[SR-10860] SwiftPM package deprecation feature #4698

weissi · 2019-06-08T01:23:56Z


Previous ID	SR-10860
Radar	rdar://problem/51669638
Original Reporter	@weissi
Type	Bug

Additional Detail from JIRA


Votes	2
Component/s	Package Manager
Labels	Bug
Assignee	None
Priority	Medium

md5: 29247768d0b83ae5382b87405fa454b4

relates to:

SR-11190 SwiftPM should integrate with Github's security advisories

Issue Description:

For a healthy ecosystem it would be important for a package to be able to mark certain versions as unsupported/deprecated. It's a reasonable assumption that package authors ship for security updates for a number of releases but it's probably unreasonable to always expect them to ship security updates for all releases ever released.

One idea would be to push tags such as 1.0-unsupported which could signify that 1.0.x is now totally unsupported and SwiftPM should output a warning if it is required to build a deprecated version given the constraints.

Another option would be to put a file on the default branch (usually master) that contains all deprecated versions.

The text was updated successfully, but these errors were encountered:

weissi · 2019-06-08T01:24:15Z

@neonichu apparently I hadn't filed it yet 🙂

weissi · 2019-07-02T17:52:21Z

@swift-ci create

swift-ci transferred this issue from apple/swift-issues Apr 25, 2022

shahmishal transferred this issue from apple/swift May 4, 2022

tomerd removed the Package Manager label May 14, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[SR-10860] SwiftPM package deprecation feature #4698

[SR-10860] SwiftPM package deprecation feature #4698

weissi commented Jun 8, 2019

weissi commented Jun 8, 2019

weissi commented Jul 2, 2019

[SR-10860] SwiftPM package deprecation feature #4698

[SR-10860] SwiftPM package deprecation feature #4698

Comments

weissi commented Jun 8, 2019

weissi commented Jun 8, 2019

weissi commented Jul 2, 2019