Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump version to 2.4.0 #117

Merged
merged 1 commit into from
Jun 19, 2023
Merged

Bump version to 2.4.0 #117

merged 1 commit into from
Jun 19, 2023

Conversation

ragalie
Copy link
Contributor

@ragalie ragalie commented Jun 16, 2023

Following the pattern from the last bump: #107

I think a minor version bump is most appropriate in this case.

The relevant PR is this one: #116

I contextualize the change as a new, backwards-compatible feature that allows the scopes returned with the token to be different than those requested. Since this relaxes a restriction, it will not break OAuth flows that are currently succeeding (and will only allow additional configurations to succeed).

There are cases where a behavioural change such as this could be construed as a breaking change, i.e. if users were relying on a validation to enforce an important security requirement.

In this case, we've determined that there's no legitimate business or security reason for Shopify apps to enforce this check. Thus, we do not need to concern ourselves with the behavioural change when considering semver.

@ragalie ragalie self-assigned this Jun 16, 2023
@ragalie ragalie merged commit 8c3a96f into master Jun 19, 2023
@ragalie ragalie deleted the bump-version branch June 19, 2023 13:27
@shopify-shipit shopify-shipit bot temporarily deployed to rubygems June 19, 2023 13:29 Inactive
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants