semver hazards: use ^ instead of >= #36
Conversation
Cargo.toml
Outdated
| @@ -26,16 +26,16 @@ rustix = ["dep:rustix"] | |||
|
|
|||
| [dependencies] | |||
| dyn-clone = "1.0.11" | |||
| image = { version = ">=0.24", default-features = false, features = ["jpeg"] } | |||
| image = { version = "^0", default-features = false, features = ["jpeg"] } | |||
There was a problem hiding this comment.
^0 is almost certainly not correct, 0.24.0 to 0.25.0 is a breaking change under Cargo semver requirements. Generally it's best to just specify full version numbers (setting the known compatible minimum patch version), relying on the default interpretation of ^.
This is just not something that cargo supports in general. If you want the same version as dependents you need to reëxport the crate and have dependents use that reëxport instead of depending on the crate directly. The only way to use the same version between siblings (given dependencies that allow for multiple semver incompatible version ranges) is for each application developer to manually downgrade/upgrade selected versions till they're all the same e.g. For maintained crates it's far easier to just push the ecosystem forward by updating to new breaking versions of public dependencies ASAP, if everyone is running the latest version then everything works together cleanly. Trying to maintain multiple-breaking-version compatibility can be wasted effort. |
benjajaja
force-pushed
the
semver_deps_caret
branch
2 times, most recently
from
7c40e81 to
c07f0aa
Compare
Closes #35 - more details in that issue. In general this should make ratatui-image be more flexible to pick the same version as dependant or sibling dependencies.
benjajaja
force-pushed
the
semver_deps_caret
branch
from
c07f0aa to
6e7aa6d
Compare
|
@Nemo157 could you check this now? I changed to I tested this with iamb which you're familiar with, and this only required minor adjustments due having a mismatched version of |
|
@joshka sorry to ping you like this, but I think you know a lot about how projects use / should use ratatui, could you perhaps check in on this? |
|
No problem. Happy to look. https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html#caret-requirements
For working this out, I'd start with listing out the types that appear in your public API. Anything not in your public API will not cause problems unless there's internal state of that library that you expect to work (e.g. Crossterm stores the state to exit raw mode in a static variable). So for the things not in your public API choose the version that earliest version that contains the code that matters to your usage in the latest minor version. The version that you pick here will impact any dependents that use the same semver compatible version as your crate, but that's generally the dependent's problem not yours, so I'd generally just use and test with the the latest and let dependabot do its thing to keep that up to date. For things in your public API, you really can only depend on a single semver version. Building your library will pick the highest matching semver compatible version that you specify even if there are other crates that are being built which specify lower versions. This is what makes the Ratatui is in the public API of most widget crates because the widget trait needs to be the same semver compatible version. If you need to make this crate work with the earlier versions, then it's common to use feature flags to bring in specific versions. E.g. you might have a ratatui-26 flag that includes ratatui 0.26 and so on. This is probably not worth it though. Instead I'd suggest for now just support the latest versions of Ratatui 0.28.1 and crossterm 0.28.1, termion 4.0, and setting up dependabot to create PRs when the crates update. If you bump your major version whenever bumping ratatui versions then your users don't get automatically updated. In the next couple of months (ratatui 0.30 timeline), we're aiming to modularize ratatui so that you can instead rely on a slower changing ratatui-core crate, which won't get bumped anytime there's semver breaking changes in widgets, only in the core types. This should mainly solve the problem of tracking ratatui versions in lower effort way. |
Closes #35 - more details in that issue.
In general this should make ratatui-image be more flexible to pick the same version as dependant or sibling dependencies.