[darcs-devel] witnesses changes
Ganesh Sittampalam
ganesh at earth.li
Tue Jun 26 18:17:24 UTC 2012
Hi Aditya,
I had a look at the witnesses changes you mentioned on IRC after our
meeting (in your branch at
darcsden.com/bsrkaditya/darcs-patch-index-rebase-2012-06-17/).
It's good to see at least some of the Sealed2 stuff gone - I lost track
of whether it's all gone yet, but the end goal should definitely be to
avoid any new uses of [Sealed2 ...], although I think that the changes
code might already have a bit of that before the patch index was added
so obviously it's fine for that to remain for now.
I forgot to emphasise that use of unsafeCoerce on witnesses in darcs is
supposed to be tightly constrained, to reduce the risk of using it in a
way that's actually dangerous. Having getElems and dropFLFL use it
directly is therefore not a good idea, because those functions are quite
general could be used in a different context to patch index filtering.
In the meeting I suggested using filterFLFL to achieve this, with an
unsafe function being passed in that works only on the basis of whether
something is excluded from the patch index or not - but looking at the
patch index code a bit more I see that may be difficult as it relies on
a positional analysis which would be tricky to do as a filter.
Given that, it's probably best to encapsulate the unsafeCoerce within
one or two functions that read the repository and the patch index
together (two might be needed given what you said about needing an FL in
one case and a PatchSet in another). Overall the goal should be that the
unsafety can't be easily used by outside callers to do something
completely different.
In the long run I would like to have as simple an abstraction as
possible for doing this (hence my suggestion of viewing this as a
filter), but overall safety is the primary goal and simplicity is secondary.
BTW it's better to use unsafeCoerceP than unsafeCoerce; it has a type
that means it's less likely to be used by accident on the wrong kind of
thing.
Feel free to ask more questions by email or arrange another morning IRC
meeting.
Cheers,
Ganesh
More information about the darcs-devel
mailing list