On 24 Sep 2019, at 23:37, Tomo Suzuki wrote: > versions, rather than ranges. Would you share the background why your tool > records the ranges?
The full examples is at: https://github.com/HalBuilder/halbuilder-support-4.x/blob/master/pom.deps It resolves the locked down versions, but also retains the desired ranges for controlled updates. We tend to keep ranges between major versions, i.e. [1.0.0,2.0.0) for a semblance of semver. When I reresolve the bill of materials, I find I'll often look at the git diff and see what new versions of libraries have been updated, and decide which ( and when ) we pull them in to use - often committing those changes individually. --- "The ease with which a change can be implemented has no relevance at all to whether it is the right change for the (Java) Platform for all time." — Mark Reinhold. Mark Derricutt http://www.theoryinpractice.net http://www.chaliceofblood.net http://plus.google.com/+MarkDerricutt http://twitter.com/talios http://facebook.com/mderricutt
signature.asc
Description: OpenPGP digital signature