Change How Orb Dependencies Are Compiled/Managed
j
jrinehart@anduril.com
Currently, when an orb version is yanked, it also yanks any dependent orb versions. Additionally, when specifying an orb dependency using a major version, the system resolves to the latest version of that orb at the time of publishing. Since there are no built in methods to easily see what versions are going to be affected, this creates potential issues with version management and dependency resolution.
This feature request proposes implementing changes to improve orb version management and dependency resolution through any or all of the following enhancements:
- Change the version resolution to occur at pull-time instead of at publish time
2.Expose the specific versions using CLI/Web UI tooling (one or the other or both). Which would provide clear visibility into which exact versions are being used and allow users to see resolved dependency versions before execution
- Allow administrators to configure whether resolution happens at pull-time or push-time or even baked at first pull. Allow configuration options such as:
Pull-time resolution (always latest)
Push-time resolution (current behavior)
First-pull caching (resolve once, then cache)