A pre-commit hook to ensure Poetry dependencies are pinned.
- repo: https://github.com/Harry-Lees/pre-commit-pin-dependencies
rev: main # or specific git tag
hooks:
- id: poetry-dependencies-pinnedThe following pyproject.toml will raise an error as the Python dependency is not pinned.
# pyproject.toml
[tool.poetry.dependencies]
python = ">=3.7"
toml = "0.10.2"When writing application code, it is important to ensure dependencies are pinned in order to ensure reproducable builds.
By default, poetry will use caret requirements which will allow a range of possible versions. This can be misleading and cause hard to spot bugs in CI.