Steady as She Goes
Over the last few weeks we've released a number of small patches and bugfix improving the overall experience with requires.io, to keep on helping you keep track of Python dependencies.
Handling of prereleases
To figure out if a package is up-to-date
, requires.io was using a very simple strategy: take the latest [1] version available on pypi, and match it against the requirement. If it matched, the requirement was up-to-date
, otherwise it was outdated
.
This strategy falls short for two edge cases: prereleases and private forks.
requests==dev # Master fetched from GitHub
django==1.7.4.1 # A private fork of Django
These edge cases are now correctly handled, and such dependencies are simply flagged up-to-date
.
[1] It was (and still is) a tad more complicated as we distinguish between unstable and stable releases, but this is beyond the scope of this blog post.
Compatible requirements and pull-requests
A lot of projects on GitHub are using requires.io pull-requests. But until now we didn't handle "compatible" requirements correctly.
django>=1.6,<1.7
Such a requirement is now updated to:
django>=1.7,<1.8
Don't forget that you can specify directives in your requirements files to discard updates you don't need. For instance the following requirement would be flagged up-to-date
and not yield any pull-request, despite being `outdated`:
# Outdated bug flagged `up-to-date`
django>=1.6,<1.7 # rq.filter:<1.7