Issue with over-permissive versions in setup.py

[awbacker]

trafficstars

We are on 1.3.0 of django-rq, and had an issue with it installing rq==1.0 which is obviously not compatible.

The issue is that the setup.py allows any upgrade of any of its required packages. This was an issue in 1.3.0 and still is (though the version # has been updated). For now we have pinned rq==0.13 in our requirements, but that shoudn't be necessary.

install_requires=['django>=1.8.0', 'rq>=1.0', 'redis>=3'],  # was rq>=0.13.0 before

I think limiting the versions, and at least sticking to "no major version bumps" would help prevent these issues in the future, such as when redis.py upgrades to v4. May I suggest something like this:

'rq>=1.0,<2', 'redis>=3,<4'

I'd prefer pining to minor versions and only allowing patches, but I guess that depends on the update policies of rq & redis.

[selwin]

What you suggested sounds reasonable, do you mind opening a PR for this?