Skip to content

Bump poetry from 2.2.1 to 2.3.0 in /.github/workflows in the patches-and-minor-upgrades group #175

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump poetry from 2.2.1 to 2.3.0 in /.github/workflows in the patches-and-minor-upgrades group #175

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 20, 2026

Bumps the patches-and-minor-upgrades group in /.github/workflows with 1 update: poetry.

Updates poetry from 2.2.1 to 2.3.0

Release notes

Sourced from poetry's releases.

2.3.0

Added

  • Add support for exporting pylock.toml files with poetry-plugin-export (#10677).
  • Add support for specifying build constraints for dependencies (#10388).
  • Add support for publishing artifacts whose version is determined dynamically by the build-backend (#10644).
  • Add support for editable project plugins (#10661).
  • Check requires-poetry before any other validation (#10593).
  • Validate the content of project.readme when running poetry check (#10604).
  • Add the option to clear all caches by making the cache name in poetry cache clear optional (#10627).
  • Automatically update the cache for packages where the locked files differ from cached files (#10657).
  • Suggest to clear the cache if running a command with --no-cache solves an issue (#10585).
  • Propose poetry init when trying poetry new for an existing directory (#10563).
  • Add support for poetry publish --skip-existing for new Nexus OSS versions (#10603).
  • Show Poetry's own Python's path in poetry debug info (#10588).

Changed

  • Drop support for Python 3.9 (#10634).
  • Change the default of installer.re-resolve from true to false (#10622).
  • PEP 735 dependency groups are considered in the lock file hash (#10621).
  • Deprecate poetry.utils._compat.metadata, which is sometimes used in plugins, in favor of importlib.metadata (#10634).
  • Improve managing free-threaded Python versions with poetry python (#10606).
  • Prefer JSON API to HTML API in legacy repositories (#10672).
  • When running poetry init, only add the readme field in the pyproject.toml if the readme file exists (#10679).
  • Raise an error if no hash can be determined for any distribution link of a package (#10673).
  • Require dulwich>=0.25.0 (#10674).

Fixed

  • Fix an issue where poetry remove did not work for PEP 735 dependency groups with include-group items (#10587).
  • Fix an issue where poetry remove caused dangling include-group references in PEP 735 dependency groups (#10590).
  • Fix an issue where poetry add did not work for PEP 735 dependency groups with include-group items (#10636).
  • Fix an issue where PEP 735 dependency groups were not considered in the lock file hash (#10621).
  • Fix an issue where wrong markers were locked for a dependency that was required by several groups with different markers (#10613).
  • Fix an issue where non-deterministic markers were created in a method used by poetry-plugin-export (#10667).
  • Fix an issue where wrong wheels were chosen for installation in free-threaded Python environments if Poetry itself was not installed with free-threaded Python (#10614).
  • Fix an issue where poetry publish used the metadata of the project instead of the metadata of the build artifact (#10624).
  • Fix an issue where poetry env use just used another Python version instead of failing when the requested version was not supported by the project (#10685).
  • Fix an issue where poetry env activate returned the wrong command for dash (#10696).
  • Fix an issue where data-dir and python.installation-dir could not be set (#10595).
  • Fix an issue where Python and pip executables were not correctly detected on Windows (#10645).
  • Fix an issue where invalid template variables in virtualenvs.prompt caused an incomprehensible error message (#10648).

Docs

  • Add a warning about ~/.netrc for Poetry credential configuration (#10630).
  • Clarify that the local configuration takes precedence over the global configuration (#10676).
  • Add an explanation in which cases packages are automatically detected (#10680).

... (truncated)

Changelog

Sourced from poetry's changelog.

[2.3.0] - 2026-01-18

Added

  • Add support for exporting pylock.toml files with poetry-plugin-export (#10677).
  • Add support for specifying build constraints for dependencies (#10388).
  • Add support for publishing artifacts whose version is determined dynamically by the build-backend (#10644).
  • Add support for editable project plugins (#10661).
  • Check requires-poetry before any other validation (#10593).
  • Validate the content of project.readme when running poetry check (#10604).
  • Add the option to clear all caches by making the cache name in poetry cache clear optional (#10627).
  • Automatically update the cache for packages where the locked files differ from cached files (#10657).
  • Suggest to clear the cache if running a command with --no-cache solves an issue (#10585).
  • Propose poetry init when trying poetry new for an existing directory (#10563).
  • Add support for poetry publish --skip-existing for new Nexus OSS versions (#10603).
  • Show Poetry's own Python's path in poetry debug info (#10588).

