[rust-dev] Deprecating rustpkg

Sean McArthur sean at seanmonstar.com
Fri Jan 31 13:11:50 PST 2014


On Fri, Jan 31, 2014 at 1:05 PM, Tony Arcieri <bascule at gmail.com> wrote:

> IMO, a system that respects semantic versioning, allows you to constrain
> the dependency to a particular *major* version without requiring pinning
> to a *specific* version.
>
> I would call anything that requires pinning to a specific version an
> antipattern. Among other things, pinning to specific versions precludes
> software updates which may be security-critical.
>
>
It's perfectly reasonable to require a certain *minor* version, since minor
versions (in semver) can include API additions that you may depend on.

Also, nodejs and npm supposedly support semver, but it's impossible to
enforce library authors actually do this, so you'll get libraries with
breaking changes going from 1.1.2 to 1.1.3 because reasons.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/rust-dev/attachments/20140131/f15cae40/attachment.html>


More information about the Rust-dev mailing list