The constraint ^0.17.0 on intl does not support the stable version 0.18.0

[marandaneto]

Environment

• Dart SDK version: 2.18.6 (stable) (Tue Dec 13 21:15:14 2022 +0000) on "macos_x64"
• macOS Ventura 13.1
• Are you using the Chinese community mirror or a corporate firewall? NO

Problem

Source: getsentry/sentry-dart#1202
Relates to: flutter/flutter#117163 and dart-lang/i18n#458

\nThe constraint `^0.17.0` on intl does not support the stable version `0.18.0`.\n

\n\nTry running `dart pub upgrade --major-versions intl` to update the constraint.\n\n\n### [*] 10/10 points: Package supports latest stable Dart and Flutter SDKs\n"

intl: ^0.17.0

Expected behavior

Upgrades to 0.18.0 without problem, since the a transitive dependency is intl: ^0.17.0 and the final app has ^0.18.0, it is within the range.

Actual behavior

\nThe constraint `^0.17.0` on intl does not support the stable version `0.18.0`.\n

\n\nTry running `dart pub upgrade --major-versions intl` to update the constraint.\n\n\n### [*] 10/10 points: Package supports latest stable Dart and Flutter SDKs\n"

Apps that use intl: ^0.18.0 or intl: 0.18.0 and have a transitive dependency with intl: ^0.17.0 should not require a major bump since it's a minor version.

Workaround

If the library does intl: '>=0.17.0 <0.19.0' or intl: any would work, but libraries should be able to be more flexible with the minimum and maximum version hence it should be fixed to respect the version bands.

[sigurdm]

pub has an addendum to semver that says:

There is a notion of compatibility between pre-1.0.0 versions. Semver deems all pre-1.0.0 versions to be incompatible. This means that the only way to ensure compatibility when depending on a pre-1.0.0 package is to pin the dependency to an exact version. Pinned version constraints prevent automatic patch and pre-release updates. To avoid this situation, pub defines the "next breaking" version as the version which increments the major version if it's greater than zero, and the minor version otherwise, resets subsequent digits to zero, and strips any pre-release or build suffix. For example, here are some versions along with their next breaking ones:

0.0.3 -> 0.1.0 0.7.2-alpha -> 0.8.0 1.2.3 -> 2.0.0

To make use of this, pub defines a "^" operator which yields a version constraint greater than or equal to a given version, but less than its next breaking one.

So if you want to be compatible with both 0.17.0 and 0.18.0 you indeed should do '>=0.17.0 <0.19.0'.

[marandaneto]

I see, the problem is that when 0.19.0 is out, we'd need to change it again.
As a dependency, pinning is always a bad solution as well since other dependencies might have pinned a different version, so the problem still exists.
Maybe >=0.17.0 <1.0.0 would be too flexible but won't require changes that often unless intl does a lot of breaking changes frequently.

[marandaneto]

Since there's an addendum to semver, closing this, thanks!