At this point, I think the community is generally agreed to use some sort of version numbers?
For years I was silently hoping that someone brighter than I would come up with a better solution that focused on the code and APIs rather than using the crude proxy that versions are. Static analysis, Sourcegraph-style smarts for API comparisons, time-based release cycles, gradual refactoring and deprecation mechanisms, rainbows and fluffy bunnies.
But it would seem versions are here to stay.I still have a lot of questions -- even at the most basic level. So this post isn't about specifying constraints, just specifying the version of things in the first place.What is the thing that is versioned and where is that version of that thing indicated?
Right now I have a few libraries. Each library has its own repository but may contain several packages. I use git tags with v-prefixed SemVer and GitHub's Releases for release notes. It seems altogether too tedious and unnecessary to version individual packages -- these things are a unit. Or are they?
If and when code is vendored, those tags are no longer visible. What version was it? Having a version in a manifest file that is copied somewhere below that vendor/ folder works better.
Maybe tags are at the discretion of the library author and not required? Maybe both are required?
Git tags aren't usable in a monorepo situation. Not just in a corporate setting -- today there are those situations where there is a really useful package buried deep under the docker/docker repo.So does there need to be a 1:1 relation between repos and libraries or is library a separate concept from repository or package?
A repository may contain zero or more libraries and zero or more applications (cmds), and a library may contain one or more packages. This could be a simple matter of where the manifest file is rooted, defining a library out of packages below.
If a manifest declares dependencies for a library or application, what is the use of the application's meta data (description, version #)? Does it become an alternative to -ldflags="-X ..."?
I think I like where this is going. Transplanting libraries from other repos into your vendor/ folder including their manifests. Checkin that manifest and it contains the version # and other metadata in your repo -- alongside the source code.
Nathan.
At this point, I think the community is generally agreed to use some sort of version numbers?
For years I was silently hoping that someone brighter than I would come up with a better solution that focused on the code and APIs rather than using the crude proxy that versions are. Static analysis, Sourcegraph-style smarts for API comparisons, time-based release cycles, gradual refactoring and deprecation mechanisms, rainbows and fluffy bunnies.
But it would seem versions are here to stay.I still have a lot of questions -- even at the most basic level. So this post isn't about specifying constraints, just specifying the version of things in the first place.What is the thing that is versioned and where is that version of that thing indicated?
Right now I have a few libraries. Each library has its own repository but may contain several packages. I use git tags with v-prefixed SemVer and GitHub's Releases for release notes. It seems altogether too tedious and unnecessary to version individual packages -- these things are a unit. Or are they?
If and when code is vendored, those tags are no longer visible. What version was it? Having a version in a manifest file that is copied somewhere below that vendor/ folder works better. Maybe tags are at the discretion of the library author and not required? Maybe both are required?
Git tags aren't usable in a monorepo situation. Not just in a corporate setting -- today there are those situations where there is a really useful package buried deep under the docker/docker repo.
So does there need to be a 1:1 relation between repos and libraries or is library a separate concept from repository or package? A repository may contain zero or more libraries and zero or more applications (cmds), and a library may contain one or more packages. This could be a simple matter of where the manifest file is rooted, defining a library out of packages below.
If a manifest declares dependencies for a library or application, what is the use of the application's meta data (description, version #)? Does it become an alternative to -ldflags="-X ..."?I think I like where this is going. Transplanting libraries from other repos into your vendor/ folder including their manifests. Checkin that manifest and it contains the version # and other metadata in your repo -- alongside the source code.
Nathan.
Matt Butcher, who started Glide, leads the development of Kubernetes/helm. This imports Kubernetes and we've been trying to build something that makes that work as well as it can.
> What is the thing that is versioned ...
My first reaction is per package. I understand that there are some advantages to per repo, but I think that there are also some disadvantages. What if the same package is used in repos for multiple projects? Or, if I want to review the changes between versions of a single package?
> ... and where is that version of that thing indicated?
> I don't think there are any serious proposals for anything other
> than relying on versions derived from the underlying VCS.
A VCS comment is the authoritative source for the version number of code sitting outside of it? There's no way to see the version by looking at code I'm editing? This seems like a priority inversion to me. Should the VCS be issuing the version number or just recording it?
How about including a VERSION const string in the code. This way the version number and the code are less likely to get out of sync. Tools can find it easily. Perhaps it avoids the mondorepo problem? And it can be checked/used by runtime code.
John
John Souvestre - New Orleans LA
> email to go-package-management+unsub...@googlegroups.com.
Hi Sam.
Ø Putting a VERSION number in the code itself means that you've stuck temporal information inside the spatial dimension.
I’m not sure I understand your point. The VERSION number is no more temporal than the code itself. They both change at the same time.
Ø That is, is that VERSION applicable only to the first commit in which it appears? The last? All of them?
All commits for which the code is unchanged.
Ø Who's making that decision?
The programmer making the changes to the code. However, a tool could ensure that when it detects code changes that the VERSION is also changed.
Ø Having that information directly in the code itself can be very useful in a paradigm where version control isn't involved, or if a central registry can do work on it. For now, though, our domain is mostly circumscribed by version control, which means such information is basically a poor man's branch.
Yes. It also means your PM is less dependent on what PM the author of an import used, since the version number is self-contained.
Does doing it this way interfere with the version control method? I was expecting that a PM getting the version number this way would use that info as it does now, including for VCS tags.
John
John Souvestre - New Orleans LA
This repository holds supplementary Go networking libraries.
