On Mon, Oct 27, 2014 at 02:30:29PM -0400, mantkiew@gsd.uwaterloo.ca wrote:
On Hackage you can adjust bounds of dependencies without having to upload a new package version and that was done in consistently with github repo.
I notice there already is a discussion on the danger of allowing modifications like this, in particular related to reproducibility of builds [1]. I have to say I really do hope that a solution is found where I can go back to trusting version numbers that still allows minor tweaks. The current situation is particularly irritating. Up until now it was safe to use the index to inspect Cabal files, because the Cabal file found in the index was the same as the one found in the package tar ball. Removing this relationship is a *big* change! Is there any chance of it being restored? /M [1]: https://github.com/haskell/hackage-server/issues/52 -- Magnus Therning OpenPGP: 0xAB4DFBA4 email: magnus@therning.org jabber: magnus@therning.org twitter: magthe http://therning.org/magnus Most software today is very much like an Egyptian pyramid with millions of bricks piled on top of each other, with no structural integrity, but just done by brute force and thousands of slaves. -- Alan Kay