New point release?
Closed this issue · 5 comments
The Debian freeze window for Bookworm is approaching (2023-02-12).
The latest release is 4 month old and since them a couple of worthy fixes have landed:
- Warn on duplicate policy configuration files (75f6860)
- Reduce recursion in free_policy_node (9e389c8)
- Support disable commands for tunable conditions (378357f)
- Support ifn?def in .if files (211354e)
The only addition was Add new check to warn about incorrect usage of audit_access permission (e83ac2a), which is quite limited in scope and chances of regressions or false-positives are low.
Thanks for the info on the Debian freeze and the analysis of the history. My only concern here is that we haven't added a check in a point release before. I agree that the check is unlikely to introduce regressions or false positives. The question in my mind is whether it will cause user annoyance if we signal new findings on their source in a point release. As a user of clippy (rust linter) in another project, my CI regularly breaks unexpectedly when they add new checks and my CI automatically grabs the latest version of clippy.
You're probably right that a point release makes sense anyways. Let me think about it for a day or two.
Okay, thought about this and discussed it a bit, and I think Semantic Versioning is pretty clear here. We added backwards compatible functionality (a new check), so we should call this 1.4, even though the functional change is pretty small. Unless you object, I think we should make a new release this week and call it 1.4.
Sounds good to me 👍
Would appreciate it if you have time to give everything a once over today and I'll make the release in a few hours.
1.4.0 released