Unpin dependencies (or adopt a bot to help upgrade it like Dependabot) #47
Comments
|
Thank you @paw-lu for making such great suggestions and for contributing to the project. I'll read the article you share since I'm interested, and then share thoughts. |
|
I got convinced with this article: https://iscinumpy.dev/post/bound-version-constraints/#python-is-not-javascript I read specific sections, it's very clear to me the problem and I do agree we should solve it. I'll prepare a PR with suggestions and assign it to your for review @paw-lu |
motivated by this issue: #47 in short: We don't want to restrict users from using Tryceratops because some other lib bumped its major version (e.g. Rich) by reading https://iscinumpy.dev/post/bound-version-constraints/ it got clear that Tryceratops should be more permissive we're keeping dev dependencies as is since they should be installed only locally for developmemnt purposes
Thanks for posting that! I ran into a conflict between rich and tryceratops this morning trying it out and was surprised since my app uses rich, but I wanted to see what kind of feedback tryceratops had about my code. |
motivated by this issue: #47 in short: We don't want to restrict users from using Tryceratops because some other lib bumped its major version (e.g. Rich) by reading https://iscinumpy.dev/post/bound-version-constraints/ it got clear that Tryceratops should be more permissive we're keeping dev dependencies as is since they should be installed only locally for developmemnt purposes
motivated by this issue: #47 in short: We don't want to restrict users from using Tryceratops because some other lib bumped its major version (e.g. Rich) by reading https://iscinumpy.dev/post/bound-version-constraints/ it got clear that Tryceratops should be more permissive we're keeping dev dependencies as is since they should be installed only locally for developmemnt purposes
|
@GlenNicholls It should have been solved already. Let me know if it's still happening for you. |
Hi! Enjoying the project!
One issue I have come across again is that this project's dependecy pinning causes conflicts with other libraries
It happened once before to Click, and recently again have had trouble with Rich.
Rich itself updates major versions pretty often, so this is likely to happen again in the future.
Two solutions:
Unpin the dependencies, this is becoming more popular. It just involves switching from pining to the major version to just enforcing a minmum version.
Use an automation tool like Dependabot to keep your depenencies up to date, and update often.
Happy to help with either of these if you are interested.
Again, thanks for the tool!
Edit: Wrong article was linked in first point (it supported the second point)
The text was updated successfully, but these errors were encountered: