-
Notifications
You must be signed in to change notification settings - Fork 254
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Please, bump the major version number when you break the API #249
Comments
Thanks for bringing this up. I apologize for any inconvenience this has caused, this should not happen and I am terribly sorry. I will keep this in mind for any upcoming changes and try not to introduce conflicting APIs in the same major version. On a different note, I have to mention that uTLS, being a superset of |
And if it helps, I can definitely add the removed symbols back if you could provide a list of the missing symbols. Again the intention for the symbol renaming is totally for the documentation accuracy, since Go 1.21 officially implements EMS, we are instead using the |
In the latest tagged version I added However some of the upstream introduced breaking update (e.g., Let me know if you have other suggestions/comments, or would like me to "unbreak" some other changes by adding/linking some names back, I'd be happy to help. I will close this issue for now, but we can reopen or start a new one when needed. Thanks again and sorry for the inconvenience. |
No worries! Rather, thank you for maintaining uTLS 🙌 !
Great point! I have some direct, limited experience with this kind of issues because of our crypto/tls fork (whose set of patches on top of crypto/tls is very significantly smaller than the one in uTLS). An alternative approach could perhaps have been to avoid tagging v1.0, given that v1.0 comes with its own sets of constraints in terms of API stability and import path changes. But, given that v1.0 has already been released, this approach does not seem possible anymore.
Thank you for explaining! It definitely makes sense to perform this kind of renaming in light of the upstream changes.
Thank you for this! 🙌
Thank you for further explaining other changes!
For now, I have managed to find a compromise solution that has fixed the build of ooniprobe, where we're pinning to a version supported by psiphon and snowflake at the same time. Regarding suggestions, the only one that comes to my mind is to investigate how the Go project manages to ensure they're not breaking their public API. My (limited) understanding is that they have a directory (https://github.com/golang/go/tree/master/api) in which they put textual files representing APIs, and run CI checks to make sure that new commits are not breaking the existing API definitions. Perhaps, this approach could be adapted to uTLS, and would allow you to know when a symbol that was previously existing has disappeared due to merging with upstream. The source code that implements these checks seems to be in ./src/cmd/api. |
@gaukas I have been thinking a bit more about this whole issue, especially after analyzing the situation of cross compatibility between Psiphon and Snowflake, which are two dependencies of OONI. They both depend on uTLS and the versions they depend on are incompatible, so we cannot upgrade Snowflake beyond v2.6.2. Anyway, while thinking it occurred me that, if you bumped the major version number every time you chase a new version of Go and/or introduce new functionality (which maybe is a bit overkill but at least it's a simple rule of thumb), the problem we're having of mutually incompatible versions would disappear. In fact, by bumping the major version number, the import path changes, and we would therefore be able to build both the latest Snowflake and the latest Psiphon at the same time. What do you think? Does that make sense to you? |
I've used both `gomajor` and `go get -u -v ./...` to update all the dependencies I could. It still feels impossible to upgrade snowflake because of the incompatible dependency with Psiphon (I previously described this issue at refraction-networking/utls#249 and there has been some very useful and much appreciated follow-up discussion at refraction-networking/utls#290, which possibly will lead to solving the whole issue, which is contingent to current uTLS versions used by Psiphon and Snowflake, in a systemic and more fundamental way). Part of ooni/probe#2722.
Thank you for your effort in making and crafting uTLS!
Because uTLS has a version number >= 1, the expectation in the Go world is that you should bump the major version number when breaking the API.
I would like to recommend you follow this best practice, because not following it causes confusion (if not issues) downstream.
Case in point:
If you check the build failure at ooni/probe-cli#1348, this is the build error after replacing obfs4 with lyrebird:
Now, reading the diff between v1.3.3 and v1.5.3, I see you renamed
UtlsExtendedMasterSecretExtension
toExtendedMasterSecretExtension
, which is what breaks the ooniprobe build (and it seems there are also other renames).In such a case, it would have been more consistent with the expectations for a Go project to tag v2. At least, this change would have signalled to anyone using uTLS that there was a API breakage. (It does not mean that ooniprobe would have been able to build both lyrebird instead of obfs4 and Psiphon, but that's off topic with respect to this issue.)
Thank you!
The text was updated successfully, but these errors were encountered: