[Haskell-beginners] How to deal with library dependencies?

Brent Yorgey byorgey at seas.upenn.edu
Thu Apr 26 19:37:26 CEST 2012


On Thu, Apr 26, 2012 at 05:42:37PM +0100, Lorenzo Bolla wrote:
> Hi all,
>  
> This problem is obviously more general, and so is my question: How to
> handle packages that depend of different versions of the same
> library?

There's no really good answer to this question (yet).

> Would you manually patch the cabal files for all the packages in the
> dependency tree, hoping that newest libraries are backward compatible?
> Would you wait for the library developers to update their cabal file
> every time a library they rely upon changes?

One of these two is what I would usually do.  Which one I would choose
depends on how badly I want the package in question and how
comfortable I am trying to manually patch the cabal file.

> To me, it looks like dependencies in .cabal files are usually too
> strict. 

That's one way of looking at it; the alternative, however, would be
that dependencies are too lax, and then things might install just fine
but not work; or maybe you'd get crazy type errors instead of version
errors.  Which would you rather have?  Personally, I'd rather have
version errors, and let the package maintainers figure out the type
errors when they update their packages.

> Or, packages should agree on the meaning of "minor" version
> numbers. For example, if blaze-html's API did not change from 0.4 to 0.5
> (supposing that API changes are identified by a change in the major
> version number), then there is no point in the libraries that depend on
> it to require a dependency <0.5.

Most packages do agree on this; in particular they conform to the
Package Version Policy:

  http://www.haskell.org/haskellwiki/Package_versioning_policy

Among other things it says that breaking API changes are identified by
changes in the first and/or second component of the version number.

The problem is that even if the API of a package changes (thus
necessitating a bump in at least the second component of the version
number), packages that depend on it may continue to work with both the
old and new versions, if they didn't happen to use the part of the API
that changed.

-Brent



More information about the Beginners mailing list