mangoiv, Hi! Ever wanted to check your cabal projects against the haskell security-advisories database?
Now it has become possible; I have implemented the first prototype of an equivalent to
npm
orcargo
audit,cabal-audit
and it now it is in a usable state:
https://github.com/haskell/security-advisories/pull/148
there is two ways to run it:
- install from source with cabal
- (more convenient)
nix run github:mangoiv/security-advisories/mangoiv/hsec-cabal#hsec-cabal
soon (next cabal release) this will also work as a plugin, i.e.
cabal audit
will use thecabal-audit
binary in yourPATH
thanks to @yvan who made that possible.Tell me if you like it ;)
Add comment