1 patch for repository https://darcs.net/screened:

patch 2797a991d7c708fc055960ce07ac98d250a941e8
Author: Ben Franksen <ben.franksen@online.de>
Date:   Wed May 15 16:24:02 CEST 2024
  * resolve issue2715: hub.darcs.net does not support "Extended Main Secret"

  We use a new addition to crypton-connection in order to change the default
  setting back to old (tls < 2.0) default. For ghc < 8.8 crypton-connection
  is not available, so instead we constrain tls as before.

Attachments

• patch-preview.txt
• resolve-issue2715_-hub_darcs_net-does-not-support-_extended-main-secret_.dpatch

[in darcs.cabal]
>                       data-default-class,

any reason not to give this bounds?

I tested this to double-check it does fix the problem. Thanks!

>     +            , TLS.supportedCiphers = TLS.ciphersuite_default

What's this line for?

It might also be helpful to add comments to explain what's going on.

> >                       data-default-class,
>
> any reason not to give this bounds?

Mere sloppiness on my part, sorry. Will fix.

>    TLS.supportedCiphers = TLS.ciphersuite_default
>
> What's this line for?

This is how crypton-connection modifies the default from TLS (which is an 
empty list rather than TLS.ciphersuite_default).

> It might also be helpful to add comments to explain what's going on.

Good idea.

Following up on review (part 1).

1 patch for repository https://darcs.net/screened:

patch 27999b83bd583e14dd553db97d8629084ac7a5c8
Author: Ben Franksen <ben.franksen@online.de>
Date:   Sun May 19 12:28:29 CEST 2024
  * add missing constraints data-default-class

Attachments

• add-missing-constraints-data_default_class.dpatch
• patch-preview.txt

Following up on review (part 2)

3 patches for repository https://darcs.net/screened:

patch 1384cf9e070c65c709db76afece86f5974400c9f
Author: Ben Franksen <ben.franksen@online.de>
Date:   Sun May 19 13:01:46 CEST 2024
  * add docs to configureHttpConnectionManager

patch 54d2b72449c25729eb5e89cfa74efb72f3089f31
Author: Ben Franksen <ben.franksen@online.de>
Date:   Sun May 19 13:46:37 CEST 2024
  * fix comment in darcs.cabal

patch be7ec8b428ddf619fb85447cdfdb8776fa919f6b
Author: Ben Franksen <ben.franksen@online.de>
Date:   Sun May 19 13:51:32 CEST 2024
  * avoid setting TLS.supportedCiphers in configureHttpConnectionManager

  The NC.settingClientSupported member of the default value for NC.TLSSettings
  already contains this setting, so we use that default and only change
  TLS.supportedExtendedMainSecret. This is semantically simpler and more
  robust in case TLSSettingsSimple acquires additional members. Unfortunately,
  doing nested record updates is a rather verbose affair in Haskell w/o
  lenses, so the code is somewhat less readable now.

Attachments

• add-docs-to-configurehttpconnectionmanager.dpatch
• patch-preview.txt

Unfortunately, I fear that the dependency on crypton-connection-0.4 might 
bring us even further away from darcs being in stackage. The current 
nightly build still has crypton-connection-0.3.2, probably due to other 
packages depending on it not yet having raised their upper bounds.

Looks good, thanks. Agreed crypton-connection is a problem but at least
we now support the latest versions of things rather than requiring
older ones.