Changed

  • Drop support for Python 3.9 (#10634).
  • Change the default of installer.re-resolve from true to false (#10622).
  • PEP 735 dependency groups are considered in the lock file hash (#10621).
  • Deprecate poetry.utils._compat.metadata, which is sometimes used in plugins, in favor of importlib.metadata (#10634).
  • Improve managing free-threaded Python versions with poetry python (#10606).
  • Prefer JSON API to HTML API in legacy repositories (#10672).
  • When running poetry init, only add the readme field in the pyproject.toml if the readme file exists (#10679).
  • Raise an error if no hash can be determined for any distribution link of a package (#10673).
  • Require dulwich>=0.25.0 (#10674).

Fixed

  • Fix an issue where poetry remove did not work for PEP 735 dependency groups with include-group items (#10587).
  • Fix an issue where poetry remove caused dangling include-group references in PEP 735 dependency groups (#10590).
  • Fix an issue where poetry add did not work for PEP 735 dependency groups with include-group items (#10636).
  • Fix an issue where PEP 735 dependency groups were not considered in the lock file hash (#10621).
  • Fix an issue where wrong markers were locked for a dependency that was required by several groups with different markers (#10613).
  • Fix an issue where non-deterministic markers were created in a method used by poetry-plugin-export (#10667).
  • Fix an issue where wrong wheels were chosen for installation in free-threaded Python environments if Poetry itself was not installed with free-threaded Python (#10614).
  • Fix an issue where poetry publish used the metadata of the project instead of the metadata of the build artifact (#10624).
  • Fix an issue where poetry env use just used another Python version instead of failing when the requested version was not supported by the project (#10685).
  • Fix an issue where poetry env activate returned the wrong command for dash (#10696).
  • Fix an issue where data-dir and python.installation-dir could not be set (#10595).
  • Fix an issue where Python and pip executables were not correctly detected on Windows (#10645).
  • Fix an issue where invalid template variables in virtualenvs.prompt caused an incomprehensible error message (#10648).

Docs

  • Add a warning about ~/.netrc for Poetry credential configuration (#10630).
  • Clarify that the local configuration takes precedence over the global configuration (#10676).
  • Add an explanation in which cases packages are automatically detected (#10680).

... (truncated)

Commits
  • e39f1f1 release: bump version to 2.3.0
  • c6d3537 env activate: fallback to POSIX compatible builtin (#10696)
  • ba73d18 chore: update locked dependencies (#10694)
  • a09b503 chore: update actions (#10693)
  • 74e3d4e direct-origin: add size to file info (#10677)
  • e29ac7a repository: bump cache version (#10677)
  • ab293dc repository: add size and upload-time to file info if available (#10677)
  • c599729 refactor: make it easier to get the download url of an artifact from a packag...
  • 0e02be7 env use: fail if python version is not supported by the project (#10685)
  • 91fb81b Explain in which cases packages are automatically detected (#10680)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump poetry
1abeed0 
Bumps the patches-and-minor-upgrades group in /.github/workflows with 1 update: [poetry](https://github.com/python-poetry/poetry).


Updates `poetry` from 2.2.1 to 2.3.0
- [Release notes](https://github.com/python-poetry/poetry/releases)
- [Changelog](https://github.com/python-poetry/poetry/blob/main/CHANGELOG.md)
- [Commits](python-poetry/poetry@2.2.1...2.3.0)

---
updated-dependencies:
- dependency-name: poetry
  dependency-version: 2.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: patches-and-minor-upgrades
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Upgrade or downgrade of project dependencies. minor This PR causes a minor version bump in the version number. python Pull requests that update Python code labels Jan 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Upgrade or downgrade of project dependencies. development minor This PR causes a minor version bump in the version number. python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@exonet-ci