relax upper bounds on dependencies#445
Conversation
| urllib3 = "^1.26.9" | ||
| websockets = "^10.3" | ||
| certifi = "^2022.5.18" | ||
| urllib3 = ">=1.26.9,<3" |
There was a problem hiding this comment.
My knowledge on this syntax might be off, but the current expression ^1.26.9 Means we accept the versions
>=1.26.9 <2.0.0. From docs.
Is this proposal to changed the allowed version to >=1.26.9 <3.0.0?
There was a problem hiding this comment.
Also I am inclined to merge in #439 and other dependabot PRs that might help with what you are experiencing.
I need to do more validation in the urllib upgrade since its a major version upgrade.
There was a problem hiding this comment.
yes, and I don't mind my PR vs dependabot, doesn't make a difference to me
|
I think the PR is outdated now that we've merged most of the dependabot suggestions. We'll keep on top of this going forward. I'm just working through the urllib3 changes and will hopefully merge that one soon. Thanks for sending this PR in and hopefully all of the updates have resolved your root issue. Please feel free to comment/re-open if you need something else here though. Cheers. |
|
Hey just wanted to follow up here. Still have urllib <2 in the toml |
|
Hey @PrathamSoni is there something you need dependancy wise that's not in the current urllib? I'm just trying to understand the use-case here and push for the update. |
4 participants
Some of the dependent libraries have relatively strict upper bounds that should probably be relaxed
conda-forge/polygon-api-client-feedstock#20