[GHC] #10140: Suggestions for improvement of the Safe Haskell chapter in the user's guide
GHC
ghc-devs at haskell.org
Sat Mar 7 04:35:30 UTC 2015
#10140: Suggestions for improvement of the Safe Haskell chapter in the user's guide
-------------------------------------+-------------------------------------
Reporter: thomie | Owner:
Type: bug | Status: new
Priority: normal | Milestone:
Component: Documentation | Version: 7.8.4
Resolution: | Keywords:
Operating System: Unknown/Multiple | Architecture:
Type of failure: None/Unknown | Unknown/Multiple
Blocked By: | Test Case:
Related Tickets: | Blocking:
| Differential Revisions:
-------------------------------------+-------------------------------------
Comment (by dterei):
Thomas, thanks for this, it's great feedback! I'll take a pass over the
docs again and incorporate your notes.
Some answers:
> But isn't the latter implied by the former, or the module wouldn't
compile? If that is correct, please mention it.
Yes, it is. The description of the check here doesn't distinguish between
the fact that some of the check already occurred at compile time and so
the recursive element is already done. I'll try to better capture that
without removing the description of the check being recursive /
transitive.
[[BR]]
> Should explicitly be implicitly? I don't understand this sentence
regardless. What does nicely unifies mean?
Yes, I think it should be implicitly. That sentence should probably just
be removed. Basically what it is saying is that we ran into a problem when
designing Safe Haskell of how to have it co-exists with the existing
language in a way that people who care can opt into with all the
properties and power we wanted, while users who don't care can ignore the
whole thing. In the first version, we got this wrong and Safe Haskell
caused compilation failures for people who weren't explicitly using it.
The `-fpackage-trust` flag changed to fix this.
So really, this line is an off-hand comment on some history that adds no
value to the reader.
[[BR]]
> I think the following statement should be true, but I'm not sure: "If a
module M in a package P is inferred to be Safe by GHC, then it is trusted
by client C".
No, not unconditionally. It depends on `-fpackage-trust`. "M" may be
inferred safe, but when GHC does this it assumes that the client "C" is
prepared to trust all packages containing `Trustworthy` modules that "M"
depends on. It's then up to "C" on her respective system to make that
dynamic decision.
[[BR]]
> I have more of a general question about this: if this is true, then why
are there over 200 mentions of {-# Language Safe #-} in a checkout of ghc?
Two reasons:
1) Historical -- we added safe inference later.
2) Stability -- one issue with safe inference is that since the module
author hasn't stated her intentions, then what Safe Haskell type the
module should have isn't set and could change without warning from the
compiler. For some library authors this may be fine as Safe Haskell isn't
of primary importance to them. But for very base libraries like the ones
GHC distributes, we want them to have a very set and stable Safe Haskell
type that the community can depend on.
The other issue is that using Safe Haskell explicitly adds another
dependency that could cause your module to fail to compile. For base
modules in GHC this isn't an issue as they have few dependencies and one
team largely controls them all. For a higher level package though, use
`Safe` explicitly means you are dependent on how the safety of your
dependencies change over time. Maybe this is what you want, but for a lot
of people where Safe Haskell is a secondary concern, probably not.
So it's a trade-off on what concerns and dependencies you have in regards
to the larger Haskell community.
--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/10140#comment:2>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler
More information about the ghc-tickets
mailing list