- https://github.com/golang/net
The challenge is now that the Go language knows only dependencies between Go packages, but we have to handle them on repo level. While dependencies cannot be cyclic between Go packages, they might be between repos. Repo 1 might have package A dependent on B in repo 2 and package D of repo 2 dependent on C in repo 1 at the same time. That might be outlawed, but in the go-get model it is absolutely possible.
Thanks. I'm still not quite sure I understand everything though.What is the meaning of repo here? A synonym of project? Or something that exists in a different $GOPATH?
What do you mean by version? API-breaking? If the packages are stored in a different location, they will be considered different anyway at the language level, nowadays. API-breaking or not.
On Wednesday, August 10, 2016 at 3:28:44 PM UTC+2, Matt Farina wrote:
On Saturday, August 6, 2016 at 3:51:44 AM UTC-4, atd...@gmail.com wrote:
On Saturday, August 6, 2016 at 12:05:50 AM UTC+2, Ulrich Kunitz wrote:The challenge is now that the Go language knows only dependencies between Go packages, but we have to handle them on repo level. While dependencies cannot be cyclic between Go packages, they might be between repos. Repo 1 might have package A dependent on B in repo 2 and package D of repo 2 dependent on C in repo 1 at the same time. That might be outlawed, but in the go-get model it is absolutely possible.What is the issue with that?As long as the needed versions of repo1 and repo2 work for each others supported version ranges this works. Layering in versions only causes a problem when repo1 needs a version of repo2 that doesn't support the version of repo1. In practice this would break today due to API differences anyway.
--
On Wed, Aug 10, 2016 at 8:48 AM <atd...@gmail.com> wrote:Thanks. I'm still not quite sure I understand everything though.What is the meaning of repo here? A synonym of project? Or something that exists in a different $GOPATH?github.com/foo/bar is the repo. It's also a package and the base for all other packages in that namespace. They would all be versioned together as an atomic unit. So changing github.com/foo/bar/baz would necessitate a bump in version for every package with a prefix of github.com/foo/bar. At least if I'm not misunderstanding anything.
What do you mean by version? API-breaking? If the packages are stored in a different location, they will be considered different anyway at the language level, nowadays. API-breaking or not.A version would be a semver tag applied to a commit (or equivalent for other VCS).
--
On Wednesday, August 10, 2016 at 3:28:44 PM UTC+2, Matt Farina wrote:
On Saturday, August 6, 2016 at 3:51:44 AM UTC-4, atd...@gmail.com wrote:
On Saturday, August 6, 2016 at 12:05:50 AM UTC+2, Ulrich Kunitz wrote:The challenge is now that the Go language knows only dependencies between Go packages, but we have to handle them on repo level. While dependencies cannot be cyclic between Go packages, they might be between repos. Repo 1 might have package A dependent on B in repo 2 and package D of repo 2 dependent on C in repo 1 at the same time. That might be outlawed, but in the go-get model it is absolutely possible.What is the issue with that?As long as the needed versions of repo1 and repo2 work for each others supported version ranges this works. Layering in versions only causes a problem when repo1 needs a version of repo2 that doesn't support the version of repo1. In practice this would break today due to API differences anyway.
You received this message because you are subscribed to the Google Groups "Go Package Management" group.
To unsubscribe from this group and stop receiving emails from it, send an email to go-package-management+unsub...@googlegroups.com.
What do you mean by version? API-breaking? If the packages are stored in a different location, they will be considered different anyway at the language level, nowadays. API-breaking or not.A version would be a semver tag applied to a commit (or equivalent for other VCS).That is not specific enough because you never know where HEAD is pointing at. The dev branch or the release branch?Go does not even care about this (nor should it).
What is a version in Go is different than what a version is in git. The constraints entailed by each are not even necessarily the same either.I hope that we can start by defining exactly the semantics without relying on a given dvcs.
>
> What is a version in Go is different than what a version is in git.
> The constraints entailed by each are not even necessarily the same either.
> I hope that we can start by defining exactly the semantics without
> relying on a given dvcs.
On this point, I want to give a +1. My company still uses Subversion.
Subversion repositories generally host many projects, all versioned
separately.
I also anticipate scenarios (and have already seen them on GitHub) where
a bigger project has several utility libraries (Go packages) that end up
being more broadly useful than the containing project. Using Git, those
sub-projects can be tagged separately, just as an example. If a
dependency resolution mechanism forces those packages to spin off into a
separate repository, that seems like we're using tooling to force a
particular source code layout and DVCS usage. Maybe that is a good idea?
(After all, Go is opinionated about things, and mostly that makes the
language better.) However, maybe that really isn't a good idea?
What do you mean by version? API-breaking? If the packages are stored in a different location, they will be considered different anyway at the language level, nowadays. API-breaking or not.A version would be a semver tag applied to a commit (or equivalent for other VCS).That is not specific enough because you never know where HEAD is pointing at. The dev branch or the release branch?Go does not even care about this (nor should it).Why is it important to know where HEAD is pointing at? A tag is esentially a pointer for a particular state of the source code (revision), the branch is implicitly included.
What is a version in Go is different than what a version is in git. The constraints entailed by each are not even necessarily the same either.I hope that we can start by defining exactly the semantics without relying on a given dvcs.Without the central repo the only place to store versions is VCS. Tags are universally supported by all VCSes so it seems logical to use them to store versions.
Ø Using or not using a vcs should not impact the release of your source code.
+1
John
John Souvestre - New Orleans LA
--
You received this message because you are subscribed to the Google Groups "Go Package Management" group.
To unsubscribe from this group and stop receiving emails from it, send an email to go-package-manag...@googlegroups.com.