allow tiny version differences unless there is a specific bug fix we want
Pirate Praveen
Public
Seen by 42
Currently Gemfile specifies requirements as exact versions up to tiny version/bug fix version. Can this be changed to ~> x.y.z like most other gems do?
If there is a specific bug fix we need, then only we should bump the minimum tiny version.
Since Gemfile.lock can specify exact version, this will not affect any bundler/gem users but can help with debian package/possible other distro packages from patching Gemfile.
Summary: normal minor version bumps should be done via Gemfile.lock only and Gemfile should keep minimum known working version.
For minor and major version updates, it can be done in both Gemfile and Gemfile.lock.
Poll Created Wed 24 Feb 2016 4:52PM
allow newer patch releases unless we know about a known issue Closed Sun 6 Mar 2016 4:37PM
failed to get consensus
Currently Gemfile specifies exact versions of the dependencies up to hotfix releases (like nokogiri 1.6.7.2).
Allow newer patch releases by changing "x.y.z" requirement to "~> x.y.z" for stable libraries (x > 1) unless we know a newer patch release introduced a bug that affects us. In case of hotfix releases, we can add "~> x.y.z", ">= x.y.z.hotfix" so we ensure hotfix releases are covered.
Results
| Results | Option | % of points | Voters | |
|---|---|---|---|---|
|
|
Agree | 50.0% | 2 |
|
| Abstain | 0.0% | 0 | ||
| Disagree | 50.0% | 2 |
|
|
| Block | 0.0% | 0 | ||
| Undecided | 0% | 48 |
|
4 of 52 people have participated (7%)
Pirate Praveen
Wed 24 Feb 2016 4:54PM
I should be able to update nokogiri to 1.6.7.2 from 1.6.7.1 without breaking diaspora 0.5.5.1
Balasankar C
Thu 25 Feb 2016 8:04AM
Gemfile.lock for specific tiny requirements and Gemfile for major and minor seems to be a good balance.
Efforts to make installation of Diaspora easier for end users should be appreciated and supported as possible.
Dennis Schubert
Thu 25 Feb 2016 8:44AM
There are complex inter-dependencies between some Gems, even using exact hotfix releases. Some gems do not even follow semver so installations would break nonetheless. In addition, I remember some setup issues by slightly off gem versions.
Jonne Haß
Fri 26 Feb 2016 12:07PM
Users run bundle update out of confusion and we can't support the rapidly exploding variants of dependency tree's wen we're liberal about the versions required. Installing as many dependencies as diaspora has via a package manager is still utopia.
Jonne Haß
Fri 26 Feb 2016 12:08PM
Users run bundle update out of confusion and we can't support the rapidly exploding variants of dependency trees wen we're liberal about the versions required. Installing as many dependencies as diaspora has via a package manager is still utopia.
Poll Created Mon 7 Mar 2016 4:56PM
allow newer patch releases for stable libraries following semantic versioning Closed Mon 28 Mar 2016 4:37PM
If a gem complies with SemVer (usually declared in README) and it is a stable release (>= 1.0), allow newer patch releases to match Gemfile requirement.
ie, make it '~> x.y.z', instead of 'x.y.z'. If we need a specific patch release, we can use '~> x.y.z', '>= x.y.z.hotfix'
Results
| Results | Option | % of points | Voters | |
|---|---|---|---|---|
|
|
Agree | 25.0% | 1 |
|
| Abstain | 0.0% | 0 | ||
| Disagree | 75.0% | 3 |
|
|
| Block | 0.0% | 0 | ||
| Undecided | 0% | 49 |
|
4 of 53 people have participated (7%)
Pirate Praveen · Fri 26 Feb 2016 2:27AM
@dennisschubert can we do this for gems that advertize SemVer compliance and have a stable version (>= 1.0)?