Closed zbynek closed 1 year ago
@daniel-beck and @halkeye, do you have a preference for how this should be handled?
Rejecting incorrect version strings in update center seems consistent with its ability to suspend distribution of plugins, though deciding what is an incorrect version string may be more complicated than we want to include in the update center generator.
do you have a preference for how this should be handled?
No preference, but note that "non-numeric" isn't the problem exactly. Lots of versions aren't (fully) numeric, including all of https://www.jenkins.io/doc/developer/publishing/releasing-experimental-updates/ as well as all JEP-229 CD versions with non-numeric suffix.
$ curl --silent https://updates.jenkins.io/current/update-center.actual.json | jq --raw-output '.plugins[].version' | grep -E '[^0-9.-]+' | wc -l
297
(Granted, excluding the usual JEP-229 convention leaves only ~15, of which ~8 are JEP-229(ish) or JEP-305, i.e., likely badly set up JEP-229.)
Maven algorithm
FWIW it's likely actually https://github.com/jenkinsci/lib-version-number/
Lots of versions aren't (fully) numeric
that's fine, my suggestion was just to remove plugin versions where the major version is not numeric. I believe that would not affect the latest version of any released plugin (full list of affected versions in issue description).
A rule like "version needs to start with a digit" should be straightforward to implement (and document).
To confirm, all of these version numbers are fine then?
Service(s)
Update center
Summary
The update center publishes some very non-semantic plugin versions:
These are not sorted properly on the plugin site because the version comparison is done by JS and does not 100% follow the Maven algorithm. Maybe instead of fixing that on the plugin site these should be simply not published by the UC.
Reproduction steps
Go to https://plugins.jenkins.io/requests/#releases -- the non-semantic versions should be at the bottom, like in https://updates.jenkins.io/download/plugins/requests/
To list all problematic versions you can go to https://updates.jenkins.io/current/plugin-versions.json and run this in console: