Project dependencies may have API risk issues

[PyDeps]

Hi, In MegaDL-Bot, inappropriate dependency versioning constraints can cause risks.

Below are the dependencies and version constraints that the project is using

moviepy
filetype
pyrogram==1.4.16
tgcrypto
ffmpeg-python
hurry.filesize
git+https://github.com/asmsafone/mega.py.git

The version constraint == will introduce the risk of dependency conflicts because the scope of dependencies is too strict. The version constraint No Upper Bound and * will introduce the risk of the missing API Error because the latest version of the dependencies may remove some APIs.

After further analysis, in this project, The version constraint of dependency moviepy can be changed to >=0.2.1.6.4,<=2.0.0.dev2. The version constraint of dependency pyrogram can be changed to >=1.0.0,<=2.0.57.

The above modification suggestions can reduce the dependency conflicts as much as possible, and introduce the latest version as much as possible without calling Error in the projects.

The invocation of the current project includes all the following methods.

The calling methods from the moviepy

moviepy.editor.VideoFileClip

The calling methods from the pyrogram

pyrogram.filters.regex
pyrogram.filters.command
pyrogram.idle
pyrogram.Client

The calling methods from the all methods

os.path.isdir
posixpath.join
message.reply_text.delete
os.listdir
format
os.makedirs
hurry.filesize.size
file.copy
pyrogram.types.InlineKeyboardMarkup
bot.create_chat_invite_link
message.reply_text.edit
functools.partial
message.message.delete
str
message.reply_photo
round
moviepy.editor.VideoFileClip
pyrogram.Client
os.system
asyncio.get_running_loop
mega.login.download_url
dict
divmod
message.reply_text
about
message.reply_audio
os.environ.get
message.reply_document
help
message.forward.reply_text
time.time
message.answer
bot.get_me
message.reply_animation
message.message.reply_to_message.delete
filetype.guess
bot.get_me.mention
pyrogram.Client.on_message
mega.Mega
bot.get_users.mention
asyncio.get_running_loop.run_in_executor
pyrogram.idle
join
message.reply_document.reply_text
pyrogram.filters.command
pyrogram.types.InlineKeyboardButton
asyncio.sleep
message.message.edit
message.reply_video
pyrogram.Client.start
genericpath.isfile
bot.get_chat_member
humanbytes
config.TEXT.ABOUT.format
pyrogram.Client.on_callback_query
range
message.forward
message.edit
pyrogram.Client.stop
bot.get_users
start
pyrogram.filters.regex
TimeFormatter
config.TEXT.HELP_USER.format
shutil.rmtree
logging.basicConfig
os.stat
bot.send_message
math.floor
megadl.forcesub.handle_force_subscribe
message.message.reply_text
int
print
subprocess.call
logs_msg.reply_text.edit
mega.Mega.login
os.getpid
config.TEXT.START_TEXT.format

@developer Could please help me check this issue? May I pull a request to fix it? Thank you very much.

[AsmSafone]

Yah, of course you can pull to fix!

On Wed, Oct 26, 2022, 7:46 AM PyDeps @.***> wrote:

Hi, In MegaDL-Bot, inappropriate dependency versioning constraints can cause risks.

Below are the dependencies and version constraints that the project is using

moviepy filetype pyrogram==1.4.16 tgcrypto ffmpeg-python hurry.filesize git+https://github.com/asmsafone/mega.py.git

The version constraint == will introduce the risk of dependency conflicts because the scope of dependencies is too strict. The version constraint No Upper Bound and *** will introduce the risk of the missing API Error because the latest version of the dependencies may remove some APIs.

After further analysis, in this project, The version constraint of dependency moviepy can be changed to >=0.2.1.6.4,<=2.0.0.dev2. The version constraint of dependency pyrogram can be changed to >=1.0.0,<=2.0.57.

The above modification suggestions can reduce the dependency conflicts as much as possible, and introduce the latest version as much as possible without calling Error in the projects.

The invocation of the current project includes all the following methods. The calling methods from the moviepy

moviepy.editor.VideoFileClip

The calling methods from the pyrogram

pyrogram.filters.regex pyrogram.filters.command pyrogram.idle pyrogram.Client

The calling methods from the all methods

os.path.isdir posixpath.join message.reply_text.delete os.listdir format os.makedirs hurry.filesize.size file.copy pyrogram.types.InlineKeyboardMarkup bot.create_chat_invite_link message.reply_text.edit functools.partial message.message.delete str message.reply_photo round moviepy.editor.VideoFileClip pyrogram.Client os.system asyncio.get_running_loop mega.login.download_url dict divmod message.reply_text about message.reply_audio os.environ.get message.reply_document help message.forward.reply_text time.time message.answer bot.get_me message.reply_animation message.message.reply_to_message.delete filetype.guess bot.get_me.mention pyrogram.Client.on_message mega.Mega bot.get_users.mention asyncio.get_running_loop.run_in_executor pyrogram.idle join message.reply_document.reply_text pyrogram.filters.command pyrogram.types.InlineKeyboardButton asyncio.sleep message.message.edit message.reply_video pyrogram.Client.start genericpath.isfile bot.get_chat_member humanbytes config.TEXT.ABOUT.format pyrogram.Client.on_callback_query range message.forward message.edit pyrogram.Client.stop bot.get_users start pyrogram.filters.regex TimeFormatter config.TEXT.HELP_USER.format shutil.rmtree logging.basicConfig os.stat bot.send_message math.floor megadl.forcesub.handle_force_subscribe message.message.reply_text int print subprocess.call logs_msg.reply_text.edit mega.Mega.login os.getpid config.TEXT.START_TEXT.format

@developer Could please help me check this issue? May I pull a request to fix it? Thank you very much.

— Reply to this email directly, view it on GitHub https://github.com/AsmSafone/MegaDL-Bot/issues/8, or unsubscribe https://github.com/notifications/unsubscribe-auth/ASTAKPSCWVIVHQKMM3FVUDLWFCERFANCNFSM6AAAAAAROQJGH4 . You are receiving this because you are subscribed to this thread.Message ID: @.***>