[Haskell-cafe] Safe Haskell?

Richard Eisenberg rae at richarde.dev
Wed Apr 28 18:07:26 UTC 2021

> On Apr 28, 2021, at 11:51 AM, Oleg Grenrus <oleg.grenrus at iki.fi> wrote:
> TL;DR Safe Haskell requires buy-in from every maintainer, but there are
> barely
> any users. For how much longer we need to run this "academic experiment"?

This is a good way to put it. The reason I've swung around in favor of keeping what we have is that I think *some* structure like Safe Haskell is needed for proper security. The idea is that an author should have to trust only a few packages (like `bytestring`), and these packages can advertise their wide level of trust in a central location, like Hackage. This trust system exists now, but it's not widely advertised. If we were to remove Safe Haskell, this trust system would disappear, only (likely) to be replaced by a very similar trust system required by the successor to Safe Haskell.

So, given the real costs associated with discussing how best to remove the feature, then removing it, then having libraries remove it, seem not quite worth it.

On the other hand, perhaps you've implicitly suggested something: just disable Safe-inference. That is, every module starts off Unsafe. This could easily be overridden at the package level with default-extensions: Safe in a cabal file. If we had no safe-inference, would that solve the library-level problems? It would certainly remove a good deal of the complexity within GHC!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.haskell.org/pipermail/haskell-cafe/attachments/20210428/8bd619f8/attachment.html>

More information about the Haskell-Cafe mailing list