From bcc853107247fb72c889386fb8328da4c1a7c7f7 Mon Sep 17 00:00:00 2001 From: Felix Paulusma Date: Sun, 7 Jul 2024 00:43:51 +0200 Subject: [PATCH 1/8] some CI updates --- .github/workflows/ci.yml | 16 ++++++++-------- stack.yaml | 2 +- stack.yaml.lock | 8 ++++---- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c788aa2..7495a37 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,22 +21,22 @@ jobs: - "9.0.2" - "9.2.8" - "9.4.8" - - "9.6.5" + - "9.6.6" - "9.8.2" - "9.10.1" steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 #if: github.event.action == 'opened' || github.event.action == 'synchronize' || github.event.ref == 'refs/heads/master' - - uses: haskell/actions/setup@v2 + - uses: haskell-actions/setup@v2 id: setup-haskell-cabal name: Setup Haskell with: ghc-version: ${{ matrix.ghc }} cabal-version: ${{ matrix.cabal }} - - uses: actions/cache@v3 + - uses: actions/cache@v4 name: Cache cabal-store with: path: ${{ steps.setup-haskell-cabal.outputs.cabal-store }} @@ -68,20 +68,20 @@ jobs: - "--resolver lts-19" # GHC 9.0.2 - "--resolver lts-20" # GHC 9.2.8 - "--resolver lts-21" # GHC 9.4.8 - - "--resolver lts-22" # GHC 9.6.5 + - "--resolver lts-22" # GHC 9.6.6 - "--resolver nightly" # GHC 9.8.2 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 #if: github.event.action == 'opened' || github.event.action == 'synchronize' || github.event.ref == 'refs/heads/master' - - uses: haskell/actions/setup@v2 + - uses: haskell-actions/setup@v2 name: Setup Haskell Stack with: stack-version: ${{ matrix.stack }} enable-stack: true - - uses: actions/cache@v3 + - uses: actions/cache@v4 name: Cache ~/.stack with: path: ~/.stack diff --git a/stack.yaml b/stack.yaml index 80cd926..599de98 100644 --- a/stack.yaml +++ b/stack.yaml @@ -17,7 +17,7 @@ # # resolver: ./custom-snapshot.yaml # resolver: https://example.com/snapshots/2018-01-01.yaml -resolver: lts-22.24 +resolver: lts-22.28 # User packages to be built. # Various formats can be used as shown in the example below. diff --git a/stack.yaml.lock b/stack.yaml.lock index dd972e4..0dd02f6 100644 --- a/stack.yaml.lock +++ b/stack.yaml.lock @@ -6,7 +6,7 @@ packages: [] snapshots: - completed: - sha256: 28a863b358647f2d952fe7085ba11561aeb63eca6bc6fd1ce8fcf1cfe63717f5 - size: 719127 - url: https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/22/24.yaml - original: lts-22.24 + sha256: 87da71cb0ae9ee1ea1bf51a8eb9812f39f779be76abc0a3c926defd8afda05d1 + size: 719139 + url: https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/22/28.yaml + original: lts-22.28 From 3ce363fcfb45f2f60eb7fb06be4db54c49b9f01b Mon Sep 17 00:00:00 2001 From: Felix Paulusma Date: Sun, 7 Jul 2024 00:44:28 +0200 Subject: [PATCH 2/8] make default 'crypton', need 'cryptonite' flag to build with 'cryptonite' --- password-cli/password-cli.cabal | 2 +- password/ChangeLog.md | 6 ++++++ password/password.cabal | 22 ++++++++-------------- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/password-cli/password-cli.cabal b/password-cli/password-cli.cabal index 148bf3f..4e6e646 100644 --- a/password-cli/password-cli.cabal +++ b/password-cli/password-cli.cabal @@ -33,7 +33,7 @@ executable password-cli build-depends: base , bytestring >= 0.9 && < 1 - , password ^>= 3.0.3.0 + , password ^>= 3.0.3.0 || ^>= 3.1.0.0 , password-types ^>= 1.0 , optparse-applicative >= 0.14.3 && < 0.19 , text >= 1.2 && < 3 diff --git a/password/ChangeLog.md b/password/ChangeLog.md index 68c6e8c..ae74e05 100644 --- a/password/ChangeLog.md +++ b/password/ChangeLog.md @@ -1,5 +1,11 @@ # Changelog for `password` +## 3.1.0.0 + +- Switched default cryptographic backend library from `cryptonite` to `crypton`. + The `crypton` flag is now a no-op, and the `cryptonite` flag is needed to build + the `password` library using the `cryptonite` library. + ## 3.0.4.0 - Support `base64` package up to and including `base64-1.0`. diff --git a/password/password.cabal b/password/password.cabal index 01f66ce..1c9d2c1 100644 --- a/password/password.cabal +++ b/password/password.cabal @@ -1,7 +1,7 @@ cabal-version: 1.12 name: password -version: 3.0.4.0 +version: 3.1.0.0 category: Data synopsis: Hashing and checking of passwords description: @@ -58,13 +58,13 @@ flag bcrypt flag crypton description: Use the [crypton] library as the cryptographic backend. + (Does nothing since version 3.1.0.0; might be removed in a future major version) default: False manual: True flag cryptonite description: Use the [cryptonite] library as the cryptographic backend. - (Does nothing until a future major version) default: False manual: True @@ -120,15 +120,12 @@ library -Wall default-language: Haskell2010 - -- At some future major version bump, this should - -- be changed to the [cryptonite] flag and that - -- `if flag(cryptonite) build-depends: cryptonite` - if flag(crypton) + if flag(cryptonite) build-depends: - crypton >= 0.31 && < 1.1 + cryptonite >= 0.15.1 && < 0.31 else build-depends: - cryptonite >= 0.15.1 && < 0.31 + crypton >= 0.31 && < 1.1 test-suite doctests type: @@ -215,12 +212,9 @@ test-suite password-tasty if flag(scrypt) cpp-options: -DCABAL_FLAG_scrypt - -- At some future major version bump, this should - -- be changed to the [cryptonite] flag and that - -- `if flag(cryptonite) build-depends: cryptonite` - if flag(crypton) + if flag(cryptonite) build-depends: - crypton + cryptonite else build-depends: - cryptonite + crypton From cdf6a9aa0c9075bd18578b028a4674856f85cbd5 Mon Sep 17 00:00:00 2001 From: Felix Paulusma Date: Sun, 7 Jul 2024 00:55:20 +0200 Subject: [PATCH 3/8] 'crypton' is not in most stackage LTS-es, and GHC 9.0.2 on macOS seems to have LLVM issues --- .github/workflows/ci.yml | 2 +- stack.yaml | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7495a37..e4f4c56 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,7 +9,7 @@ on: jobs: cabal: name: cabal / ghc-${{matrix.ghc}} / ${{ matrix.os }} - continue-on-error: ${{ matrix.ghc == '9.10.1'}} + continue-on-error: ${{ matrix.ghc == '9.10.1' || (matrix.os == 'macOS-latest' && matrix.ghc == '9.0.2') }} runs-on: ${{ matrix.os }} strategy: matrix: diff --git a/stack.yaml b/stack.yaml index 599de98..f2f6fa8 100644 --- a/stack.yaml +++ b/stack.yaml @@ -41,7 +41,8 @@ packages: # Dependency packages to be pulled from upstream that are not in the resolver # using the same syntax as the packages field. # (e.g., acme-missiles-0.3) -extra-deps: [] +extra-deps: + - crypton-1.0.0 # Override default flag values for local packages and extra-deps # flags: {} From c611c27273d339970d52a55c413bd7fc1a00e037 Mon Sep 17 00:00:00 2001 From: Felix Paulusma Date: Sun, 7 Jul 2024 01:07:24 +0200 Subject: [PATCH 4/8] for some reason macOS isn't building anymore... --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e4f4c56..820b30e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,7 +9,7 @@ on: jobs: cabal: name: cabal / ghc-${{matrix.ghc}} / ${{ matrix.os }} - continue-on-error: ${{ matrix.ghc == '9.10.1' || (matrix.os == 'macOS-latest' && matrix.ghc == '9.0.2') }} + continue-on-error: ${{ matrix.ghc == '9.10.1' || matrix.os == 'macOS-latest' }} runs-on: ${{ matrix.os }} strategy: matrix: From adab7a0c258ce0d875899ba175ae7684e8aa409f Mon Sep 17 00:00:00 2001 From: Felix Paulusma Date: Sat, 19 Oct 2024 07:14:42 +0200 Subject: [PATCH 5/8] stack: keep up to date --- stack.