[erlang-questions] A plead to use tags (or equivalent in your SCM system)

Torben Hoffmann <>
Wed Apr 25 11:30:34 CEST 2012


Hi!

I might be a bit paranoid, but after loosing half a day due to an 
"update" to a dependency given with {branch, "master"} I have resorted 
to the following approach: I fork all the dependencies so that I am in 
control if I cannot get a proper tag from the dependency itself.

This means that:

 1. I control when to take in new stuff.
 2. I can add my own tags to ease upgrades.
 3. If the author removes his repo I still have access to the source.

The main problem is that version numbering is not so popular these days 
- what's the point when you have a sha?
Well, it harder to say intelligent things about the magnitude of a 
change from looking at the sha compared to a version number that follows 
semantic versioning (semver.org).

With semantic versioning you know that a change to the major number will 
- at the very least - require serious investigation before you can be 
sure that your code with work with the updated dependency. And so on.

It is actually easy to do semver with git - just tag your code.
But easy is not enough to get people to do this. Unfortunately.

I am of the opinion that it becomes easier to re-use software that uses 
semver - you get some info from the version number and people that takes 
the time to do proper semver knows about software maintenance, which 
speaks volumes for their code.

Cheers,
Torben

On 24/4/12 21:43 , Heinz N. Gies wrote:
> Hi I've noticed that a lot of libraires depend on bleeding edge data I kind of find that disturbing it makes maintaining a stable environment close to impossible since one never knows
>
>
> what I mean are lines like this:
>
> {alog, ".*", {git, "https://github.com/siberian-fast-food/alogger.git", {branch, "master"}}}
>
> now if the alogger people push a breaking change your application breaks when depending on it, even worst if you don't even use alogger yourself but a library you use uses it a change in alogger would break your application without you having direct influence on it :(.
>
> So what I'd love to ask people who maintain libraries is use dependencies that have a fixed version and tag your own versions so people can do the same when using your stuff - please?
>
> Regards,
> Heinz
>
> PS: I just choose alogger as an example since it was the first I found - I love the thing :)
>
> --
> Heinz N. Gies
> 
> http://licenser.net
>
> _______________________________________________
> erlang-questions mailing list
> 
> http://erlang.org/mailman/listinfo/erlang-questions

-- 
http://www.linkedin.com/in/torbenhoffmann

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20120425/56c34da0/attachment.html>


More information about the erlang-questions mailing list