Is Semantic Versioning an Anti-Pattern?

Why is it that every time there&#x27;s an article criticizing semver, the author never seems to have bothered looking at the spec?<p>&gt; 1. Software using Semantic Versioning MUST declare a public API.<p>That&#x27;s the very first thing it says. Semver is not meant for general apps or websites or the like, it&#x27;s for <i>APIs against which dependencies can be declared</i>.<p>If your software doesn&#x27;t need to tell package managers about its compatibility, then it doesn&#x27;t need semver. Complaining that semver is bad for human readability is like saying hammers are an antipattern because you don&#x27;t use nails.

This post completely ignores one of the most important features of semver, which is dependency management. Being able to do this is really great:<p>some-library&gt;=1.0.0,&lt;2.0.0<p>It means I can include a library and get non-breaking changes and all security updates until the next major release without worrying that a change is going to break me randomly. It doesn&#x27;t mean I don&#x27;t need to do testing, but it makes it a lot more likely that I won&#x27;t accidentally break in some way I didn&#x27;t expect due to a change upstream.<p>When I want to upgrade to a breaking change release I know I need to go look at the release notes to see what the breaking change is, and then make modifications to my application.<p>If a breaking change is made in a minor or point release I can open a bug with the project so they can revert this change in the next minor or point release.<p>(edited from &lt;=2.0.0 to &lt;2.0.0, as this was my original intent :) )

The author has actually no clue what semantic versioning is. He keeps on saying that with small, frequent and well tested changes you constantly produce &quot;stable&quot; builds and therefore don&#x27;t need the complexity of semver, but he doesn&#x27;t seem to understand that this has absolutely nothing to do with semver.<p>Even the smallest and most stable change can break backwards compatibility or fix a bug or add a new feature and semver&#x27;s only purpose is to meaningfully express what kind of change it is. You build a 3rd party package or a library which is used by other people? You better use semver. It makes everyone&#x27;s life easier and not more difficult. You build some REST API which is consumed by other applications? You better use semver. It not only helps to visually display what kind of change it was, but it also triggers an additional thought process during development and CI. For example if the major version doesn&#x27;t change, then the CI system can reliably replace the existing API during the deployment process. However when the major version changed, then you might want to think about a side-by-side deployment to support backwards compatibility, at least for a certain grace period. It makes life in many ways easier.<p>And again, this has nothing to do with how stable a release is. Let&#x27;s say I have a public facing REST API and I make a 1 line change where I decide that some field of a JSON object must be int64 because in some edge cases an int32 wasn&#x27;t unique enough and would have caused a bug. Now this change is fixing the system, making it even more stable but essentially breaking existing integrations. Semver helps me to easily communicate the change to my API consumers, setting up the right expectations and helping them and myself by reducing frustration, tech support and unwanted side effects. It also helps to deploy it in a way that allows a smooth transition to the newer API.<p>Furthermore his suggestion of using a date is useless. What does a date tell me? Nothing... if I want to know the date I right click the files of a build and look at date + time or I look at the commit time in git or the build time in the CI tool. Having it in the version is stupid.

Based on reading this it seems like you haven&#x27;t worked on a large application where there are lots of modules and libraries developed by independent teams all coming together to form a final product (shipping with CD or not).<p>I work on a platform team developing many different libraries used by many different teams throughout the company. If we didn&#x27;t leverage semver (or some versioning scheme that at least differentiates between breaking and non-breaking changes) I don&#x27;t know how we would do it. We either a) wouldn&#x27;t be able to release &#x27;patch&#x27; updates to a particular library without consumers getting it for free&#x2F;automatically without changing anything or b) wouldn&#x27;t be able to release breaking changes without it automatically breaking consumers builds.<p>Semver may not be useful for the final build or end product that you end up shipping. But it is a very useful tool for all the parts (dependencies) that make up that final product.

