build(deps): bump poetry from 1.7.1 to 1.8.0 in /devtools by dependabot[bot] · Pull Request #2717 · RDFLib/rdflib (original) (raw)
Bumps poetry from 1.7.1 to 1.8.0.
Release notes
Sourced from poetry's releases.
1.8.0
Added
- Add a
non-packagemode for use cases where Poetry is only used for dependency management (#8650).- Add support for PEP 658 to fetch metadata without having to download wheels (#5509).
- Add a
lazy-wheelconfig option (default:true) to reduce wheel downloads during dependency resolution (#8815, #8941).- Improve performance of dependency resolution by using shallow copies instead of deep copies (#8671).
poetry checkvalidates that no unknown sources are referenced in dependencies (#8709).- Add archive validation during installation for further hash algorithms (#8851).
- Add a
tokey intool.poetry.packagesto allow custom subpackage names (#8791).- Add a config option to disable
keyring(#8910).- Add a
--syncoption topoetry update(#8931).- Add an
--outputoption topoetry build(#8828).- Add a
--dist-diroption topoetry publish(#8828).Changed
- The implicit PyPI source is disabled if at least one primary source is configured (#8771).
- Deprecate source priority
default(#8771).- Upgrade the warning about an inconsistent lockfile to an error (#8737).
- Deprecate setting
installer.modern-installationtofalse(#8988).- Drop support for
pip<19(#8894).- Require
requests-toolbelt>=1(#8680).- Allow
platformdirs4.x (#8668).- Allow and require
xattr1.x on macOS (#8801).- Improve venv shell activation in
fish(#8804).- Rename
systemtobasein output ofpoetry env info(#8832).- Use pretty name in output of
poetry version(#8849).- Improve error handling for invalid entries in
tool.poetry.scripts(#8898).- Improve verbose output for dependencies with extras during dependency resolution (#8834).
- Improve message about an outdated lockfile (#8962).
Fixed
- Fix an issue where
poetry shellfailed when Python has been installed with MSYS2 (#8644).- Fix an issue where Poetry commands failed in a terminal with a non-UTF-8 encoding (#8608).
- Fix an issue where a missing project name caused an incomprehensible error message (#8691).
- Fix an issue where Poetry failed to install an
sdistpath dependency (#8682).- Fix an issue where
poetry installfailed because an unused extra was not available (#8548).- Fix an issue where
poetry install --syncdid not remove an unrequested extra (#8621).- Fix an issue where
poetry initdid not allow specific characters in the author field (#8779).- Fix an issue where Poetry could not download
sdistsfrom misconfigured servers (#8701).- Fix an issue where metadata of sdists that call CLI tools of their build requirements could not be determined (#8827).
- Fix an issue where Poetry failed to use the currently activated environment (#8831).
- Fix an issue where
poetry shellfailed inzshif a space was in the venv path (#7245).- Fix an issue where scripts with extras could not be installed (#8900).
- Fix an issue where explicit sources where not propagated correctly (#8835).
- Fix an issue where debug prints where swallowed when using a build script (#8760).
- Fix an issue where explicit sources of locked dependencies where not propagated correctly (#8948).
- Fix an issue where Poetry's own environment was falsely identified as system environment (#8970).
... (truncated)
Changelog
Sourced from poetry's changelog.
[1.8.0] - 2024-02-25
Added
- Add a
non-packagemode for use cases where Poetry is only used for dependency management (#8650).- Add support for PEP 658 to fetch metadata without having to download wheels (#5509).
- Add a
lazy-wheelconfig option (default:true) to reduce wheel downloads during dependency resolution (#8815,#8941).- Improve performance of dependency resolution by using shallow copies instead of deep copies (#8671).
poetry checkvalidates that no unknown sources are referenced in dependencies (#8709).- Add archive validation during installation for further hash algorithms (#8851).
- Add a
tokey intool.poetry.packagesto allow custom subpackage names (#8791).- Add a config option to disable
keyring(#8910).- Add a
--syncoption topoetry update(#8931).- Add an
--outputoption topoetry build(#8828).- Add a
--dist-diroption topoetry publish(#8828).Changed
- The implicit PyPI source is disabled if at least one primary source is configured (#8771).
- Deprecate source priority
default(#8771).- Upgrade the warning about an inconsistent lockfile to an error (#8737).
- Deprecate setting
installer.modern-installationtofalse(#8988).- Drop support for
pip<19(#8894).- Require
requests-toolbelt>=1(#8680).- Allow
platformdirs4.x (#8668).- Allow and require
xattr1.x on macOS (#8801).- Improve venv shell activation in
fish(#8804).- Rename
systemtobasein output ofpoetry env info(#8832).- Use pretty name in output of
poetry version(#8849).- Improve error handling for invalid entries in
tool.poetry.scripts(#8898).- Improve verbose output for dependencies with extras during dependency resolution (#8834).
- Improve message about an outdated lockfile (#8962).
Fixed
- Fix an issue where
poetry shellfailed when Python has been installed with MSYS2 (#8644).- Fix an issue where Poetry commands failed in a terminal with a non-UTF-8 encoding (#8608).
- Fix an issue where a missing project name caused an incomprehensible error message (#8691).
- Fix an issue where Poetry failed to install an
sdistpath dependency (#8682).- Fix an issue where
poetry installfailed because an unused extra was not available (#8548).- Fix an issue where
poetry install --syncdid not remove an unrequested extra (#8621).- Fix an issue where
poetry initdid not allow specific characters in the author field (#8779).- Fix an issue where Poetry could not download
sdistsfrom misconfigured servers (#8701).- Fix an issue where metadata of sdists that call CLI tools of their build requirements could not be determined (#8827).
- Fix an issue where Poetry failed to use the currently activated environment (#8831).
- Fix an issue where
poetry shellfailed inzshif a space was in the venv path (#7245).- Fix an issue where scripts with extras could not be installed (#8900).
- Fix an issue where explicit sources where not propagated correctly (#8835).
- Fix an issue where debug prints where swallowed when using a build script (#8760).
... (truncated)
Commits
- a3789fe release: bump version to 1.8.0
- cc32ce6 chore: update dependencies (#8984)
- 4844189 ci: add python 3.12 to skip workflow
- 8ca6c6d config: fix handling of venv opts env vars
- 468f658 config: normalize venv opts no-pip/no-setuptools
- e1159b0 doc: add reference to package source for add
- 1754f5a doc: add pytorch example for explicit source
- 37028af [pre-commit.ci] pre-commit autoupdate (#8993)
- 120e737 chore: update deprecated ruff config (#9005)
- 0ab6204 [Docs] removed quotes on plugin name. (#9003)
- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)