Skip to content

Support latest tls (2.3.0) and crypton (1.1.0)#69

Merged
jappeace merged 8 commits intowinterland1989:masterfrom
jappeace-sloth:fix-tls-crypton-bounds
Mar 7, 2026
Merged

Support latest tls (2.3.0) and crypton (1.1.0)#69
jappeace merged 8 commits intowinterland1989:masterfrom
jappeace-sloth:fix-tls-crypton-bounds

Conversation

@jappeace-sloth
Copy link

@jappeace-sloth jappeace-sloth commented Mar 7, 2026

Summary

  • Bump tls bounds to support up to 2.3.x
  • Bump crypton bounds to include ^>=1.1.0
  • Fix Data.TLSSetting for tls 2.x (removed Default instances, use CPP shims)
  • Fix Database.MySQL.Connection for crypton 1.1.0 (memoryram migration, use PackageImports)
  • Bump base to <4.22 for GHC 9.12
  • Bump data-default-class to allow 0.2.x
  • Add ram dependency (needed alongside memory for crypton 1.1.0)
  • Update nix flake: bump nixpkgs, add ram override, remove stale tls 1.7.1 pin
  • Update CI: merge workflows, add GHC 9.8/9.10/9.12, drop 9.2/9.4, use haskell-actions/setup@v2

Test plan

  • Builds with tls 2.3.0 + crypton 1.1.0 (latest)
  • Builds with tls 2.2.2 + crypton 1.0.6 (older)
  • Nix build passes
  • CI matrix passes (9.6, 9.8, 9.10, 9.12 × ubuntu/macOS/windows)

🤖 Generated with Claude Code

jappeace-sloth and others added 8 commits March 7, 2026 11:40
@claude
Bump tls, crypton, and base upper bounds
c899887 
- tls: allow 1.9.x through 2.3.x (was capped at <1.9)
- crypton: allow 1.x (was capped at <0.40)
- base: allow up to <4.22 (was capped at <4.19)

tls 2.x removed Default instances for ServerParams, Shared,
Supported, and ValidationCache. Use CPP to select between
def (tls <2) and the new named defaults like defaultParamsServer,
defaultShared, defaultSupported, defaultValidationCache (tls >=2).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
Support crypton 1.1.0 (ram replaces memory)
6844000 
crypton 1.1.0 replaced the memory package with ram for ByteArrayAccess.
Use CPP + PackageImports to import Data.ByteArray from the correct
package depending on the crypton version.

Also bump crypton bound to include ^>=1.1.0 and add ram as dependency.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
Bump nixpkgs, fix nix build
d3dc7b8 
- Update nixpkgs to March 2026
- Remove hardcoded tls 1.7.1 override (no longer needed)
- Add ram package override (not yet in nixpkgs)
- Bump data-default-class bound to allow 0.2.x

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
Update CI matrix: add GHC 9.8, 9.10, 9.12; drop 9.2, 9.4
81c7697 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
Fix CI: switch to haskell-actions/setup, bump action versions
41a1436 
haskell/actions/setup is deprecated and doesn't support GHC 9.12.
Switch to haskell-actions/setup@v2 and bump checkout/cache to v4.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
Enable fail-fast in CI matrix
9243830 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
Merge CI workflows, cancel entire run on any failure
0253f29 
Combine nix.yaml and cabal.yaml into a single ci.yaml so that a
failure in either the nix or cabal jobs cancels the whole workflow run
via `gh run cancel`.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
Fix cancel step: add permissions and continue-on-error
c0bd4bd 
- Add permissions: actions: write for workflow cancellation
- Add continue-on-error on cancel step (fork PRs lack permissions)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@jappeace-sloth jappeace-sloth force-pushed the fix-tls-crypton-bounds branch from d94225e to c0bd4bd Compare March 7, 2026 11:41
@jappeace jappeace merged commit 486e5e3 into winterland1989:master Mar 7, 2026
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jappeace-sloth @jappeace