Question - is it normal for minor version bumps to introduce new linting rules?

[kevin-roe]

We just incorporated standard into our pipeline for linting our ruby projects a few weeks ago, well, 1.51.0 came out this week and our dependency updater updated from 1.50.0 to the new version, which of course broke out MR builds (we enforce linting jobs for MR's).

I can lock our dependency updater to only update to newer patch versions, but that feels gross. We aggressively keep our dependencies up to date, so I want to better understand the best practice here. Thank you!

[czeise]

Hi @kevin-roe!

We follow Rubocop's release cycle and versioning structure, so yes, we do introduce new cops in minor version changes.

I appreciate your aggressive dependency updates, but I'm curious how you have that set up.

For example, the "normal" process that teams I've worked on usually follow is to have dependabot (I'm not familiar with the GitLab equivalent!) create a PR/MR to update dependencies individually. When tests/CI passes on a minor version bump PR, we just merge those in, but for something like this where your existing code would need to be updated, we'd make the changes under that PR before merging it. Meanwhile, all other PR/MRs can continue as normal and don't require any linting updates until the standard ruby update PR/MR is merged.

It sounds like you maybe have a CI linting job that is force updating StandardRB so that all PR/MRs coming through fail until you fix the linter changes?

I'm closing this issue as one we won't fix, but I'm happy to continue the discussion to see if there's some config changes that might simplify things for your team!

[jasonkarns]

I'd like to reopen this so that we ensure more discussion. While we follow rubocop's version numbering (rubocop patch == standardrb patch, rubocop minor == standardrb minor), I'm not convinced we are following the same semantics.

New cops introduced in rubocop are introduced as pending, which means they are not enabled by default. So to rubocop users, a minor bump does not apply new cops.

But because standardrb makes a decision on new cops, and thus they (may) be enabled, that means a minor bump may introduce new cops which would force code changes on standardrb users.

I think this is worth a lot more discussion and consideration. I'd like to consider (this isn't a fully fleshed out proposal, just a thought) something along the lines of new safe cops being allowed in minor bumps, but perhaps unsafe autocorrections get major bumps? 🤷