Semver is a sweet spot for libraries (tools, utilities, APIs, etc.). When a library I use isn&#x27;t on board with Semver, I am often skeptical, and almost always disappointed.<p>For programming languages it is less clear to me that there are benefits. The same goes for living production end-services, which are the topic of the article. Said production system might (should?) be separate in version churn from any API built on top of said system, or client libraries used to interoperate with said API.<p>It is likely that I agree with Mr. Gillespie on the topic with respect to &quot;always on&quot; systems, but I do not feel strongly about that agreement? I tend to look for and focus on Semantic Versioning in its sweet spot, that is, libraries.<p>Having said where I agree, there was one quote of the article that stood out to me:<p>&gt;<i>it feels a little bit overly pedantic</i><p>In my experience, that&#x27;s the best part, perhaps even the entire point, at least with libraries. Semver is just a method of communication, but its standardization and lack of ambiguity (relative to other systems), means that communication is all the more clear. I need a new feature and so am bumping a library to a new minor version? I&#x27;ll be sure to check for other new things and for any deprecations, but won&#x27;t need to worry that existing behavior was removed. Very clear.<p>When I am engineering a system on top of various libraries&#x2F;tools, then growing and changing said system over time, I want to be able to pedantically assert what is known (as well as what is not known!) about the system&#x27;s dependencies. Semver is a good tool for this job.

Rich Hickey has a great talk on this: <a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=oyLBGkS5ICk" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=oyLBGkS5ICk</a><p>Previously discussed: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=13085952" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=13085952</a>

I feel like semver works great in the right context, for example if I&#x27;m building an API&#x2F;Library which other deveopers are using, it helps them to know if there&#x27;s been a major version bump, breaking change or just general patches.<p>However if it&#x27;s just software for the end user, such as a web browser, it doesn&#x27;t make as much sense, what is defined as a breaking change for someone browsing the web? And will they care? I&#x27;ve seen it be used for websites, ok great, but who&#x27;s on the receiving end of these version change numbers? At the moment everyone is trying to do semver even in situations when it&#x27;s not needed.

If you are working in a really shitty software shop with no discipline or process control, this can be a great way to start establishing both, so I say no.<p>If you are developing your own personal website with a static page and bootstrap, probably over kill.<p>We don&#x27;t need to have a polarized opinion about everything.

This is punishingly stupid. If you are working on a large enough project (many libraries, many developers, many organizations, daily or nightly builds because it takes 4 hours to run all the unit tests even in parallel due to dependencies) you use semantic versioning.<p>If you&#x27;re some pissant shop writing CRUD apps then yeah, don&#x27;t bother. As soon as you outgrow that stage, there won&#x27;t be any more questions.<p>Monolithic standalone apps or tiny projects don&#x27;t need semver. Practically all collaborative software in between benefits massively from it.

The author has no understanding of semantic versioning. You use semantic versioning for dependencies. You DO NOT use it for your deployed products. I mean, sure you could apply it to your deployed products but that&#x27;s just an internal number to help you keep track of things.<p>Semver is all about creating reliable builds from dependencies.

&gt; <i>With modern CD systems, we want to simplify. Changes should be small and frequent, which leads to stable and gradual improvement without much pain. But this frequency itself becomes a counter pattern to what semantic versioning is all about, which is the plodding software development process of old.</i><p>What. No, that doesn&#x27;t follow at all. This is the equivalent of &quot;hate leads to suffering&quot;.<p>Just increment the last number on each deploy. X.Y.123456789 is perfectly acceptable. Or if that strikes you as a distasteful abuse of the &quot;patch&quot; value, add another layer to get X.Y.Z.12345689. Semver systems will be perfectly happy with a 4 layer option, because none of them are stupid enough to be useless when handling edge cases.

I&#x27;m a big fan of really simple versioning schemes.<p><pre><code> &lt;rewrite number&gt;.&lt;release number&gt;.&lt;commit number&gt; </code></pre> Any version ending in a &quot;0&quot; is stable. IE:<p><pre><code> - 1.0.0 - 0.1.0 ..... - 999.999.0 </code></pre> Whenever you are doing a &quot;release&quot; you have tested every feature fully to make sure the software is up to spec. Whenever you are doing a &quot;rewrite&quot; you can assume that the software&#x27;s APIs have changed and you will need to readjust compatability (ideally APIs never break but this is one example).<p>With this you get the following:<p><pre><code> - Is this stable to use in production. - What software can work with what other software (looking at the major version it requires) - Between which two commits a functionality broke. (If 1.1.157 works and 1.1.158 doesn&#x27;t then you know commit 158 broke something) </code></pre> With the author&#x27;s versioning system:<p><pre><code> - The month, year and # of commit you&#x27;re on - If someone else gave us this code (pr-) - If there is active development on the code (dev-) </code></pre> I prefer the former but I can see some of the benifits of the latter. I&#x27;m just more of a fan of using flat and simple numbers and not relying on &quot;dev-&quot;, &quot;pr-&quot; and the infinite amount of tags that will follow if you start allowing them.

SemVer is awful. Yes, even for libraries.<p>The only purpose of SemVer is to express whether a change is breaking or not. It fails at that. Nobody can predict whether a change is breaking. Because code is complicated, and code with dependencies is exponentially complicated.<p>At best SemVer communicates from one human to another the _expectation_ about whether a change is breaking. The expectation can, and frequently is, broken.<p>All changes are breaking changes. Vendor your dependencies by hash. Humans cannot be trusted.

Sometimes being in a silo warps your view of the world. While semver isn&#x27;t necessarily the most optimal for a given type of development, and there are many alternative ways to version, it works pretty well for most all kinds of software development which is why it is a pretty good standard, no matter what software you end up doing it should work for you.

This seems inspired and perhaps even duplicated from what Rich Hickey recently said about Semantic Versioning (found here: <a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=oyLBGkS5ICk" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=oyLBGkS5ICk</a>)<p>I really enjoy how the package-manager for the Elm programming language automates semantic versioning by diffing your apis based on the type system.<p>I think a bit part of the real criticism of SEMVER stems from this inability to either automate it or use it correctly.<p>Hickey&#x27;s discussion of the subject obviously has a lot more great points to it, and even when I don&#x27;t agree, I can&#x27;t help to enjoy listening :)

The author seems to be completely missing the boat here. SemVer isn&#x27;t meant for Continuous Delivery production systems. Why would you even attempt to use it for that? SemVer is for libraries, and specifically for making dependency management easy. If you&#x27;re not writing a library that gets distributed to other people, then use whatever versioning system you want.

Author is obsessed with CD and this is the source of his misconceptions about SemVer. He probably has never dealt with really complex multi-component systems, library development or desktop off-the-shelf software.<p>CD is good for code <i>you control</i>. But for your dependencies and platforms it&#x27;s the opposite. Just imagine CD of kernel patches right onto your production servers. Or CD of Java updates (or Python or whatever your app is powered with). And guess how long your system will stay &quot;always-on&quot;.

&gt; the labyrinthine process used in Renaissance Italy to elect a Doge<p>I was very disappointed to learn that Italy did not, in fact, elect a Shiba Inu to office.

People write software for money, and sell it for money. Version N comes with one year of support, or until version N+1 clocks.<p>Enterprise software sells for even more money, and the above is even more true, usually backed up with lawyers, PR campaigns, etc.<p>Windows 7, 8, and 10, sound to the average person more reasonable that:<p>(from the article): 1612.0009, 1612.0013, 1701.0253<p>Thus, they are not only a rock solid pattern, they are the bloody unwritten standard and more so everybody&#x27;s daily expectation.

