Bump aeson version requirement

[gfontenot]

Yesod 1.4 uses Aeson 0.8.0.1, which makes this library incompatible.
Bumping this to 0.9 matches Yesod's requirements.

[pbrisbin]

@gregwebs do you mind weighing in on this on account of #14? Do you have this library working in a 1.4 app? Ours failed because of this aeson conflict, but even after fixing that, we run into another with QuickCheck => uuid => random 1.1.

[gregwebs]

yesod-core requires aeson >= 0.5, what is requiring >= 0.8?

I have

aeson ==0.7.0.4
uuid ==1.3.4
random ==1.0.1.1
yesod ==1.4.0,
yesod-auth ==1.4.0.1,
yesod-auth-oauth2 ==0.0.10,
yesod-core ==1.4.1,
yesod-form ==1.4.0.1,
yesod-persistent ==1.4.0.1,

[pbrisbin]

Hmm, good question -- @gfontenot do you remember exactly / can you look again to see what is trying to bring in aeson 0.8?

[gfontenot]

Here is the conflict I'm seeing:

cabal: Could not resolve dependencies:
trying: aeson-0.8.0.1/installed-c76... (user goal)
trying: carnival-0.0.0 (user goal)
next goal: yesod-auth-oauth2 (dependency of carnival-0.0.0)
rejecting: yesod-auth-oauth2-0.0.10, 0.0.9, 0.0.8, 0.0.7, 0.0.6, 0.0.5.1,
0.0.5, 0.0.4 (conflict: aeson==0.8.0.1/installed-c76..., yesod-auth-oauth2 =>
aeson>=0.6 && <0.8)
rejecting: yesod-auth-oauth2-0.0.3, 0.0.2, 0.0.1 (conflict: carnival =>
yesod-auth-oauth2>=0.0.4)
Backjump limit reached (change with --max-backjumps).

Note: when using a sandbox, all packages are required to have consistent
dependencies. Try reinstalling/unregistering the offending packages or
recreating the sandbox.

We're requiring aeson in Carnival, but we're requiring >= 0.6 && < 0.9

[pbrisbin]

So if I had to guess (knowing what I know about carnival's bin/setup), the initial line to install yesod-bin must install aeson 0.8 (because there's nothing stopping it). Then the line to install our app is preferring the installed instance and failing.

Edit: if we can somehow confirm this is the root cause, we should close this issue and pickup the discussion internally or via a Carnival issue.

It's possible --max-backjumps would help, but at best I think we'd end up with two aeson versions installed, 0.8 and whatever <0.8 we get for the other constraints. I think it's worth trying, to confirm this.

If that's true, then getting yesod-auth-oauth2 to allow newer aeson does feel like the right fix.

[gregwebs]

yeah, the version bump is not necessary for everyone, but should be a good change

[pbrisbin]

I'm going to go ahead and merge this, even though it doesn't fix our issue on Carnival.

For the curious, here's what we think was happening:

• Cabal sandboxes don't allow multiple versions of the same package installed (unlike non-sandbox usage)
• We have to separately install happy, alex, and yesod-bin since they are executable-only and cannot be normal dependencies brought in as part of the main cabal install
• Doing so brings in the newest appropriate versions of their collective dependencies
• These newer versions conflict in a number of ways with a freshly scaffolded Yesod application*
• In the end, we decided to install executable-only packages outside the context of the sandbox and only app dependencies inside the sandbox

*I do not know why this doesn't bite more people, it doesn't seem to be a situation unique to us

[gregwebs]

We have to separately install happy, alex, and yesod-bin since they are executable-only and cannot be normal dependencies brought in as part of the main cabal install

Not so!

cabal sandbox init
cabal install . yesod-bin alex happy

PATH=.cabal-sandbox/bin:$PATH

[gregwebs]

Also, if you use cabal freeze and check in the cabal.config after a successful install, everyone on your team should have an easy install even if they don't install everything at once

[pbrisbin]

cabal install . yesod-bin alex happy

This is what we were missing!

[pbrisbin]

Hmm. I just did that and it didn't work, it seemed to ignore the extra packages I passed...

[pbrisbin]

Well, now I don't know what's going on. @gregwebs, can you see if you can reproduce the following?

