Potential dependency conflicts between NoDB and botocore

[NeolithEra]

Hi, as shown in the following full dependency graph of NoDB, NoDB requires botocore (the latest version), while the installed version of s3transfer(0.2.1) requires botocore>=1.12.36,<2.0.0.

According to Pip's “first found wins” installation strategy, botocore 1.12.199 is the actually installed version.

Although the first found package version botocore 1.12.199 just satisfies the later dependency constraint (botocore>=1.12.36,<2.0.0), it will lead to a build failure once developers release a newer version of botocore in the near future, which is greater than 2.0.0.

Dependency tree--------

NoDB(version range:)
| +-appdirs(version range:>=1.4.3)
| +-boto3(version range:>=1.4.4)
| +-botocore(version range:>=1.5.38)
| +-docutils(version range:>=0.13.1)
| +-funcsigs(version range:>=1.0.2)
| +-futures(version range:>=3.0.5)
| +-jmespath(version range:>=0.9.2)
| +-packaging(version range:>=16.8)
| +-pbr(version range:>=2.0.0)
| +-pyparsing(version range:>=2.2.0)
| +-python-dateutil(version range:==2.6.0)
| +-s3transfer(version range:>=0.1.10)
| | +-botocore(version range:>=1.12.36,<2.0.0)
| +-six(version range:>=1.10.0)

Thanks for your attention. Best, Neolith

[NeolithEra]

Solution

1. Fix your direct dependencies to be botocore>=1.12.36,<2.0.0 and s3transfer==0.2.1, to remove this conflict. I have checked this revision will not affect your downstream projects now.

2. Remove your direct dependency chardet, and use the library botocore transitively introduced by s3transfer.

@Miserlou Please let me know your choice. I can submit a PR to fix this issue.

[bendog]

this is resolved in #26

[bendog]

merged now.