Quarterly Updates (#1410)

* Bump the index state.

* Add a common file for shared project config.

* Upgrade ansi-terminal.

* Upgrade aeson.

* Upgrade containers.

* Upgrade crypton, deepseq, zip, hspec-hedgehog.

* Format fix.

* format .cabal

Author: csasarak

cabal.project

@@ -6,72 +6,13 @@ package spectrometer
   -- Building with file-embed fails on GHC >= 9.2 on Mac OS X when using no optimizations (-O0).
   -- I found that we can keep most of the speed of compiling with -O0 and compile succesfully by enabling this one extension.
   -- In CI, we use either -O1 or -O2 so this should not be a problem.
-  -- 
+  --
   -- When upgrading to GHC 9.4 consumers of spectrometer may also need to enable this flag if they use -O0.
   -- Bug filed here: https://github.com/snoyberg/file-embed/issues/45
   ghc-options: -ffull-laziness
-        
-allow-newer:
-  -- git-config needs to relax its upper bound on megaparsec. PR submitted;
-  -- no action from maintainer yet
-  --
-  -- we can remove this if/when 0.1.3 is released on hackage
-  , git-config:megaparsec
-
-  -- codec-rpm needs a bump to its attoparsec bound. latest upload to hackage
-  -- was in 2018, so we may have to fork when breakage occurs
-  , codec-rpm:attoparsec
-
--- the semver package only exposes lens-style accessors for its Version type;
--- normal accessors are in an un-exposed Internal module. on master, the
--- Internal module is exposed, but a new release hasn't been cut to hackage yet
---
--- we can remove this if/when 0.4.0.2 is released on hackage
-source-repository-package
-  type: git
-  location: https://github.com/fossas/semver.git
-  tag: 7bc42dd298e0d98e119486ceab4f74042d46b004
-
--- cpio-conduit-0.7.2 on hackage has an incompatibility with newer versions of
--- base16-bytestring. we submitted a PR to fix this, and the PR was merged, but
--- a new release was never cut to hackage
--- We can remove this if/when 0.7.3 is released on hackage
-source-repository-package
-  type: git
-  location: https://github.com/da-x/cpio-conduit
-  tag: 30d92919e82c5033fffac7b34288f5a7fd28e9be
-
--- Current implementation of yarn-lock throws runtime error, as described by patches:
--- (a) https://github.com/Profpatsch/yarn2nix/pull/73
--- (b) https://github.com/Profpatsch/yarn2nix/pull/72
--- TODO: Remove once, both PRs are merged.
-source-repository-package
-  type: git
-  location: https://github.com/fossas/yarn2nix
-  tag: 7d9f505b35750e54bf9d73e5a996df4a1c5ab117
-  subdir: yarn-lock
-
--- Current hackage distribution does not support SSL_CERT_FILE, and SSL_CERT_DIR
--- environment variable. Modified source code below, supports aforementioned environment variables.
-source-repository-package
-  type: git
-  location: https://github.com/fossas/hs-certificate
-  tag: d93afd2dc78c2f6910766fabc2f5e4452bcae2f2
-  subdir: x509-system
-
-source-repository-package
-  type: git
-  location: https://github.com/fossas/tar
-  tag: 5f833d3a6840edb436f6083bf6e7159cd7649490
-
--- This can be removed once https://github.com/weldr/codec-rpm/pull/40 merges and is available on hackage.
-source-repository-package
-  type: git
-  location: https://github.com/fossas/codec-rpm
-  tag: 0f7431423d47fdf36945e4ff31fbee76005b7e68
-
-index-state: hackage.haskell.org 2024-02-21T10:56:14Z
 
+import: ./cabal.project.common
+              
 package *
   extra-include-dirs: /opt/homebrew/include
   extra-lib-dirs: /opt/homebrew/lib

cabal.project.ci.linux

@@ -6,67 +6,7 @@ jobs: $ncpus
 
 packages: .
 
