On 11/29/2015 01:37 PM, Omari Norman wrote:
Distribution packagers are savvy enough to use stack.
Ignoring the question of *how* that might work, most distributions forbid bundled dependencies because it creates a maintenance nightmare and fills our users' machines with untraceable security vulnerabilities. Literally no one does this, so I'm not sure what you're claiming here.
Furthermore, distributions do not install using cabal or from Hackage.
They do install from Hackage, just not using cabal-install.
Therefore, by your reasoning just as many people would be using XMonad, git-annex, etc. because the distribution packager would get the package, make the necessary alterations, and upload the distribution-specific package to the repository.
When using a real package manager, every package's dependencies must be satisfied simultaneously. Using stack isolates the developer from dependency conflicts with other packages during development, but when a user goes to install it, he doesn't have that luxury. If the developers of xmonad and git-annex both use stack/sandboxes, then it's possible that one of them will introduce a dependency that conflicts with the other, and neither developer will notice it thanks to the sandboxes. But if a user tries to install both at the same time, he can't, because (for example) xmonad wants foo-1.0 and git-annex wants foo-2.0. As a volunteer packager, I'm not going to fix that for you, I'm just going to work on something else whose upstream isn't a pain in the ass.