling: expected spelling: fallback spelling: full blown spelling: further spelling: github spelling: gitlab spelling: haddock spelling: https spelling: idiomatic spelling: indenting spelling: information spelling: insensitive spelling: install spelling: installations spelling: integration spelling: interleaved spelling: kernel spelling: linux spelling: make spelling: missiles spelling: msys spelling: nonexistent spelling: occurred spelling: orphans spelling: output spelling: overridden spelling: package spelling: parameters spelling: pedantic spelling: possibility spelling: preexisting spelling: priorities spelling: pruned spelling: referring spelling: repository spelling: reproducibility spelling: resolve spelling: satisfied spelling: sentinel spelling: separate spelling: set spelling: sets spelling: setting spelling: signature spelling: simplifying spelling: snapshot spelling: something spelling: specification spelling: successfully spelling: supplemental spelling: supports spelling: suppressing spelling: template spelling: the spelling: this spelling: thrown spelling: unexpected spelling: unnecessary spelling: utilities spelling: variant spelling: without spelling: zypper Add self hosted runners guard Only sign if key is available Creating a release requires write permissions Switch to ncipollo/release-action Maybe this field should always be a string instead of sometimes an array move fromJSON to runs-on Use distinct output for boolean logic Julian Ospald (4): Fix how cpp-options are passed to ghci wrt #5532 Pass 'with-gcc:' specified compiler to 'stack setup', fixes #5493 Support custom GHC installation hooks Fix hook running on windows Leo Sin (2): Document additional instructions for installing stack or packages requiring C source compilation for Apple Silicon chip Document instructions for Apple silicon chip Maciej Bielecki (2): Make test-ghc-env files unique across parallel jobs Add changelog entry Malte Neuss (2): Replace NixOS example with one with dev tools Revert stack.cabal Marc Etter (1): Add Windows registry DisplayVersion (#5643) Michael Snoyman (1): Bump pantry to 0.5.6 commercialhaskell/pantry#53 Mike Pilgrem (409): Allow stack to build with lts-19.1 (GHC 9.0.2) Consistently format all LANGUAGE pragmas Clear GHC 8.10.7 and 9.0.2 compiler warnings Add backwards conpatability to CONTRIBUTING.md Remove unnecessary CPP directives Clear Stack.Types.Build.missingExeError redundancy Tidy up and extend CI Remove redundant Stack.Types.VersionIntervals module Bump to lts-19.3 in stack-ghc-902.yaml Update stack-ghc-902.yaml for pantry-0.5.5 Fix #5618 Improve documentation of `stack new` Fix #5543 Filter all LTSs to yield supported LTSs Fix #5714, so files to be deleted by `stack clean --full` are not in use Bump stack-ghc-902.yaml for lts-19.4 Fix #5664 Improve STACK_ROOT documentation Fix #5722 Document `--keep-tmp-files` option in guide Fix #5056 Document how stack uses Cabal-the-library Bump to providing hpack-0.35.0 Fix CI hlint message Fix #5727 Remove inconsistency in pretty formatting of `--coverage` Bump stack-ghc-902.yaml for lts-19.5 Fix #5713 Don't assume unified report redundant if only one *.tix file Bump stack-ghc-902.yaml for lts-19.6 Update MSYS2-related documentation Fix code blocks not rendering Fix markdown code blocks not rendering in HTML Fix code block formatting Modify ChangeLog.md Fix #5595 Explain how the Stack-supplied MSYS2 can be updated Tidy GUIDE.md - no content changes Add `stack ls tools` subcommand Bump stack-ghc-902.yaml for lts-19.7 Fix #5755 Add --script-no-run-compile flag Bump stack-ghc-902.yaml for lts-19.11 Fix #5765 Add caching to CI on Windows Fix #5780 Accumulate missing keys before logging Tidy nix_integration.md file; no substantive changes Fix #809 Use showHelpOnEmpty Fix #5787 Add info about goals, governance and support Fix #5787 Add info about goals, governance and support Fix #1369 Add build option `--cabal-verbosity=VERBOSITY` Conform help messages where `many` applies. Remove redundant imports Make types even less polymorphic Tidy-up documentation of script to customise GHC installation Different approach to the clarification Fix #5677 Add upper bound for `persistent` in `package.yaml` Bump stack-ghc-902.yaml for lts-19.16 Update ChangeLog.md for #5608 fix Extend documentation of setup-info etc Fix typo and formatting problems Clarify pull request template Tidy up and update `doc/README.md` Try to correct Markdown rendering problems Fix #5758 Warn only if GHC > 9.2 or > Cabal > 3.6 Add docs on Stack and VS Code Allow stack to build with GHC 9.2.3 (nightly-2022-07-29) Tidy up GUIDE.md Refactor, add comments, update ChangeLog.md Add an initial glossary of terms Introduce the glossary. Conform to macOS, where appropriate Conform to 'Cabal (the tool)', where appropriate Update stack.cabal Conform to PATH, where appropriate Tidy up Developing on Windows Tidy up install and upgrade Tidy up ChangeLog.md entry Further adapt linting of YAML files Update CONTRIBUTING.md from master branch Update 'Documentation' section in CONTRIBUTING.md Update GUIDE.md Turn off codehilite guess_lang Add YAML to glossary Configure Read The Docs in the repository Use index.md with Read The Docs Revert "Use index.md with Read The Docs" Pin MkDocs to version 0.17.3 Revert to pages setting for MkDocs Reverse attempts to configure ReadTheDocs Bump python for Read The Docs to version 3.6 Add a requirements.txt for Read The Docs Fix .readthedocs.yaml format Bump to mkdocs==0.17.5 Tidy up YAML configuration documentation Fix #5498 Clarify that `package.yaml` is an Hpack file format Tidy up stack.yaml vs a Cabal file Remove guess_lang: false Add an experimental project-level configuration for Windows Allow Stack to be built with GHC 9.4.1 cereal-0.5.8.3 supports GHC 9.4.1 Fix warnings when built with GHC 9.4.1 Better fork of basement for GHC 9.4.1 Depend on hi-file-parser-0.1.3.0, for GHC 9.4.1 Bump YAML config to GHC 9.2.4 Trim white space Re-enable ARM64 workflow Bump upload-artifact and download-artifact Create missing ~/.stack for alpine integration-tests.yml Create missing ~/.stack for alpine unit-tests.yml Remove project-level configuration files no longer required Document approach to `release.hs` options comment Remove unnecessary CPP directives, following move to GHC 9.2.4 Temporarily disable Stan GitHub workflow Revisit lower bounds in package.yaml, on move to GHC 9.2.4 Fix #5799 Check in Stack's *.yaml.lock files Include stack-macos.yaml.lock Add information about the content of the `snapshots` directory Exclude *.yaml.lock files of tests Reflect hi-file-parser-0.1.3.0, to accomdate GHC 9.4.1 Fix #5312 Better help for `stack ls snapshots local` Add PVP to glossary. Restructure the Guide between introductory and GUIDE_advanced Wire in the `build` command documentation Document `stack ide` commands Add context for `stack sdist` command More information about `stack sdist` options Add `stack ls stack-colors` documentation Make `stack uninstall` informative Update master docs for `stack ls tools` Add `stack config` commands Fix mark-up of bullet points Fix help for `stack config` Add 'Hoogle' to the glossary Improve YAML configuration files in glossary Reflect ulidtko's suggestions Extension needs to be valid Accept Hlint's suggestions Edit docs re known bugs for `stack config set` command Tidy up FAQ Warn Windows users of use of symlinks in repository Allow Stack to be built with GHC 9.4.2 on Windows Fix #5833 Add `int-native` GHC variant Tidy up the Nix integration documentation th-lift-instances supports GHC 9.4 Fix #5837 Update Haskell Foundation Slack invite link Include link to join Haskell Foundation Slack workspace Tidy up signing key and release documentation Re-file apparent archival material from releases.md Tidy format of releases.md Try to fix MkDocs rendering Try to MkDocs rendering Try to fix the problems with MkDocs rendering Try to fix problems with MkDocs rendering Fix numbering of sub-headings Stack's default setup-info now includes GHC 9.4.2 bindists Fix #5840 `stack path --local-doc-root` returns correct path Fix #5482 Update references to `fpco` repositories involving redirection Start documenting Stack flags and options Fix #5323 New `--no-rsl-in-log` option (by default) Update and tidy up documentation about CI Add info about CI's approach to creating a cache Improve information about the signing key Update arm64.Dockerfile Fix #5846 Report file name when a lock file not parsed Remove reference to os in YAML configuration documentation Combine ARM64 workflow with integration-tests.yml Document command line flags and options Remove arm64-release.yml Update CONTRIBUTING.md for revised GitHub workflows Try to bump MkDocs Try changing Home: README.md to index.md Revert "Try changing Home: README.md to index.md" Document info about hosting of online documentation Correct explanation of README.md Try turning off highlight.js Experiment with adding codehilite extension Experiment with applying the CSS to the