0.3.1 -> 0.3.2 patch bump should have been a minor actually
Closed this issue · 5 comments
Semver is tricky: moving src/x
to dist/x
without a symlink is a breaking change.
Why? Because on a (published) package level, the "interface" is actually the files that others "require". You haven't changed your library's interface, but that's not the only interface.
So given you're in "before-1.0.0" mode, this should have been a minor bump, not a patch bump.
Man, I did not think about that, but it makes a lot of sense. Thanks! I've created a 0.4.0 release and removed 0.3.2.
Believe it or not, this fix was bad for me :) as now I have to revert my changes
But hopefully it's for the best, on a larger scale.
Hey Andrei,
Sorry to mess up your code base like that! I want to make sure I don't repeat this sort of situation in the future - was there a smoother way I could have implemented a fix?
Also, would you be willing to talk about your environment a little bit so I can better understand how I caused things to break?
The initial issue seems like mostly a semantic issue, but I could definitely see it breaking projects due to violating an expectation that an end-user or package manager has. What changes did you have to revert after I published 0.4.0?
Scott, consider this timeline
- bower install (bower.json has ~0.3.1) + reference bower_components/cookies-js/src/cookies.min.js
- you move src to dist, and publish 0.3.2 ->
- ~0.3.1 resolves to 0.3.2 and BREAKS (no file in src)
I update my code
- bower install (bower.json has ~0.3.2) + reference bower_components/cookies-js/dist/cookies.min.js
- you remove 0.3.2 and publish it as 0.4.0
- ~0.3.2 resolves to 0.3.1 and BREAKS (no file in dist)
So what should have happened is publish 0.3.3 with the file back in src. If you ignored Windows users, just adding a symlink in src to the new dist location would suffice.
Thanks for the quick feedback!
PS: NPM doesn't allow removing modules anymore for cases like this, but only mark as disabled or smth, and you get a warning. Once you publish, it's done. People's lives depend on it :) You can only fix the situation by issuing a patch.
Ah, gotcha! That all makes sense to me. A 0.3.3 release definitely would have made things go smoother.
Thanks so much for helping me out, and for putting up with the temporary glitches!
Also, thanks for the P.S. about NPM - I had actually totally forgotten that I needed to manually publish new releases to it, and your comment triggered me (so as far as NPM is concerned, there never was a 0.3.2! I guess that's good in the end? Ha...).
Anyways, 0.4.0 is now published to NPM.
I should really set up a couple test environments that rely on NPM and Bower to manage Cookies.js so I have the ability to catch these sorts of issues in the future. I tested installing the library fresh with Bower, but for some reason never did the same for NPM (fail). Even still, I need to be able to make sure updates work as intended, and I haven't been thorough in that regard.