-
-
Notifications
You must be signed in to change notification settings - Fork 5.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prevent people from importing Docsify without versions in URLs. #1733
base: develop
Are you sure you want to change the base?
Conversation
…ebsites that are at risk of breaking changes to Docsify, make it clear that the recommended approach is to use full versions in URLs, and fix formatting in any files that were modified
This pull request is being automatically deployed with Vercel (learn more). 🔍 Inspect: https://vercel.com/docsify-core/docsify-preview/2ac8v7UJvvbAjGwe4hcF4M8chRyD |
This pull request is automatically built and testable in CodeSandbox. To see build info of the built libraries, click here or the icon next to each commit SHA. Latest deployment of this branch, based on commit ccb7ea8:
|
@@ -20,24 +20,24 @@ | |||
/> | |||
<link | |||
rel="stylesheet" | |||
href="//cdn.jsdelivr.net/npm/docsify@4/lib/themes/vue.css" | |||
href="//cdn.jsdelivr.net/npm/docsify@4.12.2/lib/themes/vue.css" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not @4
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@4
can introduce even accidental breaking changes.
The idea is to get even the most beginners to avoid breaking changes and they can update when they want to, but more advanced users will know how to use @4
and can accept the risk.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think @Koooooo-7's idea below, to replace the version automatically, would be great. Let's go with that approach because then it will behave like @4
for us (for Docsify site), but users will see the full version and will copy/paste that into their projects which is good.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
But It seems we should update release.sh
as well, otherwise, there should hv change the version manually in docs at each new release.
I thought the same. I think it can be a new PR. How should we do it?
Any other idea? I like option 1 better so far. People can just see the website for docs. |
I do not think this is a good idea, and there is a precedence for not doing this. Which is a better / more likely scenario:
Since there is a 100% chance we will continue to ship versions of Docsify with bugs, I think the second option is better for everyone. It is very easy for docsify site owners to be unaware of bugs that are affecting their site visitors (e.g., a bug only seen when viewing on a mobile device they don't own). Having the ability to deliver new minor versions (with non-breaking bug fixes and enhancements) and patch versions (with non-breaking bug fixes only) is important. This is the whole purpose of semantic versioning. We should be encouraging beginners to user major version locks (i.e. The template in the docs and the output of <link rel="stylesheet" href="//cdn.jsdelivr.net/npm/docsify@4/themes/vue.css" /> <script src="//cdn.jsdelivr.net/npm/docsify@4"></script> I vote we leave it this way. If we want to help beginners understand how CDN version locks work, we can modify the docs accordingly. Here is a screenshot of the block of text I've added to some of my projects available on CDNs: Not saying wave to use that exact text, but something similar would suffice. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See comment: #1733 (comment)
By encouraging full version numbers, when someone encounters that bug situation, they can
Like you said, there will always be bugs (all software has bugs), so automatically fixing bugs does not mean we won't introduce new ones. People are going to get annoyed when things randomly break (of course I hope it will happen as little as possible). The worst thing (from experience) is in-range breaking changes. Those are annoying, and those situations happen too often even though people try hard to breaking releases. What do we do in those cases to avoid the most work? Pin the version. 😃 Might as well do it from the beginning for an important project that wishes to remain in a known working condition. From another angle, in theory, if there are no breaking changes, then a developer can also update the version once in a while. Better that they do that, perform some testing, then release, in my opinion. Whatever the case, we need to eliminate the fact that too many people use Docsify with no version numbers in their URLs. So the alternative to these changes is to update all the URLs to having @docsifyjs/core we need votes. |
@trusktr -- We need more evidence that there is actually a problem before we consider this change because this change has significant trade-offs and ramifications if implemented. We need to make sure everyone understands these things before calling for a vote. It's also important to consider how plugins factor into this "lock it all down to avoid breaking sites" strategy since they are probably they most common cause of docsify sites breaking. The proposed strategy only works if everyone abides by it which includes plugin and theme authors. (I have proposed ways to address issues related to plugins previously, but that is a separate topic. Let me know if interested and we can discuss further on Discord.) FWIW, I believe our current major version lock
How are you determining that "too many people use Docsify with no version numbers in their URLs"?
How are you determining that Docsify-related in-range breaking changes "happen[s] too often"?
