-
Notifications
You must be signed in to change notification settings - Fork 553
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
releases: use +dev as in-development suffix #1198
Conversation
Under SemVer, the suffix "-dev" actually indicates a pre-release, meaning the way we've been using the suffix indicates that "1.0.0-dev" is *older* than "1.0.0" when we've used the suffix to indicate the opposite. With most package managers, the "+dev" suffix correctly indicates that the version is newer (i.e. 1.0.1 > 1.0.0+dev > 1.0.0), though under SemVer "+dev" build tags must be ignored when doing version comparisons (meaning 1.0.0+dev == 1.0.0 under SemVer). However, from a SemVer perspective the unreleased version is inarguably closer to being equal to the last release than being older than it. As a specification we also allow extensibility of various parts, meaning that if someone uses an as-yet-unreleased version it seems reasonable to me for it to be treated as the same (from a SemVer perspective) as the last released version it's based on. The other option would be to continue to use "-dev" as a suffix but bump the rest of the version number to the next version we plan to release, but this could also cause issues (we could have a "pre-release" for a release that never happened). Using "+dev" seems more sensible. Switching to "+dev" also matches the way runc and umoci are versioned, and allows downstreams that use as-yet-unreleased versions of our specs to have their spec versions be treated as the same as the released version by other consumers. Signed-off-by: Aleksa Sarai <asarai@suse.de>
I think this would be most accurate, but the caveat here is that technically we wouldn't know what the next version is, because with SemVer, the version depends on the changes included (whether it would be a major, minor, or patch update). Go modules "solves" this by preemptively incrementing the patch version (last digit), which I guess would be a "safe" choice as long as it has a pre-release suffix. Note that |
Yeah bumping the patch (and then putting This might be a somewhat esoteric issue, but for umoci this would mean we could never vendor a non-released version of a spec (something we've had to do quite a lot -- possibly more often than we've vendored released versions of image-spec and runtime-spec 😅) because it would cause Also having a |
I'm struggling to understand why this is important 😅 We don't ever actually release with a If so, we could do something like |
In theory people shouldn't import a non-released version of the spec, in practice everyone does it at least some of the time. |
Can we merge this? |
I'd like to release v1.1.0-rc.3 soon with this and #1191 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
but indeed, I don't think anything should realistically depend on this field in pre-releases, other than for "informational purposes" (otherwise it should better be propagated with an actual git reference)
Under SemVer, the suffix "-dev" actually indicates a pre-release, meaning the way we've been using the suffix indicates that "1.0.0-dev" is older than "1.0.0" when we've used the suffix to indicate the opposite.
With most package managers, the "+dev" suffix correctly indicates that the version is newer (i.e. 1.0.1 > 1.0.0+dev > 1.0.0), though under SemVer "+dev" build tags must be ignored when doing version comparisons (meaning 1.0.0+dev == 1.0.0 under SemVer). However, from a SemVer perspective the unreleased version is inarguably closer to being equal to the last release than being older than it. As a specification we also allow extensibility of various parts, meaning that if someone uses an as-yet-unreleased version it seems reasonable to me for it to be treated as the same (from a SemVer perspective) as the last released version it's based on.
The other option would be to continue to use "-dev" as a suffix but bump the rest of the version number to the next version we plan to release, but this could also cause issues (we could have a "pre-release" for a release that never happened). Using "+dev" seems more sensible.
Switching to "+dev" also matches the way runc and umoci are versioned, and allows downstreams that use as-yet-unreleased versions of our specs to have their spec versions be treated as the same as the released version by other consumers.
Signed-off-by: Aleksa Sarai asarai@suse.de