On Mon, 09 Jan 2017 23:02:42 +0000, Simon McVittie wrote: > (I'm increasingly of the opinion that semver is an over-simplification > that fails on contact with the real world - in particular, if foo 1.2.3 > is in a stable branch of a larger environment like Debian, you fix 17 > minor bugs and release 1.2.4, and now you want to fix a severe bug in > the stable branch without risking regressions that might be caused by > fixing those other 17 bugs, semver says there is no valid version number > for doing that.
1.2.3+deb8u1 ? ;) Semver of course only cares about upstream releases. From upstream's POV, the changes in the .4 patch version should be safe. If a downstream distributor disagrees, then of course they get to make up their own number. -- Saludos, Felipe Sateler