luisuribe
commented
6 years ago That's a valid concern. We haven't decided a versioning schema and/or change logs so far. We could start a discussion here and find an agreement.
Closed chrisdeeming closed 5 years ago
luisuribe
commented
6 years ago That's a valid concern. We haven't decided a versioning schema and/or change logs so far. We could start a discussion here and find an agreement.
chrisdeeming
commented
6 years ago It feels like a 3 point semantic version makes the most sense.
Bug fixes in the 3rd point release, e.g. 3.0.1.
Potential braking changes in the second point release, new features, and an opportunity to add further dependencies and increase PHP version in the 2nd point release, e.g. 3.1.0.
And the first point bump could be reserved for major Authy API changes, such as those that may necessarily break the library; say if the API outputs a different format or data or you otherwise want to rewrite/refactor parts of the library.
It likely means more frequent tags/releases but also provides some stability and assurance that people who depend on the library shouldn’t ever accidentally land on a version of the library that breaks their code unexpectedly.
nmargaritis
commented
6 years ago Please proceed with the release as the locale is something that has been added recently but has not been released. The semantic version (x.x.x) is accepted and almost considered standardised nowadays. It is used in most of the projects on github. Have a look on these:
For anyone wanting to test their code with the master branch you can try to include "authy/php": "dev-master" in your composer file. Beware though, you will need to specify a normal version as soon as it is available or you might have issues as soon as new commits are introduced to the master branch.
nmargaritis
commented
6 years ago Also please avoid making changes to the master branch directly for non-released code. When someone firsts lands on the project, they see a version number of the library and check what it is included on the master branch. Currently the master branch is not synced with the releases. Thus this code should not have been on the master branch. Try to keep the master branch synced with the releases, anything else can be on a develop branch. Take a look at gitflow for a better understanding over this: https://datasift.github.io/gitflow/IntroducingGitFlow.html
chrisdeeming
commented
6 years ago @nmargaritis @luisuribe there's actually another issue that arises related to dev-master.
Likely because of the explanation here... https://github.com/composer/packagist/issues/587#issuecomment-142332424
Packagist is actually out of date: https://packagist.org/packages/authy/php#dev-master
Note the source reference is the last "proper" commit, rather than the merging of the pull request I submitted.
So I'm actually in a situation where I can't (easily) use the updates that are now part of the package because a) Packagist didn't update and b) there hasn't been an explicit release.
@luisuribe I think it's possible for you to log in to Packagist and update the package manually, which would be very helpful. Otherwise, I'll have to wait until a release is made.
Many thanks,
Chris
nmargaritis
commented
5 years ago @nmargaritis @luisuribe there's actually another issue that arises related to
dev-master.Likely because of the explanation here... composer/packagist#587 (comment)
Packagist is actually out of date: https://packagist.org/packages/authy/php#dev-master
Note the source reference is the last "proper" commit, rather than the merging of the pull request I submitted.
So I'm actually in a situation where I can't (easily) use the updates that are now part of the package because a) Packagist didn't update and b) there hasn't been an explicit release.
@luisuribe I think it's possible for you to log in to Packagist and update the package manually, which would be very helpful. Otherwise, I'll have to wait until a release is made.
Many thanks,
Chris
Hey Chris, I am able to install the latest changes using the dev-master dependency in composer json.
Are you sure you have tried this?
composer require authy/php dev-master . However, using dev-master should be used with caution. Every deploy might install different code, based on what is in the master branch.
P.s - Also please inform us what is going to happen with the releases. It has been 10 days since this issue was brought up. If you are not planning to do anything with the project then we will probably have to fork it and fix the issues so that we can use it.
chrisdeeming
commented
5 years ago It works now, but it didn't previously.
It looks like @luisuribe may have seen my comment and updated the entry on Packagist, or something else triggered it to update.
Prior to my comment a few days ago, the dev-master entry was listing de696964a8a8c471d6281cf65301224e4db0e1a0 (the commit prior to mine) as the "Source Reference" but now it is listing 3fa3b3664f838f94331be5749a4d198b2053cc94 (my pull request being merged).
FWIW, I was able to workaround it because you can specify a specific source reference in composer.json in case this ever happens. It can also be useful in the case where you're tracking the dev-master branch and incompatible or undesirable changes are introduced and you wish to use the last-known working version.
"authy/php": "dev-master#3fa3b3664f838f94331be5749a4d198b2053cc94"It's even plausible that me pulling down the branch at that specific commit triggered a Packagist sync. Who knows?
All sorted for now, but certainly these are all perfect examples as to why regular releases make things a lot easier 🙂
luisuribe
commented
5 years ago So, I did a v.3.0.4 release with the latest master code. Hope this works for your. For new releases we'll be using gitflow.
Thanks for your help and comments. Also sorry for the delay in the responses. We'll continue working to improve this library.
chrisdeeming
commented
5 years ago Thanks for this @luisuribe
I've noticed again (and mentioned it above) that when changes are made in this repo, they don't get cascaded down to Packagist.
Note here the absence of the new version 3.0.4: https://packagist.org/packages/authy/php
I suspect you don't have the GitHub hook set up, there are details about that here: https://packagist.org/about#how-to-update-packages
WIthout that, Packagist will only crawl this repo once a week.
luisuribe
commented
5 years ago @chrisdeeming Yup. I need to check the hook for the new releases. Meanwhile, packagist is already synced with the new version. Thanks!
The last official release was version 3.0 in January, but since then there have been a number of potentially significant updates. Most of them have bumped the version, which in retrospect may not have been necessary.
I currently have my project pulling directly from dev-master but that's a fairly poor practice and makes me slightly nervous as it means my project will automatically receive the newer code, even if there are BC issues.
I'm not sure whether you want to bump the version back down to 3.0.1 and do a release or even bump it forward to 3.1 (#55 could represent breaking changes for extending code as assumptions about the
base_urimay now be invalidated in order to have made OneTouch work).Either way, some official release would be ideal 👍