Package dependencies are too strict

weibeu / Flask-Discord

Discord OAuth2 extension for Flask. An Easier implementation of "Log In With Discord".

https://flask-discord.readthedocs.io/en/latest/

MIT License

182 stars 47 forks source link

Package dependencies are too strict #58

Closed henriquegemignani closed 2 years ago

henriquegemignani commented 2 years ago

In 0985cb26d902aaf201561b0878d0febf5fc4d4d2 the install_requires of the package was updated to require specific versions of all dependencies, recursively.

For testing this package itself, locking that way is great. But for downstream packages this at best prevents me from updating any of these packages, at worst causes conflicts with other packages.

jnawk commented 2 years ago

~~the only package with a version requirement is an inequality - "pyjwt>=2.0.0" - versions earlier than 2.0 are not compatible and are a source of endless bug tickets, the solution to each of course is update pyjwt. ~~

I take it back. That's true of the latest published version, not the commit referenced.

weibeu commented 2 years ago

Thanks for pointing it out! Have released the dependencies from exact versions and set it only where it was needed (for PyJWT). Have updated PyPI.