deislabs
Semver is too restrictive
I love semver. I wish everyone used it. I use it exclusively.
However, by forcing semver it means that builds of software from upstreams who don't use semver cannot be uploaded to Bindle without breaking the incredibly important correlation between the upstream version and the downstream binary version.
The use of semver was a purposeful decision when we originally crafted Bindle. Semver goes along well with the idea of immutability and is a clear way of expressing intent with a new version. Bindle would be far from the first tool to require semver (e.g. Go, Rust, and other package managers for starters) though it would be the first object store to do so.
I would also point out that Bindle is the "silverware drawer" anyway. Sometimes it will be used for a single binary/project/system, but often times it is gluing together binaries and other artifacts from various sources. So in the end, it is an entirely new thing that isn't tied to a specific upstream binary outside of the specific binary assigned to that invoice (which cannot change)
However, this is the exact purpose for annotations on an invoice. If there is a desire to "point back to" an upstream location, this information can be included in an annotation
