Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

So we can conclude, that the the big star of open source is not enforcing the child of open source :(

Ref SemVer: https://semver.org/



I find it irritating when people quote semver like it’s some kind of law.

It’s a random protocol someone came up with that some other people decided to follow. It’s nowhere near a de facto standard for version numbers: plenty of software has non-semver version numbers (in fact, this applies to all software I have worked on so far in my career!)


I think it's pretty clear semver doesn't really have a place in modern software. Except for Microsoft, no one cares about backwards compatibility, which semver is all about. All software is continually developed, every release contains both new features and bug fixes, which violates semver. The vast majority of software has a meaningless "1." or "0." tacked to the front to try to satisfy semver, until the project gets bored of typing it and just drops it.

I think most software should just have date-based versioning. It fits the development models we actually use far better, and actually communicates useful information to the user, unlike semver. Are you running a kernel from 2016? Might wanna update that.


SemVer has significant benefit for package manager world. Many argue that why don’t you just read a changelog, but that is not the point. Package manager should know whether it can update some dependency to later version safely, without some guy always manually hardcoding the suitable version. It is everywhere. In Arch Linux, Debian, Pip and Cargo. They all rely on versions which itself should describe the impact of the change. If there is no standard, then it is always risky to update. On Debian it means manually testing every package. In Arch you accept the risk. If everyone would follow version schema, then you could trust the number in most of the cases.

My original message was a bit joke which some missed, but SemVer has a place and need.

> All software is continually developed, every release contains both new features and bug fixes, which violates semver.

Combination of them is not violation. Overall impact of the change should be described with the correct increment. It does not matter how do you categorise the content of the change.


It's often a change in interface. If you build from source, old code simply won't compile with new incompatible interface, and won't get to the testing stage.


The impact comes from the dependencies you are using. Depending how the software is made, it can be noticed early on build time. But it can also be noticed just on runtime, e.g. dynamic libraries, which is hopefully noticed on testing stage.

However, how it impacts downstream, the dependents of your software, cannot be tested. You can only inform about it. For people, with changelog. For automated systems, with version number. But if you do not follow systematic version numbering, you fail to inform automatic systems. They update to the later version of you software and dependents will break.


> Except for Microsoft, no one cares about backwards compatibility

That would seem to be contradicted by Linus's "WE DO NOT BREAK USERSPACE"[1].

The Linux community clearly cares for backwards compatibility too.

1. https://linuxreviews.org/WE_DO_NOT_BREAK_USERSPACE


That's "Linux" the kernel, not the operating system. No one building a 'modern' desktop OS on top of that kernel cares. Download a 20 year old Linux binary and try running it on a random up to date linux distro. Unless it's a trivial program it will almost certainly fail.


This post is about the kernel, though.


> one cares about backwards compatibility, which semver is all about.

Interesting. I'd characterise it more as 'responsibly breaking backwards compatibility'. Just a tool to communicate the nature of changes, a really (really) brief summarising changelog - what's included, breaking changes, non-breaking new features, or just misc. fixes?

I quite like it, but I tried to phrase my top-level comment not to be about it specifically. It would have surprised me to learn that Linux used 'semver' - that doesn't mean there's no semantic meaning to the version numbers it uses though.


> backwards compatibility, which semver is all about

It's not about maintaining backwards compatibility. It's about making it explicit when you break compatibility. Whether you do or not is completely up to you - semver doesn't care.


The unofficial motto of the Linux kernel is "Don't break userspace" so semver wouldn't be useful.


And what's more, the second unofficial motto of the Linux kernel is "break kernel space"; they don't make any attempt at keeping in-kernel APIs stable. So if they followed semver for userspace, they'd be on 1.9000.0, if they followed semver for kernel space they'd be on 9000.0.0.


There's value, albeit less in the minor vs patch distinction I think. So you could imagine a world in which SemVer came first, Linux uses it, and we're on 1.5.19 but usually drop the 1. because we've agreed there'll never be a v2.


That's pretty much the state of the 3.x releases, but at some point numbers got big.


I’d say it was the stage of the 2.6.x series.


In 2.6.x patch levels were the fourth number in the version, not the third.


What would be the point of that?


I don't think SemVer is an appropriate versioning scheme for the Linux kernel due to the extremely large number of subsystems that make up the whole.


That's one way of doing it, not the only way, and only tangentially related ('it can be useful to' sort of relationship) to open source.


Some developers (younger ones?) seem to think that the SemVer spec is a law of the universe, when in reality it's just something a GitHub guy put into the mix in the 2010s.


While it is not the law, it is the only reasonable attempt to solve dependency issues. If the software gets an major release when author feels like it, then version itself tells nothing about the changes. Then dependant software can never estimate the impact of update. I agree that Linux Kernel is a bit different, since it sits on top of everyrhing, but still.


> Then dependant software can never estimate the impact of update.

They can read the changelog. And if they can't be bothered to read the changelog, then why even update?


Semver is a bandaid on a gaping chest wound, that can best be summed up as "major version number changes may break everything, or they may not, but minor version numbers might not break everything, but they may."

It's more of a philosophy than a law, and it can't really be relied on that much; as often the developers themselves can't accurately predict what is a major breaking change and what isn't.

The Linux kernel itself has some baggage from the 2.4/2.6 era that Linus is explicitly walking away from.


Actually testing is the bandaid . You always have the dilemma when updating dependencies of the software - do they break something? Of course you could manually check every time every software from changelog, if this has some impact. Problem is, that usually for example in Linux one dependency might have hundreds of dependents. Are you going to check all of them manually? If standard versioning would automatically show this information, a lot of time and testing would be saved.

> often the developers themselves can't accurately predict what is a major breaking change and what isn't.

There is a difference with a breaking change and a bug. All breaking changes are predictable. If you modify API, it possible breaks. If you don’t modify API but it breaks, it is just a bug. If you add feature, and don’ t modify API, but something breaks, it is a bug. You are not expected to apply SemVer for bugs because you can’t predict them.


> They can read the changelog. And if they can't be bothered to read the changelog, then why even update?

Package managers cannot read the changelog. That is why we have version numbers.


There aren't breaking changes.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: