From ab500ea14e80f72f2a8f4a361a345be73973c1c5 Mon Sep 17 00:00:00 2001
From: Brad Warren <bmw@eff.org>
Date: Fri, 16 Jul 2021 16:21:06 -0700
Subject: [PATCH] mention need to update setup.py

---
 certbot/docs/contributing.rst       | 14 +++++++++-----
 tools/pinning/oldest/pyproject.toml |  5 ++++-
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/certbot/docs/contributing.rst b/certbot/docs/contributing.rst
index d00823e83..0436ce995 100644
--- a/certbot/docs/contributing.rst
+++ b/certbot/docs/contributing.rst
@@ -578,11 +578,15 @@ In most cases, the file where dependency versions are specified is
 ``tools/requirements.txt``. There are two exceptions to this. The first is our
 "oldest" tests where ``tools/oldest_constraints.txt`` is used instead. The
 purpose of the "oldest" tests is to ensure Certbot continues to work with the
-oldest versions of our dependencies which we claim to support. The second
-exception to using ``tools/requirements.txt`` is in our unpinned tests. As of
-writing this, there is one test we run nightly in CI where we leave Certbot's
-dependencies unpinned. The thinking behind this test is to help us learn about
-breaking changes in our dependencies so that we can respond accordingly.
+oldest versions of our dependencies which we claim to support. The oldest
+versions of the dependencies we support should also be declared in our setup.py
+files to communicate this information to our users.
+
+The second exception to using ``tools/requirements.txt`` is in our unpinned
+tests. As of writing this, there is one test we run nightly in CI where we
+leave Certbot's dependencies unpinned. The thinking behind this test is to help
+us learn about breaking changes in our dependencies so that we can respond
+accordingly.
 
 The choices of whether Certbot's dependencies are pinned and what file is used
 if they are should be automatically handled for you most of the time by
diff --git a/tools/pinning/oldest/pyproject.toml b/tools/pinning/oldest/pyproject.toml
index 051a805e2..ba9cf1972 100644
--- a/tools/pinning/oldest/pyproject.toml
+++ b/tools/pinning/oldest/pyproject.toml
@@ -45,7 +45,10 @@ acme = {path = "../../../acme", extras = ["test"]}
 # to the oldest version of the dependency that is found in a non-EOL'd version
 # of CentOS, Debian, or Ubuntu that has Certbot packages in their OS
 # repositories using a version of Python we support. If the distro is EOL'd or
-# using a version of Python we don't support, it can be ignored.
+# using a version of Python we don't support, it can be ignored. If the
+# dependency being updated is a direct dependency of one of our own packages,
+# the minimum required version of that dependency should be updated in our
+# setup.py files as well to communicate this information to our users.
 
 # CentOS/RHEL 7 EPEL dependencies
 # Some of these dependencies may be stricter than necessary because they