Migrate to crypton-x509* packages

.github/workflows/ci.yml

@@ -12,29 +12,26 @@ jobs:
     strategy:
       matrix:
         stack-yaml:
-          - stack-nightly.yaml   # ghc-9.2
-          - stack.yaml           # ghc-9.0
+          - stack-nightly.yaml   # ghc-9.6
+          - stack.yaml           # ghc-9.4
+          - stack-lts-20.26.yaml # ghc-9.2
+          - stack-lts-19.33.yaml # ghc-9.0
           - stack-lts-18.28.yaml # ghc-8.10
           - stack-lts-16.31.yaml # ghc-8.8
-          - stack-lts-14.27.yaml # ghc-8.6
-          - stack-lts-12.26.yaml # ghc-8.4
       fail-fast: false
 
     steps:
       - uses: actions/checkout@v3
-      - uses: freckle/stack-cache-action@v2
-        with:
-          stack-yaml: ${{ matrix.stack-yaml }}
-      - uses: freckle/stack-action@v3
+      - uses: freckle/stack-action@v4
         with:
           stack-yaml: ${{ matrix.stack-yaml }}
           stack-arguments: --flag aws-sns-verify:development
 
   lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: rwe/actions-hlint-setup@v1
-      - uses: rwe/actions-hlint-run@v2
+      - uses: actions/checkout@v3
+      - uses: haskell/actions/hlint-setup@v2
+      - uses: haskell/actions/hlint-run@v2
         with:
           fail-on: warning

.restyled.yaml

@@ -0,0 +1,3 @@
+restylers:
+  - "!stylish-haskell"
+  - fourmolu

CHANGELOG.md

@@ -1,10 +1,15 @@
-## [_Unreleased_](https://github.com/freckle/aws-sns-verify/compare/v0.0.0.2...main)
+## [_Unreleased_](https://github.com/freckle/aws-sns-verify/compare/v0.0.0.3...main)
 
-## [v0.0.0.2](https://github.com/freckle/aws-sns-verify/compare/v0.0.0.2...v0.0.0.1)
+## [v0.0.0.3](https://github.com/freckle/aws-sns-verify/compare/v0.0.0.2...v0.0.0.3)
+
+- Migrate to `crypton-x509*`
+- Remove CI for GHC's 8.6 and 8.8
+
+## [v0.0.0.2](https://github.com/freckle/aws-sns-verify/compare/v0.0.0.1...v0.0.0.2)
 
 - Validate PEM has come from AWS before checking signature.
 
-## [v0.0.0.1](https://github.com/freckle/aws-sns-verify/compare/v0.0.0.1...v0.0.0.0)
+## [v0.0.0.1](https://github.com/freckle/aws-sns-verify/compare/v0.0.0.0...v0.0.0.1)
 
 - Fix typo in subscribe signature
 

aws-sns-verify.cabal

@@ -1,11 +1,11 @@
 cabal-version: 1.18
 
--- This file has been generated from package.yaml by hpack version 0.34.4.
+-- This file has been generated from package.yaml by hpack version 0.35.2.
 --
 -- see: https://github.com/sol/hpack
 
 name:           aws-sns-verify
-version:        0.0.0.2
+version:        0.0.0.3
 synopsis:       Parse and verify AWS SNS messages
 description:    Please see the README on GitHub at <https://github.com/freckle/aws-sns-verify#readme>
 category:       Network, Web, AWS, Amazon, Cloud, Cryptography, Distributed-Computing
@@ -73,22 +73,22 @@ library
       aeson
     , base >=4.7 && <5
     , bytestring
+    , crypton-x509
+    , crypton-x509-validation
     , errors
     , http-conduit
     , memory
     , network-uri
     , pem
     , regex-tdfa
     , text
-    , x509
-    , x509-validation
+  default-language: Haskell2010
   if impl(ghc >= 8.10)
     ghc-options: -Wno-missing-safe-haskell-mode -Wno-prepositive-qualified-module
   if impl(ghc >= 9.2.2)
     ghc-options: -Wno-missing-kind-signatures
   if flag(development)
     cpp-options: -DDEVELOPMENT
-  default-language: Haskell2010
 
 test-suite aws-sns-verify-test
   type: exitcode-stdio-1.0
@@ -132,15 +132,15 @@ test-suite aws-sns-verify-test
     , async
     , aws-sns-verify
     , base >=4.7 && <5
+    , crypton-x509-validation
     , hspec
     , http-types
     , regex-tdfa
     , text
     , wai
     , warp
-    , x509-validation
+  default-language: Haskell2010
   if impl(ghc >= 8.10)
     ghc-options: -Wno-missing-safe-haskell-mode -Wno-prepositive-qualified-module
   if impl(ghc >= 9.2.2)
     ghc-options: -Wno-missing-kind-signatures
-  default-language: Haskell2010

