Can typescript please follow semver? So we can know when an upgrade is minor/major/patch ? #39269
Comments
|
Duplicate of #14116 Please don't open duplicate issues. |
|
@kitsonk @RyanCavanaugh #14116 is now locked, which means that we can't provide +1's, which means Microsoft is unable to measure community feedback on this issue. How should we proceed without opening duplicate issues, if we wish to communicate that this issue continues to impact us? |
|
semver has been proved totally wrong and misleading. even node.js itself uses lts releases and development release to avoid semver and npm's version range problem. |
|
@calidion Node follows semver (in addition to its own LTS and even/odd semantics), so I'm unclear as to your argument. Could you provide links to any supporting articles or posts? |
|
LTS is a way to reduce the pace of the problem that semver and npm version range introduced. so currently npm provides package-lock.json to lock all versions as rescue. semver is misleading in that versions should show evolution in its architecture not showing if it is compatible or not, Version updates should be discouraged if your projects are comfortable with current versions. Every version update will lead to new works and costs, it is a waste of time and efforts. |
|
If versions are used to show compatibility, they needs only one dot: |
|
Would like to see it. If it was (and still) an initial development then authors obviously missed the first 0 in the 0.x.y. You are a package in the npm after all, there are tools that don't understand the "uniqueness" of typescript in versioning. |
Honestly, I think NodeJS and NPM's total misuse of semver is the real problem. Most RubyGems use semver and don't have this problem, because Bundler uses tilde dependency constraints rather than caret by default. The fact that Yarn/NPM assume you want the highest version of a package that's not a new major by default is to me the biggest disappointment. When entire services spring up around the problem that your package manager causes, you know you screwed something up. |
|
That is because Semver think the consistancy between patches/minor changes can be very easily kept by the developers with every update. |
|
I don't expect anybody from the team is still following this issue, but I'd like to add a data point, and maybe somebody will notice it eventually. It looks like #14116 was closed with the idea that users writing TS code "can" break their build with any upgrade -- fixing an incorrect type will cause the (wrong) code you wrote to (correctly) fail type checking. That is not the semver / LTS build I am asking for. I want semver / LTS for tool authors. TS is now a central part of a massive ecosystem, and the TS toolchain is used by packages that never touch anything but vanilla JS. What I'm asking for is API stability for those toolchains. I found this issue because the LTS release of SonarQube (a static analysis tool) builds its TS/JS scanner on TS 4.0 even though they just released a patch for it 2 months ago. This means that if I want to scan our codebase, my code has to compile under that TS release. As far as I can tell, the problem is that significant engineering work is required to port their scanner to new TS APIs, which means that older (LTS) releases don't get back-ports and wind up stuck at the same version they started with, well over a year ago in this case. I would like to see a range of API-compatible drop-in replacement TS builds. Adding a new (consumer-facing) compiler flag wouldn't be such a big deal if the (tool-facing) API didn't have to break at the same time. |
|
It is a great contribution to the software development that the typescript team resists the stupidity that the SEMVER and the npm range introduced which greatly broking package stability in node ecosystem and making node useless for backend in some way. And semver also cultivated a lot of zealots which force many companies adopting semver recklessly. Software can be kept stable only by full testing, the idea of keeping stability by auto update packages is totally wrong and violating basic principles of development practices. |
|
Dude, you really don't have to reply to every single post in both issues. I said "semver / LTS" because I don't care if it actually follows the semver "spec", I just want them to publish a set of stable releases that have a stated goal of not breaking tools that consume their API, and I wanted to point out that this is a different goal from not breaking the build for users of |
Typescript doesn't follow semantic versioning (microsoft/TypeScript#39269). This means that there could be breaking changes in caret (`^`) ranges. This change: - upgrades to Typescript 4.9.5 for building the typescript files - adds Typescript ~4.9.5 as a `peerDependency` of the generated npm package - adds a `scroogeTypescriptPeerDependencies` setting to enable plugin users to add peer dependencies to the `package.json` - fixes a mismatched type in the `decode-encode` module
Typescript doesn't follow semantic versioning (microsoft/TypeScript#39269). This means that there could be breaking changes in caret (`^`) ranges. This change: - upgrades to Typescript 4.9.5 for building the typescript files - adds Typescript ~4.9.5 as a `peerDependency` of the generated npm package - adds a `scroogeTypescriptPeerDependencies` setting to enable plugin users to add peer dependencies to the `package.json` - fixes a mismatched type in the `decode-encode` module
|
WhyTF the hate for semver? Any update with whatever versioning schema you follow can mess up your app. You always have to test your stuff. It's not SemVer's fault if you don't. At least SemVer gives you some semantics for what you can expect. You can set up renovate to bump and automerge patch and minor if your tests are green. If they are red you may have done something you shouldn't. On the other hand it shouldn't surprise you to see a PR for a major bump failing. |
|
Semver has already ruined node.js' ecosystem which was once promising now has faded. |
|
the companion locking files just signs indicate that sevmer is useless and wrong. |
|
Version range, auto version update, semver are the three stupid things brought by the node.js eco which cause instability in node_modules and hence ruined the node.js ecosystem. |
|
package-lock is a way to rescue but it is too late. |
Apparently typescript does not follow semver, so to be safe, I am locking to exact patch versions. For context, see: microsoft/TypeScript#39269
Search Terms
semver, breaking changes, semantic versioning
Suggestion
I realized 4.0.0 isn't a breaking change. Typescript versions aren't like other node package versions. Now sure how they increment and who decides version numbers.
Could we adopt semver ? It makes it super easy to know whether a version upgrade is a breaking change, a new additional feature or just a small bug fix.
As a package consumer, knowing the answers to those questions is important and since TS doesn't follow semver it means as an author, I have to manually fiddle through release notes to figure things out.
https://docs.npmjs.com/about-semantic-versioning
By default npm installs with '^x.y.z', which means latest package with same major version, so minor releases are allowed.
By releasing with semver, it plays well with rest of npm ecosystem.
Use Cases
Have a sane dev life.
My suggestion meets these guidelines:
The text was updated successfully, but these errors were encountered: