Lively discussion. I can't pretend I read it all, but... I'd like to remind you that: - specification version is used to depend on features - implementation version is used to depend on bug-to-bug compatibility
E.g. use specification version to depend on properly versioned API. Use implementation version to workaround bugs in behavior. >From this point of view it makes sense make implementation version = git hash. Checksum of available methods isn't really appropriate as bugs in behavior happen in the method bodies, not in signatures. -jt ne 4. 8. 2019 v 11:27 odesÃlatel Tim Boudreau <[email protected]> napsal: > Well, since I mentioned I'd poked at writing a Java code signature hashing > tool, I figured why not finish it, so, if anyone's interested, here you > go. The readme explains what it does: > > https://github.com/timboudreau/signature-hash > > Wrote a few tests that pass (same hash with differently formatted code, or > code with or without a private method), and tried it on a few projects > making changes. Jan Lahoda, you're probably one of the few people on the > planet that could look at this and see if there's anything glaringly wrong > with it :-) > > It builds to a command-line executable JAR, but could easily be made into > an Ant or Maven plugin or whatever. Hashing the signatures of things that > actually get *called* seems like it would be far superior to git hashes, > where inconsequential changes would result in a false-incompatibility > reading. > > -Tim >