div only Experiment with applying CSS to pre only Experiment with CSS for code only Make MkDocs TOC two-level Consistency with user's guide etc Change MkDocs theme to Material for MkDocs Include jQuery 3.6.1 to fix the lack of RTD injection Bump stable to latest MkDocs and to Material for MkDocs Add the Read the Docs YAML configuration file Fix error in mkdocs.yml Extend documentation about HaskellStack.org Fix rendering of code block Be express about language in Markdown fences Further related to commands in Markdown Further related to commands in Markdown Test admonition in Material for MkDocs Add other admonitions Try Material for MkDocs content tabs Further simplify home page Fix rendering problems on home page Fix rendering of home page Try nested content tabs for installation page Further refine install and upgrade documentation Enable Material for MkDocs icon shortcodes Tidy up snapshot/package location and snapshot specification Tidy up shell auto-completion Fix rendering of shell auto-completion Tidy up code coverage Tidy up non-standard project intialisation Link build command to code coverage Tidy up REPL environment documentation Tidy up lock files Fix rendering of lock files documentation Reformatting only of build overview Remove configuration files for GHC 9.4.1 Update on Markdown extensions Further use of Markdown extensions Bump to snapshot nightly-2022-09-05 Bump two Spec tests for more recent LTS/GHC Correct current versions in documentation Tidy up ChangeLog.md Bump version to next release candidate version Bump version to next unstable version and update ChangeLog.md Tidy up release candidate documentation Re-awaken aarch64 parts of get-stack.sh Bump to first odd patchlevel version Update ChangeLog.md Bump version Update ChangeLog.md Update releases documentation Extend documentation on releases Fix online rendering of ChangeLog.md Document different approach to disabling stan.yml Correct stan.yml Take a different approach to disabling stan.yml Fix reference to unreleased Stack version Improve and correct stack upload documentation Fix typos in documentation Remove quotation marks from configuration.outputs.arm64 Restore reference to 'default' default template Try with minimal quotation marks in echo Try with single quotes around strings in echo Remove stray characters at end of releases.md Restore other reference to 'default' default template Fix #5853 (docs only) Improve documentation about output options Further document output options Fix rendering of link in YAML configuration documentation Update comparison to other tools Fix rendering of bullet points Document how to upgrade the Stack-supplied 7-Zip Add explanatory comments to `cabal.project` file Clarify and extend build command documents Fix #5861 Amend YAML file without affecting its order Bump package.yaml to version 2.9.1. Fix #5868 Try to repair trigger of steps in workflow Document how to get contributors list on Windows Try express dependency on `configuration`. Consolidate ChangeLog.md for final release Bump version number in package.yaml Update ChangeLog.md Update GitHub issue templates Add constraint fsnotify < 0.4 Update CONTRIBUTING.md on backwards compatability Updates to the release process Fix #5872 Add release note about CompilerPaths cache warning Replace return with pure Relax lower bound on base to >= 4.14.3.0 (GHC 8.10.7) Improve documentation of `stack list` command Document `stack query` command Extend documentation of package-indices Fix Ambiguous module name `Distribution.PackageDescription` Update ChangeLog.md Fix #5871 For AArch64, use Debian 10 rather than Ubuntu 20.04 Remove duplicative text Update for use of Cloudflare Pages redirects Fix release.hs on Windows Fix #5893 Improve documentation for `stack new` Fix #5894 Be express about help available at command line Fix #5894 Add globalFooter to stack ls dependencies Fix #5895 Remove unwanted GHCup hooks in integration-tests.yml Update references to GHCup. Make editorial changes to code conform to online help Clarify conflict between GHCup and `stack upgrade` Update `stack upgrade` documentation Extend in-tool help for `stack upgrade` Fix minor errors in help for `stack build` Add upper bound for pantry dependency Fix #5901 Extend documentation of Stack environment on Windows Fix #5870 Provide default for `hackage-security` key Fix #5901 Extend documentation of developing with Stack on Windows Move stack setup from introductory to advanced, and extend Minor corrections and