Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

📦 [poetry] Remove upper version bounds from dependencies #694

Merged
merged 3 commits into from
May 16, 2022

Conversation

cjolowicz
Copy link
Owner

  • 📦 [poetry] Remove version bound for CalVer dependency flake8-bugbear
  • 📦 [poetry] Remove upper version bounds from dependencies
  • 👷 [dependabot] Reduce merge conflicts using the lockfile-only strategy

* 📦 [poetry] Remove upper version bound for click

* 📦 [poetry] Remove upper version bound for development dependencies

* 📦 [poetry] Sort development dependencies

Retrocookie-Original-Commit: cjolowicz/cookiecutter-hypermodern-python-instance@e4c2c71
Dependabot updates version constraints in pyproject.toml even when the version
constraint already covers the new version, leading to frequent merge conflicts
because the global content hash in poetry.lock changes.

As of cjolowicz/cookiecutter-hypermodern-python-instance#744, this project
template no longer uses upper version bounds for its dependencies. As a result,
we are now able to use the "lockfile-only" versioning strategy to upgrade
dependencies, including major version bumps. This strategy prevents Dependabot
from modifying pyproject.toml, putting an end to the frequent merge conflicts.

Retrocookie-Original-Commit: cjolowicz/cookiecutter-hypermodern-python-instance@3082062
@cjolowicz cjolowicz added the build Build System and Dependencies label May 16, 2022
@cjolowicz cjolowicz merged commit 44e3e01 into main May 16, 2022
@cjolowicz cjolowicz deleted the build/no-version-caps branch May 16, 2022 14:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
build Build System and Dependencies
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant