This does seem really useful. I appreciate the detailed explanations. If we
formalize it into policy, I'd love to make it a bit more concise, and with
appropriate room for human contestation of the guidelines.

On Fri, Jun 1, 2018 at 1:47 PM Scott Wegner <sweg...@google.com> wrote:

> Thanks Cham. Overall this seems like a useful hygiene improvement for the
> project. I've left some comments in the doc.
>
> On Fri, Jun 1, 2018 at 10:48 AM Chamikara Jayalath <chamik...@google.com>
> wrote:
>
>> Hi All,
>>
>> I've copied ideas proposed in the doc below for more visibility. Any
>> comments are welcome.
>>
>>
>>
>> * - Human readable per-SDK reports on status of Beam dependencies are
>> generated weekly and shared with the Beam community through the dev list.
>> These reports should be concise and should highlight the cases where the
>> community has to act on. See [4] for more details on this.- Beam Components
>> (IO connectors, runners, etc) should always try to use versions of
>> dependencies that are defined at the top level. Per-component dependency
>> version overrides should only be performed in rare cases and should come
>> with clear warnings for users.- Upgrading a dependency with an outdated
>> major version becomes a blocker for next major version release of Beam and
>> for any minor version releases after next immediate minor version release.
>> For example, if a dependency is identified to be outdated while the latest
>> release is x.y.z, upgrading this dependency becomes a blocker for releases
>> (x+1).0.0 and x.(y+2).0 of Beam. Additionally, upgrading to a major version
>> of a dependency will only be enforced if the new major version of the
>> dependency can be adapted without a significant rewrite to any Beam
>> component. Note that this policy intentionally allows one of the minor
>> version releases to proceed without upgrading the dependency which I
>> believe will give Beam community enough breathing room to upgrade
>> dependencies without significantly affecting the release frequency.-
>> Upgrading a dependency with a significantly outdated minor version (based
>> on methodology defined in [4]) becomes a blocker for next major version
>> release of Beam and for any minor version releases of Beam after next
>> immediate minor version release. Note that this policy does not force Beam
>> to adapt every minor version release of a dependency.- When performing a
>> release, release manager should make sure that blockers identified through
>> above process are resolved before the release candidate is cut.-
>> Optionally, dependency declarations may have comments that identify owners
>> that should be responsible for upgrading the respective dependencies.
>> Release manager may choose to assign a blocking JIRA for a dependency to
>> its owner.*
>> Thanks,
>> Cham
>>
>> On Thu, May 31, 2018 at 7:11 PM Chamikara Jayalath <chamik...@google.com>
>> wrote:
>>
>>> Hi All,
>>>
>>> We recently ran into many issues due to Beam dependencies being
>>> significantly out of date. For example see [1], [2], and [3].
>>>
>>> Yifan Zou recently introduced a proposal [4] that would allow us to
>>> identify outdated dependencies. But to really make sure that this helps the
>>> Beam project and community I believe we should adapt several small policy
>>> changes to our development and release process.
>>>
>>> To this end, I have created following short document that identifies the
>>> dependency issue and proposes several policy changes. I greatly appreciate
>>> if you can take a look and comment.
>>>
>>>
>>> https://docs.google.com/document/d/15m1MziZ5TNd9rh_XN0YYBJfYkt0Oj-Ou9g0KFDPL2aA/edit?usp=sharing
>>>
>>> Thanks,
>>> Cham
>>>
>>> [1] https://issues.apache.org/jira/browse/BEAM-3098
>>> [2] https://issues.apache.org/jira/browse/BEAM-3991
>>> [3] https://issues.apache.org/jira/browse/BEAM-4229
>>> [4]
>>> https://lists.apache.org/thread.html/758625106a6cfe9ba23d7b39625da20e050c6279b138b18b3f0013e7@%3Cdev.beam.apache.org%3E
>>>
>>

Reply via email to