Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SemVer violation in [email protected] #1812

Open
xJonathanLEI opened this issue Sep 30, 2024 · 2 comments
Open

SemVer violation in [email protected] #1812

xJonathanLEI opened this issue Sep 30, 2024 · 2 comments

Comments

@xJonathanLEI
Copy link

xJonathanLEI commented Sep 30, 2024

revm-interpreter bumped its version from 10.0.2 to 10.0.3 here: 4f09399#diff-39002a8f7750a6f47016f15b058b99efb706c660821f76fbb8a7740c9814b45a

But at the same time, it's also bumping revm-primitives from 9.0.2 to 10.0.0. Since revm-interpreter does not just use revm-primitives internally, but also as part of its public API, this is a SemVer violation and breaks downstream libraries and applications.

Since revm-interpreter is also used by say revm, these other crates are also broken as a result.

For a library that depends on say revm-interpreter v10.0.1, it might also import revm-primitives 9 to use with the interpreter. Now when it's imported by apps/libs further downstream they wouldn't use the library's lock file (if any) but instead resolve to the latest version on crates.io, which means a revm-interpreter version that excepts revm-primitives 10, and now the library's code stops working.

I remember this happened a while ago as well, so I decided to post it here to raise awareness.

xJonathanLEI added a commit to xJonathanLEI/rsp that referenced this issue Sep 30, 2024
xJonathanLEI added a commit to succinctlabs/rsp that referenced this issue Sep 30, 2024
yuwen01 pushed a commit to succinctlabs/rsp that referenced this issue Sep 30, 2024
* fix: revm semver violation

bluealloy/revm#1812

* ci: check dependency semver
@xJonathanLEI
Copy link
Author

Oh btw this is probably not worth yanking and re-relasing. Sending this pretty much just as a heads up that downstream libs are being broken :)

@rakita
Copy link
Member

rakita commented Oct 17, 2024

Oh btw this is probably not worth yanking and re-relasing. Sending this pretty much just as a heads up that downstream libs are being broken :)

I will leave this github issue open as a reminder for the future :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants