search

groupon / cson-parser

Simple & safe CSON parser
BSD 3-Clause "New" or "Revised" License
132 stars 27 forks source link

Please publish a new version of `cson-safe` with a message directing users to switch #65

Open adamvoss opened 7 years ago

adamvoss commented 7 years ago

You cannot tell from the cson-safe package that it was superseded by cson-parser. It would be very helpful if you updated the README on npm to inform users to migrate.

I only learned about the change by following the repository link from npm which happens to be redirected to here via GitHub, I only realized the redirect a happened after I typed up a complete bug report.

jkrems commented 7 years ago

We actually did but had to revert (see https://github.com/groupon/cson-parser/issues/48). I guess we could try to npm deprecate at this point but so far there didn't seem to be enough need for that to risk another break in downstream packages.

adamvoss commented 7 years ago

Maybe it is a mobile limitation, but I cannot see any commit details on that issue. The process I meant to propose by this issue was to checkout the commit from 1.0.5, edit the readme inform about the change, then release that new commit as 1.0.6.

I'm not an npm expert, but code-wise nothing would have changed so I'm not sure how it would break anything.

jkrems commented 7 years ago

Unfortunately 1.0.6 is already taken - https://github.com/groupon/cson-parser/releases/tag/v1.0.6.

The issue with pre-release versions was atom specific, it wasn't npm itself afaik.

adamvoss commented 7 years ago

Huh. How does npm know there is a relationship between 'cson-safe' 1.0.6 and 'cson-parser' 1.0.6? I hadn't realized it was that intelligent.

On Jul 12, 2017 10:30 AM, "Jan Olaf Krems" notifications@github.com wrote:

Unfortunately 1.0.6 is already taken - https://github.com/groupon/ cson-parser/releases/tag/v1.0.6.

The issue with pre-release versions was atom specific, it wasn't npm itself afaik.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/groupon/cson-parser/issues/65#issuecomment-314806607, or mute the thread https://github.com/notifications/unsubscribe-auth/AA67PwJt1lRkrKAdy4jmU-EatFD_nJufks5sNOangaJpZM4OSRIw .

jkrems commented 7 years ago

It doesn't - but git does. And I'm generally not comfortable publishing something to npm that doesn't map cleanly to a git tag. :)

adamvoss commented 7 years ago

Gotcha. The best I've got is v1.0.6-cson-safe, cson-safe-v1.0.6, or cson-safe-end-of-life (doesn't have the version number but describes what it is).

I've never used npm deprecate but reading the doc page it sounds like a decent solution. It can be undone, but not having used it I cannot say with certainty that it doesn't do something problematic despite such behavior being unexpected.