Docsify has had major version locks ( How are you determining that Docsify's current major version locks (
I have not had this experience. I have multiple docsify sites that have been up-and-running for years with major version locks on all CDN URLs (docsify and plugins). I have never had to pin a CDN URL to a specific version. Maybe I'm just lucky. Maybe you were unlucky. Both experiences are interesting, but neither prove that a significant, large-scale issue exists or does not exist conclusively. Let's look at some stats to try and provide some insights. Here are the weekly stats from jsdelivr: If you prefer, you can query jsDelivr's API directly. Here are stats via the API for v4.12.2: The good news is that based on those numbers, 97% people visiting sites that load docsify via jsDelivr are receiving the latest version (4.12.2). If we assume that the people that appear to have manually locked themselves to the last version (4.12.1) will eventually update 4.12.2, then that percentage jumps to 99%. I'd say this this is great! It means most site visitors are receiving the latest-and-greatest, most bug-free, most feature-rich version of Docsify we offer. When we release the next version, we should assume it will be better than 4.12.2 and hope it is adopted quickly as well. Unfortunately, we have no way of knowing how many sites loading v4.12.2 are doing so because all of the following URLs will resolve to the latest version of docsify and jsDelivr does not provide stats for redirects:
When we release the next major version, these stats can offer insight into the number of sites loading docsify CDN URLs without |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree with @jhildenbiddle
@trusktr --
This is the critical difference between locking to a major version vs. a specific version: when a site owner encounters a bug, which also means if a site owner encounters a bug. Locking to a major version has risks and benefits. Doing so accepts that bugs may exist that affect site visitors that a site owner is unaware of, and it is optimistic about Docsify's ability to publish updates responsibly. Yes, there is the risk of a site going down if a bug or unintentional breaking change is published, but there is the benefit of receiving fixes and enhancements automatically without having to manually check for updates or test on a variety of environments (browsers, operating systems, screen sizes, etc). If the possibility of downtime isn't a deal-breaker, you want your docsify site to remain up-to-date without any effort, or you lack the experience and/or resources to test a site properly, then major version locks work great. Locking to a specific version also has risks and benefits. It locks your site into a known state -- for better or worse -- that you as the site owner have determined is good enough to meet your needs at that time. It is pessimistic about Docsify's ability to publish updates responsibly or reliably which is the right approach if the possibility of downtime is a deal-breaker. The risk is that there may be bugs that affect site visitors that you are unaware of, and the way to mitigate that risk is by spending time manually checking change logs for noteworthy updates and testing in all environments to make sure your site works as expected. Which option a site owner chooses is a balance between things like requirements, convenience, testing ability, and confidence in the ecosystem's authors/contributors. For better or worse, we decided a major version lock as the default lock type with a message explaining the benefits of locking to a specific version with instructions for doing so was the right way to go (#780, #1225, #1225 (comment), #1225 (comment)). We can revisit this decision, but this feels like a topic that has been discussed and resolved already, and it is unclear why it is resurfacing now. There's room for creative solutions here though. Both the website and the CLI can be updated to ask users to choose between the convenience of major version locks and the stability of specific version locks, which would update the template accordingly. We could extend this to also ask users which plugins they want to install and include those CDN URLs as well (also adhering to the version lock type they choose). This would be much more helpful for end users instead of our current system which requires them to copy/paste a template and/or CDN URLs and manually modify markup if they prefer a version lock type that differs from the one we use by default. Can we close this PR and move on to discussing other solutions like the one mentioned above? @docsifyjs/core -- Thoughts? P.S. It's worth mentioning that I helped a Docsify user solve a problem caused a specific version lock just two days ago. See here for details: https://discord.com/channels/713647066802421792/724776593125408780/938871577028743259. This is a perfect example of where locking to a specific version caused a problem that would have been solved by locking to a major version instead. |
Summary
Every new person that starts using Docsify copies the examples, which have no versions in CDN URLs, and makes websites that can easily break. This is not good, and instead we should encourage everyone to use versions by example.
This adds versions to all CDN link examples to prevent people from making websites that are at risk of breaking changes to Docsify, makes it clear that the recommended approach is to use full versions in URLs, and fixes formatting in any files that were modified.
What kind of change does this PR introduce?
Docs
Does this PR introduce a breaking change? (check one)