2020-07-24 11:25 UTC+02:00, Torsten Curdt <tcu...@vafer.org>: > It still needs a person to decide to merge a PR for a new version. > So this indeed is just about the dependency upgrade policies. > > But isn't that what the version definition is for?
Ideally. In practice, I think that all we can assume is that the version string is a quick-glance summary of changes, for human consumption. > I'd argue that 1.12.4 <-> 1.12.6 should be a compatible upgrade AND > downgrade, > 1.12.4 -> 1.20.0 not so much. > > But to avoid all this is why I usually try to inline dependencies for > libraries as much as possible. Basically pretending to not have any. > This of course depends on whether the dependency can be isolated that way. > > Also a point I made many times. > Just wanted to mention it - again :) I think that it would be great that "Commons" has a common policy for dealing with this (so that we don't have to repeat ourselves every now and then). A long time ago, the "shade" feature seemed the perfect answer to that problem. Yet, to avoid dependencies even on another Commons component, several of us continue to support the copy/paste option. Gilles --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org