Update poetry requirement from <1.3.0,>=1.1.15 to >=1.1.15,<1.4.0 in /python/helpers #6302

dependabot · 2022-12-12T06:00:32Z

Updates the requirements on poetry to permit the latest version.

Release notes

1.3.1

Fixed

Fix an issue where an explicit dependency on lockfile was missing, resulting in a broken Poetry in rare circumstances (7169).

Changelog

Sourced from poetry's changelog.

[1.3.1] - 2022-12-12

Fixed

Fix an issue where an explicit dependency on lockfile was missing, resulting in a broken Poetry in rare circumstances (7169).

[1.3.0] - 2022-12-09

Added

Mark the lock file with an @generated comment as used by common tooling (#2773).

poetry check validates trove classifiers and warns for deprecations (#2881).

Introduce a top level -C, --directory option to set the working path (#6810).

Changed

New lock file format (version 2.0) (#6393).

Path dependency metadata is unconditionally re-locked (#6843).

URL dependency hashes are locked (#7121).

poetry update and poetry lock should now resolve dependencies more similarly (#6477).

poetry publish will report more useful errors when a file does not exist (#4417).

poetry add will check for duplicate entries using canonical names (#6832).

Wheels are preferred to source distributions when gathering metadata (#6547).

Git dependencies of extras are only fetched if the extra is requested (#6615).

Invoke pip with --no-input to prevent hanging without feedback (#6724, #6966).

Invoke pip with --isolated to prevent the influence of user configuration (#6531).

Interrogate environments with Python in isolated (-I) mode (#6628).

Raise an informative error when multiple version constraints overlap and are incompatible (#7098).

Fixed

Fix an issue where concurrent instances of Poetry would corrupt the artifact cache (#6186).

Fix an issue where Poetry can hang after being interrupted due to stale locking in cache (#6471).

Fix an issue where the output of commands executed with --dry-run contained duplicate entries (#4660).

Fix an issue where requests's pool size did not match the number of installer workers (#6805).

Fix an issue where poetry show --outdated failed with a runtime error related to direct origin dependencies (#6016).

Fix an issue where only the last command of an ApplicationPlugin is registered (#6304).

Fix an issue where git dependencies were fetched unnecessarily when running poetry lock --no-update (#6131).

Fix an issue where stdout was polluted with messages that should go to stderr (#6429).

Fix an issue with poetry shell activation and zsh (#5795).

Fix an issue where a url dependencies were shown as outdated (#6396).

Fix an issue where the source field of a dependency with extras was ignored (#6472).

Fix an issue where a package from the wrong source was installed for a multiple-constraints dependency with different sources (#6747).

Fix an issue where dependencies from different sources where merged during dependency resolution (#6679).

Fix an issue where experimental.system-git-client could not be used via environment variable (#6783).

Fix an issue where Poetry fails with an AssertionError due to distribution.files being None (#6788).

Fix an issue where poetry env info did not respect virtualenvs.prefer-active-python (#6986).

Fix an issue where poetry env list does not list the in-project environment (#6979).

Fix an issue where poetry env remove removed the wrong environment (#6195).

Fix an issue where the return code of a script was not relayed as exit code (#6824).

... (truncated)

Commits

9a4bf9f release: bump version to 1.3.1
f8e24fc tests: make tests forward compatible with simplified marker simplification (#...
8921a60 Add lockfile as an explicit dependency (#7169)
aa48815 release: bump version to 1.3.0
5281118 chore: pin poetry-core for release
0ca8b7e Calculate and store hash for url dependencies (#7121)
f594246 env: installing into MockEnv should not have side effects on another env (#...
b2e2045 chore: restrict virtualenv for Python 3.9 on Windows due to issues with the e...
41706e6 chore: re-lock Poetry's dependencies
b5ab46e provider: raise error if there are incompatible constraints in the requiremen...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

jeffwidman · 2022-12-12T17:50:07Z

@dependabot rebase

Updates the requirements on [poetry](https://github.com/python-poetry/poetry) to permit the latest version. - [Release notes](https://github.com/python-poetry/poetry/releases) - [Changelog](https://github.com/python-poetry/poetry/blob/1.3.1/CHANGELOG.md) - [Commits](python-poetry/poetry@1.1.15...1.3.1) --- updated-dependencies: - dependency-name: poetry dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot/dependabot-core#6302 is failing the smoke test because poetry made some changes to their lockfile format. This fixes those. Generated by: 1. Grabbing the updater image created in that PR from https://github.com/dependabot/dependabot-core/actions/runs/3877424061 2. In a codespace here on smoke repo running: ```shell dependabot --updater-image ghcr.io/dependabot/dependabot-updater:92d2892954c3900931a4ffbc03f68c19e863ad47 test -f tests/smoke-poetry.yaml -o tests/smoke-poetry.yaml ```

dependabot bot requested a review from a team as a code owner December 12, 2022 06:00

dependabot bot added dependencies python Dependabot pull requests that update Python code labels Dec 12, 2022

dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch 8 times, most recently from 863f01d to 644f762 Compare December 19, 2022 17:43

dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch 4 times, most recently from 894cb57 to b673527 Compare December 22, 2022 22:32

phillipuniverse mentioned this pull request Dec 24, 2022

Poetry version support #1556

Open

dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch from b673527 to e3b0f75 Compare January 2, 2023 05:13

maxrake mentioned this pull request Jan 3, 2023

build: bump importlib-metadata from 5.2.0 to 6.0.0 phylum-dev/phylum-ci#180

Closed

dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch 10 times, most recently from ee783db to 48b27fd Compare January 8, 2023 05:31

jeffwidman approved these changes Jan 8, 2023

View reviewed changes

dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch 2 times, most recently from 4ff9adc to 23f05b4 Compare January 8, 2023 08:30

helderco mentioned this pull request Jan 9, 2023

deps(python): Package updates dagger/dagger#4334

Merged

maxrake mentioned this pull request Jan 9, 2023

build: bump packaging from 22.0 to 23.0 phylum-dev/phylum-ci#184

Closed

dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch 7 times, most recently from 94c8c4d to 2f2496e Compare January 9, 2023 20:59

dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch from 2f2496e to 021ba76 Compare January 9, 2023 21:47

jeffwidman mentioned this pull request Jan 9, 2023

Update to poetry v1.3.0+ lockfile format dependabot/smoke-tests#26

Merged

jeffwidman merged commit a0e1b66 into main Jan 9, 2023

jeffwidman deleted the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch January 9, 2023 23:26

DMRobertson mentioned this pull request Jan 16, 2023

RFC: how to deal with poetry 1.3's new lockfile format matrix-org/synapse#14857

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update poetry requirement from <1.3.0,>=1.1.15 to >=1.1.15,<1.4.0 in /python/helpers #6302

Update poetry requirement from <1.3.0,>=1.1.15 to >=1.1.15,<1.4.0 in /python/helpers #6302

dependabot bot commented on behalf of github Dec 12, 2022 •

edited

Loading

jeffwidman commented Dec 12, 2022

Update poetry requirement from <1.3.0,>=1.1.15 to >=1.1.15,<1.4.0 in /python/helpers #6302

Update poetry requirement from <1.3.0,>=1.1.15 to >=1.1.15,<1.4.0 in /python/helpers #6302

Conversation

dependabot bot commented on behalf of github Dec 12, 2022 • edited Loading

1.3.1

Fixed

[1.3.1] - 2022-12-12

Fixed

[1.3.0] - 2022-12-09

Added

Changed

Fixed

jeffwidman commented Dec 12, 2022

dependabot bot commented on behalf of github Dec 12, 2022 •

edited

Loading