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/stack.yaml b/stack.yaml index f2f6fa8..d863e94 100644 --- a/stack.yaml +++ b/stack.yaml @@ -17,7 +17,7 @@ # # resolver: ./custom-snapshot.yaml # resolver: https://example.com/snapshots/2018-01-01.yaml -resolver: lts-22.28 +resolver: lts-22.38 # User packages to be built. # Various formats can be used as shown in the example below. @@ -42,7 +42,7 @@ packages: # using the same syntax as the packages field. # (e.g., acme-missiles-0.3) extra-deps: - - crypton-1.0.0 + - crypton-1.0.1 # Override default flag values for local packages and extra-deps # flags: {} From f35ad51ce01715a0295b098d9ff4e7b53484e78d Mon Sep 17 00:00:00 2001 From: Felix Paulusma Date: Sat, 19 Oct 2024 07:57:52 +0200 Subject: [PATCH 6/8] misc tweaks --- password/password.cabal | 9 ++++++--- password/src/Data/Password/Validate.hs | 2 +- password/test/tasty/Scrypt.hs | 7 +++++++ stack.yaml.lock | 17 ++++++++++++----- 4 files changed, 26 insertions(+), 9 deletions(-) diff --git a/password/password.cabal b/password/password.cabal index 1c9d2c1..f527813 100644 --- a/password/password.cabal +++ b/password/password.cabal @@ -140,10 +140,8 @@ test-suite doctests base >=4.9 && <5 , base-compat , doctest - , password , QuickCheck , quickcheck-instances - , template-haskell default-language: Haskell2010 @@ -192,7 +190,6 @@ test-suite password-tasty , bytestring , memory , quickcheck-instances - , scrypt , tasty , tasty-hunit , tasty-quickcheck @@ -200,6 +197,12 @@ test-suite password-tasty , text default-language: Haskell2010 + + if os(darwin) + cpp-options: -DIS_MAC_OS + else + build-depends: scrypt + if flag(argon2) cpp-options: -DCABAL_FLAG_argon2 diff --git a/password/src/Data/Password/Validate.hs b/password/src/Data/Password/Validate.hs index 53a247c..932d52f 100644 --- a/password/src/Data/Password/Validate.hs +++ b/password/src/Data/Password/Validate.hs @@ -202,7 +202,7 @@ module Data.Password.Validate import Data.Char (chr, isAsciiLower, isAsciiUpper, isDigit, ord) import Data.Function (on) -import Data.List (foldl') +import Data.Foldable (foldl') import Data.Text (Text) import qualified Data.Text as T diff --git a/password/test/tasty/Scrypt.hs b/password/test/tasty/Scrypt.hs index 8057b2e..20db214 100644 --- a/password/test/tasty/Scrypt.hs +++ b/password/test/tasty/Scrypt.hs @@ -1,3 +1,4 @@ +{-# LANGUAGE CPP #-} module Scrypt where import Data.Maybe (fromJust) @@ -7,7 +8,9 @@ import Test.Tasty import Test.Tasty.QuickCheck import Test.QuickCheck.Instances.Text () +#ifndef IS_MAC_OS import qualified Crypto.Scrypt as Scrypt +#endif import Data.Password.Types import Data.Password.Scrypt @@ -24,7 +27,9 @@ testScrypt = testGroup "scrypt" checkPassword extractParams testsParams8Rounds +#ifndef IS_MAC_OS , testProperty "scrypt <-> cryptonite" $ withMaxSuccess 10 checkScrypt +#endif ] where hash8Rounds = hashPasswordWithParams testsParams8Rounds @@ -32,6 +37,7 @@ testScrypt = testGroup "scrypt" hash4Rounds = hashPasswordWithParams