I saw an issue today on a fairly popular project (better-auth, see the link to the issue attached). No repro, no context, just a wall of caps and profanity ending in “fuck you”. The maintainers ship this for free. People run production businesses on top of it, for free. And the thanks is someone raging into a text box because a minor bump cost them an afternoon.
I maintain and contribute to a few projects myself, so this hits a nerve a bit. Something people don’t see from the outside: it’s not enough to know how to build the thing. You also have to know how to defuse a thread where someone’s insulting you and not fire back, even though most of us aren’t paid for any of it, let alone the work of staying civil while being told to get fucked.
I’m not pretending breaking changes don’t cause real pain (that’s what the issue is about). But I keep coming back to a boundary question: if you’re not paying for it, do you actually get to demand anything? (Obviously yes, but we still need some boundaries)


Naah, I don’t really demand anything if the author breaks something on update. I just asked if the breaking changes are intentional and if there’s a workaround. Failing that, I revert and look for other libraries or roll my own. To me Open Source is always about making something you love without any obligation. Not even to follow semver.
That view of open source only applies for non-profits and hobbyists, releasing code that solves their problems altruistically.
Corporations, startups, and VC’s abuse open source by using it as a means to gain goodwill and trust until they are funded or profitable, then they perform a bait and switch or other parasitic practices; they deserve the hate, and can eat shit and die.
Also, if you’re not gonna follow semver don’t use semver. Just use YYYY-MM-DD or whatever. Quite simple really.
Regarding this project; anyone who chooses to use new (thus untrustworthy) foss libraries in prod without version pinning and thorough integration testing is an idiot.
V1.2.3 is not unique to semver tho. So it could really be anything like linux 7.1.2. To be fair, linux does predate semver by a long time. But the point is that not every software with #.#.# needs to be semver. And I think better-auth, from the issue linked, has stated that they don’t yet follow semver somewhere in their docs.
If the versioning has no meaning, or conflicts with a widely held standard, why not switch to datever? Then we at least know how out of date we are…
I ask the inverse. Why should you demand that every project that uses x.y.z versioning be a semver? A widely held standard only applies if you actually want to follow it in the first place. You know HTTP spec didn’t mention anything about the body in GET requests and so almost every web server just ignores body on GET? Yeah, some software decided to use that. And guess what? That software? It was Elasticsearch. People are free to do whatever they want with their software. If they decided to publish something non standard and you decided to use it, you can ask them nicely to follow standard, or make an adapter for it.
Yeah, choosing to establish the semver social contract and then break it is not great
But they never established a “semver social contract”. You can’t assume that project follows semver just because it has an x.y.z version number; semver is not the only versioning scheme, it’s just a very popular one
Why would you use the syntax of the most widely adopted versioning schema in software engineering, then not follow it?
This isn’t linux; it’s a 2 year old project ffs. That’s just ignorance or incompetence, but poor design decisions are expected from an AI slop project. Unless you can enlighten us on the logic of the chosen schema, you shouldn’t defend them.
Hmm, fair