Dependencies are too restrictive related to strawberry and strawberry-django

[advl]

Prerequisites

First of all, thanks for the great work on this library. I wanted to mention a few issues I had while installing your library related to dependency versions. I'm submitting only one issue for several, altough not identical issues, all related to the versions in the pyproject.toml file. This is a broader take on #439

In general the dependencies of this library are more restrictive than core strawberry-graphql and strawberry-graphql-django. This means that currently, the project package of an end user needs to be adapted to strawberry-django-auth instead of relying on the same versions that its "parent" libraries. This is particularly true for the python version, for django. Additionally, and independently, the django-stubs are not compatible with V5.

• [ ] Is it a bug?
• [x] Is it a new feature?
• [ ] Is it a question?
• [x] Can you reproduce the problem?
• [x] Are you running the latest version?
• [x] Did you check for similar issues?
• [ ] Did you perform a cursory search?

Description

I am using poetry as a package manager and the rest of this thread relies on it.

Looking at pyproject.toml in this library, the dependencies are stricter than its "parent" libraries. Also, the django-stubs are incompatible with V5.

[tool.poetry.dependencies]
python = ">=3.8,<3.13"
Django = ">=3.2,<5.1"
django-stubs = { extras = ["compatible-mypy"], version = "^4.2.0" }
strawberry-graphql-django = ">=0.10.5"

I compare this to the strawberry/pyproject.toml : the python version is less restrictive

[tool.poetry.dependencies]
python = "^3.8"

And strawberry-django/pyproject.toml : the python version is less restrictive, and the django version is less restrictive (especially <5.1 is not present)

[tool.poetry.dependencies]
python = ">=3.8,<4.0"
django = ">=3.2"
asgiref = ">=3.8"
django-choices-field = { version = ">=2.2.2", optional = true }
django-debug-toolbar = { version = ">=3.4", optional = true }
strawberry-graphql = ">=0.235.1"

Finally, when having django-stubs = {extras = ["compatible-mypy"], version = "^5.0.2"}, strawberry-django-auth install fails.

I am wondering if there is a reason why those <3.13, <5.1 checks are implemented ? Also, would it be possible that the django stubs version is set to be more liberally, so that version 5.0.2 is also supported whitout breaking the lock tree ?

Steps to Reproduce

Here are two examples where the library install will fail.

Example A: for python

1. Setup a poetry project with a python version, for instance 3.12
2. Install strawberry-django-auth

Example B : For django-stubs

1. Install django-stubs[compatible-mypy] latest (v5.0.2)
2. Install strawberry-django-auth, will fail

I expected the installation to work when using regular dependency definiton.

Actual behavior

In example A : the installation fails unless python = ">=3.12,<3.13" or django-stubs are downgraded. I believe a similar error will occur when django 5.1 is released.

In example B : the installation fails unless a force-install is made.

Requirements

from my pyproject.toml

[tool.poetry.dependencies]                                          
django = "^5.0.6"
#python = "^3.12"
python = ">=3.12,<3.13" # strawberry-django-auth
strawberry-graphql-django = "^0.44.2"                            
django-s3-storage = "^0.15.0"                                    
psycopg2-binary = "^2.9.9"                                       

[tool.poetry.group.ci.dependencies]                              
zappa = "^0.59.0"                                               

[tool.poetry.group.dev.dependencies]             
black = "^24.4.2"                                
django-debug-toolbar = "^4.4.2"                  
ipdb = "^0.13.13"                                
isort = "^5.13.2"                                
poethepoet = "^0.26.1"                           
pylint = "^3.2.3"                                
pylint-django = "^2.5.5"                         
pytest = "^8.2.2"                                
pytest-django = "^4.8.0"                         
toml-sort = "^0.23.1"                            
setuptools = "^70.1.1"                           
mypy = "^1.10.1"                                                    
django-stubs = {extras = ["compatible-mypy"], version = "^5.0.2"}
types-psycopg2 = "^2.9.21.20240417"              

I have put the outputs of poetry show in a gist, to avoid bloating this thread.

[nrbnlulu]

Hey. Apart from django stubs (which you can send a PR to update it) there is no limitation.

• Py3.13 - haven't came out yet and is not tested in gh wf therefore not supported.
• Django 5.1 - Same

I am wondering if there is a reason why those <3.13, <5.1 checks are implemented ?

See above.