[swift-evolution] [swift-build-dev] Proposal: Package Manager Version Pinning
daniel_dunbar at apple.com
Fri Oct 14 18:50:04 CDT 2016
> On Oct 14, 2016, at 4:15 PM, Johannes Weiß <johannesweiss at apple.com> wrote:
>> I see it as my responsibility to know exactly what code I’m pulling into my package. In my view, it’s absolutely unsafe to trust other people’s code. Even when they mean no harm, trusting them to properly apply SemVer is the same issue.
> maybe we should have the tooling support that? Elm does try to enforce correct semantic versioning. Maybe swift-pm should do that too?
We would like to (try to), and it is on the long list of ideal future things to do. It requires a lot of compiler support no one has signed up for yet, though...
> See http://elm-lang.org :
> Enforced Semantic Versioning
> Elm can detect all API changes automatically thanks to its type system. We use that information to force everything in our package catalog to follow semantic versioning precisely. No more surprises in PATCH releases!
> I have no idea how well it works but if we'll end up relying on proper semantic versioning, tool support sounds like a good idea to me.
More information about the swift-evolution