Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for Poetry 1.5 Source Priority #7440

Open
1 task done
DanielRejniak opened this issue Jun 15, 2023 · 2 comments
Open
1 task done

Support for Poetry 1.5 Source Priority #7440

DanielRejniak opened this issue Jun 15, 2023 · 2 comments
Labels
good first issue T: feature-request Requests for new features

Comments

@DanielRejniak
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Feature description

We currently updated to poetry to version 1.5 that introduced source priority. This has caused unexpected errors in our dependabot build. After further investigation of the dependabot-core codebase we think that there is no support for the latest poetry changes. ie (priorities) or the format produced by poetry is incompatible thus causing issue.

This is especialy important since the deprication messages outline the following

Warning: In a future version of Poetry, PyPI will be disabled automatically if at least one custom source is configured with another priority than 'explicit'. In order to avoid a breaking change and make your pyproject.toml forward compatible, add PyPI explicitly via 'poetry source add pypi'. By the way, this has the advantage that you can set the priority of PyPI as with any other source.

Addiitonlay suggesting to avoid using the secondary property and move over to the priority based sources.

Warning: Found deprecated priority 'secondary' for source ‘foo’ in pyproject.toml. Consider changing the priority to one of the non-deprecated values: 'default', 'primary', 'supplemental', 'explicit'.

I have raised an bug but I believe this could be escalated to a feature request : #7431
@DanielRejniak DanielRejniak added the T: feature-request Requests for new features label Jun 15, 2023
@donbowman
Copy link 

[[tool.poetry.source]]
url = "https://git.agilicus.com/api/v4/projects/328/packages/pypi/simple"
name = "common"
priority="primary"

[[tool.poetry.source]]
name = "PyPI"
priority = "primary"

this causes dependabot to break.

--------Check platform/messages gunicorn 20.1.0
/bot/vendor/ruby/3.1.0/gems/dependabot-python-0.232.0/lib/dependabot/python/helpers.rb:23:in `run_poetry_command': The Poetry configuration is invalid: (Dependabot::SharedHelpers::HelperSubprocessFailed)
  - [source.0] Additional properties are not allowed ('priority' was unexpected)
  - [source.1] Additional properties are not allowed ('priority' was unexpected)
  - [source.1] 'url' is a required property

@Nishnha Nishnha mentioned this issue May 13, 2024
Open
1 task
@Rogalek
Copy link

Rogalek commented Jun 26, 2024

is anything happening here?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue T: feature-request Requests for new features
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@abdulapopoola @donbowman @DanielRejniak @Rogalek