Formalising our stance regarding binary distribution of cabal-install #9827
Comments
|
OpenBSD builds from source using the ports system. We don't even rely on the source tarballs from hackage due to them not having the bootstrap files #7289. |
Kleidukos
added
release
type: RFC
|
Gentoo builds Cabal from source as a part of GHC and/or from hackage sources. cabal-install is built purely from hackage sources. |
|
nixpkgs builds Cabal together with ghc. For that we use the Cabal source distributed as part of ghc. For bootstraping we use ghc bindists which I think include Cabal bindists, which I guess are built by the ghc release pipeline. We build cabal-install and e.g. other versions of Cabal from hackage sdists. |
|
While not mentioned in the ticket, Haskell.nix also builds from source and never uses binary dists. |
|
Since cabal upstream has refused to accept my contributions to improve release CI to make it fit GHCup's needs, I stopped relying on it and now build my own binaries. Further, questionable opinions/practices have reinforced my belief that it's better to not rely on cabal's shipped binaries, given that I have to keep reminding them of botched releases, as well as security backport requests being ignored. |
|
I think we will find that distribution channels, almost by definition, build their own binaries. Ghcup was an exception and has since changed its practices. That said, I do think binary releases are important as part of what it means to be an upstream maintainer and source-of-truth even if most users get their binaries through other channels. However, this ticket seems to mainly be focused on acquiring information about who produces their binaries. (all distributions, I think?) and not on what a sensible process is for us as maintainers, and doesn't have what looks to be a particularly worked-through proposal for how we might change. My view is that the actual production of bindists is not a central source of work to cabal maintainers, but the fact of needing to produce such helps conceptually tie together work that is important. I think that ceasing to produce such binaries could well lead to release management starting to fall apart, as the production of a set of binaries as a "release artifact" is an important unifying concept that helps ensure all other strands of work fit together. |
|
I agree with @gbaz and would encourage cabal team to just go ahead with whatever binaries they already have produced. It might make sense to adjust documentation and communicate to end users that these binaries are really just a side effect of the release process and may contain bugs and issues not present when pulling from your distro or building from hackage. As a result, this would also allow you to minimize the bindists produced to just:
And drop everything else. As regards to index state pinning: drop it and make sure you also distribute Please go ahead with the release and don't delay it further with all these discussions. |
|
I wish that producing binary releases wasn't so hard but given the situation I agree we should leave it to more experienced distributors. The time saved can be better used elsewhere. |
|
openSUSE does not use cabal-install binaries from upstream. We build those ourselves using the source tarballs available from Hackage. |
Same for FreeBSD |
|
I think this ticket is about cabal-install so no need for people to chime in about ghc Cabal, unless you use non-ghc Cabal which would be interesting info indeed. :-) |
|
Fedora Linux builds cabal-install from Hackage source, of course. Probably obvious to most other distros, but we/I align cabal-install version with the ghc Cabal version. A repeating problem I have noticed in the past is cabal-install not even building with the ghc/Cabal it is naturally released/intended for (of course it builds with cabal-install): mostly just because of silly conservative bounds. This has also impacted Stackage in the past, though the situation seems better lately. Like many/most Linux distributions we build the official package with Setup not with cabal-install, of course. (The recent ghc-9.10 alpha1 release is also a pain-point since Hadrian there now needs Cabal-3.10.) To give some contrast: I believe Fedora Rust uses cargo to build official packages/apps (though Fedora Rust only provides source library packages not binaries, because of too much churn): at times I pondered whether to do the same for Fedora Haskell. Alright probably too much info already. :o) ps I forget the details, but also this "ghc needs latest cabal-install to work" "nonsense" 😬 is annoying too: some of it at least feels like bug which could be fixed in older releases perhaps? Sorry I don't have the details at hand and better to discuss it separately in detail: not sure if a ticket exists. I think if upstream and downstreams spent a bit more time talking and looking to each other these simpler problems could be avoided. |
|
HLS release CI is a consumer of the upstream cabal bindists. I think cabal should keep producing release binaries, for the same reason @gbaz argues. |
That unofficial seems unwarranted in the discussion: ghcup is as official as fedora, nixpkgs or ubuntu. Note that |
|
True, and that was not my intention, I will correct this to |
I guess now you see the entire point why I raised the midstream bindist proposal and stopped trying to fix everyone elses release CI: it's impossible. I suggest for HLS to also just provide the minimum of release binaries with whatever other tools like cabal and GHC support. GHCup builds its own HLS binaries too and the vanilla channel isn't relevant to most users. |
|
https://github.com/Homebrew/homebrew-core/blob/master/Formula/c/cabal-install.rb Brew using official bindist to build from source. |
I am growing increasingly convinced that the line between us, the upstream development team of Cabal & friends, and the distributors of the
cabal-installtool is blurred.Currently we have the following distribution channels:
Looking at these, I have the impression that we're not really using our time correctly in the Cabal team, since our bindists are neither covering all architectures that are requested, nor used by most of distribution channels.
I would like to ask our distributors if this impression is correct, and if there is something the Cabal team can focus on to ease their life, should we disengage from producing bindists ourselves.
CC
@juhp for Fedora,
@arrowd for FreeBSD,
@blackgnezdo for OpenBSD,
@depressed-pho for NetBSD,
@branchvincent for Brew,
@hololeap and @solpeth for Gentoo
@rd235 for Debian,
@doko42 for Ubuntu,
@peti for OpenSUSE,
@maralorn for NixOS,
@hasufell for GHCup.
(Please indicate if someone else is better suited for your distribution.)
The text was updated successfully, but these errors were encountered: