Dependency poetry-semver seems to be deprecated

[spoorcc]

requirements-detector requires poetry-semver which has been archived recently: https://github.com/python-poetry/semver.

Maybe the more active https://github.com/python-semver/python-semver/ could be a good alternative?

[carlio]

Hmm... "This is a development version. Do NOT use it in production before the final 3.0.0 is released." doesn't make we want to use this instead. I'm trying to clean up this repo right now, I'll figure something out instead. (the 2.x versions only support up to python 3.7 apparently)

[carlio]

I looked into this more and the problem is that python-semver only deals with parsing of an individual version spec, but cannot handle poetry's additional formatting (the ^ and ~ specifiers for example).

Although the poetry-semver repository has been archived and the code folded into the main poetry repo as far as I can tell, the 0.1.0 version on PyPI is still there and so requirements-detector can continue using it. I doubt they'd yank it since they haven't yet.

The only reason this would become an issue is if they change how the poetry requirement specification works and the old code is out of date, but I imagine they won't as they'd break millions of pyproject.toml files. And if they do, well I'll deal with that then .

So for now I'll just leave the dependecy as is, because there are no viable alternatives and I don't think the risk is big that the current dependency will stop working or go away. It's not ideal but the other solution would be to re-implement it and I started and realised it'd be a huge amount of work.