Re: [Haskell-cafe] Simple way to do something like ArrowChoice.right on a Conduit? (version 1.0.0)
On Thu, Feb 28, 2013 at 9:18 PM, Joey Adams joeyadams3.14...@gmail.comwrote: Can I transform a conduit so some values are passed through unchanged, but others go through the conduit? For example: right :: Conduit i m o - Conduit (Either x i) m (Either x o) Actually, I didn't need this after all. I'm using Automaton from the arrows package for the first part of my pipeline. Only the zlib compression step is a Conduit, so I can just use arrow functions to lift Flush to the rest. Nonetheless, someone else might want to do this. Now that I think of it, not all of the arrow operations make sense (in particular, (***)), but splitting data between conduits (like ArrowChoice (+++)) does make sense, I think. ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] cabal install ghc-mod installs 3 years old version
Doesn't Cabal tend to install library packages under the .cabal folder? So blowing it away gets rid of the problematic ones. (And everything else.) On 25 Feb 2013, at 16:56, Brent Yorgey wrote: On Sun, Feb 24, 2013 at 02:33:55PM +, Niklas Hambüchen wrote: You are right, my ghc-7.4.2 was broken in ghc-pkg list; I fixed the problem by killing my .cabal folder (as so often). Surely you mean by killing your .ghc folder? I do not see what effect killing your .cabal folder could possibly have on broken packages. ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] ANN: Nomyx 0.1 beta, the game where you can change the rules
happstack-authenticate looks impressive, they seem to support for Google , Yahoo, Live Journal, Myspace, and OpenId logins! I'll try it. On Fri, Mar 1, 2013 at 5:17 AM, Chris Wong chrisyco+haskell-c...@gmail.comwrote: On Thu, Feb 28, 2013 at 1:26 PM, Brandon Allbery allber...@gmail.com wrote: On Wed, Feb 27, 2013 at 8:37 AM, Corentin Dupont corentin.dup...@gmail.com wrote: Hi Chris, Thanks! That's true for the user number. What should I do? Encrypt it? It's not that you have a user number, or even that it's accessible: it's that it's the entirety of access control, meaning that if the user changes it they can masquerade as another user. The correct solution is that a user should authenticate, which creates a session hash that you stash away and also send back to the user as a cookie so the browser will present it on accesses. Then you check that the presented hash is there and matches the session hash. These should expire periodically, requiring the user to log back in again. Brandon pretty much pulled the words out of my mouth, but I have one last thing to add: no matter how well you encrypt the information, as long as it's in the URL it's insecure. Hypothetical situation #1: if there's someone looking over your shoulder, they can just note down the address -- it is in plain view, after all. Even more likely: your friend wants to watch the game, so you send her the link. Unfortunately, you forget to delete your session information from the URL. Now your friend (conveniently named Eve) has hijacked your account and is voting on your behalf. The Ruby on Rails website has an excellent explanation of common security holes [1]. The article is Rails-centric, but most of it applies to Haskell as well. [1] http://guides.rubyonrails.org/security.html As for libraries, Happstack has happstack-authenticate [2]. I haven't used it myself, but it looks good. [2] http://hackage.haskell.org/package/happstack-authenticate Chris -- brandon s allbery kf8nh sine nomine associates allber...@gmail.com ballb...@sinenomine.net unix, openafs, kerberos, infrastructure, xmonad http://sinenomine.net ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] The state of binary (de)serialization
Hey guys, I didn't see this thread at first, thanks to Johan for bringing it to my attention. cereal is a fork of binary, and provided a incremental interface before binary did. It also has a few additional combinators like isolate and label, which is the reason why safecopy uses cereal instead of binary (at least I know it uses label). As an experiment, I've wrapped the api of Data.ByteString.Builder and and re-exported it as Data.Binary.Builder, but it turned out that performance got worse. I have yet to look into why. Once it all seems ok, binary will just wrap and re-export bytestrings builder. If you use binary or builder doesn't really matter, the basic APIs are very similar. builder can offer some more options if you want to spend more time in tuning for speed. binary is also already in the HP, since it is bundled with GHC (GHC depends on binary). In other words, depending on binary should be future-proof. On another note, binary-0.7 is out, get it while it's hot! :) Lennart 2013/2/26 Johan Tibell johan.tib...@gmail.com On Mon, Feb 25, 2013 at 4:51 PM, Alexander Solla alex.so...@gmail.comwrote: On Mon, Feb 25, 2013 at 11:59 AM, Johan Tibell johan.tib...