Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package ghc-http-client-tls for
openSUSE:Factory checked in at 2026-06-22 17:43:57
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ghc-http-client-tls (Old)
and /work/SRC/openSUSE:Factory/.ghc-http-client-tls.new.1956 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ghc-http-client-tls"
Mon Jun 22 17:43:57 2026 rev:29 rq:1361099 version:0.4.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/ghc-http-client-tls/ghc-http-client-tls.changes
2026-06-10 16:04:49.649744949 +0200
+++
/work/SRC/openSUSE:Factory/.ghc-http-client-tls.new.1956/ghc-http-client-tls.changes
2026-06-22 17:44:26.061292231 +0200
@@ -1,0 +2,9 @@
+Wed Mar 11 03:24:47 UTC 2026 - Peter Simons <[email protected]>
+
+- Update http-client-tls to version 0.4.0.
+ ## 0.4.0
+
+ * For MD5 hashes in Base16 format, depend on packages `cryptohash-md5` and
+ `base16` rather than `crypton` and `memory` (the latter is unmaintained).
+
+-------------------------------------------------------------------
Old:
----
http-client-tls-0.3.6.4.tar.gz
http-client-tls.cabal
New:
----
http-client-tls-0.4.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ghc-http-client-tls.spec ++++++
--- /var/tmp/diff_new_pack.jWCT0g/_old 2026-06-22 17:44:27.173331207 +0200
+++ /var/tmp/diff_new_pack.jWCT0g/_new 2026-06-22 17:44:27.173331207 +0200
@@ -20,26 +20,27 @@
%global pkgver %{pkg_name}-%{version}
%bcond_with tests
Name: ghc-%{pkg_name}
-Version: 0.3.6.4
+Version: 0.4.0
Release: 0
Summary: Http-client backend using the connection package and tls
library
License: MIT
URL: https://hackage.haskell.org/package/%{pkg_name}
Source0:
https://hackage.haskell.org/package/%{pkg_name}-%{version}/%{pkg_name}-%{version}.tar.gz
-Source1:
https://hackage.haskell.org/package/%{pkg_name}-%{version}/revision/3.cabal#/%{pkg_name}.cabal
BuildRequires: ghc-Cabal-devel
BuildRequires: ghc-base-devel
BuildRequires: ghc-base-prof
+BuildRequires: ghc-base16-devel
+BuildRequires: ghc-base16-prof
BuildRequires: ghc-bytestring-devel
BuildRequires: ghc-bytestring-prof
BuildRequires: ghc-case-insensitive-devel
BuildRequires: ghc-case-insensitive-prof
BuildRequires: ghc-containers-devel
BuildRequires: ghc-containers-prof
+BuildRequires: ghc-cryptohash-md5-devel
+BuildRequires: ghc-cryptohash-md5-prof
BuildRequires: ghc-crypton-connection-devel
BuildRequires: ghc-crypton-connection-prof
-BuildRequires: ghc-crypton-devel
-BuildRequires: ghc-crypton-prof
BuildRequires: ghc-data-default-devel
BuildRequires: ghc-data-default-prof
BuildRequires: ghc-exceptions-devel
@@ -48,8 +49,6 @@
BuildRequires: ghc-http-client-prof
BuildRequires: ghc-http-types-devel
BuildRequires: ghc-http-types-prof
-BuildRequires: ghc-memory-devel
-BuildRequires: ghc-memory-prof
BuildRequires: ghc-network-devel
BuildRequires: ghc-network-prof
BuildRequires: ghc-network-uri-devel
@@ -100,7 +99,6 @@
%prep
%autosetup -n %{pkg_name}-%{version}
-cp -p %{SOURCE1} %{pkg_name}.cabal
%build
%ghc_lib_build
++++++ http-client-tls-0.3.6.4.tar.gz -> http-client-tls-0.4.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/http-client-tls-0.3.6.4/ChangeLog.md
new/http-client-tls-0.4.0/ChangeLog.md
--- old/http-client-tls-0.3.6.4/ChangeLog.md 2024-10-27 08:48:51.000000000
+0100
+++ new/http-client-tls-0.4.0/ChangeLog.md 2001-09-09 03:46:40.000000000
+0200
@@ -1,5 +1,10 @@
# Changelog for http-client-tls
+## 0.4.0
+
+* For MD5 hashes in Base16 format, depend on packages `cryptohash-md5` and
+ `base16` rather than `crypton` and `memory` (the latter is unmaintained).
