Scotchester
commented
9 years ago Sure you want >=? All the rest are ==
Closed dpford closed 9 years ago
Scotchester
commented
9 years ago Sure you want >=? All the rest are ==
dpford
commented
9 years ago My understanding is that >= will be the closest in behavior to not specifying a version at all (as in, will still get the newest version), which is why I chose that.
Scotchester
commented
9 years ago Forgive my ignorance, but we tend to avoid automatically pulling the latest versions of most dependencies; why would we want to do that in this case?
dpford
commented
9 years ago No, it's good you asked. I thought it was intentionally entered versionless due to it being a security-related dependency, but that's probably silly.
Scotchester
commented
9 years ago :+1: Thanks!
Scotchester
commented
9 years ago @rosskarchner Please weigh in if you think >= was the right decision, after all.
rosskarchner
commented
9 years ago I'd like to try leaving it out-- calling out a particular version of Flask, should infer a particular version of itsdangerous anyways.
rosskarchner
commented
9 years ago hm, Flask uses >= too : https://github.com/mitsuhiko/flask/blob/0.10.1/setup.py#L96
After the pbr conversion, running
pip install -e . --upgradewas breaking on certain environments without a version specified for itsdangerous. This fixes that problem.