[jira] [Work logged] (BEAM-4606) Upper bound for pytz dependency

Tue, 26 Jun 2018 23:53:30 -0700 


     [ 
https://issues.apache.org/jira/browse/BEAM-4606?focusedWorklogId=116327&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-116327
 ]

ASF GitHub Bot logged work on BEAM-4606:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 27/Jun/18 06:52
            Start Date: 27/Jun/18 06:52
    Worklog Time Spent: 10m 
      Work Description: aaltay commented on a change in pull request #5751: 
[BEAM-4606] Pin pytz version 
URL: https://github.com/apache/beam/pull/5751#discussion_r198383539
 
 

 ##########
 File path: sdks/python/setup.py
 ##########
 @@ -105,7 +105,7 @@ def get_version():
     'oauth2client>=2.0.1,<5',
     # grpcio 1.8.1 and above requires protobuf 3.5.0.post1.
     'protobuf>=3.5.0.post1,<4',
-    'pytz>=2018.3',
+    'pytz==2018.4',
 
 Review comment:
   I do not think it will break existing users. The scenario I have in mind is, 
suppose there is a library X that pins pytz==2018.3 and we pin it at 2018.4. 
With that a user cannot have both X and Beam in the same environment. Since we 
already know that Beam works with both 2018.3 and 2018.4; it would be more 
flexible to work with either version of the dependency.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 116327)
    Time Spent: 50m  (was: 40m)

> Upper bound for pytz dependency
> -------------------------------
>
>                 Key: BEAM-4606
>                 URL: https://issues.apache.org/jira/browse/BEAM-4606
>             Project: Beam
>          Issue Type: Improvement
>          Components: sdk-py-core
>            Reporter: Ahmet Altay
>            Assignee: Udi Meiri
>            Priority: Major
>          Time Spent: 50m
>  Remaining Estimate: 0h
>
> Do we need an upper bound for the pytz dependency? 
> ([https://github.com/apache/beam/blob/release-2.5.0/sdks/python/setup.py#L108)]
>  We typically have upper bounds, in order to avoid future breakages due to a 
> possibility of breaking/backward incompatible change of that depepdency.
> Good practice is to upper bound either at known version, or next major 
> version. Do we need an exception for pytz because it does not seem to be 
> following semantic versioning?
> cc: [~yifanzou] Is this something dependency notifier can warn on? Dependency 
> without upper version bounds.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to