Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: bump poetry from 1.4.2 to 1.5.1 in /.github/workflows #7

Closed

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 21, 2023

Bumps poetry from 1.4.2 to 1.5.1.

Release notes

Sourced from poetry's releases.

1.5.1

Added

  • Improve dependency resolution performance in cases with a lot of backtracking (#7950).

Changed

  • Disable wheel content validation during installation (#7987).

Fixed

  • Fix an issue where partially downloaded wheels were cached (#7968).
  • Fix an issue where poetry run did no longer execute relative-path scripts (#7963).
  • Fix an issue where dependencies were not installed in in-project environments (#7977).
  • Fix an issue where no solution was found for a transitive dependency on a pre-release of a package (#7978).
  • Fix an issue where cached repository packages were incorrectly parsed, leading to its dependencies being ignored (#7995).
  • Fix an issue where an explicit source was ignored so that a direct origin dependency was used instead (#7973).
  • Fix an issue where the installation of big wheels consumed a lot of memory (#7987).

Docs

  • Add information about multiple constraints dependencies with direct origin and version dependencies (#7973).

poetry-core (1.6.1)

  • Fix an endless recursion in marker handling (#593).
  • Fix an issue where the wheel tag was not built correctly under certain circumstances (#591).

poetry-plugin-export (^1.4.0)

  • Fix an issue where --extra-index-url and --trusted-host was not generated for sources with priority explicit (#205).

1.5.0

Added

  • Introduce the new source priorities explicit and supplemental (#7658, #6879).
  • Introduce the option to configure the priority of the implicit PyPI source (#7801).
  • Add handling for corrupt cache files (#7453).
  • Improve caching of URL and git dependencies (#7693, #7473).
  • Add option to skip installing directory dependencies (#6845, #7923).
  • Add --executable option to poetry env info (#7547).
  • Add --top-level option to poetry show (#7415).
  • Add --lock option to poetry remove (#7917).
  • Add experimental POETRY_REQUESTS_TIMEOUT option (#7081).
  • Improve performance of wheel inspection by avoiding unnecessary file copy operations (#7916).

Changed

... (truncated)

Changelog

Sourced from poetry's changelog.

[1.5.1] - 2023-05-29

Added

  • Improve dependency resolution performance in cases with a lot of backtracking (#7950).

Changed

  • Disable wheel content validation during installation (#7987).

Fixed

  • Fix an issue where partially downloaded wheels were cached (#7968).
  • Fix an issue where poetry run did no longer execute relative-path scripts (#7963).
  • Fix an issue where dependencies were not installed in in-project environments (#7977).
  • Fix an issue where no solution was found for a transitive dependency on a pre-release of a package (#7978).
  • Fix an issue where cached repository packages were incorrectly parsed, leading to its dependencies being ignored (#7995).
  • Fix an issue where an explicit source was ignored so that a direct origin dependency was used instead (#7973).
  • Fix an issue where the installation of big wheels consumed a lot of memory (#7987).

Docs

  • Add information about multiple constraints dependencies with direct origin and version dependencies (#7973).

poetry-core (1.6.1)

  • Fix an endless recursion in marker handling (#593).
  • Fix an issue where the wheel tag was not built correctly under certain circumstances (#591).

poetry-plugin-export (^1.4.0)

  • Fix an issue where --extra-index-url and --trusted-host was not generated for sources with priority explicit (#205).

[1.5.0] - 2023-05-19

Added

  • Introduce the new source priorities explicit and supplemental (#7658, #6879).
  • Introduce the option to configure the priority of the implicit PyPI source (#7801).
  • Add handling for corrupt cache files (#7453).
  • Improve caching of URL and git dependencies (#7693, #7473).
  • Add option to skip installing directory dependencies (#6845, #7923).
  • Add --executable option to poetry env info (#7547).
  • Add --top-level option to poetry show (#7415).
  • Add --lock option to poetry remove (#7917).
  • Add experimental POETRY_REQUESTS_TIMEOUT option (#7081).

... (truncated)

Commits
  • 3fbd794 release: bump version to 1.5.1
  • c82e51d chore: update poetry-core and poetry-plugin-export (#8034)
  • 19f76d5 fix: disable wheel content validation (#7987)
  • a2175ff docs: Fix a typo in explicit package sources section (#8018)
  • a1b5f33 fix: explicit source dependency is not satisfied by direct origin (#7973)
  • 1df43f1 perf: improve DependencyCache lru_cache hit rate, avoid iterating through lot...
  • 09edd4b perf: avoid iterating through multiple caches for contradicted_incompatibilit...
  • 2e523b9 perf: don't clear the entire dependency cache when backtracking (#7950)
  • 65fc7d6 perf: don't clear the entire contradicted_incompatibilies cache when backtrac...
  • 90ad5ac fix: revert #7916 to fix caching issue resulting in missing dependencies (#7995)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jun 21, 2023
@dependabot dependabot bot force-pushed the dependabot/pip/dot-github/workflows/poetry-1.5.1 branch 2 times, most recently from 8c5f344 to 1f85f9a Compare July 13, 2023 17:38
@visch
Copy link
Member

visch commented Jul 21, 2023

@dependabot recreate

Bumps [poetry](https://github.com/python-poetry/poetry) from 1.4.2 to 1.5.1.
- [Release notes](https://github.com/python-poetry/poetry/releases)
- [Changelog](https://github.com/python-poetry/poetry/blob/master/CHANGELOG.md)
- [Commits](python-poetry/poetry@1.4.2...1.5.1)

---
updated-dependencies:
- dependency-name: poetry
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/dot-github/workflows/poetry-1.5.1 branch from 1f85f9a to e0eaf17 Compare July 21, 2023 14:12
@dependabot dependabot bot temporarily deployed to internal July 21, 2023 14:12 Inactive
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 21, 2023

Superseded by #55.

@dependabot dependabot bot closed this Aug 21, 2023
@dependabot dependabot bot deleted the dependabot/pip/dot-github/workflows/poetry-1.5.1 branch August 21, 2023 19:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant