15 Jul
2014
15 Jul
'14
3:25 p.m.
Hi, On Tue, Jul 15, 2014 at 10:56:24AM -0700, Bryan O'Sullivan wrote:
Not Changed:
- attoparsec will remain at version 0.10.4.0, as newer attoparsec depends on the new package scientific
attoparsec has some security fixes in recent releases that depend on the scientific package. It would be a very bad idea to continue with 0.10.4.0.
Apart from this, i guess future versions of attoparsec (and other libraries included in the HP) will probably depend on more libraries not yet in the HP. So what's the correct way to deal with this? - Use newer versions for libraries like attoparsec and add additional libraries they depend on? - Or reduce the number of libraries included in the HP? Ciao, Kili