+import: ./cabal.project.common
+
 package spectrometer
   ghc-options: -Werror
-
-allow-newer:
-  -- git-config needs to relax its upper bound on megaparsec. PR submitted;
-  -- no action from maintainer yet
-  --
-  -- we can remove this if/when 0.1.3 is released on hackage
-  , git-config:megaparsec
-
-  -- codec-rpm needs a bump to its attoparsec bound. latest upload to hackage
-  -- was in 2018, so we may have to fork when breakage occurs
-  , codec-rpm:attoparsec
-
--- the semver package only exposes lens-style accessors for its Version type;
--- normal accessors are in an un-exposed Internal module. on master, the
--- Internal module is exposed, but a new release hasn't been cut to hackage yet
---
--- we can remove this if/when 0.4.0.2 is released on hackage
-source-repository-package
-  type: git
-  location: https://github.com/fossas/semver.git
-  tag: 7bc42dd298e0d98e119486ceab4f74042d46b004
-
--- cpio-conduit-0.7.2 on hackage has an incompatibility with newer versions of
--- base16-bytestring. we submitted a PR to fix this, and the PR was merged, but
--- a new release was never cut to hackage
--- We can remove this if/when 0.7.3 is released on hackage
-source-repository-package
-  type: git
-  location: https://github.com/da-x/cpio-conduit
-  tag: 30d92919e82c5033fffac7b34288f5a7fd28e9be
-
--- Current implementation of yarn-lock throws runtime error, as described by patches:
--- (a) https://github.com/Profpatsch/yarn2nix/pull/73
--- (b) https://github.com/Profpatsch/yarn2nix/pull/72
--- TODO: Remove once, both PRs are merged.
-source-repository-package
-  type: git
-  location: https://github.com/fossas/yarn2nix
-  tag: 7d9f505b35750e54bf9d73e5a996df4a1c5ab117
-  subdir: yarn-lock
-
--- Current hackage distribution does not support SSL_CERT_FILE, and SSL_CERT_DIR
--- environment variable. Modified source code below, supports aforementioned environment variables.
-source-repository-package
-  type: git
-  location: https://github.com/fossas/hs-certificate
-  tag: d93afd2dc78c2f6910766fabc2f5e4452bcae2f2
-  subdir: x509-system
-
-source-repository-package
-  type: git
-  location: https://github.com/fossas/tar
-  tag: 5f833d3a6840edb436f6083bf6e7159cd7649490
-
--- This can be removed once https://github.com/weldr/codec-rpm/pull/40 merges and is available on hackage.
-source-repository-package
-  type: git
-  location: https://github.com/fossas/codec-rpm
-  tag: 0f7431423d47fdf36945e4ff31fbee76005b7e68
-
-index-state: hackage.haskell.org 2024-02-21T10:56:14Z
-

cabal.project.ci.macos

@@ -4,66 +4,7 @@ jobs: $ncpus
 
 packages: .
 
+import: ./cabal.project.common
+
 package spectrometer
   ghc-options: -Werror
-
-allow-newer:
-  -- git-config needs to relax its upper bound on megaparsec. PR submitted;
-  -- no action from maintainer yet
-  --
-  -- we can remove this if/when 0.1.3 is released on hackage
-  , git-config:megaparsec
-
-  -- codec-rpm needs a bump to its attoparsec bound. latest upload to hackage
-  -- was in 2018, so we may have to fork when breakage occurs
-  , codec-rpm:attoparsec
-
--- the semver package only exposes lens-style accessors for its Version type;
--- normal accessors are in an un-exposed Internal module. on master, the
--- Internal module is exposed, but a new release hasn't been cut to hackage yet
---
--- we can remove this if/when 0.4.0.2 is released on hackage
-source-repository-package
-  type: git
-  location: https://github.com/fossas/semver.git
-  tag: 7bc42dd298e0d98e119486ceab4f74042d46b004
-
--- cpio-conduit-0.7.2 on hackage has an incompatibility with newer versions of
--- base16-bytestring. we submitted a PR to fix this, and the PR was merged, but
--- a new release was never cut to hackage
--- We can remove this if/when 0.7.3 is released on hackage
-source-repository-package
-  type: git
-  location: https://github.com/da-x/cpio-conduit
-  tag: 30d92919e82c5033fffac7b34288f5a7fd28e9be
-
--- Current implementation of yarn-lock throws runtime error, as described by patches:
--- (a) https://github.com/Profpatsch/yarn2nix/pull/73
--- (b) https://github.com/Profpatsch/yarn2nix/pull/72
--- TODO: Remove once, both PRs are merged.
-source-repository-package
-  type: git
-  location: https://github.com/fossas/yarn2nix
-  tag: 7d9f505b35750e54bf9d73e5a996df4a1c5ab117
-  subdir: yarn-lock
-
--- Current hackage distribution does not support SSL_CERT_FILE, and SSL_CERT_DIR
--- environment variable. Modified source code below, supports aforementioned environment variables.
-source-repository-package
-  type: git
-  location: https://github.com/fossas/hs-certificate
-  tag: d93afd2dc78c2f6910766fabc2f5e4452bcae2f2
-  subdir: x509-system
-
-source-repository-package
-  type: git
-  location: https://github.com/fossas/tar
-  tag: 5f833d3a6840edb436f6083bf6e7159cd7649490
-  
--- This can be removed once https://github.com/weldr/codec-rpm/pull/40 merges and is available on hackage.
-source-repository-package
-  type: git
-  location: https://github.com/fossas/codec-rpm
-  tag: 0f7431423d47fdf36945e4ff31fbee76005b7e68
-
-index-state: hackage.haskell.org 2024-02-21T10:56:14Z

cabal.project.ci.windows

@@ -6,66 +6,7 @@ jobs: $ncpus
 
 packages: .
 
+import: ./cabal.project.common
+
 package spectrometer
   ghc-options: -Werror
-
-allow-newer:
-  -- git-config needs to relax its upper bound on megaparsec. PR submitted;
-  -- no action from maintainer yet
-  --
-  -- we can remove this if/when 0.1.3 is released on hackage
-  , git-config:megaparsec
-
-  -- codec-rpm needs a bump to its attoparsec bound. latest upload to hackage
-  -- was in 2018, so we may have to fork when breakage occurs
-  , codec-rpm:attoparsec
-
--- the semver package only exposes lens-style accessors for its Version type;
--- normal accessors are in an un-exposed Internal module. on master, the
--- Internal module is exposed, but a new release hasn't been cut to hackage yet
---
--- we can remove this if/when 0.4.0.2 is released on hackage
-source-repository-package
-  type: git
-  location: https://github.com/fossas/semver.git
-  tag: 7bc42dd298e0d98e119486ceab4f74042d46b004
-
--- cpio-conduit-0.7.2 on hackage has an incompatibility with newer versions of
--- base16-bytestring. we submitted a PR to fix this, and the PR was merged, but
--- a new release was never cut to hackage
--- We can remove this if/when 0.7.3 is released on hackage
-source-repository-package
-  type: git
-  location: https://github.com/da-x/cpio-conduit
-  tag: 30d92919e82c5033fffac7b34288f5a7fd28e9be
-
--- Current implementation of yarn-lock throws runtime error, as described by patches:
--- (a) https://github.com/Profpatsch/yarn2nix/pull/73
--- (b) https://github.com/Profpatsch/yarn2nix/pull/72
--- TODO: Remove once, both PRs are merged.
-source-repository-package
-  type: git
-  location: https://github.com/fossas/yarn2nix
-  tag: 7d9f505b35750e54bf9d73e5a996df4a1c5ab117
-  subdir: yarn-lock
-
--- Current hackage distribution does not support SSL_CERT_FILE, and SSL_CERT_DIR
--- environment variable. Modified source code below, supports aforementioned environment variables.
-source-repository-package
-  type: git
-  location: https://github.com/fossas/hs-certificate
-  tag: d93afd2dc78c2f6910766fabc2f5e4452bcae2f2
-  subdir: x509-system
-
-source-repository-package
-  type: git
-  location: https://github.com/fossas/tar
-  tag: 5f833d3a6840edb436f6083bf6e7159cd7649490
-
--- This can be removed once https://github.com/weldr/codec-rpm/pull/40 merges and is available on hackage.
-source-repository-package
-  type: git
-  location: https://github.com/fossas/codec-rpm.git
-  tag: 0f7431423d47fdf36945e4ff31fbee76005b7e68
-
-index-state: hackage.haskell.org 2024-02-21T10:56:14Z

