[requirements][stable] Capping requirements in stable branches

Matt Riedemann mriedemos at gmail.com
Sat Nov 30 14:45:29 UTC 2019

On 11/29/2019 12:06 PM, Sean Mooney wrote:
> unfortunetly that advice is not always followed but i agree that in general
> distros should try to follow upper-constraints where possible. for security
> reasons sometime distros have to move to a newer version but that is rare.
> in such cacses idealy the issue would be adress by another stable release of
> the depency upstream with a backport of the scurity fix.

Yup, distros are going to distro. Upper constraints is the OpenStack way 
of saying, "this is the known good combination of packages that are 
known to work with the current version of the code" and if you diverge 
from that then you're on your own.




More information about the openstack-discuss mailing list