I’ve read the description. So behaviour has obviously changed from old the reference I had found.
But from reading the text it still unclear to me what is (supposed to be) done by the spec file writer and what is done automagically by some software. And especially what piece of software does it, would be nice to know.
Right now I saw the issue, when was branching a package locally. In that case it’s probably not really important what the numbers are. But I think it could still be useful to understand the magic, especially if I want to be made aware of future security updates to my branched package.