updates to documentation Reorganise and extend scripting documentation Document stack run Correct documentation of default hackage-security:key-ids Add dates to ChangeLog.md Reposition ChangeLog in online documentation Fix #5904 Better advice on upgrading MSYS2 Fix #5902 Change behaviour of `stack --no-install-ghc setup` Bump to pantry-0.7.0 Bump dependency on fsnotify to fsnotify >= 0.4.1.0 Fix #5870 Introduce package-index key Fix #5908 Set `protocol.file.allow always` in `git-submodules` test Fix #5870 Add `stack config set package-index download-prefix` command Allow StackSetupShim.hs to build with resolver: ghc-9.4.2 Re #5911 Inventory of Stack's errors Improve Markdown of Stack's errors Re #5911 Tidy up exceptions in Stack.Build Re #5911 Tidy up exceptions in Stack.Coverage RE #5911 Tidy up exceptions in Stack.Config Re #5911 Tidy up exceptions in Stack.ConfigCmd Re #5911 Tidy up exceptions in Stack.Setup Try bump to process-1.6.16.0 on macOS Add `stack-ghc-943.yaml` Extend documentation of `STACK_XDG` configuration Further extend, and fix, documentation relating to `STACK_XDG` Update `stack uninstall` command for `STACK_XDG` developments Improve documentation of `stack path` command Update documentation of `stack path` command for `STACK_XDG` development Re #5911 Tidy up exceptions in Stack.Runners Re #5911 Tidy up exceptions in Stack.Config.Nix Re #5911 Tidy up exceptions in Stack.Init Re #5911 Tidy up exceptions in Stack.Build.x and Stack.BuildPlan Re #5911 Tidy up exceptions in Stack.Clean Re #5911 Tidy up exceptions in Stack.Storage.User Re #5911 Tidy up exceptions in Stack.Script Re #5911 Tidy up exceptions in various modules Re #5911 Update documentation of Stack's errors Re #5911 Add pretty exceptions and use in Stack.Setup Re #5911 Tidy up exceptions in Main.hs Re #5911 Tidy up exceptions in Stack.Upload Re #5911 Tidy up exceptions in Stack.SDist, Stack.Hoogle and various other Re #5911 Tidy up exceptions in various modules Re #5911 Assign error numbers to exceptions Bump to rio-prettyprint-0.1.3.0, for `PrettyException` Re #4252 Add advice about documentation Re #4252 Change online table of contents Fix #5911 Apply unique error codes to Stack-generated errors Fix #5944 Make Stack Error: [S-4804] pretty Pretty Error: S-7282, S-7011, S-6374 Add `RIO.PrettyPrint` to `Stack.Prelude` Add Stack's support for the Haskell Error Index to `stack --help` Fix Pantry #58 Handle [S-536] in Stack Fix #5897 Add `--[no-]tests-allow-stdin` flag to `stack test` mend Fix #5946 Move Stack to GHC 9.2.5 Bump to pantry-0.7.1 Bump stack-ghc-9.4.3.yaml Update stack-ghc-9.4.3.yaml Fix #5952 Bump Stack to `pantry-0.8.0` Prepare for a release candidate Bump to next unstable version Update ChangeLog.md Update documentation for release candidate Prepare first release candidate v2.9.2.1 Update stack.cabal for v2.9.2.1 Update after release of first release candidate Update `wiredInPackages` Fix test 2433-ghc-by-version Fix #5956 Use `displayException`, not `show` Re #5955 Prettier Stack.Init exceptions Bump to rio-prettyprint-0.1.4.0 Re #5955 Prettier AttemptedOverwrites and FailedToDownloadTemplatesHelp Re #5955 Prettier MagicPackageNameInvalid Re #5955 Prettier ProjectDirAlreadyExists and FailedToDownloadTemplate Re #5955 Prettier missingParameters Re #5955 Prettier logUsing Re #5955 Prettier info and warning messages Re #5955 Prettier TemplatesHelpEncodingInvalid Re #5955 Prettier TemplateInvalid Re #5955 Prettier selectBestSnapshot - minor change Re #5955 Prettier LoadTemplateFailed and ExtractTemplateFailed Re #5955 Minor reformatting and Haddock corrections Re #5955 Use different file types in data constructor Re #5955 Prettier runTemplateInits and fix logSticky Re #5955 Prettier NoMatchingSnapshot, ResolverMismatch, ResolverPartial Restructure online documentation Document `stack init` command Document `stack new` command Document `stack path` command Document `stack clean` command Document `stack purge` command Document `stack ghc` command Extend documentation of `stack ls` commands Document `stack dot` in a more 'reference' style Fix rendering of `stack dot` command Fix rendering of `stack dot` command Further attempt to fix rendering of `stack dot` command Fix `stack ghc --help` Document `stack exec`, `ghc` and `runghc` commands Recast `stack hpc` documentation as reference Various updates to online documentation Document Stack's global flags and options Revist form of documentation of Stack's global flags Various reformatting Minor reformatting