mistercrunch commented on issue #33162: URL: https://github.com/apache/superset/issues/33162#issuecomment-2977526939
Right. We should really make sure the package is "self-standing" as much as possible, with good "library-range-supported" semantics. In theory we could put a ceiling based on semver, meaning we would always assume the a new major version of any package could break things, and even if say marshmallow 4.x isn't release yet, we would assume it could break things and always put a ceiling on the next major across ALL packages. Now in practice doing this prevents `dependabot`/`supersetbot` from opening PRs trying to bump libraries. Maybe we'd need for these integration to alter or look beyond those ceilings. While this may help the viability of the main package, the reality is that we can only afford to run CI on a single set of pinned deps, as the matrix of testing various version of librairies - especially the matrix of combination - won't be possible. Now wondering if there's a way to add "preferred version of libraries" in pyproject.toml without pinning things... -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
