-
-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pin oldestdeps
in tox.ini to exact versions?
#15865
Comments
I think it has both good and bad. Would have been avoided if pyerfa uses semver, no? |
I am okay with pinning pyerfa to exact in oldestdeps but I would be hesistant to make this a blanket policy. Sometimes a bugfix includes critical security fix and we would want those. |
But in that case shouldn't we adjust our minimum required version? I see Separately, would be nice if |
I vaguely remember that @WilliamJamieson wrote something that automatically create pinning for tox from build requirements... 🤔 |
Description
Issue #15788 arose because our minimum required erfa was not quite correct. This was not caught because in
tox.ini
, we have set our oldestdeps to things likepyerfa==2.0.*
, which means bug-fix releases are included. Conceptually, this seems wrong:oldestdeps
should test with with exactly the absolute minimum version that is allowed by our requirements. If that means that something doesn't work because of a bug, logically our minimum requirements should be updated as well.Question: does this make sense? Should we update
tox.ini
andpyproject.toml
with version numbers that include bug-fix micro?The text was updated successfully, but these errors were encountered: