On Mon, Feb 10, 2020 at 6:09 PM Matthew Einhorn <moiein2000@gmail.com> wrote:
On Sun, Feb 9, 2020, 11:03 AM Paul Moore <p.f.moore@gmail.com> wrote:
On Sun, 9 Feb 2020 at 14:39, Soni L. <fakedme+py@gmail.com> wrote:
Figuring out versioning is hard. PyPI should encourage semver by including PEP 440 version strings that you can copy and paste into install_requires.
I don't understand what you mean by **PyPI** including version strings. PyPI just publishes the data the module contains. Do you mean the packaging documentation, or PyPA, or something?
I think they mean that instead of e.g. https://pypi.org/project/six/ just showing `pip install six`, it should also show example install_requires values. E.g. `install_requires: ['six~=1.14.0']`. Or maybe a dropdown where you select the compatibility you want and and it formats the version string.
This does seem like a good way to encourage people to specify or at least think about versioned dependencies, although I wonder how many people look at pypi when specifying their dependencies in `install_requires`?
-1. I don't want everyone to pin to an exact version just because it's the obvious copy/paste command. That's what happens all the time in the Node.js world, and the result is a constant battle to get everyone to upgrade their packages, because they've unnecessarily pinned them. Instead, encourage everyone to install *without* version numbers. If that results in a package being broken because of a backward-incompatible change, that's the fault of the package, and it SHOULD be seen as a problem. ChrisA