> I assume you wouldn't even be asking this if v21 was compatible, but > then again, I would expect from developers that while they might be > using v20 by default in their workflow, they should at least attempt > to remain compatible with the latest release of their dependencies (or > they might just as well declare to be compatible with python 2.7 only > ...).
Unfortunately, the situation is worse: Python has some entry-point machinery that double-checks the versions of installed dependencies at runtime and refuses to start your program if installed deps are not within the declared bounds. Poetry explicitly declared that they only want to use keyring packages in the v20 series. And after looking at keyring's changelogs it looks like they didn't even break anything in the v21 series, they just declared that they're no longer supporting the old versions and let everyone else deal with the fallout. So doing a sed on the poetry package metadata to allow it to use v21 of keyring is also a choice here and it might even work but has its own awful tradeoffs. -- David Gilman :DG<
