Proposal: mandatory versioning metadata for modules

Florian Weimer fw at deneb.enyo.de
Sun Nov 4 04:01:27 PST 2012


* David Jorm:

> The problem here is "optional" version number. What I'm trying to
> achieve is mandatory minimal version metadata.

I don't think we'll change version numbers in security updates (just
like we don't change sonames and other identifiers), so I'm not
convinced this will work.  Otherwise, users who have tight constraints
on the module version in their system (which I expect to be the norm,
at least for a while, given current Java practices) would not be able
to apply the update.

Something that embeds some sort of source version into the build might
be a better approach.  This would not be used by the dependency
mechanism.  It could be just a string, optimally generated by the
build environment, and a security update would carry a different
identifier, so we can use it for tracking.



More information about the jigsaw-dev mailing list