On Mon, May 04, 2026 at 03:07:22PM +0300, Peter Pentchev wrote: > On Sun, May 03, 2026 at 03:49:21PM -0000, Jeroen Ploemen wrote: > > hi Pieter, > > > > my review for the beets package: > > > > * control: very specific version requirement for the dependency on > > python3-acoustid (= 1.3.1), while the upstream pyproject.toml > > specifies ^1.3.1 (note the caret) which if IIRC translates to > > >=1.3.1,<2; > > * control: the build-dep on sphinx <9 has been overtaken by reality, > > with sphinx/9.1.0-1 already in unstable. Build seems to be fine > > with 9.1.0 too though. > > > > For both of the above, it's often an open question whether version > > restrictions declared by upstream are actually hard requirements or > > just a matter of "we prefer to have everyone use the version we > > tested with". > > From my experience with various upstream projects, both individual > authors with varying levels of experience and workflows, and > more complex organizations (e.g. OpenStack), IMHO it is most useful to, > at least initially, "assume good faith" and approach upstream requirements > as follows...
So, uh, I just realized (a couple of days later, yeah) that what I wrote may be misinterpreted. I did not in any way mean to criticize Jeroen's words: I did not imply that he advocated not treating upstream requirements in good faith. In my message I did outline a couple of cases in which it is very much advisable to override them. Apologies for any confusion. G'luck, Peter -- Peter Pentchev [email protected] [email protected] [email protected] PGP key: https://www.ringlet.net/roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
signature.asc
Description: PGP signature
