Michael Snoyman
You already identified the downside with this: you may magically be upgraded to a new version of a package. If you really want to do this, you can, but my recommendation is to manually decide to upgrade your Stackage snapshot consciously instead of letter an arbitrary Jenkins build server make the decision for you. I'm using Stackage as a QA'd Hackage. It sounds like you see it more as a server-side cabal freeze.
I'm not sure what distinction you're going for in this. Imagine the following sequence of events:
* You set up your system to use Stackage, with September 1's snapshot being active at the time.
* You install foo-1.1, with bar-1.1 depending on it.
* A new Stackage snapshot comes out, providing foo-1.2.
* You now try to install something depending on foo, and depending on the alignment of the stars, cabal will either download a new foo or use the already installed one.
In other words, the usage you seem to be implying is highly non-deterministic, which I'd be very careful about using.
There are 3 levels of stability: 1. Hackage, where any package may fail to compile, even by itself. 2. Stackage latest, where at any one time, all packages will compile together. New packages won't get in until they meet this stability criteria. 3. Stackage snapshot, where all packages will compile together, and never change. All of these have legitimate uses. I prefer developing with 2, to avoid being stuck with the same package versions until I change the snapshot, and I'm prepared to fix up the example you gave manually if need be. I guess it's similar to the difference between yum, which automatically updates the package list on a fairly frequent basis, and apt-get, which requires an explicit update. I personally prefer yum's approach (as do Red Hat / Fedora), but I haven't seen any Debian folks calling to change apt.