Cap dqlite-wire pin below 0.2.0 to block silent major-bump install

antoineleclair · claude · antoineleclair · commit 6f6ebaf56e73 · 2026-05-01T19:37:33.000-04:00
The cross-package pin was an unbounded ``&gt;=0.1.3``. The four packages
in the dqlite stack are co-developed, share private import surfaces
(see XP1 for one example), and have never been validated against any
combination other than the released-together set. Allowing
``pip install -U dqlite-wire`` to fetch a 0.2.0 (which can carry
breaking refactors of the private surface) silently would break
``import dqliteclient`` at first use.

Mirror the SA-side ``sqlalchemy&gt;=2.0,&lt;3.0`` pattern: add the
explicit ``&lt;0.2.0`` upper bound. The same upper-bound discipline
lands on dbapi → client and sqlalchemy-dqlite → dbapi.

Co-Authored-By: Claude Opus 4.7 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/pyproject.toml b/pyproject.toml
@@ -23,7 +23,7 @@ classifiers = [
     "Topic :: Database :: Database Engines/Servers",
     "Typing :: Typed",
 ]
-dependencies = ["dqlite-wire>=0.1.3"]
+dependencies = ["dqlite-wire>=0.1.3,<0.2.0"]
 
 [tool.uv.sources]
 dqlite-wire = { path = "../python-dqlite-wire", editable = true }

Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,7 @@ classifiers = [`
`23`	`23`	`"Topic :: Database :: Database Engines/Servers",`
`24`	`24`	`"Typing :: Typed",`
`25`	`25`	`]`
`26`		`-dependencies = ["dqlite-wire>=0.1.3"]`
	`26`	`+dependencies = ["dqlite-wire>=0.1.3,<0.2.0"]`
`27`	`27`
`28`	`28`	`[tool.uv.sources]`
`29`	`29`	`dqlite-wire = { path = "../python-dqlite-wire", editable = true }`