Re: We need to add role annotations for 7.8

Am 28.03.2014 17:17, schrieb Mark Lentczner:

/Apologies/ On Tue, Mar 25, 2014 at 8:47 AM, Simon Peyton Jones mailto:simonpj@microsoft.com> wrote:

The situation today is that · A client of a library can use GND to do bad things to the library (e.g. change the “key” type of (Map key value)). · Role annotations allow the library author to prevent that happening. Would you say that means that we are “compelled to suggest to library writers that they annotate”?

Well... I don't think we should.

The reason is that this situation is very sad for it puts the burden upon the library writer, for potential abuse of an extension to Haskell she might not even be aware of! She writes a perfectly safe, reasonable abstracted type, and bam, now has to worry about a very hard to understand situation involving the interaction to two separate Haskell extensions. And furthermore, adding that protection requires yet a third (CPP), and makes the "protection" often as long as the abstract type itself.

Well put! Before GHC-7.8 release candidates appeared I already thought about removing all GeneralizedNewtypeDerivings from my packages in order to earn the Safe-Haskell seal. Now GHC-7.8 refuses to derive some of the instances that former GHC versions automatically derived. As far as I understand I can use role annotation to let the generation of even more Newtype instances fail, but I cannot persuade GHC to generate more instance using role annoations, right? That is, I have to write these instances manually in any case. That is, up to now, GeneralizedNewtypeDeriving was Unsafe and it seems it becomes Safe with the new role inference. Is this right? However, it is still possible to generate instances that I could not generate manually, as demonstrated in the Data.Map example. Would it solve the problem to respect type roles only if Safe Haskell is enabled and ignore them otherwise? Then all existing code could be compiled unchanged but you can make use of the increased safety of roles by enabling Safe Haskell.