|
|
|
|
|
|
by epage
1963 days ago
|
|
|
First, they don't use semver [0] Python is all over the place with versioning, making it hard to predict what scheme anyone is using. People either falsely assume semver or just don't do any version constraints, both leading to problems. Whats unfortunate, is the Poetry project is putting their head in the sand on this and not letting you patch transitive dependency versions [1] Even if they did use semver, its still a contentious topic within projects using semver of what all is "included". Some people take an idealistic perspective of "if it might break me" but any change can break them [2], making it impractical. I've seen others take this as a sign that semver is impractical and shouldn't be used. I feel its a limited but useful communication tool; we have to accept imperfections in its use. [0] https://cryptography.io/en/latest/api-stability.html#version... [1] https://github.com/python-poetry/poetry/issues/697 [2] https://xkcd.com/1172/ |
|
|