Please tag a new release after #49 #50
Comments
|
Hey @jba, is apidiff ready for use? |
|
It runs, and it works. But it's not stable and may never be in its currrent form—it will probably get rolled into So definitely suitable to run manually as part of an informal or occasional process, but I wouldn't bake it into my CI just yet. |
|
In the meantime, would you be willing to tag a minor version on something at or after #49? If your tool is somewhere accessible, I'd be willing to have a Go [sic] at checking its results. |
|
@creachadair, could you try it? https://godoc.org/golang.org/x/exp/cmd/apidiff |
|
Sure! It looks pretty safe to me. Here's a typescript of what I did (after building the tool): While strictly the addition of the options to the type signature is a breaking change, in practice it should be safe because no pre-existing call site will have any options there. Of course if someone passed the function as an argument, it could still break, but I expect that to be rare. |
|
If you would like to avoid any breaking changes, I would be game to rework the interface to add |
|
That'd be the responsible thing, except that would probably break even more people who are already using Unmarshal with options in the ~year since 8aa0426. We could do a v2 I guess. But that might warrant other cleanups. And it means changing import paths on everybody. Thoughts? |
Given that there is only one option defined by the package (viz.,
I'm sympathetic to the desire to avoid breaking changes. Ordinarily I'd say anybody pinned to a random hash at head kind of takes their chances—but historically that was what It's kind of a pity one can't ship a |
|
Re: Cutting a v2. This seems to me like a reasonable path forward, given the API change (even though I suspect the impact would be minimal). You mentioned "other cleanups", do you have anything specific in mind? |
|
I hadn't even looked, but a v2 seems like a good time to do cleanups. |
That certainly makes sense, but what I'm looking for here is a way to make progress toward having a tagged release newer than March 2017, and it's not my project. I'm happy to help make it better along the way, but would prefer not to wind up owning it. |
|
Another datum: The Go wiki recommends incrementing the major version when switching to modules as as a "best practice", even if there are no other changes (since, as @bcmills points out, a change to the import path is also a change to the API). Since the API is already changed from the last tag, our options seem to be to (a) leave things as they are now (viz., a bitrotten v1.0.0 from two years ago), (b) get the new version out there with the existing API changes, or (c) identify some specific goals for cleanup. I suppose there are also options (d) remove the unmaintained dependency and work around it; or (e) fork it and maintain it myself. I'd rather help move this one along than do either of those, but I'd prefer (d) to (a). |
Note that that advice applies only to modules already at major version 2 or higher, since those versions will likely switch from lacking a semantic-version path suffix to having one. Adding a |
Right, agreed: but in this case we already have a breaking API change that just hasn't been tagged yet. |
|
In that case, it seems like the damage is already done: there are likely consumers of the package — without a If you're going to break the post- |
Adding a v2 should not break any existing consumer, as each dependent can choose whether to update to the new major version in their own time. My suggestion is to leave the existing v1 code as-is. I initially proposed a |
|
Is anything likely to change w/ this issue? I imagine a lot of people hit this problem where a very old ghodss/yaml version is picked up by |
I'm still willing to contribute to cleanup in support of tagging a v2. I also think it would be fine to tag it as v2 as it stands, and I believe that would be preferable to the current status. However, as you can see from the thread above, there does not appear to be much interest from the owners of the package. That leaves, as far as I can tell, three options: (1) Stop using it, (2) Fork it, or (3) Live with it. So far I have been doing (3), but I think (2) might be easier than (1) given the APi differences from https://godoc.org/gopkg.in/yaml.v2. One way or another I would like to break dependencies on packages that are not being maintained. |
|
For what it's worth, there are quite some massive projects that tie their ghodss/yaml dependency to revision c7ce166, e.g.:
I wonder if it makes sense to tag c7ce166 as 1.1.0? |
|
I wouldn't object to that, but I believe c7ce166 already subsumes the addition of the options to the |
|
@creachadair thanks a lot for your reply. Indeed, there is a little chance the change is in fact breaking. A few hours after I posted my question, I discovered that k8s sig folks forked the library and tagged it around the aforementioned commit (including the breaking changes to Unmarshal) as 1.1.0 (https://github.com/kubernetes-sigs/yaml/tree/v1.1.0). Not sure I'm making any real point by bringing this fact up, but some projects started migrating to sigs.k8s.io/yaml, e.g.: https://github.com/containerd/containerd/blob/master/vendor.conf#L77 |
That's a useful data point, thanks. If the Kubernetes folks are on-board to keep maintaining that package as a reusable module, I might look into switching kythe.io to use their fork instead. |
* chore(build): switch to a maintained YAML package From discussion on ghodss/yaml#50 it has become apparent that the github.com/ghodss/yaml package is no longer being maintained. The Kubernetes SIG community maintains a clean fork sigs.k8s.io/yaml that is compatible with Go modules and includes bug fixes and performance improvements since the last release of its ancestor. The fork is being used successfully by several large projects within the k8s ecosystem. This commit switches our dependency to the SIG fork, updates the relevant BUILD files, and updates the go.mod and go.sum files. It makes no functional changes. * Set an explicit remote for fetches from sigs.k8s.io. Although go get works for this import path, the repository fetch in Bazel appears to fail in CI. It works locally, but I think specifying the "real" target repo should help. * Fix the shimmed attribute name.