Tangentially relatedly, this recent r&#x2F;haskell thread [1] contains a lot of discussion on the differences between Haskell&#x27;s Package Versioning Policy and SemVer, and particularly downsides of SemVer.<p>[1] <a href="https:&#x2F;&#x2F;www.reddit.com&#x2F;r&#x2F;haskell&#x2F;comments&#x2F;5iok3l&#x2F;haskell_package_checklist&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.reddit.com&#x2F;r&#x2F;haskell&#x2F;comments&#x2F;5iok3l&#x2F;haskell_pac...</a>

Recently I discovered a problem I was completely unaware of with dependencies management using semantic versioning patterns. My invalid understanding was that if I specify a dependency pattern:<p>foo-lib &gt;= 1.0, &lt; 2.0<p>I will always update to the newest 1.X.Y version of the foo-lib.<p>This is not the case, such pattern can silently install one of the older 1.X.Y releases due to the requirements of other libraries that my software uses and that are out of my control.<p>This is pretty dangerous, the pattern treats all 1.X.Y as equally good for me, but X and Y updates can contain important, often security related bug fixes.<p>A safer way would be to be able to say: I want to have the newest 1.X.Y, fail if it is not possible, so I can investigate.

I don&#x27;t understand why some developers insists on using semver and not follow the spec, in my opinion that is the only &#x27;problem&#x27; with semver.<p>If you need a version and don&#x27;t care about following the spec just use a timestamp or datetime, replace it where required with a sed command and move on but please don&#x27;t claim to use semver if it&#x27;s just an arbitrary number for you

i don&#x27;t like the scheme described in the article, but i do think that X.Y.Z is overkill. X.Y provides plenty of information and doesn&#x27;t make me second guess if i should upgrade or not. Z often creates a false sense of confidence that shit wont break. changes in X always mean breakage, changes in Y mean potential, but unintended, breakage.

Semantic versioning works great for software like Java. When you deliver an application with java, you want to ensure that the vast majority of your users have a compatible Java version. You also want to make sure that a new version of Java doesn&#x27;t break your software. Semver encodes both these properties. Since the first number in Java&#x27;s semantic version is always one, you know it is always backwards compatible. Whenever the second number increments, you know new features have been added that require a new VM. The last number changing is mostly irrelevant to most people, but it might signify a bug fix or optimization.<p>When both those pieces of information - backwards compatibility and the need to upgrade - are important, semantic versioning should be used. If you are comfortable removing features without leaving an out for users, and you can reliably upgrade all users at the same time, encoding this information is much less important.

Given that continuous deployment doesn&#x27;t have anything like traditional releases, so why bother with semantic versioning at all. You&#x27;re typically just dealing dates or monotonically increasing build numbers. There&#x27;s no reason for anything else. Public APIs (including libraries), have traditional releases, and so the distinction between backwards compatible and incompatible versions really do matter.<p>That said, a three part number isn&#x27;t really useful. Just increment the minor version number in all not incompatible cases.<p>Also, there is an antipattern with releases, it&#x27;s naming them. It&#x27;s complete bullshit because opaque with rarely any rhyme or reason. It&#x27;s branding plain and simple. If you need to upgrade anything, you end up having to googling what the actual version number or release history is and then going off of that. It&#x27;s a complete waste of time, and so twee.

It’s tricky. On the one hand, if you could RELY on sane definitions of “breaking changes”, it can be quite simple to set up flows that evolve quickly and safely based on little more than the versions of dependencies. On the other hand, by nature software has too many combinations to test completely so you can never be <i>sure</i> that a change is going to be non-breaking for YOU; and ultimately you are responsible for anything that does break.<p>I find the right thing to do is to set up a completely parallel “beta flow” that mirrors production almost exactly, allowing you to freely dump in new changes and see what happens. Have a way to swap working beta-flow changes into production, and a way to swap it back. Then you can do anything you want in beta.

SemVer is sometimes very annoying (pre-release and metadata rules specifically) but also just <i>solves</i> versioning. You have to jump through some hoops to use `git describe` in a sane way with it, but it&#x27;s worth it.

