[erlang-questions] A plead to use tags (or equivalent in your SCM system)

Torben Hoffmann <>
Wed Apr 25 11:30:34 CEST 2012


I might be a bit paranoid, but after loosing half a day due to an 
"update" to a dependency given with {branch, "master"} I have resorted 
to the following approach: I fork all the dependencies so that I am in 
control if I cannot get a proper tag from the dependency itself.

This means that:

 1. I control when to take in new stuff.
 2. I can add my own tags to ease upgrades.
 3. If the author removes his repo I still have access to the source.

The main problem is that version numbering is not so popular these days 
- what's the point when you have a sha?
Well, it harder to say intelligent things about the magnitude of a 
change from looking at the sha compared to a version number that follows 
semantic versioning (semver.org).

With semantic versioning you know that a change to the major number will 
- at the very least - require serious investigation before you can be 
sure that your code with work with the updated dependency. And so on.

It is actually easy to do semver with git - just tag your code.
But easy is not enough to get people to do this. Unfortunately.

I am of the opinion that it becomes easier to re-use software that uses 
semver - you get some info from the version number and people that takes 
the time to do proper semver knows about software maintenance, which 
speaks volumes for their code.


On 24/4/12 21:43 , Heinz N. Gies wrote:
> Hi I've noticed that a lot of libraires depend on bleeding edge data I kind of find that disturbing it makes maintaining a stable environment close to impossible since one never knows
> what I mean are lines like this:
> {alog, ".*", {git, "https://github.com/siberian-fast-food/alogger.git", {branch, "master"}}}
> now if the alogger people push a breaking change your application breaks when depending on it, even worst if you don't even use alogger yourself but a library you use uses it a change in alogger would break your application without you having direct influence on it :(.
> So what I'd love to ask people who maintain libraries is use dependencies that have a fixed version and tag your own versions so people can do the same when using your stuff - please?
> Regards,
> Heinz
> PS: I just choose alogger as an example since it was the first I found - I love the thing :)
> --
> Heinz N. Gies
> http://licenser.net
> _______________________________________________
> erlang-questions mailing list
> http://erlang.org/mailman/listinfo/erlang-questions


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20120425/56c34da0/attachment.html>

More information about the erlang-questions mailing list