fourmolu.yaml

@@ -0,0 +1,15 @@
+indentation: 2
+column-limit: 80 # ignored until v12 / ghc-9.6
+function-arrows: leading
+comma-style: leading # default
+import-export-style: leading
+indent-wheres: false # default
+record-brace-space: true
+newlines-between-decls: 1 # default
+haddock-style: single-line
+let-style: mixed
+in-style: left-align
+single-constraint-parens: never # ignored until v12 / ghc-9.6
+unicode: never # default
+respectful: true # default
+fixities: [] # default

library/Amazon/SNS/Verify.hs

@@ -3,7 +3,7 @@ module Amazon.SNS.Verify
   , verifySNSMessageEither
   , verifySNSMessageJSON
   , verifySNSMessageJSONEither
-  , SNSNotificationValidationError(..)
+  , SNSNotificationValidationError (..)
   ) where
 
 import Amazon.SNS.Verify.Prelude
@@ -12,15 +12,14 @@ import Amazon.SNS.Verify.Payload
 import Amazon.SNS.Verify.Validate
 import Control.Error (hoistEither, runExceptT)
 import Data.Aeson (FromJSON, Value, eitherDecode)
-import Data.Aeson.Types (Result(Error, Success), fromJSON)
+import Data.Aeson.Types (Result (Error, Success), fromJSON)
 import Data.Bifunctor (first)
 import Data.ByteString.Lazy (fromStrict)
 import Data.Text.Encoding (encodeUtf8)
 
 -- | Decode and verify an SNS message as JSON
 --
 -- The same as 'verifySNSMessage', but decodes the message as `JSON`.
---
 verifySNSMessageJSON :: (FromJSON a, MonadIO m) => Value -> m a
 verifySNSMessageJSON = unTryIO id <=< verifySNSMessageJSONEither
 
@@ -45,7 +44,6 @@ verifySNSMessageJSONEither value =
 --    or `UnsubscribeConfirmation`.
 -- 2. Verified against its signature.
 -- 3. And in the case of subscription events responded to.
---
 verifySNSMessage :: MonadIO m => Value -> m Text
 verifySNSMessage = unTryIO id <=< verifySNSMessageEither
 

library/Amazon/SNS/Verify/Payload.hs

@@ -1,8 +1,8 @@
 module Amazon.SNS.Verify.Payload
-  ( SNSPayload(..)
-  , SNSType(..)
-  , SNSNotification(..)
-  , SNSSubscription(..)
+  ( SNSPayload (..)
+  , SNSType (..)
+  , SNSNotification (..)
+  , SNSSubscription (..)
   ) where
 
 import Amazon.SNS.Verify.Prelude
@@ -69,7 +69,7 @@ newtype SNSNotification = SNSNotification
   deriving stock (Show, Eq, Generic)
 
 instance FromJSON SNSNotification where
-  parseJSON = genericParseJSON $ defaultOptions { fieldLabelModifier = drop 3 }
+  parseJSON = genericParseJSON $ defaultOptions {fieldLabelModifier = drop 3}
 
 data SNSSubscription = SNSSubscription
   { snsToken :: Text
@@ -78,4 +78,4 @@ data SNSSubscription = SNSSubscription
   deriving stock (Show, Eq, Generic)
 
 instance FromJSON SNSSubscription where
-  parseJSON = genericParseJSON $ defaultOptions { fieldLabelModifier = drop 3 }
+  parseJSON = genericParseJSON $ defaultOptions {fieldLabelModifier = drop 3}

library/Amazon/SNS/Verify/Prelude.hs

@@ -20,7 +20,7 @@ throwIO = liftIO . Control.Exception.throwIO
 unTryIO :: (MonadIO m, Exception e) => (a -> e) -> Either a b -> m b
 unTryIO e = either (throwIO . e) pure
 
-unTryE :: (Monad m) => (a -> e) -> Either a b -> ExceptT e m b
+unTryE :: Monad m => (a -> e) -> Either a b -> ExceptT e m b
 unTryE e = either (throwE . e) pure
 
 fromMaybeM :: Monad m => m a -> Maybe a -> m a

library/Amazon/SNS/Verify/ValidURI.hs

@@ -9,6 +9,14 @@ module Amazon.SNS.Verify.ValidURI
 
 import Amazon.SNS.Verify.Prelude
 
+_devScheme :: String
+_devScheme = "http:"
+
+_prodScheme :: String
+_prodScheme = "https:"
+
+{- FOURMOLU_DISABLE -}
+
 validScheme :: String
 validScheme =
 #ifdef DEVELOPMENT
@@ -17,12 +25,6 @@ validScheme =
   _prodScheme
 #endif
 
-_devScheme :: String
-_devScheme = "http:"
-
-_prodScheme :: String
-_prodScheme = "https:"
-
 validRegPattern :: String
 validRegPattern =
 #ifdef DEVELOPMENT
@@ -31,6 +33,8 @@ validRegPattern =
   prodRegPattern
 #endif
 
+{- FOURMOLU_ENABLE -}
+
 devRegPattern :: String
 devRegPattern = "^localhost$"