On Monday, 2 February 2015 at 09:03:56 UTC, Vladimir Panteleev
wrote:
Is that so? Won't a security fix entail a version bump,
requiring a change in the requirements file of the parent
project? Also, does Dub really check for updated versions of
libraries online, every time a project is built?
It does.
You have a broad range of options for specifying which version to
use.
http://code.dlang.org/package-format#version-specs
If you use Semver correctly, it's a great benefit.
- When cloning repositories, dub does not preserve the
repository's directory
name (so e.g. fruit will be cloned to ~/.dub/fruit-1.0.0/).
Necessary in order to maintain multiple versions of a package
in order to satisfy different applications' dependencies,
surely? You have a similar situation with different versions
of shared libraries installed on any UNIX system.
No, it is not necessary. The directory layout could be
~/.dub/fruit-1.0.0/fruit/...
What would be the advantage ? You should not deal with ~/.dub/.
Note, you can specify local packages:
"fruits": { "path": "fruits" }
Works well with git submodules.