|
|
|
|
|
|
by LyndsySimon
2754 days ago
|
|
|
If the specific version of a dependency (or subdependency) isn't pinned, then the next time the package is installed in another environment it'll get the most recent matching version. That version might break your code. If the specific version of all subdependencies are pinned, then you have a mess on your hands of keeping track of what's actually required. You have to either manually maintain your requirements.txt, or you run the risk of removing a dependency and missing the removal of its subdependencies. Further, you can't just upgrade everything, but dependencies might have conflicting version requirements for subdependencies. |
|
|