On Wed, Sep 04, 2013 at 09:14:03PM -0700, Johan Tibell wrote:
Hi all,
With 1.18 out the door it's time to look towards the future. Here are the major themes I'd like to see us work on next:
[…]
## Do the right thing automatically
The focus here should be on avoiding manual steps the cabal could do for the user.
* Automatically install dependencies when needed. When `cabal build` would fail due to a missing dependency, just install this dependency instead of bugging the user to do it. This will probably have to be limited to sandboxes where we can't break the user's system
I'm not sure if here by sandbox and break you mean break the cabal/package installation, or protect against malicious code. If it's not the latter (and even if it is, how safe are the sandboxes?), I would argue that until cabal can verify authenticity of downloaded archives, it would be better to not do this automatically. Maybe add a new command, cabal fetch-deps or something like that, that can do it, but leave 'cabal build' as a "safe" command. thanks, iustin