[requirements][stable] Capping requirements in stable branches
mriedemos at gmail.com
Sat Nov 30 14:45:29 UTC 2019
On 11/29/2019 12:06 PM, Sean Mooney wrote:
> unfortunetly that advice is not always followed but i agree that in general
> distros should try to follow upper-constraints where possible. for security
> reasons sometime distros have to move to a newer version but that is rare.
> in such cacses idealy the issue would be adress by another stable release of
> the depency upstream with a backport of the scurity fix.
Yup, distros are going to distro. Upper constraints is the OpenStack way
of saying, "this is the known good combination of packages that are
known to work with the current version of the code" and if you diverge
from that then you're on your own.
More information about the openstack-discuss