chore(deps): Most deps in requirements.txt lack pinned versions so current versions w#1599
Open
isagoakira wants to merge 2 commits into
Open
chore(deps): Most deps in requirements.txt lack pinned versions so current versions w#1599isagoakira wants to merge 2 commits into
isagoakira wants to merge 2 commits into
Conversation
…lack pinned versions so curren
…ned versions so curren
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🔧 依赖维护更新 — nvbn/thefuck
此 PR 由 Code Legacy Reviver 自动生成🤖
📋 更新摘要
Most deps in requirements.txt lack pinned versions so current versions would install. The real issues are: (1) setuptools floor is 11 years old (2) restrictive upper bounds on decorator/pyte for Python 2.7 are outdated — but this code targets legacy Python anyway so raising bounds carries some risk. Note: 'mock' is bundled in stdlib since Python 3.3.
📦 变更清单
🟡 setuptools:
>=17.1→>=65.0.0setuptools 17.1 is from 2014; modern versions (65+) include security fixes, better PEP compliance, and build isolation
🟡 decorator (Python 2.7 constraint):
<5→<5.3decorator 4.x is ancient; 5.2/5.3 are stable with same API, dropping the upper bound or raising it is safe
🟡 pyte (Python 2.7 constraint):
<0.8.1→<2.0pyte 0.8.x is years old; 1.x and 2.x series have bug fixes and compatibility improvements while maintaining API
🟡 Medium
📝 文件变更
requirements.txtsetup.pyGenerated by Code Legacy Reviver