are < dependencies required?

[alaniwi]

@dwest77a

A matter arising from cedadev/ceda-jaspy-envs#161:

The less tightly that a package (or some version of a package) locks down the versions of its dependencies (in pyproject.toml in this case), the more chance that it can installed compatibly with other packages in the Jaspy environment.

In particular, I note that cfapyx has various < (or <=) dependencies. This carries the risk of not being able to produce a compatible environment if something else requires later versions of those same dependencies. Given that you are the author of cfapyx and a colleague, this is a bit of a special case, in that if it won't resolve a Jaspy environment when the time comes to prepare a new release, then I could ask if you can resolve it by quickly publishing a new cfapyx release with updated dependencies. More generally, however, packages containing < dependencies have an increased chance of needing to be removed from Jaspy at some point.

I would suggest only using < if you are specifically aware of breaking changes planned for the later release, rather than simply a possibility that they might occur at some point. This is a trade-off, of course.

Thanks.

[dwest77a]

@alaniwi Thanks, I believe some of the < dependencies are required but not all so I will put out a new release this week to remove any limiting dependencies that are not strictly necessary.

[dwest77a]

@alaniwi I just published version 2025.12.9 which should now have minimal or no limiting dependencies. I've also refactored some parts of the code that were causing a limiter to be required for certain packages (mainly dask). Let me know if there are any more issues with this version being included in Jaspy.

[alaniwi]

Thanks, I am not immediately trying to create a Jaspy release, but was more thinking ahead to possible gotchas for next time -- also based on past experience. Your changes will be very helpful.