Improved dependency upgrade handling

Consider using trick from seaborn (and statsmodel) for only adding dependencies to requirements if they cannot be imported, to prevent unintended upgrades of dependencies.

see e.g. https://github.com/mwaskom/seaborn/blob/master/setup.py

thanks @mwaskom for the suggestion!
