[document] Mention poetry.toml

[majiang]

See #2937 (comment)

Pull Request Check List

Resolves: #issue-number-here

• Added tests for changed code.
• Updated documentation for changed code.

[alexchandel]

Would be really, really convenient if you could put poetry.toml config values in pyproject.toml…

[majiang]

I was also a one who thought it is convenient, but after reading finswimmer's comment, the current behavior seems perfectly reasonable, except that this is not documented well.

[github-actions]

Deploy preview for website ready!

✅ Preview
https://website-e9wd9fzwu-python-poetry.vercel.app

Built with commit 6356cf5.
This pull request is being automatically deployed with vercel-action

[abn]

This is not entirely true or enforced. I'd reword it to suggest it is recommended not to commit it as it may contain user specific configuration or sensitive information.

[majiang]

reworded!

[Secrus]

@majiang just a gentle bump ;) This would be nice addition to our docs.

[b-long]

There was no reply to my previous comment, so I'm unsure if anyone saw it.

I'd like to make one more plea for changing the wording. Currently, the PR adds:

Your local configuration of Poetry application is stored in `poetry.toml` file,
which is separate from `pyproject.toml`.

It is recommended you do not check-in this file into your repository
since it may contain user specific or sensitive information.

When working in a shared code base, I find it extremely useful to have a poetry.toml alongside a .vscode/. That way, I can setup teammates quickly, and we all have the same configuration:

cd <project> && poetry install
code .
In the VSCode debugger, select "Python: Debug FastAPI"
Open your browser to http://localhost:8000/docs

I have a small FastAPI project which provides an example of this configuration: https://github.com/b-long/mooseblog .

As I said before, the poetry.toml file with configuration seems to be a popular feature. More people may adopt and love Poetry by learning about this feature (seeing it in open source repositories). Reading some previous discussions people seem to really like using it. For example: #108 (comment)

[Secrus]

There was no reply to my previous comment, so I'm unsure if anyone saw it.

I'd like to make one more plea for changing the wording. Currently, the PR adds:

Your local configuration of Poetry application is stored in `poetry.toml` file,
which is separate from `pyproject.toml`.

It is recommended you do not check-in this file into your repository
since it may contain user specific or sensitive information.

When working in a shared code base, I find it extremely useful to have a poetry.toml alongside a .vscode/. That way, I can setup teammates quickly, and we all have the same configuration...

Hi. We ask for rewording to avoid people showing up and claiming that we are recommending something not secure. poetry.toml may contain credentials to repositories for example. I will add my recommendation on how it could look.

[majiang]

committed @Secrus 's suggestion since it is better in that we clearly warn.

[github-actions]

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.