Julia packages traditionally only list minimal versions for dependencies. Mainly for the reason that the old Pkg only knew one global environment which yielded many conflicts.
I assumed that with the new Pkg these kinds of problems were an relict of the past and we could properly version our dependencies, e.g., only allow minor (in the SemVer sense) upgrades to dependencies. With this, an breaking update of a dependency wouldn’t cause to break my package. But what I now got as feedback in METADATA#18523 gives me the impression that this behaviour is discouraged.
In particular, in this situation I did a breaking change in the StaticPolynomials dependency of my package (HomotopyContinuation.jl) which would break HomotopyContinuation.jl. To avoid breaking user’s code, I wanted to add upper bounds to all 0.7 compatible releases of HomotopyContinuation.jl.
Or another example: Here is the Julia CI-Bot result of the new
Interpolations.jl release, which breaks a bunch of other packages. This would be avoided if all packages would have proper dependency constraints.
So, what is now the correct way to deal with depencies?