Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update poetry requirement from <1.3.0,>=1.1.15 to >=1.1.15,<1.4.0 in /python/helpers #6302

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 12, 2022

Updates the requirements on poetry to permit the latest version.

Release notes

Sourced from poetry's releases.

1.3.1

Fixed

  • Fix an issue where an explicit dependency on lockfile was missing, resulting in a broken Poetry in rare circumstances (7169).
Changelog

Sourced from poetry's changelog.

[1.3.1] - 2022-12-12

Fixed

  • Fix an issue where an explicit dependency on lockfile was missing, resulting in a broken Poetry in rare circumstances (7169).

[1.3.0] - 2022-12-09

Added

  • Mark the lock file with an @generated comment as used by common tooling (#2773).
  • poetry check validates trove classifiers and warns for deprecations (#2881).
  • Introduce a top level -C, --directory option to set the working path (#6810).

Changed

  • New lock file format (version 2.0) (#6393).
  • Path dependency metadata is unconditionally re-locked (#6843).
  • URL dependency hashes are locked (#7121).
  • poetry update and poetry lock should now resolve dependencies more similarly (#6477).
  • poetry publish will report more useful errors when a file does not exist (#4417).
  • poetry add will check for duplicate entries using canonical names (#6832).
  • Wheels are preferred to source distributions when gathering metadata (#6547).
  • Git dependencies of extras are only fetched if the extra is requested (#6615).
  • Invoke pip with --no-input to prevent hanging without feedback (#6724, #6966).
  • Invoke pip with --isolated to prevent the influence of user configuration (#6531).
  • Interrogate environments with Python in isolated (-I) mode (#6628).
  • Raise an informative error when multiple version constraints overlap and are incompatible (#7098).

Fixed

  • Fix an issue where concurrent instances of Poetry would corrupt the artifact cache (#6186).
  • Fix an issue where Poetry can hang after being interrupted due to stale locking in cache (#6471).
  • Fix an issue where the output of commands executed with --dry-run contained duplicate entries (#4660).
  • Fix an issue where requests's pool size did not match the number of installer workers (#6805).
  • Fix an issue where poetry show --outdated failed with a runtime error related to direct origin dependencies (#6016).
  • Fix an issue where only the last command of an ApplicationPlugin is registered (#6304).
  • Fix an issue where git dependencies were fetched unnecessarily when running poetry lock --no-update (#6131).
  • Fix an issue where stdout was polluted with messages that should go to stderr (#6429).
  • Fix an issue with poetry shell activation and zsh (#5795).
  • Fix an issue where a url dependencies were shown as outdated (#6396).
  • Fix an issue where the source field of a dependency with extras was ignored (#6472).
  • Fix an issue where a package from the wrong source was installed for a multiple-constraints dependency with different sources (#6747).
  • Fix an issue where dependencies from different sources where merged during dependency resolution (#6679).
  • Fix an issue where experimental.system-git-client could not be used via environment variable (#6783).
  • Fix an issue where Poetry fails with an AssertionError due to distribution.files being None (#6788).
  • Fix an issue where poetry env info did not respect virtualenvs.prefer-active-python (#6986).
  • Fix an issue where poetry env list does not list the in-project environment (#6979).
  • Fix an issue where poetry env remove removed the wrong environment (#6195).
  • Fix an issue where the return code of a script was not relayed as exit code (#6824).

... (truncated)

Commits
  • 9a4bf9f release: bump version to 1.3.1
  • f8e24fc tests: make tests forward compatible with simplified marker simplification (#...
  • 8921a60 Add lockfile as an explicit dependency (#7169)
  • aa48815 release: bump version to 1.3.0
  • 5281118 chore: pin poetry-core for release
  • 0ca8b7e Calculate and store hash for url dependencies (#7121)
  • f594246 env: installing into MockEnv should not have side effects on another env (#...
  • b2e2045 chore: restrict virtualenv for Python 3.9 on Windows due to issues with the e...
  • 41706e6 chore: re-lock Poetry's dependencies
  • b5ab46e provider: raise error if there are incompatible constraints in the requiremen...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot requested a review from a team as a code owner December 12, 2022 06:00
@dependabot dependabot bot added dependencies python Dependabot pull requests that update Python code labels Dec 12, 2022
@jeffwidman
Copy link
Member

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch 8 times, most recently from 863f01d to 644f762 Compare December 19, 2022 17:43
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch 4 times, most recently from 894cb57 to b673527 Compare December 22, 2022 22:32
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch from b673527 to e3b0f75 Compare January 2, 2023 05:13
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch 10 times, most recently from ee783db to 48b27fd Compare January 8, 2023 05:31
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch 2 times, most recently from 4ff9adc to 23f05b4 Compare January 8, 2023 08:30
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch 7 times, most recently from 94c8c4d to 2f2496e Compare January 9, 2023 20:59
Updates the requirements on [poetry](https://github.com/python-poetry/poetry) to permit the latest version.
- [Release notes](https://github.com/python-poetry/poetry/releases)
- [Changelog](https://github.com/python-poetry/poetry/blob/1.3.1/CHANGELOG.md)
- [Commits](python-poetry/poetry@1.1.15...1.3.1)

---
updated-dependencies:
- dependency-name: poetry
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch from 2f2496e to 021ba76 Compare January 9, 2023 21:47
jeffwidman added a commit to dependabot/smoke-tests that referenced this pull request Jan 9, 2023
dependabot/dependabot-core#6302 is failing the
smoke test because poetry made some changes to their lockfile format.

This fixes those.

Generated by:
1. Grabbing the updater image created in that PR from https://github.com/dependabot/dependabot-core/actions/runs/3877424061
2. In a codespace here on smoke repo running:
```shell
dependabot --updater-image ghcr.io/dependabot/dependabot-updater:92d2892954c3900931a4ffbc03f68c19e863ad47 test -f tests/smoke-poetry.yaml -o tests/smoke-poetry.yaml
```
jeffwidman added a commit to dependabot/smoke-tests that referenced this pull request Jan 9, 2023
dependabot/dependabot-core#6302 is failing the
smoke test because poetry made some changes to their lockfile format.

This fixes those.

Generated by:
1. Grabbing the updater image created in that PR from https://github.com/dependabot/dependabot-core/actions/runs/3877424061
2. In a codespace here on smoke repo running:
```shell
dependabot --updater-image ghcr.io/dependabot/dependabot-updater:92d2892954c3900931a4ffbc03f68c19e863ad47 test -f tests/smoke-poetry.yaml -o tests/smoke-poetry.yaml
```
@jeffwidman jeffwidman merged commit a0e1b66 into main Jan 9, 2023
@jeffwidman jeffwidman deleted the dependabot/pip/python/helpers/poetry-gte-1.1.15-and-lt-1.4.0 branch January 9, 2023 23:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies python Dependabot pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant