qualified imports, PVP and so on (Was: add new Data.Bits.Bits(bitZero) method)
Vincent Hanquez
tab at snarc.org
Tue Feb 25 17:17:04 UTC 2014
On 2014-02-25 15:12, Brandon Allbery wrote:
> On Tue, Feb 25, 2014 at 1:44 AM, Michael Snoyman <michael at snoyman.com
> <mailto:michael at snoyman.com>> wrote:
>
> But that's only one half of the "package interoperability" issue.
> I face this first hand on a daily basis with my Stackage
> maintenance. I spend far more time reporting issues of restrictive
> upper bounds than I do with broken builds from upstream changes.
> So I look at this as purely a game of statistics: are you more
> likely to have code break because version 1.2 of text changes the
> type of the map function and you didn't have an upper bound, or
> because two dependencies of yours have *conflicting* versions
> bounds on a package like aeson[2]? In my experience, the latter
> occurs far more often than the former.
>
>
> I have a question for you.
>
> Is it better to save a developer some work, or is it better to force
> that work onto end users?
>
As a *user* of many libraries, I had more problems with libraries that
follow the PvP religiously than the other way around. I usually like to
have the latest and greatest libraries, specially text, aeson, and such,
and there I have to manually bump dependencies of packages I depend on,
until the developers gets to update the package on hackage (which
sometimes takes many weeks).
As a *developer*, following the PvP would cost me a lot of my *free*
time. This is particularly true when the surface of contact with a
library is small, it's very unlikely that I will run into an API
changes. When I do, I release a new package quickly that account for the
API change, or I can put a upper bounds if I can't make the necessary
changes quickly enough. I usually found out quite quickly with stackage
nowadays, most of times, before any users get bitten.
Some other time, I'm testing some development ghc or some new unreleased
libraries, and I need to remove upper bounds from packages so that I can
test something.
Anyway, there's lots of reason that the PvP doesn't works fully. It
solves some problems for sure, but sadly swipe all the other problems
under the carpet. One problem being that a single set of numbers doesn't
properly account for API complexity and stability that might differ in
different modules of the same package.
--
Vincent
More information about the Libraries
mailing list