Log message:
security/hs-tls: Don't require RFC 7627 Extended Master Secret by default

Log message:
recursive revbump after patching lang/ghc910

Log message:
Bump all Haskell packages after switching the default compiler.

Log message:
security/hs-tls: update to tls-2.1.7

# Change log for "tls"

## Version 2.1.7

* Introducing `Limit` parameter.
* Implementing "Record Size Limit Extension for TLS" (RFC8449).
  Set `limitRecordSize` use it.
* Implementing "TLS Certificate Compression" (RFC 8879).
  This feature is automatically used if the peer supports it.
* More tests with `tlsfuzzer` especially for client authentication
  and 0-RTT.
* Implementing a utility funcation, `validateClientCertificate`, for
  client authentication.
* Bug fix for echo back logic of Cookie extension.
* More pretty show for the internal `Handshake` structure for debugging.

## Version 2.1.6

* Testing with "tlsfuzzer" again. Now don't send an alert agaist to
  peer's alert. Double locking (aka self dead-lock) is fixed. Sending
  an alert for known-but-cannot-parse extensions. Other corner cases
  are also fixed.
* `tls-client -d` and `tls-server -d` pretty-prints `Handshake`.

## Version 2.1.5

* Removing the dependency on the async package.
* Restore a few DHE_RSA ciphers.
  [#493](https://github.com/haskell-tls/hs-tls/pull/493)

## Version 2.1.4

* Exporting defaultValidationCache.

## Version 2.1.3

* Remove `data-default` version constraint.
  [#492](https://github.com/haskell-tls/hs-tls/pull/492)
* Exporting default variables.
  [#448](https://github.com/haskell-tls/hs-tls/pull/488)

## Version 2.1.2

* Using data-default instead of data-default-class.

## Version 2.1.1

* `bye` directly calls `timeout recvHS13`, not spawning a thread for
  `timeout recvHS13`. So, `bye` can receive an exception if thrown.

## Version 2.1.0

* Breaking change: stop exporting constructors to maintain future
  compatibilities. Field names are still exported, and values can be updated
  with them using record syntax. Use `def` and `noSessionManager` as initial
  values.
* `onServerFinished` is added to `ClientHooks`.
* `clientWantSessionResumeList` is added to `ClientParams` to support
  multiple tickets for TLS 1.3.

## Version 2.0.6

* Setting `supportedCiphers` in `defaultSupported` to `ciphersuite_default`.
  So, users don't have to override this value anymore by exporting
  `Network.TLS.Extra.Cipher`.
  [#471](https://github.com/haskell-tls/hs-tls/pull/471)
* `ciphersuite_default` is the same as `ciphersuite_strong`.
  So, the duplicated definition is removed.
* Add missing modules for util/tls-client and util/tls-server.

Log message:
Recursive revbump after changing the default Haskell compiler

Log message:
security/hs-tls: Update to 2.0.5

Version 2.0.5

    Fixing handshake13_0rtt_fallback
    Client checks if the group of PSK is contained in Supported_Groups.
    HRR is not allowed for 0-RTT.

Version 2.0.4

    More fix for 0-RTT when application data is available while receiving CF.
    New util/tls-client and util/tls-server.

Version 2.0.3

    Fixing a bug where timeout in bye does not work.
    util/client -> util/tls-client
    util/server -> util/tls-server

Version 2.0.2

    Client checks sessionMaxEarlyDataSize to decide 0-RTT
    Client checks the resumption cipher properly.

Version 2.0.1

    Fix a leak of pending data to be sent.

Version 2.0.0

    tls now only supports TLS 1.2 and TLS 1.3 with safe cipher suites.
    Security: BREAKING CHANGE: TLS 1.0 and TLS 1.1 are removed.
    Security: BREAKING CHANGE: all CBC cipher suite are removed.
    Security: BREAKING CHANGE: RC4 and 3DES are removed.
    Security: BREAKING CHANGE: DSS(digital signature standard) is removed.
    Security: BREAKING CHANGE: TLS 1.2 servers require EMS(extended main secret) \ 
by default. supportedExtendedMasterSec is renamed to \ 
supportedExtendedMainSecret.
    BREAKING CHANGE: the package is now complied with Strict and StrictData.
    BREAKING CHANGE: Many data structures are re-defined with PatternSynonyms \ 
for extensibility.
    BREAKING CHANGE: the structure of SessionManager is changed to support \ 
session tickets.
    API: BREAKING CHANGE: sendData can send early data (0-RTT). clientEarlyData \ 
is removed. To send early data via sendData, set clientUseEarlyData to True. \ 
#466
    API: handshake can receive an alert of client authentication failure for TLS \ 
1.3. #463
    API: bye can receive NewSessionTicket for TLS 1.3.
    Channel binding: getFinished and getPeerFinished are deprecated. Use \ 
getTLSUnique instead. #462
    Channel binding: getTLSExporter and getTLSServerEndPoint are provided. #462
    Refactoring: the monolithic handshake is divided to follow the diagram of \ 
TLS 1.2 and 1.3 for readability.
    Refactoring: test cases are refactored for maintenability and readablity. \ 
hspec is used instead of tasty.
    Code format: fourmolu is used as an official formatter.
    Catching up RFC8446bis-09. #467

Log message:
Revbump all Haskell after updating lang/ghc96

Log message:
security/hs-tls: Update to 1.9.0

Version 1.9.0
* BREAKING CHANGE: The type of the Error_Protocol constructor of TLSError
  has changed. The "warning" case has been split off into a new
  Error_Protocol_Warning constructor. #460

Version 1.8.0
* BREAKING CHANGE: Remove Exception instance for TLSError. The library now
  throws TLSException only. If you need to change your code, please refer
  to this example first. #457

Version 1.7.1
* NOP on UserCanceled event #454

Version 1.7.0
* Major version up because "crypton" is used instead of \ 
"cryptonite"

Log message:
Bump Haskell packages after updating lang/ghc94

Log message:
security/hs-tls: Update to 1.6.0

Version 1.6.0
* Major version up because of disabling SSL3
* Some fixes against tlsfuzzer

Version 1.5.8
* Require mtl-2.2.1 or newer #448