django-graphql-auth is not compatible with Django 4.0 because it doesn't require the latest version of django-graphql-jwt

[MahmoudMousaHamad]

Prerequisites

• Is it a bug?
• Is it a new feature?
• Is it a a question?
• Can you reproduce the problem?
• Are you running the latest version? (0.3.16)
• Did you check for similar issues?
• Did you perform a cursory search?

Description

I am running Django 4.0.4 and I am unable to use the latest version of django-graphql-jwt which is 0.3.4 (which is the compatible version with Django 4.0, see this issue and this stackoverflow question for more info) because django-graphql-auth requires django-graphql-jwt==0.3.0 as seen in the following error message when I try to run pip install -r requirements.txt:

ERROR: Cannot install -r requirements.txt (line 11) and django-graphql-jwt==0.3.4 because these package versions have conflicting dependencies.

The conflict is caused by:
    The user requested django-graphql-jwt==0.3.4
    django-graphql-auth 0.3.16 depends on django-graphql-jwt==0.3.0

To fix this you could try to:
1. loosen the range of package versions you've specified
2. remove package versions to allow pip attempt to solve the dependency conflict

Steps to Reproduce

1. Start a Django project with Django 4.0 in requirements.txt
2. Add django-graphql-jwt==0.3.4 to your requirements.txt
3. Add the latest version of django-graphql-auth to your requirements.txt
4. Run pip install -r requirements.txt

Expected behavior

Compatibility with Django 4.0 by requiring the latest version of django-graphql-jwt==0.3.4

Actual behavior

Pip install fails with the following error message:

ERROR: Cannot install -r requirements.txt (line 11) and django-graphql-jwt==0.3.4 because these package versions have conflicting dependencies.

The conflict is caused by:
    The user requested django-graphql-jwt==0.3.4
    django-graphql-auth 0.3.16 depends on django-graphql-jwt==0.3.0

To fix this you could try to:
1. loosen the range of package versions you've specified
2. remove package versions to allow pip attempt to solve the dependency conflict

Requirements

aniso8601==7.0.0
asgiref==3.5.1
asn1crypto==1.5.1
certifi==2021.10.8
charset-normalizer==2.0.12
dj-database-url==0.5.0
Django==4.0.4
django-cors-headers==3.11.0
django-environ==0.8.1
django-filter==21.1
django-graphql-auth==0.3.16
django-graphql-jwt==0.3.4
django-picklefield==3.0.1
graphene==3.0
graphene-django==3.0.0b7
graphql-core==3.1.7
graphql-relay==3.1.5
gunicorn==20.1.0
idna==3.3
oauthlib==3.2.0
promise==2.3
psycopg2-binary==2.9.3
PyJWT==1.7.1
pytz==2022.1
pyuwsgi==2.0.20
requests==2.27.1
requests-oauthlib==1.3.1
Rx==1.6.1
singledispatch==3.7.0
six==1.16.0
sqlparse==0.4.2
text-unidecode==1.3
tzdata==2022.1
urllib3==1.26.9
whitenoise==6.1.0

[nrbnlulu]

This project seems to be deprecated you can move on to strawberry where both this project and the jwt project migrated, maintained and tested with django 3.2 - 4 .

[maxclax]

This project seems to be deprecated you can move on to strawberry where both this project and the jwt project migrated, maintained and tested with django 3.2 - 4 .

what do you mean? what does strawberry and where?

[nrbnlulu]

@qari

• I mean that it is no longer maintained, and also I have talked with @PedroBern and he said that he intends to make this repo read only soon.
• Strawberry is one of the alternatives to the dying graphene, We have put a lot of work to migrate this project to strawberry so I would suggest using Strawberry over ariadne or other alternatives, also if you are into typing it is for sure better.

[BurnySc2]

There has been an update tographene-python on pypi, which is finally compatible with Django 4.0.

Could this motivate Pedrobern or someone else to update this library, so that it will also become compatible with Django 4.0?
Or am I misunderstanding and it should already work with Django 4.0? If not, are there any other issues besides the version loosening of the django-graphql-jwt package requirement?

[chris-stetter]

Any update here?

[dastanko]

+1 on this issue.

[vinu]

+1