@hackage / hsec-sync

Synchronize with the Haskell security advisory database

Latest0.2.0.2

About

Metadata

  • Last updated , by gdifolco
  • License BSD-3-Clause
  • Maintained by: gautier.difolco@gmail.com

  • Lottery factor: 4

Links

Installation

Tested Compilers

  1. 9.12.1
  2. 9.10.1
  3. 9.8.3
  4. 9.6.6
  5. 9.4.8
  6. 9.2.8
  7. 9.0.2
  8. 8.10.7

Readme

hsec-sync

Synchronize with the Haskell advisories database.

Building

We aim to support both regular cabal-based and nix-based builds.

Design

hsec-tools is the main entry point for dealing with security advisories.

Libraries implementors and services providers will mainly be interested by Security.Advisories.Queries and hsec-tools query which allows querying against a directory containing the advisories.

There are two ways for maintaining this local directory up-to-date:

  • Manually (based on git of fetching archive from GitHub)
  • Relying on hsec-sync (either via Security.Advisories.Sync.sync or hsec-sync sync)

overview

The recommended workflow is:

  1. Use hsec-sync to ensure having an up-to-date advisories directory (created or updated)
  2. Use hsec-tools to perform queries against it

recommended-workflow