-
Notifications
You must be signed in to change notification settings - Fork 149
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarify caret operator range for pre-1.0.0 dependencies #83
Conversation
In this particulare case you should consider |
Oh well, I've searched around a bit more and it seems that the correct interpretation is:
|
@greysteil Thanks for adding the documentation and test. It's worth noting the dep isn't using the version on the master branch but rather the version on the 2.x branch. I'm not entirely sure what we're going to do with that once vgo/modules is in and dep becomes overcome by that. @cmaglie There is no spec on semver ranges. There are minor differences between JS, PHP, and others. That being said, because we are talking about compatibility I did a little digging on behavior of the
We should figure out what to do about the I'm hesitant to change or document this at the moment. Documenting it clearly means it's expected behavior and not a bug for pre-1.0.0. /cc @technosophos |
I've spent a lot of time looking a how different languages specify requirements (I have to convert them to Ruby requirements for Dependabot - code is here), so I'll add my 2 cents:
Given the above, there are three options:
My hunch is that (1) is the right choice - it's basically what everyone now expects. At the end of the day you just have to make a choice on it, though 🤷♂️ |
Here is the plan.
Sorry for the delay in getting around to this and thanks for all the input. |
I couldn't find any documentation on the behaviour of the caret operator for pre-1.0.0 dependencies, and it wasn't immediately obvious that it would behave in the same way as for post-1.0.0 dependencies (mainly because in JS it doesn't).
This PR adds a pre-1.0.0 example to the readme and adds a test for the current behaviour.
This may have been discussed elsewhere, but in combination with
dep
using the caret operator by default, the current behaviour here is a little surprising. I can imaging users settingversion = "0.0.1"
in theirGopkg.toml
and being surprised/unhappy to get0.0.3
, which might include a host of breaking changes. Maybe that's better fixed indep
than here, though.