lukasschwab / arxiv.py

Python wrapper for the arXiv API

MIT License

1.11k stars 123 forks source link

Loosen version requirements to compatibility operator `~=` #162

Closed lukasschwab closed 4 months ago

lukasschwab commented 5 months ago

Description

Does what it says on the tin for the two ==-pinned non-development dependencies, requests and feedparser.

Deserves some thought on risk: what if one of these dependencies incorrectly labels breaking changes in a patch version?

Breaking changes

List any changes that break the API usage supported on master.

None.

Relevant issues

List GitHub issues relevant to this change.

Closes #161.

Checklist

[-] (If appropriate) README.md example usage has been updated.

kgleba commented 4 months ago

@lukasschwab Merging this pull request would be very desirable, as the locked requests version 2.32.0 is a yanked version (as is 2.32.1) due to "conflicts with CVE-2024-35195 mitigation"

lukasschwab commented 4 months ago

Will do today.