Find a way to get notified of package incompatibilities

[GeorgianaElena]

Proposed change

In a recent attempt to use dependabot and frozen dependencies with traefik-proxy, @manics and @minrk presented very great points on how to find package incompatibilities the "right way" for python libraries (like traefik-proxy). The discussion about this is here.

Available options

A short summary of the possible options to find package incompatibilities (from the discussion mentioned about):

• have general requirements in setup.py, and pinned dependencies in dev-requirements.txt which are bumped by dependabot (ref: https://github.com/jupyterhub/traefik-proxy/pull/120#issuecomment-783248204)
• install the latest pre-releases of dependencies use those when running the tests (ref: https://github.com/jupyterhub/traefik-proxy/pull/120#issuecomment-783326536)
• have the 'always-latest' tests run in one matrix entry and dependabot-frozen reproducible envs run in a different matrix entry (ref: https://github.com/jupyterhub/traefik-proxy/pull/120#issuecomment-783326536)

Who would use this feature?

Developers would use this to find out when a certain dependency new release becomes incompatible with traefik-proxy and fix it, rather than reacting to it.

(Optional): Suggest a solution

[consideRatio]

There is also this trick by @minrk! To test against the oldest dependencies, and find them via a requirements.txt file that for example has package_name_here>=1.2.3 and converts it to package_name_here==1.2.3 to force the oldest version to be used in a test suite.

https://github.com/jupyterhub/jupyterhub/blob/534dda3dc73ab603037989dbf1e17318dfffd6b6/.github/workflows/test.yml#L123-L129