Open samth opened 6 years ago
I think the problem is the definition of "version string". The valid-version?
function from version/utils
rejects "1.0.0" and "0.2.0", because it considers the trailing ".0" redundant and therefore disallowed. I don't know where that's specified, if anywhere, though.
If it's possible, I'd be happy if valid-version
changed. Rejecting 6.10.1.0
was a minor problem for me earlier this month.
I don't think valid-version?
should change. It should retain its role in checking for versions in canonical form, but that property should be documented.
It's possible that the package system should be more lenient, but there's no backward-compatibility issue here as far as I understand. I think it's better all around for version numbers to be in a checked, canonical form. If we go that way, though, besides better documentation, a better error message is needed.
I agree that documentation and error message improvements are the right call here.
I guess I'm unclear on why "canonical form" in this sense is a valuable property to check for.
So that pkgs can put version dependencies in them without having to read an individual pkg's documentation on the subject?
As long as version<=?
handled the trailing ".0" correctly, allowing this seems like it would work fine for the downstream users.
Yes, version<=?
could normalize, but it's easy to imagine other uses of version numbers, such as in URLs or documentation links, and we'd have to specifically remember to normalize in those cases. (More likely, we'll forget.)
My objection is the speculative objection of a grumpy old sysadmin. But I'll stand by it, anyway.
My worry is that we currently don't validate these specifications basically any time except when the package server itself runs things, leading to issues like the one linked to.
Could we add this check to the dependency checking that raco setup
is currently doing?
It may already happen in that operation, but I don't think people usually run raco setup
by itself.
I don't understand: if you don't do dependency checking then many other things will go wrong and the comment that "we don't validate these specifications ..." seems, well, not helpful here?
If you don't do proper dependency checking then you may get warnings on the package server. If you don't get this version spec right, then you get an error from the package system that means your package can't be installed at all.
Here's a plausible scenario that I think resulted in several packages having bad version specs in various places currently.
"0.2.0"
, which doesn't produce any errors when running raco setup -p <pkgname>
raco setup -p <other-pkgname>
also doesn't error.At the various intermediate points here, running raco setup
(with no other arguments) will error internally because of bad version specs, which hopefully provides enough information to fix, but this doesn't happen unless you run setup
on everything, which from talking to people happens pretty rarely for most package developers.
Okay, so that means you like my suggestion that we do this check during dependency checking, then? (I'm confused.)
I think we need to do this check (and others like it) in other places that people are more likely to run, as well as in the dependency checking that we currently do.
This package errors currently: https://pkgs.racket-lang.org/package/gaming
However, the package spec seems to fit the deprecated form described here: http://docs.racket-lang.org/pkg/metadata.html?q=pkg
Error message: