A support library for testing Yaya-using code with QuickCheck.
This includes various generators for trees, laws that instances of Yaya type classes must follow, etc.
NB: Yaya itself is largely tested with Hedgehog, but this is used for doctest.
This project largely follows the Haskell Package Versioning Policy (PVP), but is more strict in some ways.
The version always has four components, A.B.C.D
. The first three correspond to those required by PVP, while the fourth matches the “patch” component from Semantic Versioning.
Here is a breakdown of some of the constraints:
PVP recommends that clients follow these import guidelines in order that they may be considered insensitive to additions to the API. However, this isn’t sufficient. We expect clients to follow these additional recommendations for API insensitivity
If you don’t follow these recommendations (in addition to the ones made by PVP), you should ensure your dependencies don’t allow a range of C
values. That is, your dependencies should look like
yaya >=1.2.3 && <1.2.4
rather than
yaya >=1.2.3 && <1.3
If your imports are package-qualified, then a dependency adding new modules can’t cause a conflict with modules you already import.
Because of the transitivity of instances, orphans make you sensitive to your dependencies’ instances. If you have an orphan instance, you are sensitive to the APIs of the packages that define the class and the types of the instance.
One way to minimize this sensitivity is to have a separate package (or packages) dedicated to any orphans you have. Those packages can be sensitive to their dependencies’ APIs, while the primary package remains insensitive, relying on the tighter ranges of the orphan packages to constrain the solver.
Type class instances are imported transitively, and thus changing them can impact packages that only have your package as a transitive dependency.
This is a consequence of instances being transitively imported. A new major version of a dependency can remove instances, and that can break downstream clients that unwittingly depended on those instances.
A library may declare that it always bumps the A
component when it removes an instance (as this policy dictates). In that case, only A
widenings need to induce A
bumps. B
widenings can be D
bumps like other widenings, Alternatively, one may compare the APIs when widening a dependency range, and if no instances have been removed, make it a D
bump.
Consumers have to contend not only with our version bounds, but also with those of other libraries. It’s possible that some dependency overlapped in a very narrow way, and even just restricting a particular patch version of a dependency could make it impossible to find a dependency solution.
Making a license more restrictive may prevent clients from being able to continue using the package.
A new dependency may make it impossible to find a solution in the face of other packages dependency ranges.
This is also what PVP recommends. However, unlike in PVP, this is because we recommend that package-qualified imports be used on all imports.
This is fairly uncommon, in the face of ^>=
-style ranges, but it can happen in a few situations.
NB: This case is weaker than PVP, which indicates that packages should bump their major version when adding deprecation
pragmas.
We disagree with this because packages shouldn’t be publishing with -Werror
. The intent of deprecation is to indicate that some API will change. To make that signal a major change itself defeats the purpose. You want people to start seeing that warning as soon as possible. The major change occurs when you actually remove the old API.
Yes, in development, -Werror
is often (and should be) used. However, that just helps developers be aware of deprecations more immediately. They can always add -Wwarn=deprecation
in some scope if they need to avoid updating it for the time being.
This package is licensed under The GNU AGPL 3.0 or later. If you need a license for usage that isn’t covered under the AGPL, please contact Greg Pfeil.
You should review the license report for details about dependency licenses.