Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump poetry from 1.1.8 to 1.3.1 in /.github/workflows #273

Closed

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Dec 12, 2022

Bumps poetry from 1.1.8 to 1.3.1.

Release notes

Sourced from poetry's releases.

1.3.1

Fixed

  • Fix an issue where an explicit dependency on lockfile was missing, resulting in a broken Poetry in rare circumstances (7169).

1.3.0

Added

  • Mark the lock file with an @generated comment as used by common tooling (#2773).
  • poetry check validates trove classifiers and warns for deprecations (#2881).
  • Introduce a top level -C, --directory option to set the working path (#6810).

Changed

  • New lock file format (version 2.0) (#6393).
  • Path dependency metadata is unconditionally re-locked (#6843).
  • URL dependency hashes are locked (#7121).
  • poetry update and poetry lock should now resolve dependencies more similarly (#6477).
  • poetry publish will report more useful errors when a file does not exist (#4417).
  • poetry add will check for duplicate entries using canonical names (#6832).
  • Wheels are preferred to source distributions when gathering metadata (#6547).
  • Git dependencies of extras are only fetched if the extra is requested (#6615).
  • Invoke pip with --no-input to prevent hanging without feedback (#6724, #6966).
  • Invoke pip with --isolated to prevent the influence of user configuration (#6531).
  • Interrogate environments with Python in isolated (-I) mode (#6628).
  • Raise an informative error when multiple version constraints overlap and are incompatible (#7098).

Fixed

  • Fix an issue where concurrent instances of Poetry would corrupt the artifact cache (#6186).
  • Fix an issue where Poetry can hang after being interrupted due to stale locking in cache (#6471).
  • Fix an issue where the output of commands executed with --dry-run contained duplicate entries (#4660).
  • Fix an issue where requests's pool size did not match the number of installer workers (#6805).
  • Fix an issue where poetry show --outdated failed with a runtime error related to direct origin dependencies (#6016).
  • Fix an issue where only the last command of an ApplicationPlugin is registered (#6304).
  • Fix an issue where git dependencies were fetched unnecessarily when running poetry lock --no-update (#6131).
  • Fix an issue where stdout was polluted with messages that should go to stderr (#6429).
  • Fix an issue with poetry shell activation and zsh (#5795).
  • Fix an issue where a url dependencies were shown as outdated (#6396).
  • Fix an issue where the source field of a dependency with extras was ignored (#6472).
  • Fix an issue where a package from the wrong source was installed for a multiple-constraints dependency with different sources (#6747).
  • Fix an issue where dependencies from different sources where merged during dependency resolution (#6679).
  • Fix an issue where experimental.system-git-client could not be used via environment variable (#6783).
  • Fix an issue where Poetry fails with an AssertionError due to distribution.files being None (#6788).
  • Fix an issue where poetry env info did not respect virtualenvs.prefer-active-python (#6986).
  • Fix an issue where poetry env list does not list the in-project environment (#6979).
  • Fix an issue where poetry env remove removed the wrong environment (#6195).
  • Fix an issue where the return code of a script was not relayed as exit code (#6824).
  • Fix an issue where the solver could silently swallow ValueError (#6790).

Docs

... (truncated)

Changelog

Sourced from poetry's changelog.

[1.3.1] - 2022-12-12

Fixed

  • Fix an issue where an explicit dependency on lockfile was missing, resulting in a broken Poetry in rare circumstances (7169).

[1.3.0] - 2022-12-09

Added

  • Mark the lock file with an @generated comment as used by common tooling (#2773).
  • poetry check validates trove classifiers and warns for deprecations (#2881).
  • Introduce a top level -C, --directory option to set the working path (#6810).

Changed

  • New lock file format (version 2.0) (#6393).
  • Path dependency metadata is unconditionally re-locked (#6843).
  • URL dependency hashes are locked (#7121).
  • poetry update and poetry lock should now resolve dependencies more similarly (#6477).
  • poetry publish will report more useful errors when a file does not exist (#4417).
  • poetry add will check for duplicate entries using canonical names (#6832).
  • Wheels are preferred to source distributions when gathering metadata (#6547).
  • Git dependencies of extras are only fetched if the extra is requested (#6615).
  • Invoke pip with --no-input to prevent hanging without feedback (#6724, #6966).
  • Invoke pip with --isolated to prevent the influence of user configuration (#6531).
  • Interrogate environments with Python in isolated (-I) mode (#6628).
  • Raise an informative error when multiple version constraints overlap and are incompatible (#7098).

Fixed

  • Fix an issue where concurrent instances of Poetry would corrupt the artifact cache (#6186).
  • Fix an issue where Poetry can hang after being interrupted due to stale locking in cache (#6471).
  • Fix an issue where the output of commands executed with --dry-run contained duplicate entries (#4660).
  • Fix an issue where requests's pool size did not match the number of installer workers (#6805).
  • Fix an issue where poetry show --outdated failed with a runtime error related to direct origin dependencies (#6016).
  • Fix an issue where only the last command of an ApplicationPlugin is registered (#6304).
  • Fix an issue where git dependencies were fetched unnecessarily when running poetry lock --no-update (#6131).
  • Fix an issue where stdout was polluted with messages that should go to stderr (#6429).
  • Fix an issue with poetry shell activation and zsh (#5795).
  • Fix an issue where a url dependencies were shown as outdated (#6396).
  • Fix an issue where the source field of a dependency with extras was ignored (#6472).
  • Fix an issue where a package from the wrong source was installed for a multiple-constraints dependency with different sources (#6747).
  • Fix an issue where dependencies from different sources where merged during dependency resolution (#6679).
  • Fix an issue where experimental.system-git-client could not be used via environment variable (#6783).
  • Fix an issue where Poetry fails with an AssertionError due to distribution.files being None (#6788).
  • Fix an issue where poetry env info did not respect virtualenvs.prefer-active-python (#6986).
  • Fix an issue where poetry env list does not list the in-project environment (#6979).
  • Fix an issue where poetry env remove removed the wrong environment (#6195).
  • Fix an issue where the return code of a script was not relayed as exit code (#6824).

... (truncated)

Commits
  • 9a4bf9f release: bump version to 1.3.1
  • f8e24fc tests: make tests forward compatible with simplified marker simplification (#...
  • 8921a60 Add lockfile as an explicit dependency (#7169)
  • aa48815 release: bump version to 1.3.0
  • 5281118 chore: pin poetry-core for release
  • 0ca8b7e Calculate and store hash for url dependencies (#7121)
  • f594246 env: installing into MockEnv should not have side effects on another env (#...
  • b2e2045 chore: restrict virtualenv for Python 3.9 on Windows due to issues with the e...
  • 41706e6 chore: re-lock Poetry's dependencies
  • b5ab46e provider: raise error if there are incompatible constraints in the requiremen...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [poetry](https://github.com/python-poetry/poetry) from 1.1.8 to 1.3.1.
- [Release notes](https://github.com/python-poetry/poetry/releases)
- [Changelog](https://github.com/python-poetry/poetry/blob/1.3.1/CHANGELOG.md)
- [Commits](python-poetry/poetry@1.1.8...1.3.1)

---
updated-dependencies:
- dependency-name: poetry
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from Quentame as a code owner December 12, 2022 13:04
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 12, 2022
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Jan 11, 2023

Superseded by #285.

@dependabot dependabot bot closed this Jan 11, 2023
@dependabot dependabot bot deleted the dependabot/pip/dot-github/workflows/poetry-1.3.1 branch January 11, 2023 13:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants