Skip to content

Hash and file size should not be mandatory in extra-deps #4887

New issue
New issue
Closed
Closed
Hash and file size should not be mandatory in extra-deps#4887
Assignees
qrilka
Milestone
P0: Blocking release
@neilmayhew

Description

@neilmayhew
neilmayhew
opened on Jun 19, 2019

General summary

Stack 2.1.1 gives a warning for any extra-deps that don't have both a hash and a file size.

Steps to reproduce

$ stack new extra-deps --no-nix
$ cd extra-deps
$ cat >>stack.yaml <<EOF
> extra-deps:
> - github: snoyberg/filelock
>   commit: 97e83ecc133cd60a99df8e1fa5a3c2739ad007dc
> EOF
$ stack build

Expected

No warnings.

Actual

$ stack build --verbose
Using archive from https://github.com/snoyberg/filelock/archive/97e83ecc133cd60a99df8e1fa5a3c2739ad007dc.tar.gz without a specified cryptographic hash
Cached hash is 78332e0d964cb2f24fdbb6b07c2a6a84a029c4fe540a0435993c85ad58eab051, file size 9526
For security and reproducibility, please add a hash and file size to your configuration
Using archive from https://github.com/snoyberg/filelock/archive/97e83ecc133cd60a99df8e1fa5a3c2739ad007dc.tar.gz without a specified cryptographic hash
Cached hash is 78332e0d964cb2f24fdbb6b07c2a6a84a029c4fe540a0435993c85ad58eab051, file size 9526
For security and reproducibility, please add a hash and file size to your configuration

Stack version

$ stack --version
Version 2.1.1, Git revision f612ea85316bbc327a64e4ad8d9f0b150dc12d4b (7648 commits) x86_64 hpack-0.31.2

Method of installation

  • Official binary, downloaded from stackage.org or fpcomplete's package repository
    (stack-2.1.1-linux-x86_64-static.tar.gz)

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions