Checking projects using Poetry >= 1.5.0 fails

[plaa]

• safety version: 2.3.5
• Python version: 3.10.12
• Operating System: MacOS Ventura

Description

Safety uses dparse to parse the poetry.lock file. Poetry deprecated and in 1.5.0 removed writing of the category field into the poetry.lock file, while dparse assumes this field to always be present. Thus safety fails with the exception Malformed poetry lock file for any project using Poetry 1.5.0 (released in May) or newer.

dparse issue: pyupio/dparse#67

[yeisonvargasf]

@plaa, thanks for this report; in the coming month, we are releasing a 3.0 Safety version where this issue is addressed.

[Corfucinas]

@plaa, thanks for this report; in the coming month, we are releasing a 3.0 Safety version where this issue is addressed.

Great! I just ran into this same error

[jserpapinto]

We have also run into this issue.. Fix would be much appreciated!

[dylanpulver]

Hi @plaa and everyone involved,

Thank you for your patience and for bringing this issue to our attention.

We're pleased to inform you that Safety version 3 has been released, and this version addresses the issue with parsing poetry.lock files for projects using Poetry 1.5.0 or newer. The update ensures compatibility by handling the changes in the poetry.lock file structure.

Please update to Safety version 3 and test your environment. If you encounter any issues or have further questions, please let us know.

Thank you for your continued support and for helping us improve Safety!

Best Regards,
The Safety Team