Add explicit import list to Options.Applicative.Complicated Add explicit import list to Options.Application.Builder.Extra Use stackVersion consistently Fix three pretty exception messages Add explicit import list to Stack.Setup Use showStackVersion consistently Add explicit import list to Stack.Script Add explicit import list to Stack.Path Reformat Stack.Nix Add explicit import list to Options.BenchParser Add explicit import lists to Stack.Options.CleanParser Add explicit import lists to Options.DotParser Further reformatting of Stack.Options.DotParser Add explicit import lists to Stack.Options.GhciParser Add explicit import lists to Stack.Options.HaddockParser Consistently format import lists Remove unnecessary import of RIO qualified Add export lists Add export lists and explicit imports Add explicit import lists Fix Hpack #530 Conform to use of 'error' in messages to users Update reference to Stack version in documentation Update snapshot references in documentation Add URLs for Stack 2.9.3 in documentation. Prepare for release of Stack 2.9.3 Naoya Yamashita (1): use `uname -m` instead of `arch` comamnd Phil de Joux (19): Help text allows multiple use for --package. Ignore dist-newstyle folder. Style with list syntax rather than say PACKAGE(S). Errors before ignores, fix some yaml lint errors. Add hlint gh-action. Remove style job from unit tests gh-action. Name clone action, bump checkout action version. Add yamllint gh-action. Add yamllint configuration. Use github format for yamllint output. Fix yamllint failures (mostly with format document). Link to unit tests and integration tests. Write and ignore .hie. Add stan gh-action and exclude all triggered checks. Conform to the linting rules for yaml. Typo close parenthesis for work directory default. Use original YAML to preserve top-level order. Adds a cabal.project file. Add 'stack ls dependencies cabal' and update cabal.config Sibi Prabakaran (15): Add support for GHC 9.2.3 and cabal shipped with it GHC 9.2.3 fixes Fixe tests for GHC 9.2.3 Fix MacOS specific issue cache-bust for macos Remove entire cache Address comments from Mike Fix log message Tweak stack.yaml for GHC 9.2.4 Update extra-deps for macos Add filepattern Cache bust for Windows Remove dependency on extra package Add extra package back and remove filepattern add back import Data.List.Extra citrusmunch (2): add fish to shell auto-completions update docs for shell auto-completion (Bash, zsh, fish) drlkf (6): Basic XDG directories Fix typo Add `global-config` output to `path` command Use `STACK_XDG` environment variable to determine XDG usage Add `STACK_XDG` to doc and changelog Remove TODO comment hs211216 (1): Add explicit details for `acme-missiles` example malteneuss (7): Rephrase first Nix integration paragraph to active voice Make nix integration package more understandable to non-nix users Fix broken links Add more Nix context to examples Update nix_integration.md Fix typo Add NixOS and Nix flake section theophilebatoz (8): refactoring: unused data + named instead of wildcards in punning refactor: remove unused lpTest and lpBench in LocalPackage refactoring: rename bad name and separate pure end impure unrelated aspects refactoring: move dependency types to their module because dependencies will be component addressed and not package adressed (to avoid circular imports in : Dependency <- Component <- Package ) fix: hlint rec unused pragma fix: stack.cabal modified when running integration tests chores: layout issues and explicit export refactoring: bring package file gathering logic into dedicated module instead of Package.hs : PackageFile, ComponentFile
The list of keys passed to the Hackage Security setup should be the
bootstrap root keys, rather than all keys used.
There are three kinds of keys used with Hackage Security today:
root keys, which are the community roots of trust, kept offline and
distributed among trusted community members,
operational keys, which are kept in memory on Hackage and used for
ongoing cryptographic signatures of the timestamp file and index,
and mirror keys, which are used to sign the mirror list.
Tools that wish to interact with Hackage need to carry a bootstrap set
of root keys to solve the chicked-and-egg problem. These are five root
keys that are implicitly trusted. These keys are used to sign
root.json in Hackage, which then specifies which additional keys are
available and used. The list here, however, contains all the keys,
rather than just the bootstrap root keys.