On 19 Jul 2007, at 19:36 , Dieter Maurer wrote:
Things are a bit different with external dependencies (docutils,
mechanize, ClientForm, twisted, etc.), I think. They bear a higher
of breaking stuff for us in future releases, even if they're just
releases, because we don't control them and their developers probably
don't test their stuff with our code . Back in the old days, we
do vendor imports or use revision tags for the externals. This was
basically the equivalent of depending on a specific, well-known
version of the external package.
I propose to do the same for the external dependencies we have. So
only count docutils as an actual egg dependency because mechanize,
ClientForm and twisted are still packaged up in the egg that uses
(we should change that, too). I will therefore change
to depend on docutils==0.4, unless there are objections.
Don't you drastically increase the risk of conflicts?
Yes, probably. I've been convinced now that making libraries depend
on specific versions isn't such a good idea.
Thanks for the input.
Zope3-dev mailing list