[Haskell-cafe] How to determine correct dependency versions for a library?

Tobias Müller troplin at bluewin.ch
Wed Nov 14 22:57:10 CET 2012


Johan Tibell <johan.tibell at gmail.com> wrote:
> On Wed, Nov 14, 2012 at 1:01 PM, Tobias Müller <troplin at bluewin.ch> wrote:
> 
> Clark Gaebel <cgaebel at uwaterloo.ca> wrote:
> To prevent this, I think the PVP should specify that if dependencies get
> a major version bump, the package itself should bump its major version
> (preferably the B field).
> 
> No, it has nothing to do with major/minor version bumps. It's just that
> if you underspecify your dependencies, they may become invalid at some
> point and you cannot correct them. Overspecified dependencies will always remain correct.
> 
> This is required if you want to maintain the property that clients don't break.
> 
> If A-1.0 dependes on B-1.0.* and C depends on both A-1.0.* and B-1.0.*.
> Bumping dependency in A on B to B-2.0.* without bumping the major version
> number of A will cause C to fail to compile as it now depends on both
> B-1.0.* (directly) and B-2.0.* (though A-1.0).

I think I misunderstood Clarks suggestion.
I thought he was advocating underspecified dependencies like A-1.*, but now
when I am rereading it, it's actually the opposite. His proposal would
explicitely disallow such dependencies.

But it would probably be even too restrictive, since it generally disallows
dependencies covering more than one major version, even if all those
packages are already available and tested to be compatible.

Also it only applies to the PVP. The distinction between blacklisting and
whitelisting is more general and applies to all possible versioning
schemes.

Tobi




More information about the Haskell-Cafe mailing list