{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreihc5pqzsnbphhwc3ieejegw4fge5tjgpnnflnhku3nk4cjy7ws4vi",
    "uri": "at://did:plc:pi6woz4d47bkuws673w2il2r/app.bsky.feed.post/3monul4jhrmw2"
  },
  "path": "/t/rfc-http-types-breakage-additions-rework/14286?page=2#post_25",
  "publishedAt": "2026-06-19T17:07:50.000Z",
  "site": "https://discourse.haskell.org",
  "tags": [
    "@hasufell"
  ],
  "textContent": "arybczak:\n\n> The biggest problem is that if you break API, then for people to use packages in their application/library that depend on `http-types` either all of them need to compile with the old `http-types` or all of them need to compile with the new `http-types`.\n>\n> This is practice means tons of work/coordination/forking if anyone would want to migrate their dependencies to new `http-types` and not all packages they depend on have migrated.\n>\n> Now, what is one of the reasons someone would like to do this, perhaps even urgently? Security vulnerabilities\n\nIt seems @hasufell’s suggestion of maintaining both the old and the new versions works fine for that scenario, no? If there’s a critical security issue in 0.12.5, just release 0.12.6 or even just 0.12.5.1 even if 1.0.0 is the latest version. That way nobody is suddenly urgently required to upgrade to the new version.",
  "title": "[RFC] \"http-types\" breakage / additions / rework"
}