[porlune]

Setting your package version to allow for minor updates _is_ responsibly consuming the dependency.

[llukas]

This sounds like "I responsibly test in production".

If you do test and isolate testing environment then this kind of breaking update is just business as usual.

[porlune]

That's fair, it does sound like a novice take; but it's still "business as usual" w/r/t what is touted as best practices where it comes to version control. At least that's my slightly above novice take on the matter.