Skip to content

build(api): guard that api.json changes require an info.version bump#63

Merged
duncdrum merged 2 commits into
eXist-db:developfrom
joewiz:build/api-json-version-from-project-version
Jun 16, 2026
Merged

build(api): guard that api.json changes require an info.version bump#63
duncdrum merged 2 commits into
eXist-db:developfrom
joewiz:build/api-json-version-from-project-version

Conversation

@joewiz

@joewiz joewiz commented Jun 15, 2026

Copy link
Copy Markdown
Member

[This PR was co-authored with Claude Code. -Joe]

Summary

The OpenAPI contract version (modules/api.jsoninfo.version) should be versioned independently of the package version (pom.xml): the API contract changes rarely, while the package changes on most fixes — so tying them in lockstep would churn the contract version on every Java/internal change. (Thanks @line-o, @duncdrum — this supersedes the lockstep-templating approach this PR originally opened with.)

This PR:

  1. Pins info.version to a fixed 0.9.0 baseline — it was a stale 0.9.0-SNAPSHOT, and it no longer derives from ${project.version}. (Baseline value is a team call; easy to change.)
  2. Adds a CI guard — .github/workflows/api-version-guard.yml — that fails a PR if modules/api.json changed without info.version changing (@duncdrum's suggestion). That keeps the contract version honest while fully decoupling it from the package.

What it deliberately does not do

The guard enforces that the version bumped, not the size (patch/minor/major) — that's the author's semver judgment for now. Automating an independent API semver track (so the bump size is derived rather than hand-picked) is a follow-up: #62.

Note on the baseline

info.version had drifted — stale at 0.9.0-SNAPSHOT across several releases. 0.9.0 is a clean starting point for the now-independent track; pick a different baseline if the team prefers.

@line-o

line-o commented Jun 15, 2026

Copy link
Copy Markdown
Member

I would not want to tie the API version directly to the version of the package.

  • My main argument against it: not every fix or change in this package will change the API. In fact I expect to see the API stabilize quickly and then change seldomly and certainly not in lockstep with the package.

  • I do see the value of not having to think about API versioning on top of package versioning. So there is a potential drift.

If we were to publish exist-db 8 and a package of existdb-openapi that requires exist-db 8 but the API is stil compatible - how would we do that with this setup?

Let's discuss this today in the community meeting. I added it to the agenda.

@duncdrum

Copy link
Copy Markdown
Contributor

As long as we are below 1.0.0 I see little reason not to stay in sync given the special sem ver provisions for 0.x.x.

How would you decide when to bump the version automatically @line-o ?

@line-o

line-o commented Jun 15, 2026

Copy link
Copy Markdown
Member

API Version is a contract that changes only if api.json itself changes

@duncdrum

Copy link
Copy Markdown
Contributor

So add a CI check for changes to api.json that turns red if file is changed but version isn't ? Or something more elaborate ?

@line-o

line-o commented Jun 15, 2026

Copy link
Copy Markdown
Member

That would be much better than to raise the version in lockstep with the package.

@joewiz

joewiz commented Jun 15, 2026

Copy link
Copy Markdown
Member Author

Ah, I see the issue... I will look into whether conventional commit scopes gives us the semantics needed to assert that a particular version property in a file like our api.json within the repo needs to be bumped, as opposed to the package as a whole.

Per review on eXist-db#63 (line-o, duncdrum): the OpenAPI contract version
(modules/api.json info.version) should track the API contract, not the
package version — contract changes are rare while the package changes
often, so tying them in lockstep would churn the contract version on every
Java/internal fix.

Replace the lockstep templating approach with:
- info.version pinned to a fixed 0.9.0 baseline (no longer ${project.version});
- a CI guard (.github/workflows/api-version-guard.yml) that fails a PR if
  modules/api.json changed without info.version changing.

The guard enforces "contract changed => version bumped"; it does not police
the bump size. Automating an independent API semver track is a follow-up.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@joewiz joewiz force-pushed the build/api-json-version-from-project-version branch from b351ff2 to 7615ced Compare June 16, 2026 02:37
@joewiz joewiz changed the title build(xar): derive api.json info.version from ${project.version} build(api): guard that api.json changes require an info.version bump Jun 16, 2026
@joewiz

joewiz commented Jun 16, 2026

Copy link
Copy Markdown
Member Author

[This response was co-authored with Claude Code. -Joe]

@line-o you're right — tying the API version to the package version is wrong: the contract changes far less often than the package, and a Java/internal fix shouldn't churn the contract version. I've dropped the lockstep templating.

Reworked to @duncdrum's suggestion instead: a CI guard that fails a PR if modules/api.json changes without an info.version bump (.github/workflows/api-version-guard.yml), and pinned info.version to a 0.9.0 baseline (it had been stale at 0.9.0-SNAPSHOT). That keeps the contract version honest and fully decoupled from the package.

The guard enforces that the version bumps, not the size — automating an independent API semver track (deriving the bump) is a follow-up: #66. Re-review welcome.

Comment thread .github/workflows/api-version-guard.yml
Per review (duncdrum): add a paths filter so the workflow only fires when
modules/api.json is touched, and a push trigger for pre-PR feedback. The
version-bump check resolves its base per event (PR base vs. merge-base with
develop). Kept advisory, not required (a required paths-filtered check would
block PRs that don't touch api.json).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@duncdrum duncdrum merged commit fbc643d into eXist-db:develop Jun 16, 2026
2 checks passed
duncdrum pushed a commit that referenced this pull request Jun 16, 2026
Per review on #63 (line-o, duncdrum): the OpenAPI contract version
(modules/api.json info.version) should track the API contract, not the
package version — contract changes are rare while the package changes
often, so tying them in lockstep would churn the contract version on every
Java/internal fix.

Replace the lockstep templating approach with:
- info.version pinned to a fixed 0.9.0 baseline (no longer ${project.version});
- a CI guard (.github/workflows/api-version-guard.yml) that fails a PR if
  modules/api.json changed without info.version changing.

The guard enforces "contract changed => version bumped"; it does not police
the bump size. Automating an independent API semver track is a follow-up.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@joewiz joewiz deleted the build/api-json-version-from-project-version branch June 16, 2026 11:53
joewiz added a commit to joewiz/existdb-openapi that referenced this pull request Jun 16, 2026
…point

Additive API change (new /api/langservice/signature-help route) → minor
bump on the independent API-contract version, satisfying the api-version
guard (eXist-db#63).
duncdrum pushed a commit that referenced this pull request Jun 18, 2026
…point

Additive API change (new /api/langservice/signature-help route) → minor
bump on the independent API-contract version, satisfying the api-version
guard (#63).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants