DS template version support
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Problem to solve
Dependency Scanning currently (as of %18.5) has 3 templates, 1 CI/CD component, and 2 analyzers it supports. The templates are default, latest, v2 and the analyzers are dependency-scanning and gemnasium. The CI/CD component is at version 0 and if existing methodology is followed the component should go to version 1. The goal of this issue is to settle on what the support matrix should be going forward. In addition, the definition of backwards support to older versions should also be settled.
Current state
Proposal
Templates
In order to give users a smaller transition from gemnasium to the new analyzer allow default and latest templates to remain the same until 19.0 with the exception of latest going from dependency-scanning:0 to dependency-scanning:1.
Analyzers
The dependency-scanning analyzer can be bumped to version 1 across the board since there are not really any breaking changes and we bumped the version to be in line with the new template.
Because there were no breaking changes, it doesn't really make a lot of sense to have backwards compatibility version 0.
Template versioning
|
18.5 (release of tpl v2 and ds:1) |
[18.6, 19.0) |
19.0 |
[19.1,20.0) |
|
|---|---|---|---|---|
| template: default |
gemnasium:6 |
gemnasium:6 | gemnasium:6 || dependency-scanning:1 | gemnasium:6 || dependency-scanning:1 |
| template: latest | gemnasium:6 || dependency-scanning:0 | gemnasium:6 || dependency-scanning:1 | dependency-scanning:1 | dependency-scanning:1 |
| template: v2 | dependency-scanning:1 | dependency-scanning:1 | dependency-scanning:1 | dependency-scanning:1 |
| ci/cd component v0 | dependency-scanning:0 | dependency-scanning:1 | dependency-scanning:1 | dependency-scanning:1 |