Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SemVer policy for pre-1.0 dependencies #442

Closed
tarcieri opened this issue Nov 27, 2022 · 3 comments
Closed

SemVer policy for pre-1.0 dependencies #442

tarcieri opened this issue Nov 27, 2022 · 3 comments
Labels
do-for-4.0 This should be resolved before we do a 4.0 release

Comments

@tarcieri
Copy link
Contributor

Something I think should be documented prior to the 4.0 release is the SemVer policy for pre-1.0 dependencies which are part of the public API, namely digest and rand_core.

I would suggest exempting these APIs from SemVer guarantees around major versions, allowing them to be updated with a minor version bump only.

It might be worth considering making both of those dependencies optional and noting if they're activated, you're opting into something which isn't stable around major versions. That would mean the feature profile one receives with the default features activated is stable around major versions.

@tarcieri tarcieri added the do-for-4.0 This should be resolved before we do a 4.0 release label Nov 27, 2022
@pinkforest
Copy link
Contributor

pinkforest commented Nov 28, 2022

Drafted #443

@pinkforest
Copy link
Contributor

pinkforest commented Nov 30, 2022

If the digest is to be optional feature, here is a PR:

And here is the PR for the rand_core:

pinkforest added a commit to pinkforest/curve25519-dalek that referenced this issue Nov 30, 2022
As discussed in dalek-cryptography#442 this change set
the digest feature as optional.
pinkforest added a commit to pinkforest/curve25519-dalek that referenced this issue Nov 30, 2022
As proposed in dalek-cryptography#442 this makes rand_core an
optional feature that is not covered by the
SemVer public API stability guarantees.
pinkforest added a commit to pinkforest/curve25519-dalek that referenced this issue Nov 30, 2022
As proposed in dalek-cryptography#442 this makes `digest` an
optional feature that is not covered by the
SemVer public API stability guarantees.
pinkforest added a commit to pinkforest/curve25519-dalek that referenced this issue Nov 30, 2022
As proposed in dalek-cryptography#442 this makes `rand_core` an
optional feature that is not covered by the
SemVer public API stability guarantees.
rozbb added a commit that referenced this issue Dec 8, 2022
As proposed in #442 this makes `rand_core` an
optional feature that is not covered by the
SemVer public API stability guarantees.

Co-authored-by: Michael Rosenberg <[email protected]>
rozbb added a commit that referenced this issue Dec 8, 2022
As proposed in #442 this makes `digest` an
optional feature that is not covered by the
SemVer public API stability guarantees.

Co-authored-by: Michael Rosenberg <[email protected]>
@pinkforest
Copy link
Contributor

This was resolved in:

Can be closed

@tarcieri tarcieri closed this as completed Dec 9, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
do-for-4.0 This should be resolved before we do a 4.0 release
Projects
None yet
Development

No branches or pull requests

2 participants