Hacker News new | ask | show | jobs
by CaliforniaKarl 189 days ago
This, I think, is the crux of the matter.

As an example, I always knew urllib3 as one of the foundational packages that Requests uses. And I was curious, what versions of urllib3 does Requests pull in?

Well, according to https://github.com/psf/requests/blob/main/setup.cfg, it's this:

    urllib3>=1.21.1,<3
That is exactly the kind of dependency specification I would expect to see for a package that is using semver: The current version of urllib3 is 2.x, so with semver, you set up your dependencies to avoid the next major-version number (in this case, 3).

So, it seems to me that even the Requests folks assumed urllib3 was using semver.
1 comments
somat 189 days ago
I would almost expect the 3 in urllib3 to be the major version and if something needed to break it would become urllib4. Which, I know, is terribly naive of me. But that is how psycopg does it.
link
minitech 189 days ago
That was how psycopg2 did it, but now the package is psycopg (again) version 3, as it should be. Python package management has come a long way since psycopg 1 was created.

urllib2/3’s etymology is different: urllib2’s name comes from urllib in the standard library.

link
minitech 188 days ago
er, *urllib3’s name comes from urllib2 in the standard library.
link