testsParams4Rounds testsParams4Rounds = defaultParams{ scryptRounds = 4, scryptSalt = 16 } +#ifndef IS_MAC_OS checkScrypt :: Text -> Property checkScrypt pass = ioProperty $ do s@(Scrypt.Salt salt) <- Scrypt.newSalt @@ -41,3 +47,4 @@ checkScrypt pass = ioProperty $ do PasswordHash ourHash = hashPasswordWithSalt defaultParams{ scryptRounds = 8 } (Salt salt) $ mkPassword pass return $ scryptHash === encodeUtf8 ourHash +#endif diff --git a/stack.yaml.lock b/stack.yaml.lock index 0dd02f6..a32fa82 100644 --- a/stack.yaml.lock +++ b/stack.yaml.lock @@ -3,10 +3,17 @@ # For more information, please see the documentation at: # https://docs.haskellstack.org/en/stable/lock_files -packages: [] +packages: +- completed: + hackage: crypton-1.0.1@sha256:f41316fbc6ad878396e476355e27b70ac35c344d74e3eefafe709e03b192be9e,14527 + pantry-tree: + sha256: b8f0a33755a0871d325300024592cd9306e393941248184e9c4faf417d4adfcd + size: 23276 + original: + hackage: crypton-1.0.1 snapshots: - completed: - sha256: 87da71cb0ae9ee1ea1bf51a8eb9812f39f779be76abc0a3c926defd8afda05d1 - size: 719139 - url: https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/22/28.yaml - original: lts-22.28 + sha256: 0964f3e2c04e21abf42e271490e6974bc923aac2f2fd595fcb53ad0c237dbed1 + size: 720034 + url: https://raw.githubusercontent.com/commercialhaskell/stackage-snapshots/master/lts/22/38.yaml + original: lts-22.38 From 57f31d994881d251ef2329cbf4cb49e596aaf584 Mon Sep 17 00:00:00 2001 From: Felix Paulusma Date: Sat, 19 Oct 2024 08:17:17 +0200 Subject: [PATCH 7/8] final adjustments to CI --- .github/workflows/ci.yml | 5 ++++- password/src/Data/Password/Validate.hs | 3 ++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 820b30e..d304fdc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,7 +9,7 @@ on: jobs: cabal: name: cabal / ghc-${{matrix.ghc}} / ${{ matrix.os }} - continue-on-error: ${{ matrix.ghc == '9.10.1' || matrix.os == 'macOS-latest' }} + continue-on-error: ${{ matrix.ghc == '9.10.1' }} runs-on: ${{ matrix.os }} strategy: matrix: @@ -24,6 +24,9 @@ jobs: - "9.6.6" - "9.8.2" - "9.10.1" + exclude: + os: macOS-latest + ghc: "9.0.2" steps: - uses: actions/checkout@v4 diff --git a/password/src/Data/Password/Validate.hs b/password/src/Data/Password/Validate.hs index 932d52f..b8a0e55 100644 --- a/password/src/Data/Password/Validate.hs +++ b/password/src/Data/Password/Validate.hs @@ -202,8 +202,9 @@ module Data.Password.Validate import Data.Char (chr, isAsciiLower, isAsciiUpper, isDigit, ord) import Data.Function (on) +#if !MIN_VERSION_base(4,20,0) import Data.Foldable (foldl') - +#endif import Data.Text (Text) import qualified Data.Text as T import Language.Haskell.TH (Exp, Q, appE) From 105381730cb08c1a349ff028d713fdfb3ead5f05 Mon Sep 17 00:00:00 2001 From: Felix Paulusma Date: Sat, 19 Oct 2024 08:21:02 +0200 Subject: [PATCH 8/8] Added reference to PR to Changelog --- password/ChangeLog.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/password/ChangeLog.md b/password/ChangeLog.md index ae74e05..ab4157b 100644 --- a/password/ChangeLog.md +++ b/password/ChangeLog.md @@ -5,6 +5,8 @@ - Switched default cryptographic backend library from `cryptonite` to `crypton`. The `crypton` flag is now a no-op, and the `cryptonite` flag is needed to build the `password` library using the `cryptonite` library. + Thanks to [@Vlix](https://github.com/Vlix) + [#81](https://github.com/cdepillabout/password/pull/81) ## 3.0.4.0