Workflow

Poetry-lock-package

Latest version: v0.5.1

Safety actively analyzes 681775 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 3

0.5.1

What's Changed
* Upgrade everything by bneijt in https://github.com/bneijt/poetry-lock-package/pull/33
* Fix issue 36 by bneijt in https://github.com/bneijt/poetry-lock-package/pull/37

If we have a list of possible versions with markers on each version range, we ignore the markers. This could, very unlikely, lead to versioning issues (for example, if we have a platform marker and a multi-version constraint from a package), but the likelihood is very small.

**Full Changelog**: https://github.com/bneijt/poetry-lock-package/compare/0.5.0...0.5.1

0.5.0

Poetry 1.3.1 uses poetry lock version 2 which adds a files entry to the metadata in the dependencies.

This new version or poetry lock package will pick a subset of dependency attributes from the lock file, instead of using everything that is there. We might miss a field, so this is considered a minor upgrade and not a bugfix release.

0.4.5

Adds a build-system section to the lock package pyproject.toml.

Does not change anything for people running with `--build`, just for those who generate the project and want to inspect/move it from there.

What's Changed
* Fix the help message for --ignore argument by maresb in https://github.com/bneijt/poetry-lock-package/pull/27
* Add build system by bneijt in https://github.com/bneijt/poetry-lock-package/pull/29

New Contributors
* maresb made their first contribution in https://github.com/bneijt/poetry-lock-package/pull/27

**Full Changelog**: https://github.com/bneijt/poetry-lock-package/compare/0.4.4...0.4.5

0.4.4

This release closes issue 24 where some attributes where copied to the lock package project that should not be.

The generation of the lock project approach has changed to only include some attributes instead of deleting unwanted attributes.

This is a behavior change, if you miss any attributes in the generated package, please open a Github issue.

0.4.3

If the project requires a package A and package B and package B only requires package A with a marker, then the lock package should not require A with a marker as B suggests, but A directory without applying markers requested from B for package A.

0.4.2

Closes 20

Page 1 of 3

Links

Releases

Has known vulnerabilities

Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.