What is haskellng? What is the difference between 'haskellPackages' and 'haskellngPackages'? - haskell

I have been reading this StackOverflow post in which we are advised to use the haskellng package set.
I have also read this but I did not understand what haskellng is.
I have read this too, but I still don't know what haskellng is.
Could someone please explain what haskellng is in a simple, clear way?
Why does haskellng matter ? Why is it good ?
I understand that haskellng is replacing something. But what is that something that it replaces ? Why does that something need to be replaced ?
In this post it is written:
So I'll never have to update if I don't want to?
My guess is that 'haskellPackages' and 'haskellngPackages' will
co-exist for a while. Personally, I switched to Haskell NG, though,
and I won't maintain any packages in the old hierarchy anymore. I
suppose other contributors will do the same thing. Once you've
converted your setup to 'haskellngPackages', there's no reason to
look back, really.
What is the difference between 'haskellPackages' and 'haskellngPackages' ?
What is 'haskellPackages' ? Where does it come from ? What is it used for ?
Also in the same post they write:
Why should I care about this "new infrastructure"?
The new code will break evaluation of any Haskell-related
configuration you may have in ~/.nixpkgs/config.nix or
/etc/nixos/configuration.nix.
Privately generated cabal2nix expressions will cease to compile.
Installations that rely on ghc-wrapper finding GHC libraries
automatically in your ~/.nix-profile are obsolete. If you use this
approach, you won't be able to update your profile anymore.
What is the new code ? What was the old code ? Why is the new code breaking what ?

Could someone please explain what haskellng is in a simple, clear way?
Well, haskellng is the next generation Nix Haskell package set made for Nix. I think most of the work was done by Peter Simons. But note that in the latest master version, haskellngPackages has been renamed back to haskellPackages. So the difference doesn't matter if you are using living in the unstable channel.
Why does haskellng matter ? Why is it good ?
With haskellng, I guess everything is automated. Someone uploads a package to hackage and in around a week, that package derivation is automatically included in the nix haskell package set (undex nixpkgs) by some process (I guess it makes use of cabal2nix).
What is the difference between 'haskellPackages' and 'haskellngPackages' ?
In the latest master branch there is no difference between them as explained above.
What is 'haskellPackages' ? Where does it come from ? What is it used for ?
It was the eariler infrastructure for Haskell nix packages. It was used for, um, creating and building Haskell packages.
What is the new code ? What was the old code ? Why is the new code it breaking what ?
The new code is the haskellngPackages. The old code was haskellPackages. But it doesn't matter now as haskellng has been renamed back to the old name and the old code I guess is removed.

I asked this on the #nix channel :
me: Could someone please explain what haskellng is ?
What is haskellng? What is the difference between 'haskellPackages' and 'haskellngPackages'?
Fuuzetsu: it no longer matters, it's the default new architecture and
the old one doesn't exist
Fuuzetsu: we had 2 Haskell architectures for a while and -ng was the
new one

Related

What is the purpose of 'require.paths.unshift()' in Node.js?

I'm new to javascript and NodeJS and I've been looking at a bit of deprecated code and I've come across 'require.paths.unshift()' on many occasions at the start of a file. To my understanding, this syntax has been long removed from NodeJS, but in order for me to understand and potentially fix up the old code, I need to understand it's meaning and context.
I've tried looking for it online but I couldn't find much on it. If someone could please explain the context of it's use or a newer implementation, I'd much appreciate it.

Fusepy "nothreads" argument explanation

I've been fiddling for a bit with the fuse package with python3.
When trying to create a FUSE instance, I came across the nothreads argument.
Can anyone please elaborate on what this does?
I can guess that setting this flag to True the software no longer supports multithreading, but what I would like to know is how it changes the software's behaviour, what would the flow be with and without setting it to True?
Thanks

WHY is the fs.rmdir recursive option experimental?

I see that since version 12, NodeJS has had a recursive option on the fs.rmdir function to allow removal of non-empty directories from the file system. Why is this feature marked "experimental" in the documentation? Does it work or doesn't it? The documentation doesn't say what level of concern to have over this, or under what circumstances.
I found Christopher Hiller's article explaining the difficulties that went into creating an efficient implementation of this, but he doesn't explain the "experimental" designation. Maybe the problem isn't that it doesn't work, or doesn't always work, but that it can be a bottleneck under certain circumstances? I'm trying to decide whether to depend on it or not, rather than writing my own code that's going to have exactly the same pitfalls Hiller encountered, so if anyone here has any insight, I'd appreciate it!

Non-maintainer uploads to Hackage

I have a package on Hackage which depends on third-party package, which doesn't build on newer versions of GHC (>= 7.2). The problem with the other package can be solved with just a one-line patch (a LANGUAGE pragma). I sent the patch to the upstream twice, but didn't receive any feedback. The problem is that my package is not installable neither until the dependency is fixed.
I could have uploaded the fixed version of depenency package (with a minor version bump), but I'd like to hear what is the attitude of the community about such non-maintainer uploads. Again, I don't want to change the library interface, I only add a new compilation flag to make it buildable again.
Are non-maintainer uploads to Hackage allowed and tolerated?
When a fork of the package on Hackage is a better approach?
Package uploads by non-maintainers are allowed (there may be license issues, but most packages if not all on hackage have licenses permitting this), but of course they are not usually done. They are tolerated if done in good faith and with reasonable procedure. If you contact the maintainer and don't get any response within n weeks (where I'm not sure what the appropriate value of n is, not less than 3, I'd say), uploading a new version yourself becomes an option, discussing that on the mailing lists seems however more prudent. If the package looks like it is abandoned, even taking over maintainership - of course after again contacting the maintainer, giving her/him time to respond - may be the appropriate action, but that should definitely be discussed with the community (haskell-cafe or mailing list, for example). Whether to prefer a non-maintainer upload or a fork must be left to your judgment, personally I tend to believe forks step on fewer people's toes.
But a better founded reply would be possible if we knew which package is concerned and could look at the concrete situation.
A forking is intrusive for a package that you suspect is still maintained but the author is temporarily missing. By intrusive, I mean that other programmers might pick up your fork then not go back to the mainline once the original author has resumed work on the mainline.
For packages where the original author has left the Haskell community, my personal opinion is that its better to fork the package if you are going to develop it further. Forking prevents succession problems, such as those that happened with Parsec where many developers didn't want to update because the successor was slower and less well documented than the original for some time.
In all cases asking on the Cafe is best, regardless of whether people have chosen not to follow it, it is still the center of the Haskell community.
For the particular case in the question, while it is nice if things on Hackage compile, there is no rule that says they have to. A package that depends on a broken package could simply put change instructions for the broken dependency on its front page, i.e. "This package depends on LambdaThing-0.2.0 which is broken, to fix LambdaThing add ... to the file Lambda.hs"
I would say, it's a very good idea to consult the mailing lists regarding the specific package and the specific person who is missing. I took control of the haskell-src-meta package from its original owner, but only after consulting with the lists and IRC, who assured me that Matt Morrow had been missing for months and no-one knew why.
In my opinion, package ownership should probably only be changed where there is a consensus to do so, or at the very least there should be efforts made to find one. In the development version of the Hackage software, it's my understanding there are access controls so that only administrators can make this kind of intervention.

CodeIgniter Security

I've been doing some reading on PHP security and I ran into a great question/article on SO > Exploitable PHP functions
There are a ton of interesting commands/functions that should never even be possible to run.
My question is... Does CI have any built in protection/prevention against using any of the commands/functions found on this list?
If so, please point it out for me, I cant seem to find it.
If not, would it be possible to add to or create a CI core class for preventing some or all of the possibly exploitable commands?
It might sound a lil counter intuitive, but having CI dictate best practices seems to be a big part of its design... For example, the CSRF will break your form submission process if you dont set it up right... And thats built right in, but disabled...
Thanks,
Peter
I think I got this answered. There seems to be a preg_replace looking for these commands on the input class # line 763.
Please correct me if I am wrong.

Resources