[openstack-dev] pyparsing 2.0 postmortem
Yun Mao
yunmao at gmail.com
Wed Feb 27 21:37:08 UTC 2013
I don't know about pinning to an exact version, even in the stable branch.
If every package follow the version convention of major.minor, and
guarantees the compatibility in the same major version, then it seems
better to pin to the major version. Otherwise, we might miss out some
critical updates like security related patches. Thanks,
Yun
On Wed, Feb 27, 2013 at 3:51 PM, Russell Bryant <rbryant at redhat.com> wrote:
> So I'm not sure that the problems Sean has described here should be
> considered a disaster. They seem to be just one of the things our
> testing should be catching for us.
>
> It's not just about getting updates for free. It's about finding out
> when our software is no longer compatible with an upstream dependency.
> It means we found out as soon as we could that there is work to do to
> update project X to be compatible with new version of dependency Y. We
> have to find this out somehow sometime.
>
> Pinning seems like a fine short term fix for this, but only along with a
> bug for fixing compatibility with this new version of the dependency.
>
> I think I could buy pinning everything in stable branches since we
> wouldn't be doing work in stable branches to chase new versions of
> dependencies, but not in master.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130227/09759476/attachment.html>
More information about the OpenStack-dev
mailing list