Workflow

Pdm

Latest version: v2.20.1

Safety actively analyzes 682457 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 2 of 36

2.19.0a0

Breaking Changes

- `pre_install` and `post_install` signals now receive the list of packages to be installed, instead of a candidate mapping. ([3144](https://github.com/pdm-project/pdm/issues/3144))

Features & Improvements

- Deprecate `Core.synchronizer_class` attribute. To get the synchronizer class, use `Project.get_synchronizer` method instead.
Deprecate `Core.resolver_class` attribute. To get the resolver class, use `Project.get_resolver` method instead. ([3144](https://github.com/pdm-project/pdm/issues/3144))
- Add experimental support for `uv` as the resolver and installer. One can opt in by setting `use_uv` to `true` using `pdm config` command. ([3144](https://github.com/pdm-project/pdm/issues/3144))

2.18.2

Bug Fixes

- Respect the `excludes` and `overrides` settings when installing packages. ([3113](https://github.com/pdm-project/pdm/issues/3113))
- Fix a bug of export command that packages with extras are included twice. ([3123](https://github.com/pdm-project/pdm/issues/3123))
- Remove empty groups when removing packages with `pdm remove`. ([3133](https://github.com/pdm-project/pdm/issues/3133))
- When running `pdm venv purge`, if the current project's python version had been referencing the removed venv then clear it out. ([3137](https://github.com/pdm-project/pdm/issues/3137))
- Fix command `pdm config` to not show site configuration file path if it doesn't exist. ([3149](https://github.com/pdm-project/pdm/issues/3149))
- Now when `--no-markers` is used, the exported requirements can only work on the current platform. ([3152](https://github.com/pdm-project/pdm/issues/3152))

Miscellany

- Skip tests related to python installation on non-standard platforms. ([3053](https://github.com/pdm-project/pdm/issues/3053))

2.18.1

Bug Fixes

- Skip checking `project.name` if it is absent when running `pdm outdated`. ([3095](https://github.com/pdm-project/pdm/issues/3095))
- Don't remove the `cross_platform` strategy from old lock files. ([3105](https://github.com/pdm-project/pdm/issues/3105))
- Fix a bug that the VCS revision is lost if the candidate metadata is cached during resolution. ([3107](https://github.com/pdm-project/pdm/issues/3107))
- Fix a bug that PDM can't delete source password when saved in keyring. ([3108](https://github.com/pdm-project/pdm/issues/3108))

2.18.0

Features & Improvements

- Respect certificates in env vars `REQUESTS_CA_BUNDLE` and `CURL_CA_BUNDLE` when verifying SSL certificates. ([3076](https://github.com/pdm-project/pdm/issues/3076))
- Allow pypi.verify_ssl to be configured via PDM_PYPI_VERIFY_SSL environmental variable. ([3081](https://github.com/pdm-project/pdm/issues/3081))
- Clean logs older than 7 days. ([3091](https://github.com/pdm-project/pdm/issues/3091))
- Polish the UI looking of locking packages to display the progress. ([3100](https://github.com/pdm-project/pdm/issues/3100))

Bug Fixes

- Fixed `pdm venv activate` to remove quotes such that `iex (pdm venv activate)` works correctly ([2895](https://github.com/pdm-project/pdm/issues/2895))
- Don't crash if the version can't be resolved from the self project. ([3077](https://github.com/pdm-project/pdm/issues/3077))
- Don't fail `install-pdm.py` if there is an invalid `pyproject.toml` file under the current directory. ([3085](https://github.com/pdm-project/pdm/issues/3085))
- Make it able to expand env vars in the the dotenv file. Expose `PDM_PROJECT_ROOT` to the dotenv file for expansion. ([3087](https://github.com/pdm-project/pdm/issues/3087))
- Fix a bug that Python markers from the existing locked packages are considered when locking with `--append` option. ([3089](https://github.com/pdm-project/pdm/issues/3089))
- Backfill urls from configured indexed when exporting to requirements.txt. ([3094](https://github.com/pdm-project/pdm/issues/3094))
- Consider the auto-selected Python range when installing from requirements.txt. ([3095](https://github.com/pdm-project/pdm/issues/3095))
- Fix a bug that env vars do not override project config correctly. ([3099](https://github.com/pdm-project/pdm/issues/3099))

2.17.3

Bug Fixes

- Fix a crash issue when `requires-python` is absent in the project metadata. ([3062](https://github.com/pdm-project/pdm/issues/3062))
- Now correctly sets related config for PDM_IGNORE_SAVED_PYTHON when it is set to "false", "no", "0". ([3064](https://github.com/pdm-project/pdm/issues/3064))
- Fix a bug that PDM plugins installed from project-root cannot be loaded, if they have dependencies. ([3067](https://github.com/pdm-project/pdm/issues/3067))

2.17.2

Features & Improvements

- Improve the installation progress output to show the time elapsed. ([3051](https://github.com/pdm-project/pdm/issues/3051))
- The effect of `pypi.ignore_stored_index` changes a bit. Now even if it is true, index configurations in the config will still be loaded if the index is listed in the `pyproject.toml`. ([3052](https://github.com/pdm-project/pdm/issues/3052))

Bug Fixes

- Ignore invalid requires-python values from index. ([3038](https://github.com/pdm-project/pdm/issues/3038))
- Fix the group selection logic, to make `--without GROUP` work as expected. ([3045](https://github.com/pdm-project/pdm/issues/3045))
- Suppress outputs for `pdm python install --quiet`. ([3049](https://github.com/pdm-project/pdm/issues/3049))

Page 2 of 36

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.