[GHC] #8310: Can we change the semantics of `Trustworthy`?
GHC
ghc-devs at haskell.org
Tue Oct 15 06:36:39 UTC 2013
#8310: Can we change the semantics of `Trustworthy`?
-------------------------------------+------------------------------------
Reporter: ekmett | Owner: dterei
Type: feature request | Status: new
Priority: normal | Milestone:
Component: Compiler | Version: 7.6.3
Resolution: | Keywords:
Operating System: Unknown/Multiple | Architecture: Unknown/Multiple
Type of failure: None/Unknown | Difficulty: Unknown
Test Case: | Blocked By:
Blocking: | Related Tickets:
-------------------------------------+------------------------------------
Comment (by ekmett):
My understanding was that if I import a module that is Trustworthy, my
module could still infer as Safe-Inferred. Perhaps that was a naïve
interpretation. I'll need to go back through and re-read the
specification, and understand the safe import machinery better.
Right now my main problem is that no matter what I do, I've just not
proven smart enough to make the most specific annotation that works for
all of my dependencies without unnecessarily enlarging the trusted code
base.
One possible middle ground that doesn't muddle those semantics is that we
could issue a warning when you needlessly mark a module as Trustworthy,
when it would otherwise infer as Safe-Inferred. Then I'd at least get some
kind of feedback during the development process and from my end-users, and
cleaning up warnings would catalyze users into writing patches.
This would still result in me having to maintain some painfully
complicated logic to get the right safety properties, but it would at
least tell me pointwise when I was in a situation where I'd gotten it
wrong.
--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/8310#comment:4>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler
More information about the ghc-tickets
mailing list