Closed thelittlebug closed 3 years ago
After having had some unpleasant experiences with the unintended consequences of placing upper bounds on dependent package versions, I have come to wonder whether doing so carries costs that outweigh the benefits.
Quite coincidentally, my friend Hynek just published an article two days ago that (among other things) underscores those costs. To wit:
If you maintain a public package and pin the major version of a dependency of yours, you transitively do this to the applications of your users.
[…]
Don’t ever pin major versions, unless you know they’re broken.
In short, what would be the downsides to removing the upper bound, and are those downsides all that serious? i.e.:
django = ">=2.2"
my simple rule would be this: is it a package used by others? loose bounds is it a production deployment? try to be as explicit as possible
if you take a look on other projects like https://github.com/encode/django-rest-framework you can see that they are not limiting as much.
Yeah, I think loosening version requirements won't be a bad idea. If it breaks on the new version, then someone would report it or PR it.
ah! and thanks for your nice project :)
Released django-tailwind 1.1.2
that doesn't have the upper bound for Django version.
there's still time before April, but yeah, will leave this as a reminder.