Closed IchordeDionysos closed 1 year ago
@jonas-jonas this also allows users to update to dio v5.0.0 fixing two vulnerabilities https://pub.dev/packages/dio/changelog
https://github.com/advisories?query=type%3Areviewed+ecosystem%3Apub+dio
❓ Breaking change or not:
I'm not sure but I guess the Ory SDK would find the latest version of Ory that uses Dio 4.x. Otherwise we'd have package users required to update their packages all to the latest versions which they anyways should do to ensure the best compatibility.
I rented a Linux VM to check the changes.
I've actually figured out that I can run open-api-generator in the Docker container and then run
dart pub build_runner build
outside of the Docker container which works for me
I've actually figured out that I can run open-api-generator in the Docker container and then run dart pub build_runner build outside of the Docker container which works for me
Ah, good idea.
The only reason I see to justify a breaking change of Ory would be that Ory now requires using Dio 5.0.0, and the latest version of the Ory SDKs only works with Dio 5.x.
Is that not the case? The generated version constraint looks like it requires >5.
Is that not the case? The generated version constraint looks like it requires >5. Wait, let me explain it better :D
The current Ory SDKs require dio version >= 4.0.0
and < 5.0.0
, reducing scores on pub.dev
With the change, the Ory SDKs would require dio version >= 5.0.0
and < 6.0.0
(the latest version of dio
is 5.1.2
)
So the only change that could make it a breaking change would be because the Ory SDKs now depend on dio version 5.x.x. Not because there are any changes to the Ory SDKs behavior
According to the server FAQ it should probably not be considered a breaking change: https://semver.org/#what-should-i-do-if-i-update-my-own-dependencies-without-changing-the-public-api That's maybe also the reason why the maintainers at open-api-generator did not include in the next major version
@IchordeDionysos thank you!
Related Issue or Design Document
Follow up of https://github.com/ory/sdk/pull/263
Adds the repository to the pubspec.yaml so that on pub.dev a link to the repository will be shown to users. https://dart.dev/tools/pub/pubspec#repository
Checklist
Further comments
I, unfortunately, couldn't test it locally as I get errors for both the current Docker image v0.51.0 as well as a locally built image ... Not sure if this might have to do something with my M1 MacBook?!