Non-monotonic releases and package clobbering
Edward Z. Yang
ezyang at MIT.EDU
Sun Nov 25 18:59:00 CET 2012
Hello all,
I recently noticed that there is a subset of packages on Hackage which
have had a non-monotonic release in their history. Non-monotonic releases
occur for various reasons; for example, http://hackage.haskell.org/package/QuickCheck-1.2.0.1
was made in 2010 (2.1 was released in 2008), ostensibly as a minor bugfix release.
However, I found at least one case where a non-monotonic release was due to
package clobbering:
http://hackage.haskell.org/package/Adaptive-0.1
http://hackage.haskell.org/package/Adaptive-0.22
It's easy to see that these are two different packages. 0.1 is the
"later" release, but it is completely shadowed by the old 0.22 release.
I'm not sure if I have any concrete recommendations (since this problem is mostly
subsumed by the "people shouldn't be able to upload arbitrary stuff to Hackage problem);
but I thought this might be interesting information to someone.
Edward
More information about the Libraries
mailing list