From 380faf9dd7b901f04afa436fdaf6776ffee9355b Mon Sep 17 00:00:00 2001 From: Steve Calvert Date: Tue, 26 Oct 2021 14:31:27 -0700 Subject: [PATCH 1/2] docs: Adding versioning policy --- VERSIONING_POLICY.md | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 VERSIONING_POLICY.md diff --git a/VERSIONING_POLICY.md b/VERSIONING_POLICY.md new file mode 100644 index 000000000..cd4151478 --- /dev/null +++ b/VERSIONING_POLICY.md @@ -0,0 +1,27 @@ +# Semantic Versioning Policy + +Checkup follows the [Semantic Versioning](http://semver.org/) specification. However, due to the nature of Checkup as a code quality tool, it's not always clear when a minor or major version bump occurs. To help clarify this, we have a [Semantic Versioning Policy](VERSIONING_POLICY.md) that describes the rules for version bumps. + +- Patch release (intended to not break your Checkup build) + - A bug fix that may reduce the results reported by Checkup + - Changes to the SARIF log output format + - A bug fix to the CLI or core + - Improvements to documentation + - Non-user-facing changes such as refactoring code, adding, deleting, or modifying tests, and increasing test coverage + - Re-releasing after a failed release (i.e., publishing a release that doesn't work for anyone) +- Minor release (may break your Checkup build) + - A bug fix that may increase the results reported by Checkup + - Changes to the SARIF log output format + - The public API is changed in a compatible way +- Major release (likely to break your Checkup build) + - A new CLI capability is created + - New capabilities to the public API are added (new classes, new methods, new arguments to existing methods, etc.) + - Part of the public API is removed or changed in an incompatible way. The public API includes: + - Configuration schema + - Command-line options + - Node.js API + - Task, formatter, analyzer, plugin APIs + +## Special Note about SARIF + +Checkup natively uses the [SARIF specification](https://docs.oasis-open.org/sarif/sarif/v2.0/sarif-v2.0.html) for its output format. While the SARIF format uses both semantic and non-semantic properties, Checkup makes no guarantees about the semantic properties of the SARIF log, or whether they'll be preserved in future releases. Therefore, Checkup does not guarantee that the SARIF log will be compatible with future releases of Checkup - it only guarantees that valid SARIF logs will be produced. From ce257e115d85b9d0036f444c60dfae63fab7d143 Mon Sep 17 00:00:00 2001 From: Steve Calvert Date: Tue, 26 Oct 2021 15:02:46 -0700 Subject: [PATCH 2/2] Updating formatting --- VERSIONING_POLICY.md | 43 ++++++++++++++++++++++++------------------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/VERSIONING_POLICY.md b/VERSIONING_POLICY.md index cd4151478..e04f25193 100644 --- a/VERSIONING_POLICY.md +++ b/VERSIONING_POLICY.md @@ -2,25 +2,30 @@ Checkup follows the [Semantic Versioning](http://semver.org/) specification. However, due to the nature of Checkup as a code quality tool, it's not always clear when a minor or major version bump occurs. To help clarify this, we have a [Semantic Versioning Policy](VERSIONING_POLICY.md) that describes the rules for version bumps. -- Patch release (intended to not break your Checkup build) - - A bug fix that may reduce the results reported by Checkup - - Changes to the SARIF log output format - - A bug fix to the CLI or core - - Improvements to documentation - - Non-user-facing changes such as refactoring code, adding, deleting, or modifying tests, and increasing test coverage - - Re-releasing after a failed release (i.e., publishing a release that doesn't work for anyone) -- Minor release (may break your Checkup build) - - A bug fix that may increase the results reported by Checkup - - Changes to the SARIF log output format - - The public API is changed in a compatible way -- Major release (likely to break your Checkup build) - - A new CLI capability is created - - New capabilities to the public API are added (new classes, new methods, new arguments to existing methods, etc.) - - Part of the public API is removed or changed in an incompatible way. The public API includes: - - Configuration schema - - Command-line options - - Node.js API - - Task, formatter, analyzer, plugin APIs +## Patch release (intended to not break your Checkup build) + +- A bug fix that may reduce the results reported by Checkup. +- Changes to the SARIF log output format. +- A bug fix to the CLI or core. +- Improvements to documentation. +- Non-user-facing changes such as refactoring code, adding, deleting, or modifying tests, and increasing test coverage. +- Re-releasing after a failed release (i.e., publishing a release that doesn't work for anyone). + +## Minor release (may break your Checkup build) + +- A bug fix that may increase the results reported by Checkup. +- Changes to the SARIF log output format. +- The public API is changed in a compatible way. + +## Major release (likely to break your Checkup build) + +- A new CLI capability is created. +- New capabilities to the public API are added (new classes, new methods, new arguments to existing methods, etc.). +- Part of the public API is removed or changed in an incompatible way. The public API includes: + - Configuration schema + - Command-line options + - Node.js API + - Task, formatter, analyzer, plugin APIs ## Special Note about SARIF