Maybe I&#x27;m missing something, but to me more frequent builds make proper semver more important, not less.<p>An easy way of knowing which versions you should be able safely update to without breaking changes seems hugely valuable.<p>He talks about APIs versioning, but APIs are only a small part of the problem. How about the hundreds of libraries that my site is built with for example? Semver allows me to specify rules in my package file about whether to take only the exact version that I want, the latest patch, or the latest minor version. I didn&#x27;t spot anything in the article that showed a better way of doing that.

Rich Hickey&#x27;s recent talk <a href="https:&#x2F;&#x2F;youtu.be&#x2F;oyLBGkS5ICk?t=2790" rel="nofollow">https:&#x2F;&#x2F;youtu.be&#x2F;oyLBGkS5ICk?t=2790</a> tore into semver. Recommended.

As has been stated SemVer is primarily for Libs.<p>But I want to argue one point: that versioning APIs would be simpler than versioning a component&#x2F;lib.<p>If a lib exposes one API seperating the version numbers would result in two.<p>If we look at exposed API and differentiate by purpose (a good idea imho) we would have multiple version identifiers- one for each API and one for the component.<p>I thought about API versioning and testing (a special kind of unit test to verify the contract an API promises) but I don&#x27;t think we are prepared for such complexity.

I never really liked semver as its a mixture of release number and an abstraction&#x2F;categorization of risk that nobody can agree on, making it hard to tell how stable an update will be. It was fine back when you only had a release or two a year, but now the abstraction is no longer good enough.<p>I prefer the first number to be a simple release number, then the second to be the amount of risk from the previous release. That way for projects with a dozen or two releases one can normalize the risk values between projects to get everyone more or less on the same page without them having to change their behavior and it can introduce the ability for you to manually correct the risk for different libraries (eg: Library X is super critical for me, so *2 the risk).<p>Automated tools for calculating risk are possible with this scheme and additional risk can be added for the update (eg: tool sees you are using method X or API call Y that was changed, so the risk is increased).<p>With release.risk you can say &quot;Automatically update when total risk is &lt;X&quot; and actually have it be tolerable to you. Even when manually updating, you can get an idea of how much trouble its going to be, and possibly have a tool generate a list of areas you should put extra attention towards (eg: library X has a risky update, check to see if it breaks your corner cases).

No, but the use case he criticizes it for (a first-party service) is outside the scope of SemVer, so applying SemVer there would be an antipattern. That&#x27;s generally true of apply a good pattern outside of its explicit domain.<p>You use SemVer when you are distributing a software package supporting a public API to third parties. If you are just running a service thst you develop.In house supporting a public API, you don&#x27;t need SemVer. Arguably, SemVer is less useful if the software supports multiple public APIs for which independent, versions specs are available, though it is still meaningful and may be worthwhile in that case; though simple sequential versioning with a statement on API version compliance of each product version is probably more valuable.<p>Ultimately, it&#x27;s a matter of choosing the right tool for the job, and SemVer is well-suited to the job it is intended for.

I think both approaches are fine, depending on context.<p>This will definitely work fine for software that&#x27;s delivered to the users. I don&#x27;t really care about Chrome&#x27;s or Gmail&#x27;s version, especially since the update process is transparent to me. The APIs should be versioned on their own and everything is fine.<p>On the other hand, I really appreciate when semver is used by libraries (jars, gems etc.). From developer&#x27;s perspective it really helps with updating these dependencies in your own code - a quick look tells you whether it&#x27;s just a simple bugfix&#x2F;patch that probably doesn&#x27;t affect you or something more serious that you should be careful with when bumping dependency version. Because of that, I wouldn&#x27;t call it an anti-pattern. I&#x27;d say it&#x27;s rather one of possible approaches that will work fine in some cases and not so well in other.

For dependencies semantic versioning is great because it gives a reasonable basis of compatibility. I say &quot;reasonable basis&quot; because just because it&#x27;s a minor&#x2F;patch change doesn&#x27;t mean it won&#x27;t break your code. It just means it&#x27;s not supposed to!<p>For end user software, i.e big $$$ enterprise software, there&#x27;s no point in using it. Unless the app itself is a platform for other apps (in which case you&#x27;re really an API&#x2F;library anyway), it&#x27;s beyond overkill. Heck it&#x27;s downright confusing to most business users. Arguably any sizable UI change would be a &quot;major version&quot; because you moved a button across the screen. For that type of software I go for &lt;major&gt;.&lt;minor&gt; which are chosen to coincide with marketing campaigns.

Semver is not bad, but it&#x27;s incomplete.<p>Sometimes a &quot;software package&quot; encompasses multiple concurrent &quot;API versions&quot;, which means that depending on whether you care about the API in question, the package may or may not be changing something you care about. When it&#x27;s unified to a single package-wide version then you have no idea. As Rich Hickey put it in his talk on the subject[0], all you know is that &quot;something changed.&quot;<p>[0] <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=13085952" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=13085952</a> (video link + comment thread)

IMO, semantic versioning (at least the x.y part) makes sense for libraries but not for applications but this distinction is rarely made and sometimes blurry.

I have only recently discovered (and I am yet to use) this repository on GitHub [1].<p><pre><code> GitVersion looks at your git history and works out the semantic version of the commit being built. </code></pre> [1] <a href="https:&#x2F;&#x2F;github.com&#x2F;GitTools&#x2F;GitVersion" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;GitTools&#x2F;GitVersion</a>

In the end adhering to semantic versioning indicates a commitment to maintaining parallel lines of development. One that breaks APIs, one that maintains them (but may introduce other changes), and one that involves only bug fixes.<p>These days though the mantra seems to be &quot;push to prod&quot;, and thus you may as well increment the major number on every push...

The problem with semver is the actual lack of tooling built around semver. Humans aren&#x27;t robots, a bug fix might actually be a breaking change, without the author noticing it. What to do in that case. Yet semver is better than nothing, all other versioning schemes are not that useful.

For a different critique on SemVer, I wrote about how avoiding patch releases can be an improvement: <a href="http:&#x2F;&#x2F;staltz.com&#x2F;i-wont-use-semver-patch-versions-anymore.html" rel="nofollow">http:&#x2F;&#x2F;staltz.com&#x2F;i-wont-use-semver-patch-versions-anymore.h...</a>

Spec-ulation keynote by Rich Hickey at clojure&#x2F;conj 2016. He discusses the worst part about semver <a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=oyLBGkS5ICk" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=oyLBGkS5ICk</a>

I feel like this is a bunch of hand waving and does not really address anything but saying because we have CD we do not need to care about versions. This shows a lack of experience in a solid development process in large scale code bases.

Continuous Delivery is for apps (web apps most often), Semver is for software components (libraries, frameworks...).<p>Using CD as a reason to find alternatives to Semver is misguided - they are completely unrelated.

Has anyone said anything new since the 2014 debate?<p><a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=8154933" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=8154933</a>

Semantic Versioning doesn&#x27;t make sense if you develop end-user software, atleast not much.<p>For a public API, Semver is useful, that&#x27;s it.<p>If it&#x27;s not exposing any kind of API, Semver has little meaning.

Well semver is definetely better than current versioning scheme of gcc or firefox or GNOME etc.

OP should simply use git version hashes for their use case.

&quot;10k builds ought to be enough for everyone&quot;

I use YYYY.MM.DD. New year&#x27;s resolution each year: break reverse compatibility in some way, no matter how small.

Betteridge&#x27;s law of headlines applies here.

