[Hackage] #194: add sanity checking to version numbers
#194: add sanity checking to version numbers ----------------------------------+----------------------------------------- Reporter: duncan | Owner: Type: defect | Status: new Priority: normal | Milestone: Component: Cabal | Version: 1.2.3.0 Severity: normal | Keywords: Difficulty: very easy (<1 hour) | Ghcversion: 6.8.1 Platform: Linux | ----------------------------------+----------------------------------------- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=308260 {{{ It's been reported that there are packages with version numbers like 5.01 which will be parsed as 5.1 by cabal. }}} This should be easy to do. -- Ticket URL: http://hackage.haskell.org/trac/hackage/ticket/194 Hackage http://haskell.org/cabal/ Hackage: Cabal and related projects
#194: add sanity checking to version numbers ----------------------------+----------------------------------------------- Reporter: duncan | Owner: Type: defect | Status: new Priority: normal | Milestone: Component: Cabal library | Version: 1.2.3.0 Severity: normal | Resolution: Keywords: | Difficulty: very easy (<1 hour) Ghcversion: 6.8.1 | Platform: Linux ----------------------------+----------------------------------------------- Comment (by duncan): Turns out that there are zero packages in hackage with this kind of dodgy version number. So instead of warning we could just make it a parse error without much worry about breaking old packages. That'd be a good deal simpler. I tested with a little script `foo.hs`: {{{ import Distribution.Version import Data.Char main = do ls <- return . lines =<< getContents print [ l | l <- ls , let l' = dropWhile isSpace l , show (readVersion l') == l' ] }}} and {{{ $ tar -xf 00-index.tar $ ls */*/*.cabal | wc -l 697 $ grep -ilh '^version:' */*/*.cabal | cut -d: -f 2 > versions $ wc -l versions 697 $ ./foo < vers [] }}} So we could make the version parser stricter. Something like this untested code: {{{ parseVersion = do branch <- sepBy1 digits (char '.') tags <- many (char '-' >> munch1 isAlphaNum) return Version{versionBranch=branch, versionTags=tags} where - digits = liftM read $ munch1 isDigit + digits = do leading <- satisfy isDigit + if leading == '0' + then return 0 + else do remaining <- munch isDigit + return (read (leading : remaining)) }}} ie only allow numbers -- Ticket URL: http://hackage.haskell.org/trac/hackage/ticket/194#comment:1 Hackage http://haskell.org/cabal/ Hackage: Cabal and related projects
#194: add sanity checking to version numbers ----------------------------+----------------------------------------------- Reporter: duncan | Owner: Type: defect | Status: new Priority: normal | Milestone: Component: Cabal library | Version: 1.2.3.0 Severity: normal | Resolution: Keywords: | Difficulty: very easy (<1 hour) Ghcversion: 6.8.1 | Platform: Linux ----------------------------+----------------------------------------------- Comment (by ross@soi.city.ac.uk): Replying to [comment:1 duncan]:
Turns out that there are zero packages in hackage with this kind of dodgy version number.
That is not an accident; they're forbidden because they would break things. -- Ticket URL: http://hackage.haskell.org/trac/hackage/ticket/194#comment:2 Hackage http://haskell.org/cabal/ Hackage: Cabal and related projects
Replying to [comment:1 duncan]:
Turns out that there are zero packages in hackage with this kind of dodgy version number.
That is not an accident; they're forbidden because they would break
#194: add sanity checking to version numbers ----------------------------+----------------------------------------------- Reporter: duncan | Owner: Type: defect | Status: new Priority: normal | Milestone: Component: Cabal library | Version: 1.2.3.0 Severity: normal | Resolution: Keywords: | Difficulty: very easy (<1 hour) Ghcversion: 6.8.1 | Platform: Linux ----------------------------+----------------------------------------------- Comment (by duncan): Replying to [comment:2 ross@soi.city.ac.uk]: things. Right. I should not have been surprised. :-) So since things are in a good state lets just take a hard line everywhere. It's a good deal easier than trying to add warnings in the right places. -- Ticket URL: http://hackage.haskell.org/trac/hackage/ticket/194#comment:3 Hackage http://haskell.org/cabal/ Hackage: Cabal and related projects
#194: add sanity checking to version numbers
----------------------------+-----------------------------------------------
Reporter: duncan | Owner:
Type: defect | Status: closed
Priority: normal | Milestone:
Component: Cabal library | Version: 1.2.3.0
Severity: normal | Resolution: fixed
Keywords: | Difficulty: very easy (<1 hour)
Ghcversion: 6.8.1 | Platform: Linux
----------------------------+-----------------------------------------------
Changes (by duncan):
* status: new => closed
* resolution: => fixed
Comment:
Done.
{{{
Wed Jan 23 20:19:30 GMT 2008 Duncan Coutts
participants (1)
-
Hackage