On Mon, Jan 5, 2015 at 8:22 PM, Eric Mertens <emertens@gmail.com> wrote:

I'm concerned that changing the behavior of the existing function would make it too easy to write vulnerable programs when compiled with older GHCs. Having a new safe function along with a deprecation warning on the old one would clue people in and avoid functionality varying subtly/dangerously based on the compiler used.

Only really helpful if you can go back and retrofit that deprecation into already deployed older versions. Also, it's using the obvious name for the function. So the correctly working one needs to have some unobvious name and a 'warning you should not use this, use some_other_function instead' form this point on?

Indeed, the Java community does do things that way. One of many reasons the Java ecosystem is an absolute, irredeemable mess.

--

brandon s allbery kf8nh sine nomine associates

allbery.b@gmail.com ballbery@sinenomine.net

unix, openafs, kerberos, infrastructure, xmonad http://sinenomine.net