Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

1.5.3 breaks compatibility with 1.5.2 #133

Closed
skippy opened this issue Feb 26, 2016 · 17 comments
Closed

1.5.3 breaks compatibility with 1.5.2 #133

skippy opened this issue Feb 26, 2016 · 17 comments
Assignees
Labels
Milestone

Comments

@skippy
Copy link
Contributor

skippy commented Feb 26, 2016

hey folks,

the API breaks between 1.5.2 and 1.5.3. For example, ::JWT.decoded_segments(token) no longer exists.

would you mind, going forward, if the API changes, to increment at least a minor, if not major, revision number?

thanks!

@eigilsagafos
Copy link

+1

@DigitallyBorn
Copy link

Also, base64url_decode. Very frustrating.

@databyte
Copy link

databyte commented Mar 3, 2016

+1 to breaks in base64url_decode, it was being used by omniauth related work for X509.

@excpt
Copy link
Member

excpt commented Mar 4, 2016

I will yank the 1.5.3 release this weekend and re-release it as 1.6.0. In addition I will update the documentation to make the changes more visible.

Sorry for the issues this release caused.

I wasn't aware of the fact that the base64url_decode function was used outside the JWT library in other gems.

@databyte
Copy link

databyte commented Mar 4, 2016

Thanks @excpt - unless you make it private methods, undoubtedly someone will find it and use it. Actually, probably for private methods too. But its been used apparently over a thousand times and these are just public repos.

@excpt
Copy link
Member

excpt commented Mar 4, 2016

@databyte Thanks for the info. :)

@connorshea
Copy link

See Semantic Versioning, which is what most people assume is being followed. This just broke for me after updating some unrelated gems, so now I have to force 1.5.2 in the Gemfile.

This was referenced Mar 23, 2016
@excpt
Copy link
Member

excpt commented Mar 23, 2016

@connorshea @skippy @eigilsagafos @databyte @DigitallyBorn

If you have the time - can you check out the current master and test it with your projects? I made 2 PR #135 and #136 to fix the issues for the upcoming version 1.5.4.

@excpt
Copy link
Member

excpt commented Mar 24, 2016

Version 1.5.3 yanked.

@mwhahaha
Copy link

Please don't yank things until you've published something newer. You've broken a whole bunch of CIs as 1.5.3 is being calculated as a dependency but is not available.

@danleyden
Copy link
Contributor

I would suggest publishing 1.5.4 with a fork of the 1.5.2 code (only
changes would be version and readme / changelog)

On 24 March 2016 at 15:01, Alex Schultz notifications@github.com wrote:

Please don't yank things until you've published something newer. You've
broken a whole bunch of CIs as 1.5.3 is being calculated as a dependency
but is not available.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub
#133 (comment)

@skippy
Copy link
Contributor Author

skippy commented Mar 24, 2016

ah, yep, I ran into this as well. 6 projects started to fail.

Would you mind putting 1.5.3 back up? Once it is published it should be locked. If you wouldn't mind, just publish 1.5.4 with backwards compatibility, and just going forward stick to semantic versioning? But the key is going forward :) @excpt, if I can help (besides calling shots from the cheap seats!) please let me know.

@skippy
Copy link
Contributor Author

skippy commented Mar 24, 2016

@danleyden that is a good idea!

@EmilienM
Copy link

@excpt I confirm @mwhahaha - it is breaking a bunch of CI, including OpenStack (30 Puppet modules, around 500 daily CI jobs are failing and will fail on that). Please publish 1.5.4.
Thanks a ton!

@excpt
Copy link
Member

excpt commented Mar 24, 2016

Version 1.5.4 released.

@excpt
Copy link
Member

excpt commented Mar 24, 2016

Thanks a lot for all the feedback. Lessons learned from the 1.5.3 disaster.

@EmilienM
Copy link

Thanks @excpt for your responsiveness, much appreciated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

9 participants