> For your dependency/versioning issue, use a virtualenv per-project and pin your dependency versions in requirements.txt

requirements.txt is not uploaded to PyPI and has no effect on your package’s dependencies when a user installs it (leaf package or no). It’s only used for developing the package itself, typically in a unique virtual environment.