Does Manifest.toml belong in the repository?

question

#1

Sorry if this is a dumb question, but I could not figure this out. It seems to be generated dynamically when missing, so should I add it to the git repo?


Where does Pkg(3) find version numbers?
#2

The Manifest allows someone to replicate the exact version of the dependencies that was recorded in the manifest on e.g. another machine. For a package that is to be used as a library, this is not super useful because there will be some other Manifest dictating the versions of what is installed.
However, for an “application”, i.e. something at “top level” (say your julia code to do the simulations in a scientific paper) then it is likely useful to be able to replicate that exact state and the Manifest is thus useful to check in.


#3

It might also be nice to have a manifest checked into package repos for a few reasons:

  1. So that you have at least one known good configuration that presumably passed tests and such.
  2. To keep the different developers of the package in sync using similar setups.

Of course, 2 cuts both ways: it’s nice that all the devs have similar setups and they can upgrade in sync, but that means that there’s less testing of the package with different setups. Benefit 1 may be better accomplished with some kind of database for recording known good/bad configurations.


#4

I decided not to include it for now, as I think that version bounds should be specified explicitly, and in case that does not work, that is a bug.

In any case, some guidance in the documentation about this would be useful as a starting point.