Thank you for the discussion. I am learning! Replies inline…
Guillermo Polito wrote: > forcing everybody to use major versions is not a solution: why do we have > minor versions if we can only use major versions? > > > Unless they are intimately familiar with both projects (and even then I > > wouldn’t have confidence in a manual review), the best way I can think of > > is to rely on passing CI, and in that case… > > I don’t see what is the solution you propose here... I agree! My gut is that the best default, especially given the limitations you describe in the tooling at this time, is to depend on baselines, not specific versions, unless one has an important reason not to (e.g. for a tagged release which ideally should be 100% reproducible), which in my experience is often not the case. I sense that we often reflexively specify versions because that is “the semantic versioning” way, even though our tooling does not really enable us to easily gain the benefits usually associated with semver. I only suggested that major versions would require a bit less cascading changes than minor and patch pinning, which there seems to be a lot of without an expressed justification. > Why are you assuming somebody did a “defensive pinning”? I often see commits like “update to lates Xyz project version” and the commit changes v1.2.3 to v1.5.3. I find it difficult to believe, especially given the lack of commit message details to justify, that in all these cases the main project absolutely can’t work without the 1, 2 and 3 patches to 1.5. I feel it’s more likely a symptom of exactly what I’m pointing out and which you illustrated in your examples - unless different projects all point to the exact same version, Metacello will have problems, so just specify full versions everywhere. > > It seems easier to just react to CI failures; defensive pinning smells like > > premature optimization IMO > > What do you mean to react to CI failures? I mean that CI failures might be a useful guide to when we really need to pin versions based on clear evidence.
