Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package ghc-http-client-tls for 
openSUSE:Factory checked in at 2026-06-22 17:43:57
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ghc-http-client-tls (Old)
 and      /work/SRC/openSUSE:Factory/.ghc-http-client-tls.new.1956 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "ghc-http-client-tls"

Mon Jun 22 17:43:57 2026 rev:29 rq:1361099 version:0.4.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/ghc-http-client-tls/ghc-http-client-tls.changes  
2026-06-10 16:04:49.649744949 +0200
+++ 
/work/SRC/openSUSE:Factory/.ghc-http-client-tls.new.1956/ghc-http-client-tls.changes
        2026-06-22 17:44:26.061292231 +0200
@@ -1,0 +2,9 @@
+Wed Mar 11 03:24:47 UTC 2026 - Peter Simons <[email protected]>
+
+- Update http-client-tls to version 0.4.0.
+  ## 0.4.0
+
+  * For MD5 hashes in Base16 format, depend on packages `cryptohash-md5` and
+    `base16` rather than `crypton` and `memory` (the latter is unmaintained).
+
+-------------------------------------------------------------------

Old:
----
  http-client-tls-0.3.6.4.tar.gz
  http-client-tls.cabal

New:
----
  http-client-tls-0.4.0.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ ghc-http-client-tls.spec ++++++
--- /var/tmp/diff_new_pack.jWCT0g/_old  2026-06-22 17:44:27.173331207 +0200
+++ /var/tmp/diff_new_pack.jWCT0g/_new  2026-06-22 17:44:27.173331207 +0200
@@ -20,26 +20,27 @@
 %global pkgver %{pkg_name}-%{version}
 %bcond_with tests
 Name:           ghc-%{pkg_name}
-Version:        0.3.6.4
+Version:        0.4.0
 Release:        0
 Summary:        Http-client backend using the connection package and tls 
library
 License:        MIT
 URL:            https://hackage.haskell.org/package/%{pkg_name}
 Source0:        
https://hackage.haskell.org/package/%{pkg_name}-%{version}/%{pkg_name}-%{version}.tar.gz
-Source1:        
https://hackage.haskell.org/package/%{pkg_name}-%{version}/revision/3.cabal#/%{pkg_name}.cabal
 BuildRequires:  ghc-Cabal-devel
 BuildRequires:  ghc-base-devel
 BuildRequires:  ghc-base-prof
+BuildRequires:  ghc-base16-devel
+BuildRequires:  ghc-base16-prof
 BuildRequires:  ghc-bytestring-devel
 BuildRequires:  ghc-bytestring-prof
 BuildRequires:  ghc-case-insensitive-devel
 BuildRequires:  ghc-case-insensitive-prof
 BuildRequires:  ghc-containers-devel
 BuildRequires:  ghc-containers-prof
+BuildRequires:  ghc-cryptohash-md5-devel
+BuildRequires:  ghc-cryptohash-md5-prof
 BuildRequires:  ghc-crypton-connection-devel
 BuildRequires:  ghc-crypton-connection-prof
-BuildRequires:  ghc-crypton-devel
-BuildRequires:  ghc-crypton-prof
 BuildRequires:  ghc-data-default-devel
 BuildRequires:  ghc-data-default-prof
 BuildRequires:  ghc-exceptions-devel
@@ -48,8 +49,6 @@
 BuildRequires:  ghc-http-client-prof
 BuildRequires:  ghc-http-types-devel
 BuildRequires:  ghc-http-types-prof
-BuildRequires:  ghc-memory-devel
-BuildRequires:  ghc-memory-prof
 BuildRequires:  ghc-network-devel
 BuildRequires:  ghc-network-prof
 BuildRequires:  ghc-network-uri-devel
@@ -100,7 +99,6 @@
 
 %prep
 %autosetup -n %{pkg_name}-%{version}
-cp -p %{SOURCE1} %{pkg_name}.cabal
 
 %build
 %ghc_lib_build

++++++ http-client-tls-0.3.6.4.tar.gz -> http-client-tls-0.4.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/http-client-tls-0.3.6.4/ChangeLog.md 
new/http-client-tls-0.4.0/ChangeLog.md
--- old/http-client-tls-0.3.6.4/ChangeLog.md    2024-10-27 08:48:51.000000000 
+0100
+++ new/http-client-tls-0.4.0/ChangeLog.md      2001-09-09 03:46:40.000000000 
+0200
@@ -1,5 +1,10 @@
 # Changelog for http-client-tls
 
+## 0.4.0
+
+* For MD5 hashes in Base16 format, depend on packages `cryptohash-md5` and
+  `base16` rather than `crypton` and `memory` (the latter is unmaintained).
+
 ## 0.3.6.4
 
 * data-default-class -> data-default 
[#546](https://github.com/snoyberg/http-client/pull/546/files)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/http-client-tls-0.3.6.4/Network/HTTP/Client/TLS.hs 
new/http-client-tls-0.4.0/Network/HTTP/Client/TLS.hs
--- old/http-client-tls-0.3.6.4/Network/HTTP/Client/TLS.hs      2024-10-27 
08:47:50.000000000 +0100
+++ new/http-client-tls-0.4.0/Network/HTTP/Client/TLS.hs        2001-09-09 
03:46:40.000000000 +0200
@@ -41,9 +41,10 @@
 import qualified Data.CaseInsensitive as CI
 import Data.Maybe (fromMaybe, isJust)
 import Network.HTTP.Types (status401)
-import Crypto.Hash (hash, Digest, MD5)
+import qualified Crypto.Hash.MD5 as MD5
 import Control.Arrow ((***))
-import Data.ByteArray.Encoding (convertToBase, Base (Base16))
+import Data.Base16.Types (extractBase16)
+import Data.ByteString.Base16 (encodeBase16')
 import Data.Typeable (Typeable)
 import Control.Monad.Catch (MonadThrow, throwM)
 import qualified Data.Map as Map
@@ -361,7 +362,7 @@
                 -- we always use no qop or qop=auth
                 ha2 = md5 $ S.concat [method req, ":", path req]
 
-                md5 bs = convertToBase Base16 (hash bs :: Digest MD5)
+                md5 = extractBase16 . encodeBase16' . MD5.hash
             key = "Authorization"
             val = S.concat
                 [ "Digest username=\""
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/http-client-tls-0.3.6.4/http-client-tls.cabal 
new/http-client-tls-0.4.0/http-client-tls.cabal
--- old/http-client-tls-0.3.6.4/http-client-tls.cabal   2024-10-27 
08:48:01.000000000 +0100
+++ new/http-client-tls-0.4.0/http-client-tls.cabal     2001-09-09 
03:46:40.000000000 +0200
@@ -1,5 +1,5 @@
 name:                http-client-tls
-version:             0.3.6.4
+version:             0.4.0
 synopsis:            http-client backend using the connection package and tls 
library
 description:         Hackage documentation generation is not reliable. For up 
to date documentation, please see: 
<https://www.stackage.org/package/http-client-tls>.
 homepage:            https://github.com/snoyberg/http-client
@@ -17,17 +17,17 @@
   exposed-modules:     Network.HTTP.Client.TLS
   other-extensions:    ScopedTypeVariables
   build-depends:       base >= 4.10 && < 5
+                     , base16 >= 1.0
+                     , cryptohash-md5
                      , data-default
                      , http-client >= 0.7.11
                      , crypton-connection
                      , network
-                     , tls >= 1.2
+                     , tls >= 2.1.2
                      , bytestring
                      , case-insensitive
                      , transformers
                      , http-types
-                     , crypton
-                     , memory
                      , exceptions
                      , containers
                      , text
@@ -46,6 +46,8 @@
                      , http-client-tls
                      , http-types
                      , crypton-connection
+                     , data-default
+                     , tls
 
 benchmark benchmark
   main-is:             Bench.hs
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/http-client-tls-0.3.6.4/test/Spec.hs 
new/http-client-tls-0.4.0/test/Spec.hs
--- old/http-client-tls-0.3.6.4/test/Spec.hs    2024-08-26 09:55:33.000000000 
+0200
+++ new/http-client-tls-0.4.0/test/Spec.hs      2001-09-09 03:46:40.000000000 
+0200
@@ -1,13 +1,28 @@
+{-# LANGUAGE CPP #-}
 {-# LANGUAGE OverloadedStrings #-}
 import Test.Hspec
 import Network.Connection
 import Network.HTTP.Client
-import Network.HTTP.Client.TLS
+import Network.HTTP.Client.TLS hiding (tlsManagerSettings)
 import Network.HTTP.Types
 import Control.Monad (join)
+import Data.Default
+import qualified Network.TLS as TLS
 
 main :: IO ()
 main = hspec $ do
+    let tlsSettings = def
+    -- Since the release of v2.0.0 of the `tls` package , the default value of
+    -- the `supportedExtendedMainSecret` parameter `is `RequireEMS`, this means
+    -- that all the connections to a server not supporting TLS1.2+EMS will 
fail.
+    -- The badssl.com service does not yet support TLS1.2+EMS connections, so
+    -- let's switch to the value `AllowEMS`, ie: TLS1.2 conenctions without 
EMS.
+#if MIN_VERSION_crypton_connection(0,4,0)
+            {settingClientSupported = def {TLS.supportedExtendedMainSecret = 
TLS.AllowEMS}}
+#endif
+
+    let tlsManagerSettings = mkManagerSettings tlsSettings Nothing
+
     it "make a TLS connection" $ do
         manager <- newManager tlsManagerSettings
         withResponse "https://httpbin.org/status/418"; manager $ \res ->
@@ -52,13 +67,13 @@
     -- https://github.com/snoyberg/http-client/issues/289
     it "accepts TLS settings" $ do
         let
-          tlsSettings = TLSSettingsSimple
+          tlsSettings' = tlsSettings
             { settingDisableCertificateValidation = True
             , settingDisableSession = False
             , settingUseServerName = False
             }
           socketSettings = Nothing
-          managerSettings = mkManagerSettings tlsSettings socketSettings
+          managerSettings = mkManagerSettings tlsSettings' socketSettings
         manager <- newTlsManagerWith managerSettings
         let url = "https://wrong.host.badssl.com";
         request <- parseRequest url

Reply via email to