Giter VIP home page Giter VIP logo

Comments (5)

lubo avatar lubo commented on May 21, 2024

@JoelSpeed Ping.

from oauth2-proxy.

JoelSpeed avatar JoelSpeed commented on May 21, 2024

Hey @lubo,

I'm not sure how I feel about these kinds of tags and have been trying to work out what I'd like to do about this going forward.

This style of tag can be great for large and firmly rooted software projects that have lots of maintainers and thorough release processes and very strict semver coherence. For a small project like this, where we have just taken over the ownership and are not entirely sure what the state of the project is, I don't know if we have enough investment from people to be this strict at present.

I know there are some breaking changes that have been raised in issues already and I'm sure there will be more as the project gains more momentum again. For now I am tempted to create minor tags that move but with the proviso that we aren't strictly sticking to semver and are unlikely to be backporting fixes, we simply don't have capacity for this much work.

On a different note, I personally wouldn't want to use a tag like this for a security themed project, for something like the OAuth2 Proxy that, when broken, would block access to many other services, this is the kind of thing where I would want to vet each release in a staging environment before promoting to production! Does that make sense?

@syscll Do you have anything to add?

from oauth2-proxy.

lubo avatar lubo commented on May 21, 2024

Hi, @JoelSpeed. Yes, it makes perfect sense. If the project doesn't strictly follow semantic versioning, then it's not very useful. But if it did, using minor tags in production shouldn't be a problem if the project publisher is trusted and the app is tested thoroughly, and it'd allow the operators to have more self-maintained infrastructure. Other tags, i.e. major and latest, are pretty much just a development convenience.

from oauth2-proxy.

github-actions avatar github-actions commented on May 21, 2024

This issue has been inactive for 60 days. If the issue is still relevant please comment to re-activate the issue. If no action is taken within 7 days, the issue will be marked closed.

from oauth2-proxy.

loshz avatar loshz commented on May 21, 2024

Closing as this is quite stale. Feel free to reopen if you have any other thoughts.

from oauth2-proxy.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.