Comments (5)
OK, so it sounds like the multiple-releases-per-day thing is expected to be the exception, not the norm, in which case I'm totally okay with this.
Also note that we don't intend every single released version of a project to be available in BCR, so you could also wait for a day before submitting a new release into BCR ("baking" it, if you will), if you really need to avoid the frequent updates.
from bazel-central-registry.
I don't believe we have a policy for frequent releases right now. Preferably only somewhat stable versions should be submitted to the central registry, but given the existence of "live at head" projects such as Abseil and upb, I think having unreleased/pre-release versions is unavoidable. The good thing is that we do support pre-release versions as denoted in the semver spec, so for abseil-cpp
for example, you could create a "fake" version like "20221005-bcr.1" if necessary (let's try to keep the version format consistent within each module, as different projects have different versioning schemes).
Most of our modules only change weekly or monthly, but sometimes we cut several releases in a day.
What are these modules that you cut several releases per day for? My gut take is that we should at least attempt to limit the number of versions in the BCR, say with some arbitrary frequency cap (just throwing "1 per day" out there).
from bazel-central-registry.
@Wyverald Dependencies for rules_ll
and rules_ll itself. Usually we only release like once or twice a month, but we've had a case before where we had to hotfix issues like 3 times within a few hours π
This is mostly not the case though, and a theoretical max cap like once a day is completely fine for us.
With rules_ll
specifically, I'm not sure whether that should be in the BCR anyways, since we use custom overlays for things like abseil and I don't think it would be wise to have duplicates of all the C++ modules in the BCR just because we prefer our own API over rules_cc
.
The bigger issue is the LLVM project, which I'm tracking in #206. But even there once a day would be way more often than what we can realistically keep up with continuously. I just wanted to make sure that IF there is a case where we have to hotfix something in some exceptional case that we have "headroom" for that.
So as long as there is no such rule like "1 per month max and only stable versions" things are totally fine for us π
"fake" version like "20221005-bcr.1" if necessary (let's try to keep the version format consistent within each module, as different projects have different versioning schemes).
I really like that versioning method. I'll start getting some PRs ready π
from bazel-central-registry.
Just want to mention that PRs still take some time to review (possibly longer than 1 day), so even if you have multiple hot fixes for a release, it's likely that when we receive the PR for the last release we can just discard previous unmerged PRs.
I do know a use case that the project needs to depend on a specific commit and update the dependency multiple times in a day. TensorFlow: https://github.com/tensorflow/tensorflow/commits/master/third_party/llvm/workspace.bzl
In that case, it's probably easier for them to just use overrides (or just introduce the same dependency with a module extension) so that they won't get blocked by the BCR process.
from bazel-central-registry.
Closing as my questions have been answered
from bazel-central-registry.
Related Issues (20)
- [Bug]: scheduled "Review BCR Pull Request" workflow fails on fork repos HOT 2
- Locally verify the build of package HOT 1
- wanted: bazelbuild/rules_fuzzing
- wanted: [github.com/eclipse-iceoryx/iceoryx]
- wanted: googleapis/google-cloud-cpp
- XZ (LZMA) Backdoor HOT 2
- [Bug]: rules_jvm_external should be marked as requiring Bazel 7 HOT 3
- wanted: spdlog with std::format HOT 3
- wanted: Vulkan SDK
- wanted: p-ranav/argparse
- [Bug]: Why is there no `compatibility_level` (defaults to 0) for [email protected]? HOT 1
- wanted: meekrosoft/fff
- wanted: Yasm
- [Bug]: grpc 1.62.1 imports `googleapis` as bzlmod, but also does http_archive on it. HOT 1
- [Bug]: //tools:add_module prompts for compatibility level without explaining what that is HOT 2
- [Bug]: //tools:add_module doesn't tell me how to expose all build targets HOT 1
- [Bug]: //tools:add_module fails with netrc error
- [Bug]: rules_proto incorrectly marks rules_cc as a dev dependency HOT 1
- wanted: filament
- wanted: pzstd
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bazel-central-registry.