No

I started using semver about two years ago in two of my projects---one a library and another an application. For my library, the versions run (output from &quot;git tag -n&quot;):<p><pre><code> 6.3.0 Bump version number to 6.3.0. 6.3.1 The &quot;Remake the Makefile&quot; Version 6.3.2 Bug fix---use $(RM) instead of &#x2F;bin&#x2F;rm 6.3.3 Bug fix---the &quot;all&quot; target does not depend upon &quot;depend&quot;. 6.3.4 Bug fix---add restrict to some parameters. 6.3.5 Bug fix---fix compiler warnings from CLang. 6.3.6 Bug fix---guard against some possibly undefined defines. 6.3.7 Bug fix---update dependencies in Makefile 6.4.0 The &quot;Trees For The Nodes&quot; Version 6.5.0 The &quot;PairListCreate()&quot; Version 6.6.0 The &quot;Go for Gopher URLs&quot; Version 6.6.1 Bug fix---use c99 instead of gcc 6.6.2 Bug fix---use $(DESTDIR) when installing 6.6.3 Bug fix---replace malloc()&#x2F;memset() pair with calloc() 6.7.0 The &quot;Christmas Cleanup&quot; Version 6.8.0 The &quot;Breaking Up Is Hard To Do&quot; Version 6.8.1 Bug fix---potential buffer overwrite. 6.8.2 Bug fix---add missing headerfile. </code></pre> No APIs have changed, but each X.Y.0 has added new functions (with the exception of 6.8.0, which changed the source layout but not the API one bit), and each .n release has been a bug fix. I don&#x27;t have much of an issue with semver for library code.<p>For the application, I&#x27;ve found semver not to be much of a win. The versions:<p><pre><code> v4.6.0 The &#x27;XXXX FaceGoogleMyTwitterPlusSpaceBook&#x27; Version v4.6.1 Bug fix---double free v4.6.2 Bug fix---if not using email notification, code doesn&#x27;t compile v4.6.3 Bug fix---don&#x27;t use _IO_cookie_io_functions_t v4.6.4 Bug fix---potential double free (yet again). v4.6.5 Bug fix---encoded entries via email mess things up. v4.6.6 Bug fix---unauthorized person posting via email leads to double fclose() v4.6.7 Bug fix---a NULL tumbler crashes the program. v4.7.0 The &#x27;Tumblers Reloaded&#x27; Version v4.7.1 Bug fix---date checking on exiting tumbler_new() was borked. v4.7.2 Bug fix---previous and last calculations were borked. v4.7.3 Bug fix---check tumbler date(s) against last entry, not the current time v4.7.4 Bug fix---current link was wrong v4.7.5 Bug fix---the assert() when comparing dates was wrong v4.8.0 The &#x27;Constant Upgrade&#x27; Version v4.9.0 The &#x27;Unused API Paramters&#x27; Version v4.9.1 Bug fix---getline() called with incorrect parameters. v4.9.2 Bug fix---dependencies got out of whack. v4.9.3 Bug fix---used the wrong name when generating the tarball. v4.9.4 Bug fix---removed compiler warnings under different compiler options. v4.9.5 Bug fix---assert() was too assertive. v4.9.6 Bug fix---I was a bit too assertive in the callback code. v4.9.7 Bug fix---fix header guards. v4.10.0 The &#x27;Spiffier Email&#x27; Version v4.11.0 The &#x27;Go For Gopher&#x27; Version v4.11.1 Bug fix---potential memory leaks fixed v4.11.2 Bug fix---notify_emaillist() was borked v4.11.3 Bug fix---memory corruption v4.12.0 The &quot;Somewhat Arbitrary Christmas Release&quot; Version v4.13.0 The &quot;Target Advertisers&quot; Version </code></pre> In actual use, the &quot;version numbers&quot; could very well be 6.0, 6.1, 6.2, 11.1, 11.2, etc. for all the meaning of &quot;4&quot; has (largly---this is the codebase after the 4th major reworking of the code---it&#x27;s a 17 year old code base). I could see a separate semver standard for applications---basically an X.P model---version, bug fix. Or perhaps a D.X.P model---data format, version, bug fix. If the saved data format changes, change the D number.

no.

SemVer is declarative so technically it&#x27;s not even possible for it to be an anti-pattern.