Is your feature request related to a problem? Please describe.
It's possible to unexpectedly become unable to update your package's dependencies, because a package somewhere in the dependency graph specified a maximum minor/patch version requirement which conflicts with some other minimum version requirement.
Describe the solution you'd like
Detect this hazard by scanning all transitive dependencies and reporting any version requirements such as =1.2.3, 1.2.*, <2.0.1, <2.1 — anything which has an upper bound that would exclude some semver-compatible versions.
There should be an exemption possible for identifiably "internal use only" dependencies, e.g. foo 1.0.2 might reasonably depend on foo-macros =1.0.2.
Is your feature request related to a problem? Please describe.
It's possible to unexpectedly become unable to update your package's dependencies, because a package somewhere in the dependency graph specified a maximum minor/patch version requirement which conflicts with some other minimum version requirement.
Describe the solution you'd like
Detect this hazard by scanning all transitive dependencies and reporting any version requirements such as
=1.2.3,1.2.*,<2.0.1,<2.1— anything which has an upper bound that would exclude some semver-compatible versions.There should be an exemption possible for identifiably "internal use only" dependencies, e.g.
foo 1.0.2might reasonably depend onfoo-macros =1.0.2.