Bump requirements versions

[pquentin]

The exception is tornado which is still pinned at 4.x.

Maybe we should use ~= to pin to major versions?

[njsmith]

I originally added this to help track down the weird timeout bug we were hitting on Windows, and then forgot to remove it. But maybe it's useful to keep -- what do you think?

[pquentin]

I do like it! It can be surprising/annoying at times, but I've seen enough tests depending on each other to know that it can help detect annoying issues earlier.

[pquentin]

However it seems to break --failed-first, which is possibly more useful.

[njsmith]

we can delete this comment now :-) or drop the pin altogether, idk.

There are services like requires.io and pyup.io that can automatically send PRs to update pins when never versions come out, but I don't know how fancy we want to get here.

[pquentin]

I removed the comment, thanks!

I think pyup.io/requires.io are a good idea, even if I never tried them. Which one would you choose?

[njsmith]

OK cool!

We should also fix it so that import urllib3 can succeed even if trio and twisted aren't installed, but that's a whole other thing...

[pquentin]

Okay, I added https://github.com/njsmith/urllib3/issues/25 for the import niceties we need.

[njsmith]

Oh, sorry, I missed seeing your latest comments.

Re: --failed-first, huh, that does look useful! I don't think I've used it before :-). I guess --random-order-bucket=none --failed-first should still work?

We have pyup.io running on the manylinux repo, and python-hyper uses requires.io... I really don't have any reason to prefer one or the other. They both seem to work fine I guess, though I'm not sure if they can handle our weird branch setup or not.