Deptry

This release introduces a significant change to the command-line flags and configuration options to make use of the error codes introduced in release [0.10.0](https://github.com/fpgmaas/deptry/releases/tag/0.10.0).

| Code | Issue |
|--------|----------------------------------|
| DEP001 | Missing dependency |
| DEP002 | Unused/obsolete dependency |
| DEP003 | Transitive dependency |
| DEP004 | Misplaced development dependency |

Features

* **Replaced --skip-unused, --skip-obsolete, --skip-missing, --skip-misplaced-dev flags**: We have replaced the currently existing flags with the more generalized `--ignore` flag. Now, instead of skipping types of checks, you can specify the exact error codes to ignore using the `--ignore` flag (e.g., `deptry . --ignore "DEP001,DEP002"` to ignore checking for missing and unused dependencies).

The changes are also reflected in `pyproject.toml`. For example,


toml
[tool.deptry]
skip_missing = true
skip_unused = true


is superseded by

toml
[tool.deptry]
ignore = ["DEP001", "DEP002"]


* **Replaced --ignore-unused, --ignore-obsolete, --ignore-missing, --ignore-misplaced-dev flags**: Previously, specific checks for spefific dependencies/modules could be ingored using the `--ignore-<code>` flags. We are replacing these flags with the more generalized `--per-rule-ignores` flag. This flag allows you to specify dependencies that should be ignored for specific error codes, offering granular control over which errors are ignored for which dependencies. For instance, `deptry . --per-rule-ignores DEP001=matplotlib,DEP002=pandas|numpy` means `DEP001` will be ignored for `matplotlib`, while `DEP002` will be ignored for both `pandas` and `numpy`.

The changes are also reflected in `pyproject.toml`. For example,

toml
[tool.deptry]
ignore_missing = ["matplotlib"]
ignore_unused = ["pandas", "numpy"]


is superseded by

toml
[tool.deptry.per_rule_ignores]
DEP001 = ["matplotlib"]
DEP002 = ["pandas", "numpy"]


Please note that while the legacy arguments are still functional as of Deptry 0.12.0, we do plan to remove them in a future 1.0.0 release.


* Consider all groups for dev dependencies ([392](https://github.com/fpgmaas/deptry/pull/392))

Bug Fixes

* Handle `SyntaxError` raised by `ast.parse` ([426](https://github.com/fpgmaas/deptry/pull/426))

Full Changelog

https://github.com/fpgmaas/deptry/compare/0.11.0...0.12.0

Deprecations

* `--skip-obsolete` CLI option and its `skip_obsolete` couterpart in `pyproject.toml` are being replaced with `--skip-unused` and `skip_unused`, respectively
* `--ignore-obsolete` CLI option and its `ignore_obsolete` counterpart in `pyproject.toml` are being replaced with `--ignore-unused` and `ignore_unused`, respectively

This is done to account for a wording change, as we are replacing "obsolete" with "unused", since it has a clearer meaning for users.

The legacy options will still be usable for the time being, with a warning being shown in the terminal, but they will be removed in a future release, so you are advised to migrate to the new ones.

Features

* Add ability to pass multiple source directories ([381](https://github.com/fpgmaas/deptry/pull/381))
* Replace the word `obsolete` with `unused` ([373](https://github.com/fpgmaas/deptry/pull/373))

Bug Fixes

* Load gitignore from where CLI is invoked ([380](https://github.com/fpgmaas/deptry/pull/380))

Full Changelog

https://github.com/fpgmaas/deptry/compare/0.10.1...0.11.0

Bug Fixes

* Fix terminal output when only a single file is scanned ([372](https://github.com/fpgmaas/deptry/pull/372))
* Fix issue with `DEP004` being raised incorrectly when a dependency is defined both as a dev one and non-dev one ([376](https://github.com/fpgmaas/deptry/pull/376))

Full Changelog

[0.10.0...0.10.1](https://github.com/fpgmaas/deptry/compare/0.10.0...0.10.1)

Breaking Changes

Release `0.10.0` of deptry brings a significant improvement to the way in which issues are reported. Previously, issues were reported in a summarized format, making it difficult for users to pinpoint exactly where in the code the issue was occurring. This is resolved by https://github.com/fpgmaas/deptry/pull/357, which adds location information to the detected issues.

https://github.com/fpgmaas/deptry/pull/367 adds error codes to identify the different issue types:

| Code | Issue |
|--------|----------------------------------|
| DEP001 | Missing dependency |
| DEP002 | Obsolete dependency |
| DEP003 | Transitive dependency |
| DEP004 | Misplaced development dependency |

Here's an example of how issues are now reported in release 0.10.0:

console
foo/bar.py:11:11: DEP002 'an_import' imported but missing from the dependencies
foo/bar.py:12:11: DEP002 'another_import' imported but missing from the dependencies
foo/baz.py:13:11: DEP003 'cfgv' imported but it is a transitive dependency
pyproject.toml: DEP001 'pandas' defined as a dependency but not used in the codebase


The json output generated by using the `-o` or `--json-output` is also modified to include the new error codes and location information:

json
{
"error": {
"code": "DEP001",
"message": "'seven' imported but missing from the dependency definitions"
},
"module": "seven",
"location": {
"file": "foo/bar.py",
"line": 2,
"column": 0
}
}


Features

* Add location to error reports by ([357](https://github.com/fpgmaas/deptry/pull/357))
* Add colours to text output by ([368](https://github.com/fpgmaas/deptry/pull/368))

Full Changelog

[0.9.0...0.10.0](https://github.com/fpgmaas/deptry/compare/0.9.0...0.10.0)

Breaking Changes

Python 3.7 support dropped

Support for Python 3.7 has been dropped in https://github.com/fpgmaas/deptry/pull/352, given that it will reach end of life soon, and that PyPI stats show a really low usage of it. If you are using `deptry` on Python 3.7, consider upgrading to 3.8, or staying on `<0.9.0`.

Behaviour changes in package name guessing

In case packages don't provide the Python modules they expose, `deptry` tries to guess the package name by converting `-` to `_`, as a best effort, and warns about it in the logs. Before https://github.com/fpgmaas/deptry/pull/337, `deptry` always guessed the module name, regardless of if the package provided the necessary information or not. Now, it will only guess the module name if the package does not provide the information and no mapping has been provided using the new `--package-module-name-map` flag (or `package_module_name_map` option in `pyproject.toml`).

Handling modules without `__init__.py`

With https://github.com/fpgmaas/deptry/pull/285, `deptry` will now consider the following things as local modules:
- directories without `__init__.py` (and at least one Python file)
- single Python files

Previously, `deptry` only considered directories as local modules if an `__init__.py` was present, and did not account for cases where a single Python file could also be a local module, alongside directories.

Features

* Drop support for Python 3.7 ([352](https://github.com/fpgmaas/deptry/pull/352))
* Only try to guess module associated to a dependency as a fallback for when the package doesn't provide such information ([337](https://github.com/fpgmaas/deptry/pull/337))
* Handle local modules without `__init__.py` ([285](https://github.com/fpgmaas/deptry/pull/285))
* Ability to configure a map of package names to module names ([333](https://github.com/fpgmaas/deptry/pull/333))

Bug Fixes

* Replace 'PDM' with 'poetry' in log ([294](https://github.com/fpgmaas/deptry/pull/294))
* Account for Windows in code and tests ([343](https://github.com/fpgmaas/deptry/pull/343))

Miscellaneous

* Run tests on macOS and Windows on CI ([342](https://github.com/fpgmaas/deptry/pull/342))

Full Changelog

[0.8.0...0.9.0](https://github.com/fpgmaas/deptry/compare/0.9.0...0.10.0)

Features

* Don't filter out `setuptools` ([262](https://github.com/fpgmaas/deptry/pull/262))
* Use `sys.stdlib_module_names` to get stdlibs in Python >= 3.10 ([275](https://github.com/fpgmaas/deptry/pull/275))

Miscellaneous

* Drop `flake8` to only use `ruff` ([268](https://github.com/fpgmaas/deptry/pull/268))
* Use more `ruff` rules and replace `pyupgrade` and `pygrep-hooks` usages ([276](https://github.com/fpgmaas/deptry/pull/276))

Full Changelog

[0.7.1...0.8.0](https://github.com/fpgmaas/deptry/compare/0.7.1...0.8.0)