Closed mgorny closed 1 year ago
Hi. True enough - there wasn't anything in the 2.8.1 release that would be helpful so I decided to not update the dependency. The 2.8.0 release is still only a few weeks old. I'm always going to pin a particular version of bitarray that has been well tested as I don't want an update to it to break bitstring.
@mgorny is there a particular problem that this creates? I might not understand the issue so more information would be helpful. For me this all works fine, but everyone has different workflows and requirements.
This is painful for people who are using system packages, as installing bitstring
prevents them from upgrading bitarray
. Over long periods of time, this creates a lot of maintenance burden since we'd need to make sure all compatible versions of bitarray
and bitstring
are working and installable.
Or to put it simpler, we may end up with the impossible situation of one package requiring one version of bitstring (and the pinned version of bitarray) and another package requiring a newer bitarray.
Thanks for the extra information, that's useful. I'm used to pinning versions for applications, but this is the first time I've released a library with dependencies.
A quick search shows that it is considered bad practice to pin a version rather than a range for a library dependency, which to be honest I'm pretty nervous about (there must be a better way!) I'll probably make the change in the 4.1.1 release which should be quite soon - I'll just wait a little longer to see if more issues come in.
The new plan is to require bitarray ">=2.5.0, <3.0.0", all versions of which (up to the current 2.8.1) pass bitstring's unit tests.
Thanks a lot!
Thanks. I was just coming to report this. It's great to see it's going to be addressed.
This will also need a change in tests/test_bitstring.py. My suggestion would be just to remove the bitarray version check entirely. (looks like you already addressed this - thanks again)
Version 4.1.1 now released with bitarray requirement of ">=2.8.0, <3.0.0".
Today's 4.1.0 release requires bitarray 2.8.0. However, bitarray 2.8.1 was released on Aug 7.