Is semantic versioning an anti-pattern_ _ hacker news

Given that the article did a poor job of actually stating the problem of semver, could you list the issues you encountered when dealing with rust’s use of semver?

I worked at Amazon for 1 year. Database wiki They use semver for everything. Data recovery freeware I think that’s one of a few technical superiority I missed since left. Database clustering I am curious about its problems.


The article did not say much. Icare data recovery As for the suggestion given in the article, I cannot help to think that one can always release a number based on a semver to external customers. Data recovery jacksonville fl That does not prevent semver being used internally at all.

I mean, if someone put an arbitrary number there, and users are screwed because of author fails to maintain the correct contract, at least people can go to there and point out that the contract is broken. 510 k database search Removing semver does not do anything good. Database engineer It just give the author an possible excuse, i.e., if users are screwed, the author can claim that he/she never meant to make its software backward compatible. Data recovery california For that, semver also provides the same mechanism, i.e., bump a major version number. Moto x data recovery At lease users know that they can expect a breakage.

The article is poor, I’ll agree with that. Database administrator But the project I work on that makes me agree with it (that does not currently use rust, but it is something we’re looking at) is a low level system component that is continuously deployed across entire clusters. Database acid We only ever have two versions active in a cluster at a time (either upgrading or downgrading when something goes wrong). Database 10g People do not really ‘consume’ us except in so far as the system as a whole does expected things. Database news We do have some “API”s to our system, and we do version those, but those protocols change extremely infrequently and are either only for consumption by the same or adjacent versions.

Our release version numbers are literally jenkins build numbers. Database key value Anything else is not worth the administrative overhead for our needs (even were that ‘small’, it’s also weirdly political in a bikeshed sort of way).

And I don’t think this is really all that uncommon even for higher level things. Data recovery pro review I don’t think semver makes any sense for a rails app, for example, but in rubyland you only version things you publish. Data recovery windows 8 Rust makes you version things you will never publish.

Don’t get me wrong. Data recovery devices For the things we consume from outside our team or abroad, semver is an absolute boon. Moto g data recovery software Sometimes, though, when you point out that people are treating something as a silver bullet, you’re saying it’s outright bad. Data recovery windows 10 I’m not saying that. Database youtube It’s not a problem with semver that semver is not universally applicable.

For this scenario you seem more opposed to the idea of version numbers in general then Semver. H2 database console Does your build process tag the build numbers in your code repository? The benefit of Semver (and any sensible versioning system) is that whatever you deploy in production gets a (human readable) version assigned to it, and that version is tagged in your git/hg/svn repo.

The nice thing about version numbers such as Semver is that whenever you do need to maintain more than one branch of your library/tool/application, its just a matter of branching the code, and assigning a higher major version to the newer branch, whilst keeping the older major version for the stable older branch (which will still receive fixes).

With build numbers you lose a way to distinguish these two, with Semver you have an old branch (v1.0.0, v1.0.1, v1.1.0, …) and a newer branch (v2.0.0, v2.0.1, …) that can both receive new updates and version numbers. Database browser Because you usually can’t predict which internal project will by necessity get split into two parallel development branches, you might as well just use version numbers everywhere.

I don’t quite get the administration argument you mention. Database help A lot of modern build software (Rust is mentioned, but Java does this as well with Maven) use some sort of versioning to facilitate this out of the box, so why go out of the way to not use them?

> And then if you deploy to your server and for some reason it has to update NPM, suddenly you have a potential of any and all of those thousands of packages to break, or interact poorly, or whatever. Database vendors Since you have specified that anything between 1.0.0 and 2.0.0 is perfectly fine, you have absolutely no idea what secret sauce is necessary to get a working application again.

That’s not how you’re supposed to use npm. Database key You should never perform an npm update directly in production exactly because of what you describe.

The proper way to manage dependencies update in npm is to perform the dependencies’ updates in your build process when building your pre-production/staging build and then use the shrinkwrap[1] command of npm to generate a file with all dependencies pinned for production. Data recovery live cd This way, for a given production deployment, you know exactly what version of which dependencies was being used and you can rollback easily if an update break something.

Linux’s support for ELF symbol versioning makes maintaining binary compatibility of C libraries easier than perhaps any other platform or language. Data recovery clean room It’s patterned after Solaris’ ELF symbol versioning, but more powerful.

glibc uses it extensively, but alas few other people know about it. Database view Theoretically languages, like Rust, which compile to ELF executables could leverage the capability. Data recovery fort lauderdale But none do.

I personally don’t bother with semantic versioning at all. Data recovery equipment tools Where ABI compatibility matters, I’ll commit to maintaining backward ABI compatibility in perpetuity using symbol versioning.[1] And maintaining backwards API compatibility is something I try to commit to as a matter of course; if I can’t then I make sure builds will break loudly.

I don’t begrudge people using semantic versioning, I don’t just don’t think it’s the best approach for most cases. Data recovery lab It’s just one of several crappy choices. Data recovery online But at least with C on Linux, ELF symbol versioning is a slam dunk when you’re serious about the matter.

