search

thalesbertaglia / enelvo

A flexible normalizer for user-generated content
http://thalesbertaglia.com/enelvo
MIT License
58 stars 6 forks source link

Bump poetry from 1.4.2 to 1.5.0 in /.github/workflows #151

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps poetry from 1.4.2 to 1.5.0.

Release notes

Sourced from poetry's releases.

1.5.0

Added

  • Introduce the new source priorities explicit and supplemental (#7658, #6879).
  • Introduce the option to configure the priority of the implicit PyPI source (#7801).
  • Add handling for corrupt cache files (#7453).
  • Improve caching of URL and git dependencies (#7693, #7473).
  • Add option to skip installing directory dependencies (#6845, #7923).
  • Add --executable option to poetry env info (#7547).
  • Add --top-level option to poetry show (#7415).
  • Add --lock option to poetry remove (#7917).
  • Add experimental POETRY_REQUESTS_TIMEOUT option (#7081).
  • Improve performance of wheel inspection by avoiding unnecessary file copy operations (#7916).

Changed

  • Remove the old deprecated installer and the corresponding setting experimental.new-installer (#7356).
  • Introduce priority key for sources and deprecate flags default and secondary (#7658).
  • Deprecate poetry run <script> if the script was not previously installed via poetry install (#7606).
  • Only write the lock file if the installation succeeds (#7498).
  • Do not write the unused package category into the lock file (#7637).

Fixed

  • Fix an issue where Poetry's internal pyproject.toml continually grows larger with empty lines (#7705).
  • Fix an issue where Poetry crashes due to corrupt cache files (#7453).
  • Fix an issue where the Retry-After in HTTP responses was not respected and retries were handled inconsistently (#7072).
  • Fix an issue where Poetry silently ignored invalid groups (#7529).
  • Fix an issue where Poetry does not find a compatible Python version if not given explicitly (#7771).
  • Fix an issue where the direct_url.json of an editable install from a git dependency was invalid (#7473).
  • Fix an issue where error messages from build backends were not decoded correctly (#7781).
  • Fix an infinite loop when adding certain dependencies (#7405).
  • Fix an issue where pre-commit hooks skip pyproject.toml files in subdirectories (#7239).
  • Fix an issue where pre-commit hooks do not use the expected Python version (#6989).
  • Fix an issue where an unclear error message is printed if the project name is the same as one of its dependencies (#7757).
  • Fix an issue where poetry install returns a zero exit status even though the build script failed (#7812).
  • Fix an issue where an existing .venv was not used if in-project was not set (#7792).
  • Fix an issue where multiple extras passed to poetry add were not parsed correctly (#7836).
  • Fix an issue where poetry shell did not send a newline to fish (#7884).
  • Fix an issue where poetry update --lock printed operations that were not executed (#7915).
  • Fix an issue where poetry add --lock did perform a full update of all dependencies (#7920).
  • Fix an issue where poetry shell did not work with nushell (#7919).
  • Fix an issue where subprocess calls failed on Python 3.7 (#7932).
  • Fix an issue where keyring was called even though the password was stored in an environment variable (#7928).

Docs

... (truncated)

Changelog

Sourced from poetry's changelog.

[1.5.0] - 2023-05-19

Added

  • Introduce the new source priorities explicit and supplemental (#7658, #6879).
  • Introduce the option to configure the priority of the implicit PyPI source (#7801).
  • Add handling for corrupt cache files (#7453).
  • Improve caching of URL and git dependencies (#7693, #7473).
  • Add option to skip installing directory dependencies (#6845, #7923).
  • Add --executable option to poetry env info (#7547).
  • Add --top-level option to poetry show (#7415).
  • Add --lock option to poetry remove (#7917).
  • Add experimental POETRY_REQUESTS_TIMEOUT option (#7081).
  • Improve performance of wheel inspection by avoiding unnecessary file copy operations (#7916).

Changed

  • Remove the old deprecated installer and the corresponding setting experimental.new-installer (#7356).
  • Introduce priority key for sources and deprecate flags default and secondary (#7658).
  • Deprecate poetry run <script> if the script was not previously installed via poetry install (#7606).
  • Only write the lock file if the installation succeeds (#7498).
  • Do not write the unused package category into the lock file (#7637).

Fixed

  • Fix an issue where Poetry's internal pyproject.toml continually grows larger with empty lines (#7705).
  • Fix an issue where Poetry crashes due to corrupt cache files (#7453).
  • Fix an issue where the Retry-After in HTTP responses was not respected and retries were handled inconsistently (#7072).
  • Fix an issue where Poetry silently ignored invalid groups (#7529).
  • Fix an issue where Poetry does not find a compatible Python version if not given explicitly (#7771).
  • Fix an issue where the direct_url.json of an editable install from a git dependency was invalid (#7473).
  • Fix an issue where error messages from build backends were not decoded correctly (#7781).
  • Fix an infinite loop when adding certain dependencies (#7405).
  • Fix an issue where pre-commit hooks skip pyproject.toml files in subdirectories (#7239).
  • Fix an issue where pre-commit hooks do not use the expected Python version (#6989).
  • Fix an issue where an unclear error message is printed if the project name is the same as one of its dependencies (#7757).
  • Fix an issue where poetry install returns a zero exit status even though the build script failed (#7812).
  • Fix an issue where an existing .venv was not used if in-project was not set (#7792).
  • Fix an issue where multiple extras passed to poetry add were not parsed correctly (#7836).
  • Fix an issue where poetry shell did not send a newline to fish (#7884).
  • Fix an issue where poetry update --lock printed operations that were not executed (#7915).
  • Fix an issue where poetry add --lock did perform a full update of all dependencies (#7920).
  • Fix an issue where poetry shell did not work with nushell (#7919).
  • Fix an issue where subprocess calls failed on Python 3.7 (#7932).
  • Fix an issue where keyring was called even though the password was stored in an environment variable (#7928).

Docs

... (truncated)

Commits
  • 68b88e5 release: bump version to 1.5.0
  • a5f542b fix: fix exception on invalid url dependency for current env (#7953)
  • 277fa60 test: add test for url with trailing slash (#7952)
  • 3602b21 fix: installation of missing directory dependencies with --skip-directory (#7...
  • 0af3f1e chore: update locked dependencies (#7934)
  • a183302 docs: mention enabled venv in virtualenvs.create configuration (#7608)
  • a07ae36 feat: do not call keyring when user in config and password in environment var...
  • 73bc4eb fix: subprocess doesn't allow Path on windows, 3.7 (#7932)
  • 3f2469a [pre-commit.ci] pre-commit autoupdate (#7931)
  • d510602 Explain whether to commit poetry.lock (#7506)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #152.