install_github does not respect maximum version numbers

[mem48]

In a package DESCRIPTION file it is possible to specifiy the maximum or minimum version number.

Imports:
    xml2 (<= 1.2.5)

But install_github ignores this and installs the latest cran version of any imported packages.

Reprex

remove.packages("xml2")
remotes::install_github("ITSleeds/UK2GTFS", upgrade = "never")
packageVersion("xml2")
# 1.3.1 installed but 1.2.5 expected 

[mem48]

Update: I found that this works

Remotes: cran/xml2@1.2.5

[jimhester]

install.packages() also ignores this, and generally speaking CRAN and the R package ecosystem don't really work with anything but >=, they always assume you are using the latest version of packages.