Please be mindful of version bounds and semantic versioning when tagging your packages

Well, why didn’t you just admit this from the start? That you are only trying to make things easy for yourself instead of pretending you follow a much better path.

Also, you seem to base your reasoning on things that are not correct, e.g. here, where you (seem to?) think that adding bounds to a new release retroactively adds the same bounds on previous releases:

And also, when presented with an actual example (Please be mindful of version bounds and semantic versioning when tagging your packages - #29 by fredrikekre), you didn’t explain and/or answer how you would solve that problem.

But at least there a state that is proven to work. That might not include beeing on the latest version of every dependency, but at least it is something working. The opposite would be that users just get some random version that claims to be compatible with everything.

Okay, so say I am completely new user and know nothing about versions etc. I decide to test out some of these packages: pkg> add A1 A2 B, and I get, say, A1@1, A2A1@2, BA1@3. Cool! I can start writing Julia code now!
Turns out there exist A1@2, which I am happily unaware of. Now, if it turns out I do need A1@2, I try to add it and get a resolver error message (admittedly these can be better, see Better resolver failure messages · Issue #819 · JuliaLang/Pkg.jl · GitHub, but at least I have something to report). So since I am a new user and don’t understand why, I raise an issue with A1: Hey, why can I now use A1@2 here?. Hopefully it is still a maintained package, and the problem can be resolved.

Consider now the case with no bounds; I try again pkg> add A1 A2 B, but this time I get A1@2, A2A1@2, BA1@3. I start writing code, nothing works.
As a new user, where do I raise an issue? I don’t know. Lets file an issue with A1. What do you as a maintainer of A1 tell this user? What versions of the dependencies do you have? Well, I just use what I got from the resolver, that you as the maintainer told the registry you were compatible with. Ok, but I just hoped nothing would break. You need to add this package at that version, and that other package on that version. Can you try that?

That does not seem more user-friendly to me.


Yea, but putting the latest (SemVer) breaking release there is never wrong, after all, it is unlikely that your package works with more than one or two breaking versions of your dependency, so it is not that hard to test. If you (or your users) feels it is important that the package also work with older releases of that dependency they can fix that. See also Introduce `down` as opposite of `up` · Issue #1062 · JuliaLang/Pkg.jl · GitHub

8 Likes