+
## 0.3.6.4
* data-default-class -> data-default
[#546](https://github.com/snoyberg/http-client/pull/546/files)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/http-client-tls-0.3.6.4/Network/HTTP/Client/TLS.hs
new/http-client-tls-0.4.0/Network/HTTP/Client/TLS.hs
--- old/http-client-tls-0.3.6.4/Network/HTTP/Client/TLS.hs 2024-10-27
08:47:50.000000000 +0100
+++ new/http-client-tls-0.4.0/Network/HTTP/Client/TLS.hs 2001-09-09
03:46:40.000000000 +0200
@@ -41,9 +41,10 @@
import qualified Data.CaseInsensitive as CI
import Data.Maybe (fromMaybe, isJust)
import Network.HTTP.Types (status401)
-import Crypto.Hash (hash, Digest, MD5)
+import qualified Crypto.Hash.MD5 as MD5
import Control.Arrow ((***))
-import Data.ByteArray.Encoding (convertToBase, Base (Base16))
+import Data.Base16.Types (extractBase16)
+import Data.ByteString.Base16 (encodeBase16')
import Data.Typeable (Typeable)
import Control.Monad.Catch (MonadThrow, throwM)
import qualified Data.Map as Map
@@ -361,7 +362,7 @@
-- we always use no qop or qop=auth
ha2 = md5 $ S.concat [method req, ":", path req]
- md5 bs = convertToBase Base16 (hash bs :: Digest MD5)
+ md5 = extractBase16 . encodeBase16' . MD5.hash
key = "Authorization"
val = S.concat
[ "Digest username=\""
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/http-client-tls-0.3.6.4/http-client-tls.cabal
new/http-client-tls-0.4.0/http-client-tls.cabal
--- old/http-client-tls-0.3.6.4/http-client-tls.cabal 2024-10-27
08:48:01.000000000 +0100
+++ new/http-client-tls-0.4.0/http-client-tls.cabal 2001-09-09
03:46:40.000000000 +0200
@@ -1,5 +1,5 @@
name: http-client-tls
-version: 0.3.6.4
+version: 0.4.0
synopsis: http-client backend using the connection package and tls
library
description: Hackage documentation generation is not reliable. For up
to date documentation, please see:
<https://www.stackage.org/package/http-client-tls>.
homepage: https://github.com/snoyberg/http-client
@@ -17,17 +17,17 @@
exposed-modules: Network.HTTP.Client.TLS
other-extensions: ScopedTypeVariables
build-depends: base >= 4.10 && < 5
+ , base16 >= 1.0
+ , cryptohash-md5
, data-default
, http-client >= 0.7.11
, crypton-connection
, network
- , tls >= 1.2
+ , tls >= 2.1.2
, bytestring
, case-insensitive
, transformers
, http-types
- , crypton
- , memory
, exceptions
, containers
, text
@@ -46,6 +46,8 @@
, http-client-tls
, http-types
, crypton-connection
+ , data-default
+ , tls
benchmark benchmark
main-is: Bench.hs
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/http-client-tls-0.3.6.4/test/Spec.hs
new/http-client-tls-0.4.0/test/Spec.hs
--- old/http-client-tls-0.3.6.4/test/Spec.hs 2024-08-26 09:55:33.000000000
+0200
+++ new/http-client-tls-0.4.0/test/Spec.hs 2001-09-09 03:46:40.000000000
+0200
@@ -1,13 +1,28 @@
+{-# LANGUAGE CPP #-}
{-# LANGUAGE OverloadedStrings #-}
import Test.Hspec
import Network.Connection
import Network.HTTP.Client
-import Network.HTTP.Client.TLS
+import Network.HTTP.Client.TLS hiding (tlsManagerSettings)
import Network.HTTP.Types
import Control.Monad (join)
+import Data.Default
+import qualified Network.TLS as TLS
main :: IO ()
main = hspec $ do
+ let tlsSettings = def
+ -- Since the release of v2.0.0 of the `tls` package , the default value of
+ -- the `supportedExtendedMainSecret` parameter `is `RequireEMS`, this means
+ -- that all the connections to a server not supporting TLS1.2+EMS will
fail.
+ -- The badssl.com service does not yet support TLS1.2+EMS connections, so
+ -- let's switch to the value `AllowEMS`, ie: TLS1.2 conenctions without
EMS.
+#if MIN_VERSION_crypton_connection(0,4,0)
+ {settingClientSupported = def {TLS.supportedExtendedMainSecret =
TLS.AllowEMS}}
+#endif
+
+ let tlsManagerSettings = mkManagerSettings tlsSettings Nothing
+
it "make a TLS connection" $ do
manager <- newManager tlsManagerSettings
withResponse "https://httpbin.org/status/418" manager $ \res ->
@@ -52,13 +67,13 @@
-- https://github.com/snoyberg/http-client/issues/289
it "accepts TLS settings" $ do
let
- tlsSettings = TLSSettingsSimple
+ tlsSettings' = tlsSettings
{ settingDisableCertificateValidation = True
, settingDisableSession = False
, settingUseServerName = False
}
socketSettings = Nothing
- managerSettings = mkManagerSettings tlsSettings socketSettings
+ managerSettings = mkManagerSettings tlsSettings' socketSettings
manager <- newTlsManagerWith managerSettings
let url = "https://wrong.host.badssl.com"
request <- parseRequest url