Please update overspecified dependency restrictions

[peti]

We need to patch this package in NixOS by runnning

sed -i -e 's|text *>= .*,|text,|' -e 's|HsOpenSSL >= .*|HsOpenSSL|' -e 's|network.*2.6,|network,|' snap-server.cabal

before the build. It would be great if a new version could be released that lifts those restrictions from the Cabal file.

[gregorycollins]

We put upper bounds on our dependencies as required by the Hackage package versioning policy, sorry.

[mightybyte]

If you need us to widen the lower bounds to accept older versions that actually work, but are currently excluded, we would be willing to do that, provided we can verify that snap does indeed build properly against those older versions.

[peti]

I don't care about the lower bounds. When I cited the sed command line, my intention was to convey simply which dependencies in particular are outdated. I don't expect that you remove all bounds, but please update your bounds every now and then so that they include the most recent version of your dependencies -- particularly if the build succeeds just fine with the latest version. As it is, snap is one of the most notorious offenders to be broken by trivial updates in NIxOS and I frequently have to patch it (and keep the patches around for ages) because you guys don't regularly update your build spec. Personally, I'm getting tired of doing that and am about to give up maintaining the NixOS build of your package altogether.

[mightybyte]

First of all, two of the packages you mention had already been fixed and were live on hackage before you opened the issue. HsOpenSSL is fixed now.

All you have to do in these cases is open an issue that clearly states exactly which version of which package needs to be accepted (for example, #54). Alternatively you could ping us like Michael Snoyman does with stackage. We usually have a very quick turnaround time on these issues as you can see from Michael's comment. See also here, here, here, and here.

This problem is simply unavoidable due to the fast moving nature of the Haskell ecosystem.

[peti]

Please release a version of snap-server to Hackage that supports the respective latest versions of text, HsOpenSSL, and network. As of now, no such release is available.

[peti]

Here, maybe this helps:

[mightybyte]

I'm sorry, but I really have no idea what you're talking about. First of all, it would be much more helpful if you would list specific versions rather than just saying "latest versions of". But don't worry about that right now, I'll do it. The latest versions are:

text-1.2.0.0
HsOpenSSL-0.11
network-2.6.0.2

If you go to http://hackage.haskell.org/package/snap-server, you'll see that the latest release of snap-server accepts all of these. You must have outdated information.

[hvr]

@peti, do you happen to download the raw tarballs from Hackage? if so, you may miss the updated overlayed .cabal meta-info contained in the index-tarball (or also available via a separate URL: http://hackage.haskell.org/package/snap-server-0.9.4.5/snap-server.cabal)

[peti]

@hvr, yes, I fell into the "editing feature" trap. I looked at http://hackage.haskell.org/package/snap-server, saw that the version number is the same as we have in NixOS, and assumed that no update had been published. I am sorry for the confusion.

[mightybyte]

Ahh, yes. That would do it. I have wished that they would also include the x-revision header on the hackage page.

But in the future, definitely let us know if we're missing support for the latest version of a dependency.