cabal.project.common

@@ -0,0 +1,65 @@
+tests: True
+jobs: $ncpus
+
+package spectrometer
+
+allow-newer:
+  -- git-config needs to relax its upper bound on megaparsec. PR submitted;
+  -- no action from maintainer yet
+  --
+  -- we can remove this if/when 0.1.3 is released on hackage
+  , git-config:megaparsec
+
+  -- codec-rpm needs a bump to its attoparsec bound. latest upload to hackage
+  -- was in 2018, so we may have to fork when breakage occurs
+  , codec-rpm:attoparsec
+
+-- the semver package only exposes lens-style accessors for its Version type;
+-- normal accessors are in an un-exposed Internal module. on master, the
+-- Internal module is exposed, but a new release hasn't been cut to hackage yet
+--
+-- we can remove this if/when 0.4.0.2 is released on hackage
+source-repository-package
+  type: git
+  location: https://github.com/fossas/semver.git
+  tag: 7bc42dd298e0d98e119486ceab4f74042d46b004
+
+-- cpio-conduit-0.7.2 on hackage has an incompatibility with newer versions of
+-- base16-bytestring. we submitted a PR to fix this, and the PR was merged, but
+-- a new release was never cut to hackage
+-- We can remove this if/when 0.7.3 is released on hackage
+source-repository-package
+  type: git
+  location: https://github.com/da-x/cpio-conduit
+  tag: 30d92919e82c5033fffac7b34288f5a7fd28e9be
+
+-- Current implementation of yarn-lock throws runtime error, as described by patches:
+-- (a) https://github.com/Profpatsch/yarn2nix/pull/73
+-- (b) https://github.com/Profpatsch/yarn2nix/pull/72
+-- TODO: Remove once, both PRs are merged.
+source-repository-package
+  type: git
+  location: https://github.com/fossas/yarn2nix
+  tag: 7d9f505b35750e54bf9d73e5a996df4a1c5ab117
+  subdir: yarn-lock
+
+-- Current hackage distribution does not support SSL_CERT_FILE, and SSL_CERT_DIR
+-- environment variable. Modified source code below, supports aforementioned environment variables.
+source-repository-package
+  type: git
+  location: https://github.com/fossas/hs-certificate
+  tag: d93afd2dc78c2f6910766fabc2f5e4452bcae2f2
+  subdir: x509-system
+
+source-repository-package
+  type: git
+  location: https://github.com/fossas/tar
+  tag: 5f833d3a6840edb436f6083bf6e7159cd7649490
+
+-- This can be removed once https://github.com/weldr/codec-rpm/pull/40 merges and is available on hackage.
+source-repository-package
+  type: git
+  location: https://github.com/fossas/codec-rpm
+  tag: 0f7431423d47fdf36945e4ff31fbee76005b7e68
+
+index-state: hackage.haskell.org 2024-04-12T15:16:26Z

spectrometer.cabal

@@ -80,12 +80,13 @@ common lang
 -- Upgrade zip after text is upgraded
 common deps
   build-depends:
-    , aeson                        ^>=2.1.2.0
+    , aeson                        ^>=2.2
     , aeson-pretty                 ^>=0.8.9
     , algebraic-graphs             ^>=0.7
-    , ansi-terminal                ^>=1.0
+    , ansi-terminal                ^>=1.1
     , async                        ^>=2.2.2
     , attoparsec                   ^>=0.14.1
+    , attoparsec-aeson             ^>=2.2
     , base64-bytestring            ^>=1.2.1.0
     , binary                       ^>=0.8.8.0
     , bytestring                   ^>=0.11
@@ -96,10 +97,10 @@ common deps
     , conduit                      ^>=1.3.2
     , conduit-extra                ^>=1.3.5
     , conduit-zstd                 ^>=0.0.2.0
-    , containers                   ^>=0.6.0
+    , containers                   ^>=0.6.8
     , cpio-conduit                 ^>=0.7.0
-    , crypton                      ^>=0.33
-    , deepseq                      ^>=1.4
+    , crypton                      ^>=0.34
+    , deepseq                      ^>=1.4.8
     , direct-sqlite                ^>=2.3.27
     , directory                    ^>=1.3.6.1
     , either                       ^>=5.0.2
@@ -158,7 +159,7 @@ common deps
     , xml                          ^>=1.3.14
     , yaml                         ^>=0.11.8
     , yarn-lock                    ^>=0.6.5
-    , zip                          ^>=1.7.1
+    , zip                          ^>=2.0.0
     , zlib                         ^>=0.6.2.1
 
   if !os(windows)
@@ -701,7 +702,7 @@ test-suite unit-tests
     , hedgehog          ^>=1.4
     , hspec             ^>=2.11
     , hspec-core        ^>=2.11
-    , hspec-hedgehog    ^>=0.0.1.2
+    , hspec-hedgehog    ^>=0.1
     , hspec-megaparsec  ^>=2.2
     , HUnit             ^>=1.6.0
     , spectrometer