Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Figure out how to manage versions of packages in the cargo repo #12033

Open
ehuss opened this issue Apr 25, 2023 · 0 comments
Open

Figure out how to manage versions of packages in the cargo repo #12033

ehuss opened this issue Apr 25, 2023 · 0 comments
Assignees
@weihanglo
Labels
A-infrastructure Area: infrastructure around the cargo repo, ci, releases, etc. S-needs-design Status: Needs someone to work further on the design for the feature or fix. NOT YET accepted.

Comments

@ehuss
Copy link
Contributor

ehuss commented Apr 25, 2023

The cargo repo has several packages which have their own versions independent of the main cargo library. The following are published when cargo-the-library is published every 6 weeks if their version number has changed:

  • cargo-util
  • cargo-platform
  • crates-io

Additionally, there are a few others that are not automatically published, and are only done manually as-needed:

  • home
  • cargo-credential and the various credential helpers

There have been a few issues where the version numbers haven't been bumped appropriately before the release, causing cargo-the-library to fail, or to be using outdated dependencies.

This issue is to explore different options for how we can better manage the version numbers so that this doesn't happen, and that it takes less manual effort for us to make sure the correct version bumps happen.

Part of the problem is trying to sync with Rust's release cycle. We don't know which changes will ultimately be included in each dependency until the beta branch, which is some arbitrary point over the course of potentially a week. After which, if we need to decide if the collective changes involve a semver-breaking change, we need to push version bumps to both the beta branch and the master branch.

cargo-credential

This is experimental right now. I'm fine with leaving this to be manually managed until it gets to a more serious state where it has the potential to be stabilized.

home

I think we can just manually publish changes whenever new changes come in. I'm not expecting this to change much. I think this is something we could give more attention to if it ends up having more frequent updates.

Dependencies

Option 1: Always semver-breaking bumps

Long ago we used to just always do a semver-breaking version bump for all crates every 6 weeks regardless if they have had any changes. We stopped doing that with the intent that these libraries were intended to be independently usable (particularly cargo-platform). I think it would be good to have these libraries be independently usable without unwanted version bumps.

Option 2: For every PR, check for changes

In CI, we could have a check to see if any changes have been made to a dependency, and check if the dependency's version number has been bumped appropriately.

This runs into some complications with trying to decide if something involves a semver breaking change or not. It would be good to use something like cargo-semver-checks. Unfortunately that depends on an unstable nightly feature, and I'd be reluctant to gate on it in case it stops working. We could perhaps add it in an advisory role, where it could post a comment on the PR if it fails, but not mark the job as failed. If cargo-semver-checks is broken, then we would just need to do manual checks (and we will need to do manual checks regardless since cargo-semver-checks doesn't catch everything).
@ehuss ehuss added S-needs-design Status: Needs someone to work further on the design for the feature or fix. NOT YET accepted. A-infrastructure Area: infrastructure around the cargo repo, ci, releases, etc. labels Apr 25, 2023
@ehuss ehuss mentioned this issue Apr 25, 2023
Merged
@weihanglo weihanglo self-assigned this Apr 27, 2023
This was referenced May 4, 2023
Merged
Closed
Merged
bors added a commit that referenced this issue May 23, 2023
@bors
Auto merge of #12126 - weihanglo:ci-version-bump, r=epage
5a39627 
ci: check if any version bump needed for member crates

### What does this PR try to resolve?

Check if a crate requires a version bump in CI.

Part of #12033

### How should we test and review this PR?

Demo action result: <https://github.com/weihanglo/cargo/actions/runs/4941952784/jobs/8835049007>

### Additional information

This doesn't devalue #12089. I love the changelog detection, saving maintainers' times a lot ( I am the one writing changelogs for each release for now). However, the amount of code there is too excessive to me. I think someday when we are going to integrate [cargo-release](https://crates.io/crates/cargo-release) and/or [ehuss/cargo-new-release](https://github.com/ehuss/cargo-new-release), we can remove this script perhaps entirely :)

I tried to document the script a bit hard. Hope it won't get worse over time.
@ehuss ehuss mentioned this issue Sep 11, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@weihanglo weihanglo

Labels
A-infrastructure Area: infrastructure around the cargo repo, ci, releases, etc. S-needs-design Status: Needs someone to work further on the design for the feature or fix. NOT YET accepted.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ehuss @weihanglo