Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Bump poetry from 1.5.1 to 1.8.2 in /.github/workflows #224

Closed
wants to merge 1 commit into from
Closed

Bump poetry from 1.5.1 to 1.8.2 in /.github/workflows #224

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 21, 2024
edited
Loading

Bumps poetry from 1.5.1 to 1.8.2.

Release notes

Sourced from poetry's releases.

1.8.2

Fixed

  • Harden lazy-wheel error handling if the index server is behaving badly in an unexpected way (#9051).
  • Improve lazy-wheel error handling if the index server does not handle HTTP range requests correctly (#9082).
  • Improve lazy-wheel error handling if the index server pretends to support HTTP range requests but does not respect them (#9084).
  • Improve lazy-wheel to allow redirects for HEAD requests (#9087).
  • Improve debug logging for lazy-wheel errors (#9059).
  • Fix an issue where the hash of a metadata file could not be calculated correctly due to an encoding issue (#9048).
  • Fix an issue where poetry add failed in non-package mode if no project name was set (#9046).
  • Fix an issue where a hint to non-package mode was not compliant with the final name of the setting (#9073).

1.8.1

Fixed

  • Update the minimum required version of packaging (#9031).
  • Handle unexpected responses from servers that do not support HTTP range requests with negative offsets more robust (#9030).

Docs

  • Rename master branch to main (#9022).

1.8.0

Added

  • Add a non-package mode for use cases where Poetry is only used for dependency management (#8650).
  • Add support for PEP 658 to fetch metadata without having to download wheels (#5509).
  • Add a lazy-wheel config option (default: true) to reduce wheel downloads during dependency resolution (#8815, #8941).
  • Improve performance of dependency resolution by using shallow copies instead of deep copies (#8671).
  • poetry check validates that no unknown sources are referenced in dependencies (#8709).
  • Add archive validation during installation for further hash algorithms (#8851).
  • Add a to key in tool.poetry.packages to allow custom subpackage names (#8791).
  • Add a config option to disable keyring (#8910).
  • Add a --sync option to poetry update (#8931).
  • Add an --output option to poetry build (#8828).
  • Add a --dist-dir option to poetry publish (#8828).

Changed

  • The implicit PyPI source is disabled if at least one primary source is configured (#8771).
  • Deprecate source priority default (#8771).
  • Upgrade the warning about an inconsistent lockfile to an error (#8737).
  • Deprecate setting installer.modern-installation to false (#8988).
  • Drop support for pip<19 (#8894).
  • Require requests-toolbelt>=1 (#8680).
  • Allow platformdirs 4.x (#8668).
  • Allow and require xattr 1.x on macOS (#8801).
  • Improve venv shell activation in fish (#8804).
  • Rename system to base in output of poetry env info (#8832).
  • Use pretty name in output of poetry version (#8849).

... (truncated)

Changelog

Sourced from poetry's changelog.

[1.8.2] - 2024-03-02

Fixed

  • Harden lazy-wheel error handling if the index server is behaving badly in an unexpected way (#9051).
  • Improve lazy-wheel error handling if the index server does not handle HTTP range requests correctly (#9082).
  • Improve lazy-wheel error handling if the index server pretends to support HTTP range requests but does not respect them (#9084).
  • Improve lazy-wheel to allow redirects for HEAD requests (#9087).
  • Improve debug logging for lazy-wheel errors (#9059).
  • Fix an issue where the hash of a metadata file could not be calculated correctly due to an encoding issue (#9048).
  • Fix an issue where poetry add failed in non-package mode if no project name was set (#9046).
  • Fix an issue where a hint to non-package mode was not compliant with the final name of the setting (#9073).

[1.8.1] - 2024-02-26

Fixed

  • Update the minimum required version of packaging (#9031).
  • Handle unexpected responses from servers that do not support HTTP range requests with negative offsets more robust (#9030).

Docs

  • Rename master branch to main (#9022).

[1.8.0] - 2024-02-25

Added

  • Add a non-package mode for use cases where Poetry is only used for dependency management (#8650).
  • Add support for PEP 658 to fetch metadata without having to download wheels (#5509).
  • Add a lazy-wheel config option (default: true) to reduce wheel downloads during dependency resolution (#8815, #8941).
  • Improve performance of dependency resolution by using shallow copies instead of deep copies (#8671).
  • poetry check validates that no unknown sources are referenced in dependencies (#8709).
  • Add archive validation during installation for further hash algorithms (#8851).
  • Add a to key in tool.poetry.packages to allow custom subpackage names (#8791).
  • Add a config option to disable keyring (#8910).
  • Add a --sync option to poetry update (#8931).
  • Add an --output option to poetry build (#8828).
  • Add a --dist-dir option to poetry publish (#8828).

Changed

  • The implicit PyPI source is disabled if at least one primary source is configured (#8771).
  • Deprecate source priority default (#8771).
  • Upgrade the warning about an inconsistent lockfile to an error (#8737).
  • Deprecate setting installer.modern-installation to false (#8988).
  • Drop support for pip<19 (#8894).

... (truncated)

Commits
  • c3e22d6 release: bump version to 1.8.2
  • 70d4f58 Improve error message when installing non-package in package-mode
  • 03f3232 Hash metadata as bytes (#9049)
  • 33b7618 lazy-wheel: allow redirects for HEAD request
  • 58995de lazy-wheel: improve handling of servers that tell us that they support range ...
  • d8afecb lazy-wheel: be more robust with regard to Artifactory's incorrect handling of...
  • 3e43146 repo/http: add debug log for lazy wheel error
  • f2bfacb harden lazy wheel wheel error handling
  • 304c54a non-package-mode: fix poetry add (#9046)
  • 78f7dd6 release: bump version to 1.8.1
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump poetry from 1.5.1 to 1.8.2 in /.github/workflows
0ecdaea 
Bumps [poetry](https://github.com/python-poetry/poetry) from 1.5.1 to 1.8.2.
- [Release notes](https://github.com/python-poetry/poetry/releases)
- [Changelog](https://github.com/python-poetry/poetry/blob/main/CHANGELOG.md)
- [Commits](python-poetry/poetry@1.5.1...1.8.2)

---
updated-dependencies:
- dependency-name: poetry
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 21, 2024
@dependabot dependabot bot mentioned this pull request Apr 21, 2024
Closed
@john-sandall
Copy link
Contributor

@dependabot rebase

1 similar comment
@john-sandall
Copy link
Contributor

@dependabot rebase

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Apr 21, 2024

Looks like poetry is up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Apr 21, 2024
@dependabot dependabot bot deleted the dependabot/pip/dot-github/workflows/poetry-1.8.2 branch April 21, 2024 17:31
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@john-sandall