PVP
Time to move on
I really don’t like typing upper bounds into my Cabal files.
- For me they are just horribly slowing, tiresome, fiddly and error prone.
- I have always felt that it does not scale well to require all developers to add them to all package dependencies it for relatively abstract gains. Of course this becomes sharper with the popularity of stack and Stackage which derive no gains from upper bounds.
- Prolific package authors have argued against them. (This originally alerted me to the issue.)
This is just my opinion, shared and opposed as it is.
As we know the PVP requires users to supply upper bounds in all package dependencies in cabal files and we have been living with divided opinions on this for about a decade, and it is not helpful.
I think we can do this while keeping (almost) everyone happy.
Get everyone to agree to strict adherence to the PVP and after a grace period adjust the various tools to enforce it.
Provide tools to fill in upper bounds according to the state of Hackage (more about this below).
Voila. The upper bounds are in the cabal files and the folks that don’t want to type them have the option of not typing them.
None of this is new of course. The reason it might work now is that we are starting to talk to each and that could — no, should — make the difference.
How?
The only way tools are going to fill in missing values is by following conventions. The convention that I want is that if an upper bound is missing from a cabal file I want my tool to find the current latest version of the package on Hackage and upper-bound to all packages that are PVP-compatible with that latest package. If folks want other conventions then we can provide for those also (but that seems to be the obvious convention to me).
No, really, how?
For this to work we need a way of injecting this filling in process into the workflow of Stack/Stackage developers especially. Many of us use hpack which could be adjusted to fill in the upper bounds while generating the cabal files from the package.yaml files.
Time to move on.
Got an issue with any of this? Please share or drop me a line (see below).