build(api): guard that api.json changes require an info.version bump#63
Conversation
|
I would not want to tie the API version directly to the version of the package.
If we were to publish exist-db 8 and a package of existdb-openapi that requires exist-db 8 but the API is stil compatible - how would we do that with this setup? Let's discuss this today in the community meeting. I added it to the agenda. |
|
As long as we are below How would you decide when to bump the version automatically @line-o ? |
|
API Version is a contract that changes only if api.json itself changes |
|
So add a CI check for changes to |
|
That would be much better than to raise the version in lockstep with the package. |
|
Ah, I see the issue... I will look into whether conventional commit scopes gives us the semantics needed to assert that a particular version property in a file like our api.json within the repo needs to be bumped, as opposed to the package as a whole. |
Per review on eXist-db#63 (line-o, duncdrum): the OpenAPI contract version (modules/api.json info.version) should track the API contract, not the package version — contract changes are rare while the package changes often, so tying them in lockstep would churn the contract version on every Java/internal fix. Replace the lockstep templating approach with: - info.version pinned to a fixed 0.9.0 baseline (no longer ${project.version}); - a CI guard (.github/workflows/api-version-guard.yml) that fails a PR if modules/api.json changed without info.version changing. The guard enforces "contract changed => version bumped"; it does not police the bump size. Automating an independent API semver track is a follow-up. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
b351ff2 to
7615ced
Compare
|
[This response was co-authored with Claude Code. -Joe] @line-o you're right — tying the API version to the package version is wrong: the contract changes far less often than the package, and a Java/internal fix shouldn't churn the contract version. I've dropped the lockstep templating. Reworked to @duncdrum's suggestion instead: a CI guard that fails a PR if The guard enforces that the version bumps, not the size — automating an independent API semver track (deriving the bump) is a follow-up: #66. Re-review welcome. |
Per review (duncdrum): add a paths filter so the workflow only fires when modules/api.json is touched, and a push trigger for pre-PR feedback. The version-bump check resolves its base per event (PR base vs. merge-base with develop). Kept advisory, not required (a required paths-filtered check would block PRs that don't touch api.json). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Per review on #63 (line-o, duncdrum): the OpenAPI contract version (modules/api.json info.version) should track the API contract, not the package version — contract changes are rare while the package changes often, so tying them in lockstep would churn the contract version on every Java/internal fix. Replace the lockstep templating approach with: - info.version pinned to a fixed 0.9.0 baseline (no longer ${project.version}); - a CI guard (.github/workflows/api-version-guard.yml) that fails a PR if modules/api.json changed without info.version changing. The guard enforces "contract changed => version bumped"; it does not police the bump size. Automating an independent API semver track is a follow-up. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…point Additive API change (new /api/langservice/signature-help route) → minor bump on the independent API-contract version, satisfying the api-version guard (eXist-db#63).
…point Additive API change (new /api/langservice/signature-help route) → minor bump on the independent API-contract version, satisfying the api-version guard (#63).
[This PR was co-authored with Claude Code. -Joe]
Summary
The OpenAPI contract version (
modules/api.json→info.version) should be versioned independently of the package version (pom.xml): the API contract changes rarely, while the package changes on most fixes — so tying them in lockstep would churn the contract version on every Java/internal change. (Thanks @line-o, @duncdrum — this supersedes the lockstep-templating approach this PR originally opened with.)This PR:
info.versionto a fixed0.9.0baseline — it was a stale0.9.0-SNAPSHOT, and it no longer derives from${project.version}. (Baseline value is a team call; easy to change.).github/workflows/api-version-guard.yml— that fails a PR ifmodules/api.jsonchanged withoutinfo.versionchanging (@duncdrum's suggestion). That keeps the contract version honest while fully decoupling it from the package.What it deliberately does not do
The guard enforces that the version bumped, not the size (patch/minor/major) — that's the author's semver judgment for now. Automating an independent API semver track (so the bump size is derived rather than hand-picked) is a follow-up: #62.
Note on the baseline
info.versionhad drifted — stale at0.9.0-SNAPSHOTacross several releases.0.9.0is a clean starting point for the now-independent track; pick a different baseline if the team prefers.