Allow tar-0.6, bump CI to GHC 9.4.8, delete old cabal flags

[andreasabel]

• Allow tar-0.6
• Drop support for GHC < 7.8 in favor of PatternSynonyms
• Drop flags base48, mtl21, old-directory and support for GHC 7.8, mtl < 2.2 and directory < 1.2

[andreasabel]

Seems like some exports have changed in tar-0.6:

src/Hackage/Security/Client/Repository/Cache.hs:240:18: error: [GHC-76037]
    Not in scope: data constructor ‘Next’
    Suggested fixes:
      • Perhaps use ‘Tar.Next’ (imported from Codec.Archive.Tar)
      • Add ‘Next’ to the import list in the import of
        ‘Codec.Archive.Tar’
        (at src/Hackage/Security/Client/Repository/Cache.hs:23:1-38).
    |
240 |     go !builder (Next e es) = go (TarIndex.addNextEntry e builder) es
    |                  ^^^^

[Mikolaj]

Ouch. I hope there is some backward compat layer so that we don't need CPP?

[andreasabel]

Ouch. I hope there is some backward compat layer so that we don't need CPP?

We can import the constructors via the pattern syntax, so we do not need CPP but PatternSynonyms (which I am anyway surprised it is not a default extension of GHC yet). This drops GHC 7.6.

While we are at it, shall we also drop GHC 7.8 (and the base48 cabal flag)?

[Mikolaj]

Yes, absolutely. Cabal has dropped GHC <8 already.

[andreasabel]

Also dropped mtl21 and old-directory flags.

[andreasabel]

@Bodigrim wrote:

Another, a bit more invasive option would be to make everything qualified: Tar.Done, Tar.Fail, etc.

Ah, indeed, thanks for pointing out this alternative!

I take this as a comment for future consideration, not as a change request, since you approved and there are formally no unresolved conversations; and because keeping GHC 7 isn't of practical value any more. (If folks turn up screaming "where is my GHC 7.8 support?" we can revise that decision.)

[andreasabel]

@Mikolaj I don't have hackage upload rights for these packages. You are welcome to add me on hackage, or finish this PR by releasing hackage-security. I revised hackage-repo-tool on hackage.

[Bodigrim]

I take this as a comment for future consideration, not as a change request

Correct. Let’s go!

[Mikolaj]

@andreasabel: thank you very much, I've added you to maintainers. Please go ahead. :)

[andreasabel]

Candidate is here: https://hackage.haskell.org/package/hackage-security-0.6.2.4/candidate

[Mikolaj]

Yay, even with haddocks. LGTM.

[andreasabel]

I fused the first two commits and pushed this to master, see tag hackage-security/v0.6.2.4.