This commit is a followup on a conversation in ghodss/yaml#50. In essence, the change is about switching to the community-supported clone of yaml library. This change is quite wanted as it moves Shipper forward to no dependency on the aforementioned non-supported library. At present, there are quite some dependencies left which are mainly required by outdated versions of supporting libraries shipper uses. Once all the referred projects transition to the newer version of the library, Shipper can finalize the upgrade. Signed-off-by: Oleg Sidorov <oleg.sidorov@booking.com>
This commit is a followup on a conversation in ghodss/yaml#50. In essence, the change is about switching to the community-supported clone of yaml library. This change is quite wanted as it moves Shipper forward to no dependency on the aforementioned non-supported library. At present, there are quite some dependencies left which are mainly required by outdated versions of supporting libraries shipper uses. Once all the referred projects transition to the newer version of the library, Shipper can finalize the upgrade. Signed-off-by: Oleg Sidorov <oleg.sidorov@booking.com>
This commit is a followup on a conversation in ghodss/yaml#50. In essence, the change is about switching to the community-supported clone of yaml library. This change is quite wanted as it moves Shipper forward to no dependency on the aforementioned non-supported library. At present, there are quite some dependencies left which are mainly required by outdated versions of supporting libraries shipper uses. Once all the referred projects transition to the newer version of the library, Shipper can finalize the upgrade. Signed-off-by: Oleg Sidorov <oleg.sidorov@booking.com>
This commit is a followup on a conversation in ghodss/yaml#50. In essence, the change is about switching to the community-supported clone of yaml library. This change is quite wanted as it moves Shipper forward to no dependency on the aforementioned non-supported library. At present, there are quite some dependencies left which are mainly required by outdated versions of supporting libraries shipper uses. Once all the referred projects transition to the newer version of the library, Shipper can finalize the upgrade. Signed-off-by: Oleg Sidorov <oleg.sidorov@booking.com>
* Replaced ghodss/yaml with community-supported sigs.k8s.io/yaml This commit is a followup on a conversation in ghodss/yaml#50. In essence, the change is about switching to the community-supported clone of yaml library. This change is quite wanted as it moves Shipper forward to no dependency on the aforementioned non-supported library. At present, there are quite some dependencies left which are mainly required by outdated versions of supporting libraries shipper uses. Once all the referred projects transition to the newer version of the library, Shipper can finalize the upgrade. Signed-off-by: Oleg Sidorov <oleg.sidorov@booking.com> * Replace gopkg.in/yaml.v2 with sigs.k8s.io/yaml Let's try to depend on the same yaml library across the codebase, so we're not surprised by the difference in functionality. For instance, recent changes to shipperctl (9514014) didn't work because we assumed yaml.v2 would read `json` annotations the same way `sigs.k8s.io/yaml` does, which is not the case. So `yaml.Unmarshall` wouldn't properly deserialize into shipper.ClusterSpec structs because it wouldn't read the annotations present there.
added github-actions CI
#49 adds basic support for Go modules, but the latest current release tag (
v1.0.0) is dated March 2017. Could you please find a suitable point at or after #49 to add a newer tag? (I thinkv1.1.0is a reasonable choice, since there don't seem to be any API changes, but I didn't check exhaustively).The text was updated successfully, but these errors were encountered: