Bump poetry from 1.1.7 to 1.1.9 in /.github/workflows

[dependabot[bot]]

Bumps poetry from 1.1.7 to 1.1.9.

Release notes

Sourced from poetry's releases.

1.1.9

Fixed

• Fixed a security issue where file hashes were not checked prior to installation. (#4420, #4444, python-poetry/poetry-core#193)
• Fixed the detection of the system environment when the setting virtualenvs.create is deactivated. (#4507)
• Fixed an issue where unsafe parameters could be passed to git commands. (python-poetry/poetry-core#203)
• Fixed an issue where the wrong git executable could be used on Windows. (python-poetry/poetry-core#205)

1.1.8

Fixed

• Fixed an error with repository prioritization when specifying secondary repositories. (#4241)
• Fixed the detection of the system environment when the setting virtualenvs.create is deactivated. (#4330, #4407)
• Fixed the evaluation of relative path dependencies. (#4246)
• Fixed environment detection for Python 3.10 environments. (#4387)
• Fixed an error in the evaluation of in/not in markers (python-poetry/poetry-core#189)

Changelog

Sourced from poetry's changelog.

[1.1.9] - 2021-09-18

Fixed

• Fixed a security issue where file hashes were not checked prior to installation. (#4420, #4444, python-poetry/poetry-core#193)
• Fixed the detection of the system environment when the setting virtualenvs.create is deactivated. (#4507)
• Fixed an issue where unsafe parameters could be passed to git commands. (python-poetry/poetry-core#203)
• Fixed an issue where the wrong git executable could be used on Windows. (python-poetry/poetry-core#205)

[1.1.8] - 2021-08-19

Fixed

• Fixed an error with repository prioritization when specifying secondary repositories. (#4241)
• Fixed the detection of the system environment when the setting virtualenvs.create is deactivated. (#4330, #4407)
• Fixed the evaluation of relative path dependencies. (#4246)
• Fixed environment detection for Python 3.10 environments. (#4387)
• Fixed an error in the evaluation of in/not in markers (python-poetry/poetry-core#189)

Commits

• 69bd682 Bump version to 1.1.9
• 9d8aed4 Update lock file
• a9e59ed Merge pull request #4507 from python-poetry/1.1-fix-system-env-detection
• 459c8c9 Fix system env detection
• 634bb23 Merge pull request #4420 from pietrodn/fix/hash-check-backport-1.1
• d033cba style: linting
• 8268795 Merge pull request #4444 from python-poetry/1.1-fix-archive-hash-generation
• 8238cab Fix archive hash generation
• 8956a0c fix: python 2.7 syntax
• 435ff81 Throw a RuntimeError on hash mismatch in Chooser._get_links (#3885)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #20.