Home/Glossary/Semantic Versioning (Semver)

Semantic Versioning (Semver)

A versioning scheme using MAJOR.MINOR.PATCH format that communicates the scope and impact of changes, enabling predictable dependency management.

DevelopmentAlso called: "semver", "version number", "software versioning"

Semantic versioning creates a shared language between package maintainers and consumers, signaling whether updates are safe to adopt without breaking existing code.

Why it matters

  • Enables automated dependency updates with confidence about breaking changes.
  • Reduces integration friction by clearly communicating API stability.
  • Required by most package managers (npm, Cargo, Composer, Go modules) for version resolution.
  • Helps teams plan upgrade cycles and assess technical debt.

Key concepts

  • MAJOR (X.0.0): Incremented for incompatible API changes that require consumer code modifications.
  • MINOR (0.X.0): Incremented for backward-compatible new functionality.
  • PATCH (0.0.X): Incremented for backward-compatible bug fixes.
  • Pre-release: Suffixes like -alpha, -beta, -rc.1 indicate unstable versions.
  • Build metadata: Suffixes like +build.123 for CI identification (ignored in version precedence).

Version ranges

  • Caret (^1.2.3): Allows minor and patch updates (>=1.2.3 <2.0.0).
  • Tilde (~1.2.3): Allows only patch updates (>=1.2.3 <1.3.0).
  • Exact (1.2.3): Pins to specific version.
  • Range (>=1.0.0 <2.0.0): Explicit bounds.

Best practices for maintainers

  • Start at 0.1.0 during initial development when API is unstable.
  • Move to 1.0.0 when your public API is considered stable.
  • Document breaking changes clearly in CHANGELOG when bumping major version.
  • Use pre-release versions for testing before stable releases.
  • Never modify a released version—publish a new version instead.

Best practices for consumers

  • Use caret ranges (^) for most dependencies to receive bug fixes and features.
  • Pin exact versions for critical dependencies where any change is risky.
  • Use lockfiles (package-lock.json, yarn.lock) to ensure reproducible builds.
  • Regularly audit and update dependencies, especially for security patches.
  • Test thoroughly when upgrading across major versions.

Common pitfalls

  • Breaking changes in minor versions ("semver violations") erode ecosystem trust.
  • Not bumping major version for subtle breaking changes like behavior modifications.
  • Pre-1.0.0 abuse—staying at 0.x forever to avoid committing to stability.

Related Tools

Related Articles

View all articles
Python Package Versioning: SemVer, CalVer, and Best Practices

Python Package Versioning: SemVer, CalVer, and Best Practices

Master Python package versioning with semantic versioning, calendar versioning, pre-release versions, and automated version bumping. Complete guide to changelog management and version constraints.

Read article →
Python Packaging: The Complete Guide to Building, Publishing, and Maintaining Packages

Python Packaging: The Complete Guide to Building, Publishing, and Maintaining Packages

Master Python packaging from development to PyPI publication. Complete guide covering pyproject.toml, dependencies, versioning, testing, CLI tools, and documentation with links to 11 detailed tutorials.

Read article →
Publishing Python Packages to PyPI: Complete Guide with Trusted Publishing

Publishing Python Packages to PyPI: Complete Guide with Trusted Publishing

Learn how to publish Python packages to PyPI using twine, trusted publishing with GitHub Actions, and modern best practices. Complete guide from package structure to automated releases.

Read article →
FedRAMP Authorization Guide: Cloud Security for Federal Government Compliance

FedRAMP Authorization Guide: Cloud Security for Federal Government Compliance

Complete guide to FedRAMP authorization for cloud service providers. Learn impact levels, JAB vs Agency authorization paths, 3PAO assessment, continuous monitoring requirements, and documentation essentials with practical timelines and costs.

Read article →

Explore More Development

View all terms

API (Application Programming Interface)

A set of rules and protocols that allows different software applications to communicate and exchange data.

Read more →

Cron Expression

A time-based job scheduling syntax using five or six fields to specify when tasks should run.

Read more →

DevOps

A set of practices combining software development (Dev) and IT operations (Ops) to shorten development cycles and deliver high-quality software continuously.

Read more →

Diff Algorithm

A computational method for comparing two sets of data and identifying differences between them.

Read more →

GitOps

An operational framework that uses Git repositories as the single source of truth for declarative infrastructure and application configurations.

Read more →

JSON (JavaScript Object Notation)

A lightweight data interchange format using human-readable text to represent structured data.

Read more →
Back to glossary