Suggest to loosen the dependency on databases

[Agnes-U]

Hi, your project TodoList-FastAPI requires "databases==0.2.6" in its dependency. After analyzing the source code, we found that some other versions of databases can also be suitable without affecting your project, i.e., databases 0.2.3, 0.2.4, 0.2.5, 0.3.0. Therefore, we suggest to loosen the dependency on databases from "databases==0.2.6" to "databases>=0.2.3,<=0.3.0" to avoid any possible conflict for importing more packages or for downstream projects that may use TodoList-FastAPI.

May I pull a request to loosen the dependency on databases?

By the way, could you please tell us whether such dependency analysis may be potentially helpful for maintaining dependencies easier during your development?

---

For your reference, here are details in our analysis.

Your project TodoList-FastAPI(commit id: 160bbb1) directly uses 1 APIs from package databases.

databases.core.Database.__init__

From which, 10 functions are then indirectly called, including 6 databases's internal APIs and 4 outsider APIs, as follows (neglecting some repeated function occurrences).

[/dwisulfahnur/TodoList-FastAPI]
+--databases.core.Database.__init__
|      +--databases.core.DatabaseURL.__init__
|      +--databases.importer.import_from_string
|      |      +--databases.importer.ImportFromStringError.__init__
|      |      +--importlib.import_module
|      +--aiocontextvars.ContextVar
|      +--contextvars.ContextVar
|      +--databases.core.Connection.__init__
|      |      +--asyncio.Lock
|      +--databases.core.Connection.transaction
|      |      +--databases.core.Transaction.__init__

We scan databases's versions among [0.2.3, 0.2.4, 0.2.5, 0.3.0] and 0.2.6, the changing functions (diffs being listed below) have none intersection with any function or API we mentioned above (either directly or indirectly called by this project).

diff: 0.2.6(original) 0.2.3
['databases.core.DatabaseURL.__repr__', 'databases.backends.postgres.PostgresConnection', 'databases.backends.postgres.Record.__iter__', 'databases.core.Database', 'databases.backends.postgres.Record.__len__', 'databases.core.DatabaseURL.obscure_password', 'databases.core.DatabaseURL', 'databases.backends.postgres.Record', 'databases.core.DatabaseURL.database', 'databases.backends.sqlite.SQLiteConnection', 'databases.backends.mysql.MySQLConnection', 'databases.backends.postgres.PostgresConnection._compile']

diff: 0.2.6(original) 0.2.4
['databases.core.DatabaseURL.__repr__', 'databases.backends.postgres.PostgresConnection', 'databases.backends.postgres.Record.__iter__', 'databases.core.Database', 'databases.backends.postgres.Record.__len__', 'databases.core.DatabaseURL.obscure_password', 'databases.core.DatabaseURL', 'databases.backends.postgres.Record', 'databases.backends.sqlite.SQLiteConnection', 'databases.backends.mysql.MySQLConnection', 'databases.backends.postgres.PostgresConnection._compile']

diff: 0.2.6(original) 0.2.5
['databases.core.DatabaseURL.__repr__', 'databases.backends.postgres.PostgresConnection', 'databases.core.Database', 'databases.core.DatabaseURL.obscure_password', 'databases.core.DatabaseURL', 'databases.backends.sqlite.SQLiteConnection', 'databases.backends.mysql.MySQLConnection', 'databases.backends.postgres.PostgresConnection._compile']

diff: 0.2.6(original) 0.3.0
['databases.core.DatabaseURL.scheme', 'databases.backends.aiopg.AiopgConnection.transaction', 'databases.backends.aiopg.AiopgTransaction.rollback', 'databases.backends.aiopg.AiopgConnection', 'databases.backends.aiopg.AiopgTransaction', 'databases.backends.aiopg.AiopgBackend.connect', 'databases.core.Database.force_rollback', 'databases.backends.aiopg.AiopgConnection.fetch_all', 'databases.backends.aiopg.AiopgConnection._compile', 'databases.backends.aiopg.CompilationContext.__init__', 'databases.backends.aiopg.AiopgConnection.fetch_one', 'databases.backends.aiopg.AiopgConnection.__init__', 'databases.backends.aiopg.CompilationContext', 'databases.backends.sqlite.SQLiteConnection', 'databases.backends.aiopg.AiopgConnection.release', 'databases.backends.aiopg.AiopgBackend', 'databases.core.DatabaseURL', 'databases.backends.aiopg.AiopgBackend.__init__', 'databases.backends.aiopg.AiopgTransaction.__init__', 'databases.backends.aiopg.AiopgBackend._get_connection_kwargs', 'databases.backends.aiopg.AiopgBackend.disconnect', 'databases.core.Database', 'databases.backends.aiopg.AiopgConnection.execute_many', 'databases.backends.aiopg.AiopgConnection.execute', 'databases.backends.aiopg.AiopgConnection.iterate', 'databases.backends.aiopg.AiopgConnection.acquire', 'databases.backends.aiopg.AiopgTransaction.start', 'databases.backends.aiopg.AiopgConnection.raw_connection', 'databases.backends.aiopg.AiopgBackend._get_dialect', 'databases.backends.aiopg.AiopgBackend.connection', 'databases.backends.mysql.MySQLConnection', 'databases.backends.aiopg.AiopgTransaction.commit']

As for other packages, the APIs of @outside_package_name are called by databases in the call graph and the dependencies on these packages also stay the same in our suggested versions, thus avoiding any outside conflict.

Therefore, we believe that it is quite safe to loose your dependency on databases from "databases==0.2.6" to "databases>=0.2.3,<=0.3.0". This will improve the applicability of TodoList-FastAPI and reduce the possibility of any further dependency conflict with other projects/packages.