Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump poetry from 1.3.2 to 1.4.0 in /.github/workflows #140

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 28, 2023

Bumps poetry from 1.3.2 to 1.4.0.

Release notes

Sourced from poetry's releases.

1.4.0

Added

  • Add a modern installer (installer.modern-installation) for faster installation of packages and independence from pip (#6205).
  • Add support for Private :: trove classifiers (#7271).
  • Add the version of poetry in the @generated comment at the beginning of the lock file (#7339).
  • Add support for virtualenvs.prefer-active-python when running poetry new and poetry init (#7100).

Changed

  • Deprecate the old installer, i.e. setting experimental.new-installer to false (#7358).
  • Remove unused platform field from cached package info and bump the cache version (#7304).
  • Extra dependencies of the root project are now sorted in the lock file (#7375).
  • Remove upper boundary for importlib-metadata dependency (#7434).
  • Validate path dependencies during use instead of during construction (#6844).
  • Remove the deprecated repository modules (#7468).

Fixed

  • Fix an issue where an unconditional dependency of an extra was not installed in specific environments (#7175).
  • Fix an issue where a pre-release of a dependency was chosen even if a stable release fulfilled the constraint (#7225, #7236).
  • Fix an issue where HTTP redirects were not handled correctly during publishing (#7160).
  • Fix an issue where poetry check did not handle the -C, --directory option correctly (#7241).
  • Fix an issue where the subdirectory information of a git dependency was not written to the lock file (#7367).
  • Fix an issue where the wrong Python version was selected when creating an virtual environment (#7221).
  • Fix an issue where packages that should be kept were uninstalled when calling poetry install --sync (#7389).
  • Fix an issue where an incorrect value was set for sys.argv[0] when running installed scripts (#6737).
  • Fix an issue where hashes in direct_url.json files were not written according to the specification (#7475).
  • Fix an issue where poetry commands failed due to special characters in the path of the project or virtual environment (#7471).
  • Fix an issue where poetry crashed with a JSONDecodeError when running a Python script that produced certain warnings (#6665).

Docs

  • Add advice on how to maintain a poetry plugin (#6977).
  • Update tox examples to comply with the latest tox release (#7341).
  • Mention that the poetry export can export constraints.txt files (#7383).
  • Add clarifications for moving configuration files (#6864).
  • Mention the different types of exact version specifications (#7503).

poetry-core (1.5.1)

  • Improve marker handling (#528, #534, #530, #546, #547).
  • Validate whether dependencies referenced in extras are defined in the main dependency group (#542).
  • Poetry no longer generates a setup.py file in sdists by default (#318).
  • Fix an issue where trailing newlines were allowed in tool.poetry.description (#505).
  • Fix an issue where the name of the data folder in wheels was not normalized (#532).
  • Fix an issue where the order of entries in the RECORD file was not deterministic (#545).
  • Fix an issue where zero padding was not correctly handled in version comparisons (#540).
  • Fix an issue where sdist builds did not support multiple READMEs (#486).

... (truncated)

Changelog

Sourced from poetry's changelog.

[1.4.0] - 2023-02-27

Added

  • Add a modern installer (installer.modern-installation) for faster installation of packages and independence from pip (#6205).
  • Add support for Private :: trove classifiers (#7271).
  • Add the version of poetry in the @generated comment at the beginning of the lock file (#7339).
  • Add support for virtualenvs.prefer-active-python when running poetry new and poetry init (#7100).

Changed

  • Deprecate the old installer, i.e. setting experimental.new-installer to false (#7358).
  • Remove unused platform field from cached package info and bump the cache version (#7304).
  • Extra dependencies of the root project are now sorted in the lock file (#7375).
  • Remove upper boundary for importlib-metadata dependency (#7434).
  • Validate path dependencies during use instead of during construction (#6844).
  • Remove the deprecated repository modules (#7468).

Fixed

  • Fix an issue where an unconditional dependency of an extra was not installed in specific environments (#7175).
  • Fix an issue where a pre-release of a dependency was chosen even if a stable release fulfilled the constraint (#7225, #7236).
  • Fix an issue where HTTP redirects were not handled correctly during publishing (#7160).
  • Fix an issue where poetry check did not handle the -C, --directory option correctly (#7241).
  • Fix an issue where the subdirectory information of a git dependency was not written to the lock file (#7367).
  • Fix an issue where the wrong Python version was selected when creating an virtual environment (#7221).
  • Fix an issue where packages that should be kept were uninstalled when calling poetry install --sync (#7389).
  • Fix an issue where an incorrect value was set for sys.argv[0] when running installed scripts (#6737).
  • Fix an issue where hashes in direct_url.json files were not written according to the specification (#7475).
  • Fix an issue where poetry commands failed due to special characters in the path of the project or virtual environment (#7471).
  • Fix an issue where poetry crashed with a JSONDecodeError when running a Python script that produced certain warnings (#6665).

Docs

  • Add advice on how to maintain a poetry plugin (#6977).
  • Update tox examples to comply with the latest tox release (#7341).
  • Mention that the poetry export can export constraints.txt files (#7383).
  • Add clarifications for moving configuration files (#6864).
  • Mention the different types of exact version specifications (#7503).

poetry-core (1.5.1)

  • Improve marker handling (#528, #534, #530, #546, #547).
  • Validate whether dependencies referenced in extras are defined in the main dependency group (#542).
  • Poetry no longer generates a setup.py file in sdists by default (#318).
  • Fix an issue where trailing newlines were allowed in tool.poetry.description (#505).

... (truncated)

Commits
  • 0e72a55 release: bump version to 1.4.0
  • 0d25426 chore: bump required poetry-core version and relock dependencies
  • b6fb3a3 fix: don't merge sources into config (#7560)
  • a3f6437 docs: mention the different types of exact specifications and pep440
  • c8945eb installer: deprecate old installer (setting experimental.new-installer to f...
  • b304b0d Fix year in changelog
  • 852f7a8 docs: fix a typo (#7455)
  • b6d7723 docs: fix a typo (#7425)
  • 012fcb9 env: do not mix stdout and stderr when running Python scripts and parsing the...
  • e92de61 don't set shell=True on subprocess calls (#7471)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [poetry](https://github.com/python-poetry/poetry) from 1.3.2 to 1.4.0.
- [Release notes](https://github.com/python-poetry/poetry/releases)
- [Changelog](https://github.com/python-poetry/poetry/blob/master/CHANGELOG.md)
- [Commits](python-poetry/poetry@1.3.2...1.4.0)

---
updated-dependencies:
- dependency-name: poetry
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 28, 2023
@thalesbertaglia thalesbertaglia merged commit ab6c9cb into master Mar 1, 2023
@dependabot dependabot bot deleted the dependabot/pip/dot-github/workflows/poetry-1.4.0 branch March 1, 2023 14:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant