Is there a good reason to continue deploying newer snapshots, if there's already a released artifact of the same version?
Concretely: There's already xyz-1.0
There's projects continuing to have xyz-1.0-SNAPSHOT dependencies.
It appears wrong to me, but maybe there is some reason behind this?
If 1.0 has already been released, the snapshot should not be built any longer and you should probably remove the snapshot from your repository. If new development starts, it should be on 1.1-SNAPSHOT (or 1.0.1-SNAPSHOT, however you decide to do your versioning).
The only time that a project should be deploying snapshots after a release version has been deployed is if it were an alpha, beta, milestone or release candidate.
As you have suggested the projects in question are doing things wrong. After the xyz-1.0 release the SNAPSHOT versions should be updated to the next development version, 1.0.1, 1.1, or 2.0.
Related
In our team we have a number of APIs specified using the Open API Specification (formerly Swagger). We use Maven and OpenAPI Generator to generate code, build and publish the artifact to our local nexus. We build our code on TeamCity. The artifact is given the version that is specified in the pom.xml file of Maven.
During development we only use snapshot versions, that is versions which can be overwritten and will be cleaned up. This is opposite to release versions, that cannot be overwritten and needs administrative privileges to clean up. The reason for this is, that a developer usually changes a little bit at the time, which is much more convenient with snapshot versions. This also makes cleaning up outdated unreleased artifacts much easier.
Our problem is, that from time to time a developer makes API changes but forgets to set a new version. This works fine locally, but when the code is build on TeamCity the changed API overwrites the artifact of an older version. A developer not working on this branch will then experience a compile error, because the code does not match the API artifact being used.
What does others do? Is there a best practice? Preferably with standard tools. We have tried many things and nothing works well. At the same time this issue is so basic that someone must have a good solution - or at least experience enough to point to the least bad solution.
I'm maintaining some js library. Releases follow SemVer. Current stable version is 1.5.0. I'm working on 1.5.1 and have 1.5.1-beta.2 which is published at npm with "next" tag. Today I got bug report, discovered the issue and ready to fix it. The thing is that 1.5.1 is not going to be finished during nearest days, it turned out to be more complicated than I planned initially. But I want the fix to be published.
What is the right strategy in this situation? Obvious approach which I'd like to avoid is to postpone the bug fix until 1.5.1 is done and published and then release 1.5.2 containing the fix.
Another way is to publish the fix as 1.5.1 based on 1.5.0 and then continue previous work switching it from 1.5.1-beta.2 to 1.5.2 or even 1.6.0. I'm concerning about inconsistency with the result chain in this case:
1.5.0 → 1.5.1-beta → 1.5.1-beta.1 → 1.5.1-beta.2 → 1.5.1 (bug fix, based on 1.5.0) → 1.5.2 (based on 1.5.1-beta.2)
How such collisions are being addressed using SemVer?
Okay, so you have bug set A currently baking as 1.5.1-beta2 and you have a new bug set B that you want to get the fix out for immediately. The correct mechanism for this is to fork 1.5.0, fix bug set B, and release 1.5.2 (assuming you don't need a beta). Then merge your B fixes into your A working branch and release 1.5.3-beta1 and proceed to drive that to an official release.
It gets a little more complicated when you have two parallel beta sequences running, particularly when you're not sure which is going to make it to release first, but it is manageable. The key is to to just keep in mind, how SemVer precedence impacts the decisions your customers make (the algorithms they apply), whether to fast-track a particular version into their production systems, verses how their developers pull bits from you.
My production systems, have two inputs:
Development is the product of my engineers.
Automated maintenance is the product of a system that:
Pulls patch releases and applies them to a fork of my current production code.
Tests the applied changes against an extensive suite of functional and performance tests.
If the tests are green, flight tests the changes in my production environment, while monitoring for unusual changes in production failure rates.
As long as everything is going well and a human doesn't step-in to stop it, eventually rolls out the changes to the entire production system.
There are of course, variations for services and packaged products. The point is, you can use your release points to signal to your customers automation, or developers, that you have an important bug fix that has little risk of breaking anything. There is no requirement that 1.5.2 have any lineage back to 1.5.1-beta#. You are not required to ever release a 1.5.1. It is customary however to add a comment in your release notes that 1.5.2 is a hot fix for the bug in 1.5.0 and does not contain the fixes in 1.5.1-beta#.
While you may never encounter a need to do so, you don't have to include the bug fixes from 1.5.2 in your eventual 1.5.3 release, provided the later release, passes your quality controls. It is sometimes the case that a specific bug fix, winds up not being applicable in later releases.
How you maintain your product quality is entirely up to you. How you signal the level of risk/importance for a specific release, is defined by the SemVer standard.
We are facing memory leak issue with ConfigurationProviders ConfigurationRoot.
Looks like this issue may have been fixed
https://github.com/aspnet/Extensions/issues/861
However, Microsoft.Extensions.Configuration 3.0.0 requires NETCORE 3.0. Can someone please confirm how this fix can be applied with .NETCore 2.2.7? We do not want to upgrade to NETCORE 3 yet, as we have time constraints for project delivery.
This is specifically related to the reload change token, so I would assume disabling reload on the JSON files would negate the issue. That means you'd have to restart your app if you made any changes to the JSON files, but that really shouldn't be much of an issue, as you should really only be making configuration changes as part of a new build and deployment anyways (via your CI/CD pipeline).
Otherwise, no, you'd have to upgrade to Core 3.0, unless this fix gets back-ported into the 2.1 LTS release. That's actually a possibility, so it might be worth calling it out on the issue, since a memory leak is a pretty serious issue to leave unchecked in an LTS release. It might have just flown under the team's radar.
The other possibility is that is is back-ported into 2.1, but since you're on 2.2, it's not there. I'm not sure if they'd necessarily back port it into 2.2, since that's not an LTS. As such, your choice may boil down to down-grading to 2.1 or upgrading to 3.0. That's the breaks of the game when you're not not on the LTS release - upgrading may be required.
This issue has been sorted, see details here
https://github.com/aspnet/Extensions/issues/2576
I've found chronicle-queue version on maven central is quite old: 4.5.27, while 4.6.23 is most recent released on github. Does it mean 4.5.27 is a kind of "prod-ready", while all 4.5.27+ are experimental? Or you use other repositories for distribution?
The 4.5.27 version is stable and available to all users.
The 4.6.x version is being developed and available to supported clients. We expect to make a public release of this version this month.
Tools such as liquibase and flyway certainly make it easy to upgrade your database. What I haven't gotten straight in my mind is how to best handle changes that occur both on a release branch and trunk.
An example:
My code that is in product is version 2.5 and lives on a release branch. In the meantime, developers have started working on version 3.0 which lives on trunk.
A bug is found in production. A database change script is made (2.5.1) and committed to the release branch. The same change script must be merged back to trunk (3.0.1?).
Version 3.x is released into the wild production db's will already have the change from 2.5.1. The upgrade could potentially fail.
Conversely, if I'm creating a db from scratch if i was using a forward only strategy I would have the same change occurring twice (2.5.1 and 3.0.1).
How are others handling this scenario?
You are right to recognize that production DB changes will always be linear.
To solve this you should place DB migration 2.5.1 both on the branch and on trunk. And not create a 3.0.1 with the same changes!
This way it will be deployed with the branch, but also with trunk.
Upgrading production to trunk will then
find migration 2.5.1 and skip it, as it has already been applied
find migration 3.0 and apply it on the 2.5.1 db
There is, of course, an ever better solution. And that is to get rid of branches altogether and always release from trunk using to feature toggles instead.