Bump poetry from 0.12.17 to 1.0.3 in /python/helpers

[dependabot]

Bumps poetry from 0.12.17 to 1.0.3.

Release notes

Sourced from poetry's releases.

1.0.3

Fixed

• Fixed an error which caused the configuration environment variables (like POETRY_HTTP_BASIC_XXX_PASSWORD) to not be used (#1909).
• Fixed an error where the --help option was not working (#1910).
• Fixed an error where packages from private indices were not decompressed properly (#1851).
• Fixed an error where the version of some PEP-508-formatted wheel dependencies was not properly retrieved (#1932).
• Fixed internal regexps to avoid potential catastrophic backtracking errors (#1913).
• Fixed performance issues when custom indices were defined in the pyproject.toml file (#1892).
• Fixed the get_requires_for_build_wheel() function of masonry.api which wasn't returning the proper result (#1875).

1.0.2

Fixed

• Reverted a previous fix (#1796) which was causing errors for projects with file and/or directory dependencies (#1865).

1.0.1

Fixed

• Fixed an error in env use where the wrong Python executable was being used to check compatibility (#1736).
• Fixed an error where VCS dependencies were not properly categorized as development dependencies (#1725).
• Fixed an error where some shells would no longer be usable after using the shell command (#1673).
• Fixed an error where explicitly included files where not included in wheel distributions (#1750).
• Fixed an error where some Git dependencies url were not properly parsed (#1756).
• Fixed an error in the env commands on Windows if the path to the executable contained a space (#1774).
• Fixed several errors and UX issues caused by keyring on some systems (#1788).
• Fixed errors when trying to detect installed packages (#1786).
• Fixed an error when packaging projects where Python packages were not properly detected (#1592).
• Fixed an error where local file dependencies were exported as editable when using the export command (#1840).
• Fixed the way environment markers are propagated and evaluated when resolving dependencies (#1829, #1789).
• Fixed an error in the PEP-508 compliant representation of directory and file dependencies (#1796).
• Fixed an error where invalid virtual environments would be silently used. They will not be recreated and a warning will be displayed (#1797).
• Fixed an error where dependencies were not properly detected when reading the setup.py file in some cases (#1764).

1.0.0

Added

• Added an export command to export the lock file to other formats (only requirements.txt is currently supported).
• Added a env info command to get basic information about the current environment.
• Added a env use command to control the Python version used by the project.
• Added a env list command to list the virtualenvs associated with the current project.
• Added a env remove command to delete virtualenvs associated with the current project.
• Added support for POETRY_HOME declaration within get-poetry.py.
• Added support for declaring a specific source for dependencies.
• Added support for disabling PyPI and making another repository the default one.
• Added support for declaring private repositories as secondary.
• Added the ability to specify packages on a per-format basis.
• Added support for custom urls in metadata.
• Full environment markers are now supported for dependencies via the markers property.
• Added the ability to specify git dependencies directly in add, it no longer requires the --git option.

... (truncated)

Changelog

Sourced from poetry's changelog.

[1.0.3] - 2020-01-31

Fixed

• Fixed an error which caused the configuration environment variables (like POETRY_HTTP_BASIC_XXX_PASSWORD) to not be used (#1909).
• Fixed an error where the --help option was not working (#1910).
• Fixed an error where packages from private indices were not decompressed properly (#1851).
• Fixed an error where the version of some PEP-508-formatted wheel dependencies was not properly retrieved (#1932).
• Fixed internal regexps to avoid potential catastrophic backtracking errors (#1913).
• Fixed performance issues when custom indices were defined in the pyproject.toml file (#1892).
• Fixed the get_requires_for_build_wheel() function of masonry.api which wasn't returning the proper result (#1875).

[1.0.2] - 2020-01-10

Fixed

• Reverted a previous fix (#1796) which was causing errors for projects with file and/or directory dependencies (#1865).

[1.0.1] - 2020-01-10

Fixed

• Fixed an error in env use where the wrong Python executable was being used to check compatibility (#1736).
• Fixed an error where VCS dependencies were not properly categorized as development dependencies (#1725).
• Fixed an error where some shells would no longer be usable after using the shell command (#1673).
• Fixed an error where explicitly included files where not included in wheel distributions (#1750).
• Fixed an error where some Git dependencies url were not properly parsed (#1756).
• Fixed an error in the env commands on Windows if the path to the executable contained a space (#1774).
• Fixed several errors and UX issues caused by keyring on some systems (#1788).
• Fixed errors when trying to detect installed packages (#1786).
• Fixed an error when packaging projects where Python packages were not properly detected (#1592).
• Fixed an error where local file dependencies were exported as editable when using the export command (#1840).
• Fixed the way environment markers are propagated and evaluated when resolving dependencies (#1829, #1789).
• Fixed an error in the PEP-508 compliant representation of directory and file dependencies (#1796).
• Fixed an error where invalid virtual environments would be silently used. They will not be recreated and a warning will be displayed (#1797).
• Fixed an error where dependencies were not properly detected when reading the setup.py file in some cases (#1764).

[1.0.0] - 2019-12-12

Added

• Added an export command to export the lock file to other formats (only requirements.txt is currently supported).
• Added a env info command to get basic information about the current environment.
• Added a env use command to control the Python version used by the project.
• Added a env list command to list the virtualenvs associated with the current project.
• Added a env remove command to delete virtualenvs associated with the current project.
• Added support for POETRY_HOME declaration within get-poetry.py.

... (truncated)

Commits

• ed44342 Bump version to 1.0.3 (#1966)
• 7974d0f Upgrade dependencies for the 1.0.3 release (#1965)
• d331535 Fix downloading packages from Simplepypi (#1851)
• 4687ef8 Fix how repository credentials are retrieved from env vars (#1909)
• 4897a70 Fix errors when using the --help option (#1910)
• 930515b fix: correct parsing of wheel version with regex. (#1932)
• 2df0d2c Avoid nested quantifiers with overlapping character space on git url parsing ...
• 954d160 Fix Github Actions cache issues (#1928)
• 380e09b Lazy Keyring intialization for PasswordManager (#1892)
• a0c9357 fix (masonry.api): get_requires_for_build_wheel must return additional list...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

[greysteil]

@feelepxyz FYI, I got a notification about this PR (and the other @dependabot[bot] ones) when I shouldn't have done - presumably because I'm a security admin.

[feelepxyz]

@greysteil oh cheers for flagging, will look into it!

[alwx]

Hello @feelepxyz!
Any news about Poetry 1.x support? We would love to use Dependabot, but that's the only issue that prevents us from using it.

[dependabot]

Superseded by #1710.