Use release/latest fields of [mavenmetadata] instead of last version in the versions, add according query parameter #6594
Conversation
|
calebcartwright
changed the title
calebcartwright
added
the
service-badge
calebcartwright
changed the title
|
hi @CommanderTvis 👋 thanks for the PR! I've updated your PR title to follow our required conventions so that the tests will be run, and as you'll notice there are failures. I have a few asks of you:
|
|
Also cc @PyvesB for Java expertise given the Maven touch point |
…n the versions, add according query parameter
|
@calebcartwright I've updated the description |
Thanks, though that still doesn't really answer my question. This is a badge that has been around and in use for a long time, so I'd ask for more information, examples, details about why you think it's invalid vs. just labeling it as such. |
The metadata looks like this: <metadata>
<groupId>space.kscience</groupId>
<artifactId>kmath-core</artifactId>
<versioning>
<latest>0.3.0-dev-12</latest>
<release>0.3.0-dev-12</release>
<versions>
<version>0.3.0-dev-12</version>
<version>0.3.0-dev-10</version>
<version>0.3.0-dev-8</version>
<version>0.3.0-dev-3</version>
<version>0.3.0-dev-2</version>
<version>0.2.1</version>
<version>0.2.0</version>
</versions>
<lastUpdated>20210522171951</lastUpdated>
</versioning>
</metadata>The correct latest version is |
|
The specification of Maven metadata says nothing about the order of |
|
Thanks @CommanderTvis! That's exactly what I was looking for. This looks like another case of #6188 in that JetBrains, like Gradle, aren't sorting the versions like Maven Central. It seems a given that something needs to change, as the status quo seems to be more and more of a "Maven Metadata but really just for Maven Central", but I'm unsure of the potential impact on any existing badge usage (e.g. could this change result in a different/unexpected version value in the badge message for cases using different/older maven versions, different providers/hosts, etc.) |
For libraries published with Maven, nothing will change. |
My point is that while the odds of impact may be minuscule, I don't think it's possible to claim there's a 0% risk of impacting existing badges because this badge can be used with any arbitrary xml file We take backwards compatibility with our badges seriously, and that includes not breaking badge routes and trying to avoid server-side changes causing existing badges to display differently (different colors, different textual values, etc.). Sometimes such changes are unavoidable, but when they are (or could be) we do need to think through potential impacts and try to communicate the pending changes as proactively as possible. It's pretty clear that different registries will handle the same maven information differently/contain different file contents for the same package, so I definitely think it's worth taking a moment to see if anyone (maintainer or community) is aware of any potential issues or impacts. In the interim, please note that you can alternatively use our existing DynamicXML badge today to go ahead and get a working badge, e.g. |
Oh, that's a nice workaround. Thank you. Personally, I don't need it then. |
|
Whilst I'm on board with the backwards compatibility considerations, in this case one could argue that taking the last item in a list of versions with no defined order is a bug. In an ideal world, I would want us to collate all the requests for this badge for a day or so, and write a little script that compares the versions results of both approaches. We could then measure the impact and see if it would lead to unintended results in some cases. However, we don't store the requests made to Shields.io, if we wanted to do this we would have to use a much smaller time frame and tail the servers logs in real time. |
Thanks @PyvesB. I was curious whether there would be any well known cases where the Took a bit of digging but looks like it was added in #853 not too terribly long ago (Paul ended up grabbing the commits on another PR to help the author get it across the finish line, but #853 was the initial implementation). Based on the dialog/details, or lack thereof, I assume this was indeed more likely to be an oversight vs. a deliberate need to avoid |
There was a problem hiding this comment.
Thanks again for this! The gist of the change looks good, though will need to tweak a few things to be more consistent with how Shields handles version badges.
Details left inline, one of the other version badges (e.g. clojars) may be a helpful reference as well
| @@ -7,14 +7,14 @@ const { BaseXmlService } = require('..') | |||
|
|
|||
| const queryParamSchema = Joi.object({ | |||
| metadataUrl: optionalUrl.required(), | |||
| latestOrRelease: Joi.string().valid('release', 'latest').optional(), | |||
There was a problem hiding this comment.
One of the many areas we strive for consistency within Shields (beyond the svg's themselves) are things like the badge route patterns and query parameter names for common functions.
For the latest vs. release function we use a query param name of include_prereleases, and the presence of the param providing the implicit boolean value.
| latest: Joi.string().required(), | ||
| release: Joi.string().required(), |
There was a problem hiding this comment.
Are we positive both of these elements will always be there? What does the xml look like for a package that has no releases/only snapshots? Based on the example you shared it seems like it the release element will still be present, just with the same value as latest. Is that correct?
| @@ -52,10 +53,19 @@ module.exports = class MavenMetadata extends BaseXmlService { | |||
| }) | |||
| } | |||
|
|
|||
| async handle(_namedParams, { metadataUrl }) { | |||
| async handle(_namedParams, { metadataUrl, latestOrRelease }) { | |||
There was a problem hiding this comment.
this would need to be changed accordingly (with rename in destructuring to satiate the linters):
| async handle(_namedParams, { metadataUrl, latestOrRelease }) { | |
| async handle(_namedParams, { metadataUrl, include_prereleases: includePrereleases }) { |
| let v | ||
| if ( | ||
| latestOrRelease === 'latest' || | ||
| typeof latestOrRelease === 'undefined' | ||
| ) { | ||
| v = data.metadata.versioning.latest | ||
| } else if (latestOrRelease === 'release') { | ||
| v = data.metadata.versioning.release | ||
| } | ||
| return renderVersionBadge({ | ||
| version: data.metadata.versioning.versions.version.slice(-1)[0], | ||
| version: v, | ||
| }) |
There was a problem hiding this comment.
Just FYI, a fairly common pattern in our service classes is to utilize another function transform that handles the concern of extracting the target elements from the raw response, and if necessary mapping or transforming that. That's not necessary here due to the simplicity, but sharing for future awareness as it's easier to test and often a bit cleaner too.
We also default our version badges to showing the latest stable/release version (release here), with the include_prereleases query param available for users that want to display the absolute latest regardless of stable/release vs. prerelease. However, even in the default case if there are no "release" versions, we will still automatically fallback to a prerelease-type version vs. throwing an error.
If both the latest and release elements are always present and already reflecting that pattern, then we should be fine with a simple conditional. However, if release is sometimes absent then we'd need to account for that fallback pattern too
|
Closed the PR because I'm satisfied with the Dynamic XML workaround. |
The problem is that it is invalid to just take the last field from Maven metadata.
This PR solves it by taking
latestfield by default andreleasefield if the new query parameter is specified so.resolves #6188