Split out Password(Hash) to 'password-types' #40
Conversation
…assword' into password.cabal's description
| @@ -1,7 +1,7 @@ | |||
| cabal-version: 1.12 | |||
|
|
|||
| name: password-instances | |||
| version: 2.0.0.1 | |||
| version: 2.0.1.0 | |||
There was a problem hiding this comment.
I think that all is required here is to just bump the patch version, so this could probably just be 2.0.0.2?
There was a problem hiding this comment.
I'm not sure either, but depending on a different library feels more than just "a patch" to me. If you'd be running everything locally and just downloaded the new patched version of password-instances, you'd probably not expect everything to break, just because you don't have a certain package downloaded, right? (I wouldn't, at least)
There was a problem hiding this comment.
I saw your comment here: #38 (comment)
I've been thinking about this for a few days, and I think according to the PVP we'd be fine to just bump the patch version or minor version, but maybe we should go ahead and just bump everything to 3.0.0.0? Splitting off password-types is a pretty significant change (in some ways?), and we've also had a bunch of big changes/additions in the 2.X series. I don't think it would be that crazy to just bump all password-types, password-instances, and password to 3.0.
If you have a family of libraries, sometimes it is easier when they all keep the same major version.
Although I don't really feel strongly about any of this, so I basically support whatever you want to do with the version.
There was a problem hiding this comment.
The comment in #38 was about the documentation and defaultPasswordPolicy update. I'd like to update the package before moving it over to 3.0.0.0 with this password-types split.
Just so the newest version of v2 has good recommendations in the Data.Password.Validate module.
Though the idea of just bumping all libraries to 3.0.0.0 is nice and easy, the whole point of the split was that the packages would be more loosely connected, right?
- I don't see why the
password-typeslibrary shouldn't start at1.0.0.0, and 2) thepassword-instanceslibrary is more of an addition topassword-types, so I wouldn't expect it to be in line withpassword.
I've checked the PVP too, and I think you're right, though. 2.0.0.2 should be enough.
There was a problem hiding this comment.
I've been using Servant for a long time, and at some point they were releasing all the related libraries with the same major version. It was easy to see what versions needed to be used with each other. I was thinking that the same could apply here.
Although a good argument against this is that they were using the PVP, and the versions naturally drifted apart, and now some of them are on different major versions. So it is not helpful anymore. I could imagine us getting into this same situation, so maybe it doesn't make any sense to make the initial release with everything on the same major version.
Like I said above, I don't feel strongly about the versions, and I'm completely fine with starting password-types at 1.0.0.0 as well.
There was a problem hiding this comment.
Set everything up so that:
password-types: 1.0.0.0password-instances: 2.0.0.2password: 3.0.0.0
There was a problem hiding this comment.
I think this all looks good, thanks for putting it together!
Sorry for taking so long to get to this review.
When you merge this in, please feel free to make a release to Hackage, and please add me as a maintainer to the password-types package. Otherwise, I could make a release and add you as a maintainer.
|
We're all busy with our own things, don't worry! It's already great you take the time to review this 👍 |
|
Ok, if I didn't screw anything up, this should be the final tweaks... right? 😆
|
|
I just realised, if the So based on that, I updated the version of |
Yeah, that sounds good to me. Thanks for considering this! |
|
I want to wait with releasing |
Basically just doing #20