New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SemVer 2.0.0 support #2422
Comments
Yeah it has been reported recently and should indeed be fixed, if you would like to help there is more info on the issue I linked above. the VersionParser class should be updated to just ignore them I think according to the spec. |
the comparison of pre-release versions should also be checked to verify it adheres to semver. I'm not sure it is the case currently |
@RobertKosten did you just delete your last comment or is github acting weird? I can't see it here. But anyway yes |
Github acting weird, but y browser cache is my friend ;-) Yup, build numbers are to be ignored (a shame, if you ask me, but that's the spec and it's even a "MUST NOT"), the other interesting change is the removal of the optional "v" prefix, which quite a few people use in their tags, so I would suggest simply ignoring it. I'll have a look at the pre-release precedence bug mentioned next week and try to fix it. A couple months ago I had actually started to develop a stand-alone semver parser for 1.0.0 and 2.0.0 (yeah, I'm the kind of person who enjoys reading RFCs lying at the beach), if you're interested I could revive that small project sometime mid-December and provide a patch once it's stable. That way it'd become one less worry for composer. |
It's not exactly a complicated spec, so blatantly violating it is pretty hard ;-) I'll have a look at the current VersionParser next week (Renovating new apartment this week, so really no time to do it earlier) and see whether I can bring it up to 2.0.0, without breaking BC of course. |
Ok cool. No rush on my end. The build thing should be easy enough, I didn't |
Looking at the VersionParser there may be a problem with pre-release versions: The spec allows pretty arbitrary strings and the code looks like it's limited to a set ("alpha", "beta", etc.), I'll have to verify. Another thing may be stability. According to the spec both major version 0.x.z and all pre-release versions re to be considered unstable... I'll go through things thoroughly and will include explanations and unit test with all changes so you can see whether you want them :-) |
yeah, for the build thing, it is probably just a matter of tweaking a bit the normalization in it. It does not affect other parts. For the pre-release stuff, I think Composer: this is because Semver explodes the pre-release version only on dots and then compare segment by segment, considering that a segment which is not numeric should be match alphabetically (hence |
@RobertKosten indeed, composer does not consider 0.x as unstable (pre-release version are considered as unstable already). |
I agree that 0.x.z should probably still be considered stable, as the stability concepts used by composer and semver are slightly different, though maybe a new level "strict" could be added for spec-nuts like me... for the pre-release precedence I'd want to argue for getting closer to the spec, even if it does change behaviour, as the current behaviour feels more arbitrary to me. |
While working on #2489 I noticed that in my build OPcache gives version "7.0.2FE", which currently get normalised to "0" due to the strict pre-release version checking done by composer. I was going to add arbitrary suffix support, but due to the normalisation composer does, this is a bit tricky. Do you have any guidance on the suggested approach? I can probably knock up a PR (either separately or as part of #2489) My current suggestion would be:
I think it's unlikely that a project would mix unrecognised suffixes with standard ones in a way that would break against this approach. |
@glenjamin I'm not sure what your suggestion would exactly entail in terms of code and matching performance (this is kinda important). I think though that it's worth reporting this as a bug on opcache because it'd be great if the php core stuff would stop using random garbage as versions. |
@Seldaek I think performance should not be adversely affected, but I'd have to test it out. It could be handled by keeping the fixed list of normalised strings in the regex, but also including "|[0-9a-z-]" on the end. Semver 1.0 and 2.0 both specify that the "pre-release" version MAY be denoted by a dot separated list of arbitrary strings, so it seems restrictive to me for composer to not allow this.
|
Any updates here? Semver 2.0 allows versions like |
+1 this affects us - we have a feature browscap/browscap#27 we'd like to implement which depends on build metadata in the version, e.g. |
Such notation |
This is actually called "precedence" and is part of SemVer 2.0.0, but a Precedence should typically be just a number, rather than a date. Examples 1.0.0-stable.1 Note the format allows both: major.minor.patch-stability.precedence+metadata Metadata should be ignored when comparing versions (i.e. determining
|
In my particular case the "date" |
Yeah... That's not SemVer ;) at a push you could claim the "date" was a
|
Any chance we'll see support for SemVer 2.0.0, especially build numbers soon?
The text was updated successfully, but these errors were encountered: