• Actions: view https://hackage.haskell.org/mirrors.json
• Expected: signed.expires field will be in the future
• Actual: it's in the past, specifically yesterday

This is resulting in bug reports from users of Stack trying to initialize a new hackage-security-based package index:

• Verification error: <repo>/mirrors.json is expired commercialhaskell/stack#3731
• mirrors.json expired: stack build has suddenly stopped working in all my projects commercialhaskell/stack#4927

I'm currently considering working around this by disabling the expiry checks by default in Stack's usage of hackage-security.