% mkdir issue && cd issue
% curl --silent https://raw.githubusercontent.com/yesodweb/yesod-scaffold/postgres/PROJECTNAME.cabal > project.cabal
% cabal sandbox init
Writing a default package environment file to
/home/patrick/issue/cabal.sandbox.config
Creating a new sandbox at /home/patrick/issue/.cabal-sandbox
% cabal install . alex happy yesod-bin --dry-run | grep yesod-bin
cabal: Could not resolve dependencies:
trying: PROJECTNAME-0.0.0 (user goal)
trying: monad-logger-0.3.7.2 (dependency of PROJECTNAME-0.0.0)
trying: conduit-extra-1.1.4 (dependency of monad-logger-0.3.7.2)
trying: streaming-commons-0.1.5 (dependency of conduit-extra-1.1.4)
trying: random-1.1 (dependency of streaming-commons-0.1.5)
trying: persistent-postgresql-2.1 (dependency of PROJECTNAME-0.0.0)
trying: postgresql-simple-0.4.6.0 (dependency of persistent-postgresql-2.1)
next goal: uuid (dependency of postgresql-simple-0.4.6.0)
rejecting: uuid-1.3.4, 1.3.3, 1.3.2, 1.3.1 (conflict: random==1.1, uuid =>
random>=1.0.1 && <1.1)
rejecting: uuid-1.3.0, 1.2.14, 1.2.13, 1.2.12, 1.2.11, 1.2.10, 1.2.9, 1.2.8,
1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.1, 1.0.2, 1.0.1,
1.0.0, 0.1.1, 0.1.0 (conflict: postgresql-simple => uuid>=1.3.1)
Backjump limit reached (change with --max-backjumps).

Note: when using a sandbox, all packages are required to have consistent
dependencies. Try reinstalling/unregistering the offending packages or
recreating the sandbox.

If so, it might be worth a Yesod issue.

By poking at the options to the cabal install (max-backjumps and the like), I can get some wildly different results: sometimes it spins forever, other times it fails on different errors (mtl, optparse-applicative). The best result I've seen so far is an attempt to install yesod-bin 1.2 (which I know from experience won't compile anyway), but I can't reproduce that result again.

[gregwebs]

did you clear out your sandbox first? What do you mean ignored? It did not install them?

[pbrisbin]

That first case may have been a command-line fail, since I can't reproduce it now. I intend to delete the sandbox before everything I try.

[gregwebs]

A solution to all these problems is to try to use stackage. However, it doesn't play that nicely with cabal sandbox. But we could distribute the stackage dependencies as a cabal.config to use during installation.

[gregwebs]

I do see the same install error.
@snoyberg can we make a cabal.config of stackage available?

[pbrisbin]

After these past few days trying to get up on 1.4, I am considering Stackage. Day-to-day we use cabal freeze, so this is not an issue and we chose that instead of Stackage for fear of missing packages that we want/need.

The reason we're having all these problems now is because we had to (temporarily) remove the cabal.config to allow the updates to all the various yesod packages as part of getting on 1.4.

Things are working with the executable-only packages outside of the sandbox, so I may just go with that for now.

That said, I think what I've pasted above is an actual bug somewhere. Stackage or not, one should be able to successfully install these 4 things (alex, happy, yesod-bin, and a freshly scaffolded app) together in an empty sandbox, yeah?

[gregwebs]

That said, I think what I've pasted above is an actual bug somewhere. Stackage or not, one should be able to successfully install these 4 things (alex, happy, yesod-bin, and a freshly scaffolded app) together in an empty sandbox, yeah?

I installed all of the above with mongoDB dependencies. I think cabal is having trouble solving some of the postgres related dependencies. max-backjumps=-1 may reveal a real dependency problem, or it may just run until your OS kills it :)

[pbrisbin]

max-backjumps=-1 may reveal a real dependency problem, or it may just run until your OS kills it :)

Haha, yeah found that out. It just spun for ~30 minutes before I killed it.

[nightkr]

Any plans to release this on Hackage? It seems to build fine from git and I don't see any other changes in the repo since. Hoauth2, who seemed to be the last holdouts amongst your dependencies, had their bounds bumped in 0.4.3.

[pbrisbin]

Sorry! I thought I had released it, doing so now.

[nightkr]

Thanks!