I've learned enough lessons to do the following:

我已经吸取了足够的教训来完成以下工作:

1. Check the library's change list. What did they fix? Do I care? If there isn't a change list, then the library isn't used in my project.

检查库的更改列表。他们修复了什么?我关心的?如果没有更改列表,则我的项目中不使用该库。

2. What are people posting about on the Library's forum? Are there a rash of posts starting shortly after release pointing out obvious problems?

人们在图书馆论坛上发帖的是什么?发布后不久就开始发布一系列帖子,指出明显的问题?

3. Along the same vein as number 2, don't upgrade immediately. EVERYONE has a bad release. I don't intend to be the first to get bit with that little bug. (anymore that is). This doesn't mean wait 6 months either. Within the first month of release you should know the downsides.

与2号一样,不要立即升级。每个人发布都不好。我不打算成为第一个得到这个小虫子的人。 (不再是)。这并不意味着要等6个月。在发布的第一个月内,您应该知道缺点。

4. When I decide to go ahead with an upgrade; test, test test. Here automated testing is extremely important.

当我决定继续升级时;测试,测试测试。这里的自动化测试非常重要。

EDIT: I wanted to add one more item which is at least as important, and maybe more so than the others.

编辑:我想添加一个至少同样重要的项目,也许比其他项目更重要。

• What breaking changes were introduced in this release? In other words, is the library going off in a different direction? If the library is deprecating or replacing functionality you will want to stay on top of that.

这个版本引入了哪些重大变化?换句话说,图书馆是否朝着不同的方向发展?如果库正在弃用或替换功能,您将希望保持最佳状态。

Important: Avoid Technical Debt.

重要提示:避免技术债务。

"If it ain't broke, don't upgrade" is a crazy policy that leads to software so broken that no one can fix it.

“如果它没有破产,不要升级”是一个疯狂的政策,导致软件如此破碎,没有人可以解决它。

Rash, untested changes are a bad idea, but not as bad as accumulating technical debt because it appears cheaper in the short run.

皮疹,未经测试的改变是一个坏主意,但并不像累积技术债务那么糟糕,因为它在短期内看起来更便宜。

Get a "nightly build" process going so you can continuously test all changes -- yours as well as the packages on which you depend.

获得“夜间构建”过程,以便您可以持续测试所有更改 - 您的更改以及您依赖的包。

Until you have a continuous integration process, you can do quarterly major releases that include infrastructure upgrades.

在您进行持续集成过程之前,您可以执行包含基础架构升级的季度主要版本。

Avoid Technical Debt.

避免技术债务。

One approach is to bring the open source libraries that you use under your own source code control. Then periodically merge the upstream changes into your next release branch, or sooner if they are security fixes, and run your automated tests.

一种方法是在您自己的源代码控制下使用您使用的开源库。然后定期将上游更改合并到您的下一个版本分支中,或者如果它们是安全修复程序则更快,并运行您的自动化测试。

In other words, use the same criteria to decide whether to use upstream changes as you do for release cycles on code you write in house. Consider the open source developers to be part of your virtual development team. This is really the case anyway, it's just a matter of whether you choose to recognise it as part of your development practices.

换句话说,使用相同的标准来决定是否像在内部编写的代码一样使用上游更改。考虑开源开发人员成为虚拟开发团队的一员。无论如何,情况确实如此,只是您是否选择将其视为开发实践的一部分。

While you don't want to upgrade just because there's a new version, there's another consideration, which is availability of the old version. I've run into that problem trying to build open source projects.

虽然您不想因为有新版本而需要升级,但还有另一个考虑因素,即旧版本的可用性。我遇到了试图构建开源项目的问题。

I usually assume that ignoring a new version of a library (coz' it doesn't have any interesting features or improvements) is a mistake, because one day you'll find out that this version is necessary for the migration to the next version which you might want to upgrade to.

我通常认为忽略一个新版本的库(因为它没有任何有趣的功能或改进)是一个错误,因为有一天你会发现这个版本是迁移到下一个版本所必需的。你可能想要升级到。

So my advice is to review carefully what has changed in the new version, and consider whether the changes requires a lot of testing, or little.

所以我的建议是仔细审查新版本中的变化,并考虑变更是否需要大量测试,或者很少。

If a lot of testing are required, it is best to upgrade to the newer library at the next release (major version) of your software (like when moving from v8.0 to v8.5). When this happens, I guess there are other major modifications as well, so a lot of testing is done.

如果需要进行大量测试,最好在软件的下一个版本(主要版本)升级到更新的库(例如从v8.0升级到v8.5时)。当发生这种情况时,我想还有其他重大修改,因此进行了大量测试。

I prefer not to let the versions lag too far behind on dependant libraries. Up to a year is ok for most libraries unless security or performance issues are known. Libraries with known security issues are a must for refreshing.

我不想让版本在依赖库上落后太多。除非知道安全性或性能问题,否则大多数库可以使用长达一年的时间。具有已知安全问题的库是必须刷新的。

I periodically download the latest version of each library and run my apps unit tests using them. If they pass, I use them in our development and integration environments for a while and push to QA when I'm satisfied they don't suck.

我会定期下载每个库的最新版本并使用它们运行我的应用程序单元测试。如果它们通过,我会在我们的开发和集成环境中使用它们一段时间,并在我满意它们不吸吮时推送到QA。

The above procedure assumes the API hasn't changed significantly. All bets are off if I need to refactor existing code just to use a newer library version. (e.g. Axis 1x vs. 2x) Then I would need to get management involved to make the decision to allocate resources. Such a change would typically be differed until a major revision of the legacy code is planned.

上述过程假设API没有显着变化。如果我需要重构现有代码只是为了使用更新的库版本,所有的赌注都会被取消。 (例如Axis 1x vs. 2x)然后我需要让管理层参与决定分配资源。在计划对遗留代码进行重大修订之前,这种更改通常会有所不同。

Some important questions:

一些重要问题:

• How widely used is the library? (If it's widely used, bugs will be found and eliminated more quickly)

图书馆有多广泛使用? (如果它被广泛使用,将更快地找到并消除错误)

• How actively developed is it?

它是如何积极发展的?

• Is the documentation very clear?

文件是否非常清楚?

• Have there been major changes, minor ones, or just internal changes?

是否有重大变化,次要变更或内部变更?

• Does the upgrade break backwards compatibility? (Will you have to change any of your code?)

升级是否会破坏向后兼容性? (你需要改变你的任何代码吗?)

Unless the upgrade looks bad according to the above criteria, it's better to go with it, and if you have any problems, revert to the old version.

除非根据上述标准升级看起来不好,否则最好使用它,如果您有任何问题,请恢复旧版本。