The author has actually no clue what semantic versioning is. Database union He keeps on saying that with small, frequent and well tested changes you constantly produce “stable” builds and therefore don’t need the complexity of semver, but he doesn’t seem to understand that this has absolutely nothing to do with semver.

Even the smallest and most stable change can break backwards compatibility or fix a bug or add a new feature and semver’s only purpose is to meaningfully express what kind of change it is. Data recovery houston You build a 3rd party package or a library which is used by other people? You better use semver. 7m database soccer basketball It makes everyone’s life easier and not more difficult. Create database link You build some REST API which is consumed by other applications? You better use semver. Database form It not only helps to visually display what kind of change it was, but it also triggers an additional thought process during development and CI. Data recovery process For example if the major version doesn’t change, then the CI system can reliably replace the existing API during the deployment process. Database training However when the major version changed, then you might want to think about a side-by-side deployment to support backwards compatibility, at least for a certain grace period. Data recovery hardware It makes life in many ways easier.

And again, this has nothing to do with how stable a release is. Best database software Let’s say I have a public facing REST API and I make a 1 line change where I decide that some field of a JSON object must be int64 because in some edge cases an int32 wasn’t unique enough and would have caused a bug. Database gui Now this change is fixing the system, making it even more stable but essentially breaking existing integrations. Data recovery technician Semver helps me to easily communicate the change to my API consumers, setting up the right expectations and helping them and myself by reducing frustration, tech support and unwanted side effects. Database engine tuning advisor It also helps to deploy it in a way that allows a smooth transition to the newer API.

Furthermore his suggestion of using a date is useless. Data recovery rates What does a date tell me? Nothing… Database developer salary if I want to know the date I right click the files of a build and look at date + time or I look at the commit time in git or the build time in the CI tool. Database backup and recovery Having it in the version is stupid.

He does talk explicitly about the trouble of making major changes in SemVer[0]. Yale b database The gist of his argument was that minor changes in semver are relatively useless while major changes have a high probability of breaking your software. Sybase database Major changes in semver are backwards incompatible and update the program’s API in place. Database design This leads to dowstream breakage and fear around doing upgrades.

> If I need to upgrade my application due to a security vuln, SemVer lets me know if I can just “drop-in” the upgrade, or if I need to work more.

I think the point he was trying to make was that upstream developers could change internals of a library but keep the API consistent so that downstream devs would never have to worry about scary updates. Database 3 normal forms As you said with SemVer, if the security upgrade is a significant change, then you can expect breakage in the library. Database for dummies What he was advocating was patching issues like security vulns under the hood while keeping everything backwards compatible. A database is a collection of Major upgrades could even add new namespaces, functions, and arguments but there’s no real point to deleting or mutating old code, that just creates breakage. Library database He wants software libraries to be immutable to take care of dependency issues and versioning to better reflect the changes made in the code.

As I understand it, all semver is trying to tell you is when backwards-compatible changes happen, and when backwards-incompatible changes happen.

If the project developer wants to add some sort of indication that “this package contains changes that are alpha quality, and may not respect semver for the next few releases” then that developer can append a pre-release identifer to the version, as described in the semver spec. Database node Once that identifier goes away, the risk that a package violates semver should be gone, and you should be free to update based on the semver relation to the previous release.

Ultimately, it’s up to the project to verify that their releases don’t violate the semver spec by being diligent with respect to their public API. Data recovery after format If you find that a project isn’t disciplined in documenting API changes (semver or otherwise,) then coming upw ith new rules to convey the information they’re already not conveying isn’t going to help anything.

Risk is simply an integer expressing how likely the project is to work if you use the previous release. Database 2015 Anything else is left up to the project to determine what things get a specific amount of risk. Data recovery nyc Or another way of putting is that the only requirement is that the risk number be correlated to the probability of running into issues running that release over the previous. Database weekly Risk can even go negative to signal that the previous release had a showstopping bug that was fixed and that the new release should be used in all cases over the previous.

Also, some of the risk calculation can be pushed down onto tooling and the community. Data recovery utah As an example, if more than the normal amounts of issues are reported against a release, the risk for the release can be automatically increased without anyone needing to be diligent in updating it and things can get automatically rolled back if the change was found to be too risky.

Semver requires a project to be more diligent than many projects are willing/able to be, and requires all changes fit nicely into the semver categories. Data recovery deleted files Too many changes don’t fit neatly into semver, especially when libraries are used cross platform and in different programming languages. Database health check Say a project switches from GCC to Clang, semver has no official way to express that. R studio data recovery software Release.Risk can handle it by assigning a amount of risk to the update and pretty much any other unforeseen corner case too as it doesn’t try and categorize the risk. Data recovery iphone Also different projects have different risk profiles which semver completely ignores the concept of (glibc is more risk adverse than the JS library of the day). Ease use data recovery Semver also doesn’t indicate any difference between a new feature that is self contained or one that touches a core piece of code, the former is much less risky than the later.

banner