@hackage redesigned-carnival0.4.0.0

Package for dependency confusion

Categories
License
LicenseRef-PublicDomain
Maintainer
frase@frase.id.au
Links
- Documentation
- No source repository
- Changelog
- Security
Versions
- 1.0.0.0 Thu, 11 Feb 2021
- 0.4.0.3 Thu, 15 Jan 2026
- 0.4.0.2 Mon, 14 Apr 2025
- 0.4.0.1 Fri, 7 Jun 2024
- 0.4.0.0 Fri, 12 Feb 2021
- 0.3.0.0 Fri, 12 Feb 2021

Installation
In your cabal file:
Dependencies (1)
- base >=4 && <5
Dependents (0)

Dependency confusion is a software supply chain attack described at https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610. This package was created to investigate whether Cabal is vulnerable to this kind of attack, and possible mitigations.