python: upgrade to poetry ^1.0.0

[tommilligan]

Upgrades Dependabot to using Poetry v1. This is backwards compatible with existing lockfiles, while supporting the new lockfile features introduced in v1.

This is based on #1710, but also:

• upgrades python/helpers test fixtures
• changes tests fixed by the upgrade from pending -> it

[ulgens]

@jurre Heyo 👋 Can you please point out someone to look at this PR? 🙂 The issue with poetry became slightly embrassing imo, it's very easy to fix but waiting there for last 4 months.

[ulgens]

Hi @tommilligan, this PR doesn't close #1556 and i'm not sure about #1621 . The issue in #1556 wasn't using old version of Poetry, it was Dependabot doesn't respect given version value in pyproject.toml. I started to think, if single version upgrade for Poetry takes months, multiple version support is impossible in foreseeable future. If that one gets merged, i'll close #1556 myself but again, this PR doesn't fix it.

Note: #1556 is misunderstood by a lot of people, but i'm kinda okay with it because it's raised some awareness about outdated version.

[ulgens]

Shameless plug, i just saw #1621 (comment)

I'm afraid I don't work on Dependabot anymore (I'm focussed on other security products at GitHub), but @feelepxyz and the team should be able to help!

@feelepxyz ping 🙂

[tommilligan]

@ulgens I've removed the Closes issue tags so they can be discussed and closed separately.

[feelepxyz]

🎉

[jurre]

Thanks @tommilligan, this looks good to me 👍

[tommilligan]

You're welcome - thanks for making a great tool for so many languages.