Update version number in pyproject.toml and update lock file without dependency resolution

[Korijn]

When performing a release of my library or application, I typically bump the version number in pyproject.toml.

However, that means the lockfile is now out of sync (as it includes a content-hash of pyproject.toml). The only way to resolve is to re-run poetry lock, or to compute the content-hash myself and update poetry.lock manually 🤮.

If I choose to apply poetry lock, dependency resolution is performed, but I don't want to do that right before a release of my software!

Is there a command or option that I'm overlooking to deal with this situation?

• I have searched the issues of this repo and believe that this is not a duplicate.
• I have searched the documentation and believe that my question is not covered.

[dimbleby]

You have checked the "I have searched the documentation" box, but have you really? poetry lock has exactly one option and it does what you want.

[Korijn]

I did, but not well enough. I'm sorry!

(For future readers: it's poetry lock --no-update)

[Korijn]

Well, I just tried that, but it still changes the locked versions of packages. I'm using poetry v1.1.12. Reopening.

❯ poetry lock --no-update
Resolving dependencies...

Writing lock file

Small portion of git diff output:

❯ git diff
diff --git a/shared-python/poetry.lock b/shared-python/poetry.lock
index cc687bc3..69a89df6 100644
--- a/shared-python/poetry.lock
+++ b/shared-python/poetry.lock
@@ -125,11 +125,11 @@ reference = "azure_artifacts"

 [[package]]
 name = "celery"
-version = "5.2.3"
+version = "5.2.7"
 description = "Distributed Task Queue."
 category = "main"
 optional = false
-python-versions = ">=3.7,"
+python-versions = ">=3.7"

Ironically, the content-hash of pyproject.toml was not updated.

To be clear, all I've changed in pyproject.toml is this:

[tool.poetry]
name = "myfancyproject"
version = "1.4.0"  # <<< this line

Does this become a bug report at this point?

Actually it might be #4618 because celery has extras and its the only package being changed...

[dimbleby]

Sounds like a duplicate then, if so then it looks as though it should be fixed in the latest beta

[Korijn]

Would you expect the content hash to be updated? That part is not captured in #4618

[radoering]

The content hash does not include every part of pyproject.toml. If I remember correctly, only dependency sections are considered.

[Korijn]

The content hash does not include every part of pyproject.toml. If I remember correctly, only dependency sections are considered.

Ahh! That makes sense. OK thanks!

Closing as duplicate.

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.