@gmail.comwrote: There are some blog posts and comments out there about merging cereal and binary, is this what's the goal/going on (cfr runGetIncremental)? It's most definitely the goal and it's basically done. The only thing I don't think we'll adopt from cereal is the instances from container types. Why not? Those instances are useful. Without instances defined in binary/cereal, pretty much every Happstack (or, better said, every ixset/acidstate/safecopy stack) user will have to have orphan instances. I will have to give a bit more context to answer this one. After the binary package was created we've realized that it should really have been two packages: * One package for serialization and deserialization of basic types, that have a well-defined serialization format even outside the package e.g. little and big endian integers, IEEE floats, etc. This package would correspond to Data.Binary.Get, Data.Binary.Builder, and Data.Binary.Put. * One package that defines a particular binary format useful for serializing arbitrary Haskell values. This package would correspond to Data.Binary. For the latter we need to decide what guarantees we make. For example, is the format stable between releases? Is the format public (such that other libraries can parse the output of binary)? Right now these two questions are left unanswered in both binary and cereal, making those packages less useful. Before we answer those questions we don't want to 1) add more dependencies to binary and 2) define serialization formats that we might break in the next release. So perhaps once we've settled these issues we'll include instances for containers. Also, cereal has a generic instance. Will the new binary? That sounds reasonable. If someone sends a pull request Lennart or I will review and merge it. -- Johan ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] ANN: Nomyx 0.1 beta, the game where you can change the rules
On 2/28/2013 11:17 PM, Chris Wong wrote: On Wed, Feb 27, 2013 at 8:37 AM, Corentin Dupontcorentin.dup...@gmail.com wrote: Hi Chris, Thanks! That's true for the user number. What should I do? Encrypt it? It's not that you have a user number, or even that it's accessible: it's that it's the entirety of access control, meaning that if the user changes it they can masquerade as another user. The correct solution is that a user should authenticate, which creates a session hash that you stash away and also send back to the user as a cookie so the browser will present it on accesses. Then you check that the presented hash is there and matches the session hash. These should expire periodically, requiring the user to log back in again. Additionally, you can change the session hash with every page hit, to some other totally random hash. If someone steals your session, they had better act on it immediately, lest you visit another page and it changes completely. If your session gets hijacked, you get logged out. When you log in again the attacker loses access. You can also check sessions by the hash and IP address. That has usability concerns though. Even if players never switch machines in the middle of a game, suppose you are playing on a cell phone and your train goes through a tunnel. When you reconnect, your provider gives you a different IP and you are logged out. ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] ANN: Nomyx 0.1 beta, the game where you can change the rules
Joe Quinn headprogrammingc...@gmail.com wrote: Additionally, you can change the session hash with every page hit, to some other totally random hash. If someone steals your session, they had better act on it immediately, lest you visit another page and it changes completely. If your session gets hijacked, you get logged out. When you log in again the attacker loses access. That will likely cause trouble with concurrent connections aka pipelining: * Client sends request 1 with session id A. * Server receives request 1, verifies A = A, handles the request, sets new hash to B, sends response. * Client sends request 2 with session id A. * Server rejects request 2, because session id mismatch (A /= B). * Client receives response to request 1, sets session id to B. Don't change the session id in the middle of the session. To prevent session hijacking you need to use SSL. Greets, Ertugrul -- Not to be or to be and (not to be or to be and (not to be or to be and (not to be or to be and ... that is the list monad. signature.asc Description: PGP signature ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] ANN: Nomyx 0.1 beta, the game where you can change the rules
Hi all, with the mutiplayer server, the game was occasionally crashing with: CPU time limit exceeded (core dumped) I think it was due to some ulimit set too low, it should work better now. BR, C On Wed, Feb 27, 2013 at 12:28 AM, Corentin Dupont corentin.dup...@gmail.com wrote: Hello everybody! I am very happy to announce the beta release [1] of Nomyx, the only game where You can change the rules. This is an implementation of a Nomic [2] game in Haskell (I believe the first complete implementation). In a Nomyx game you can change the rules of the game itself while playing it. The players can submit new rules or modify existing ones, thus completely changing the behaviour of the game through time. The rules are managed and interpreted by the computer. They must be written in the Nomyx language, which is a subset of Haskell. At the beginning, the initial rules are describing: - how to add new rules and change existing ones. For example a unanimity vote is necessary to have a new rule accepted. - how to win the game. For example you win the game if you have 5 rules accepted. But of course even that can be changed! Here is a video introduction and first tutorial of the game: http://vimeo.com/58265498 The game is running here: www.nomyx.net:8000/Nomyx I have set up a forum where players can learn about Nomyx and discuss the rules they intend to propose: www.nomyx.net/forum As this is the first beta release of the game, I'm looking for beta testers :) Although I tested it quite a lot, I'm sure a lot of bugs remains, especially in multiplayer. So if you are interested in testing Nomyx, please go to this forum thread and we'll set up a small team to start a match! http://www.nomyx.net/forum/viewtopic.php?p=5 Comments/contributions are very highly welcome! There is still a lot to do. As for now, the game is not completely securised. It is easy to break it by submitting rules containing malicious code. I'm working on it. If you'd like to do security testing, please do it locally on your own machine and send me a bug report :). Cheers, Corentin [1] http://hackage.haskell.org/package/Nomyx [2] www.nomic.net ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] cabal install ghc-mod installs 3 years old version
On 13-03-01 05:10 AM, Malcolm Wallace wrote: Doesn't Cabal tend to install library packages under the .cabal folder? So blowing it away gets rid of the problematic ones. (And everything else.) You need to perform scientific experiments to refute that claim, then see my http://www.vex.net/~trebla/haskell/sicp.xhtml#ident then perform more scientific experiments to try to refute my claim (and see that my claim passes your scrutiny). ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] cabal install ghc-mod installs 3 years old version
On Fri, Mar 1, 2013 at 12:08 PM, Albert Y. C. Lai tre...@vex.net wrote: On 13-03-01 05:10 AM, Malcolm Wallace wrote: Doesn't Cabal tend to install library packages under the .cabal folder? So blowing it away gets rid of the problematic ones. (And everything else.) You need to perform scientific experiments to refute that claim, then see my At least some versions of cabal-install do put the actual library install trees under .cabal/lib, then register them under .ghc. -- brandon s allbery kf8nh sine nomine associates allber...@gmail.com ballb...@sinenomine.net unix, openafs, kerberos, infrastructure, xmonadhttp://sinenomine.net ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
[Haskell-cafe] Galois is hiring!
Galois is hiring! We're looking for functional programmers, formal methods practitioners, and project leads, with a variety of positions open at all professional experience levels. For more information on the job openings and Galois in general, see: http://corp.galois.com/careers I've written before about what makes Galois a great organization to be a part of: http://blog.codersbase.com/2012/03/life-at-galois.html Thanks, Jason___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
[Haskell-cafe] ANNOUNCE: netpbm
I'm happy to announce a new library, netpbm, a full implementation of the netpbm image formats (PPM, PGM, PBM) in pure Haskell. The P*N formats describe themselves as as easy as possible; they mainly consist of dimensions + uncompressed data and are used especially in between graphics programs, e.g. between ImageMagick and its ghostscript part as well as in ffmpeg. There are six formats (bitmap, greyscale, color, each of them coming in binary and ASCII variants). This parses all of them. The main focus of this library is *pedantic* adherence to the spec (http://netpbm.sourceforge.net/doc/pbm.html) - in fact I claim that all implementations out there do not properly implement the spec correctly, not even the netpbm project itself. I have not properly verified this yet, but my library can parse valid PPM files that don't display in my image viewer (which is built on top of the C library in question). To be honest, one cannot really blame anybody for this since netpbm allows pretty insane things (such as comments inside numeric literals) and its claim to be simple is absolutely hilarious. haskell-netpbm is backed by an extensive test suite that checks its compatibility with images created by common programs (GIMP, convert), public data sets, and random pictures I found on the Internet. It is built using attoparsec. You can find it on http://hackage.haskell.org/package/netpbm Any contributions in form of code, tests images or claims that I don't implement the spec right are highly welcome at https://github.com/nh2/haskell-netpbm Please note that I just finished the implementation and that I will clean up (break) the API in the next release, but I found it made sense to announce it as early as possible now that the format implementation is complete. Niklas ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
Re: [Haskell-cafe] Announce: Leksah 0.13.2.0 (still a bit experimental)
12.10 uses webkit 1.10 so the -fwebkit1.8 was probably tripping it up. I have updated webkit so that webkit 1.8 is detected automatically and updated the .travis.yml file. Please try again. On 23 Feb 2013, at 06:20, alejandro.bell...@gmail.com wrote: I compiled Leksah 0.13.2 using Ubuntu 12.04 (I followed the instructions on .travis.yml). It was OK, but when I tried to compile with Ubuntu 12.10, I got the following error: Building webkit-0.12.5... Preprocessing library webkit-0.12.5... gtk2hsC2hs: Errors during expansion of binding hooks: webkit1.8/Graphics/UI/Gtk/WebKit/DOM/File.chs:17: (column 14) [ERROR] Unknown identifier! Cannot find a definition for `webkit_dom_file_get_file_name' in the header file. webkit1.8/Graphics/UI/Gtk/WebKit/DOM/File.chs:23: (column 16) [ERROR] Unknown identifier! Cannot find a definition for `webkit_dom_file_get_file_size' in the header file. Can you help me, please? Alejandro T. Bello Ruiz -- You received this message because you are subscribed to the Google Groups leksah group. To unsubscribe from this group and stop receiving emails from it, send an email to leksah+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out. ___ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe