build(deps-dev): bump poetry from 1.8.0 to 1.8.2 by dependabot[bot] · Pull Request #2721 · RDFLib/rdflib (original) (raw)

Bumps poetry from 1.8.0 to 1.8.2.

Release notes

Sourced from poetry's releases.

1.8.2

Fixed

• Harden lazy-wheel error handling if the index server is behaving badly in an unexpected way (#9051).
• Improve lazy-wheel error handling if the index server does not handle HTTP range requests correctly (#9082).
• Improve lazy-wheel error handling if the index server pretends to support HTTP range requests but does not respect them (#9084).
• Improve lazy-wheel to allow redirects for HEAD requests (#9087).
• Improve debug logging for lazy-wheel errors (#9059).
• Fix an issue where the hash of a metadata file could not be calculated correctly due to an encoding issue (#9048).
• Fix an issue where poetry add failed in non-package mode if no project name was set (#9046).
• Fix an issue where a hint to non-package mode was not compliant with the final name of the setting (#9073).

1.8.1

Fixed

• Update the minimum required version of packaging (#9031).
• Handle unexpected responses from servers that do not support HTTP range requests with negative offsets more robust (#9030).

Docs

• Rename master branch to main (#9022).

Changelog

Sourced from poetry's changelog.

[1.8.2] - 2024-03-02

Fixed

• Harden lazy-wheel error handling if the index server is behaving badly in an unexpected way (#9051).
• Improve lazy-wheel error handling if the index server does not handle HTTP range requests correctly (#9082).
• Improve lazy-wheel error handling if the index server pretends to support HTTP range requests but does not respect them (#9084).
• Improve lazy-wheel to allow redirects for HEAD requests (#9087).
• Improve debug logging for lazy-wheel errors (#9059).
• Fix an issue where the hash of a metadata file could not be calculated correctly due to an encoding issue (#9048).
• Fix an issue where poetry add failed in non-package mode if no project name was set (#9046).
• Fix an issue where a hint to non-package mode was not compliant with the final name of the setting (#9073).

[1.8.1] - 2024-02-26

Fixed

• Update the minimum required version of packaging (#9031).
• Handle unexpected responses from servers that do not support HTTP range requests with negative offsets more robust (#9030).

Docs

• Rename master branch to main (#9022).

Commits

• c3e22d6 release: bump version to 1.8.2
• 70d4f58 Improve error message when installing non-package in package-mode
• 03f3232 Hash metadata as bytes (#9049)
• 33b7618 lazy-wheel: allow redirects for HEAD request
• 58995de lazy-wheel: improve handling of servers that tell us that they support range ...
• d8afecb lazy-wheel: be more robust with regard to Artifactory's incorrect handling of...
• 3e43146 repo/http: add debug log for lazy wheel error
• f2bfacb harden lazy wheel wheel error handling
• 304c54a non-package-mode: fix poetry add (#9046)
• 78f7dd6 release: bump version to 1.8.1
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)