Workflow

Pdm

Latest version: v2.23.0

Safety actively analyzes 723177 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 27 of 37

1.4.3

Not secure
---------------------------

Features & Improvements

- Change the group name of entry points from `pdm.plugins` to `pdm`.
Export some useful objects and models for shorter import path. [318](https://github.com/pdm-project/pdm/issues/318)
- Field `cmd` in `tools.pdm.scripts` configuration items now allows specifying an argument array instead of a string.
- Refactor: Remove the reference of `stream` singleton, improve the UI related code. [320](https://github.com/pdm-project/pdm/issues/320)
- Support dependencies managed by poetry and flit being installed as editable packages. [324](https://github.com/pdm-project/pdm/issues/324)
- Refactor: Extract the logic of finding interpreters to method for the sake of subclass overriding. [326](https://github.com/pdm-project/pdm/issues/326)
- Complete the `cache` command, add `list`, `remove` and `info` subcommands. [329](https://github.com/pdm-project/pdm/issues/329)
- Refactor: Unify the code about selecting interpreter to reduce the duplication. [331](https://github.com/pdm-project/pdm/issues/331)
- Retrieve the version and description of a flit project by parsing the AST of the main file. [333](https://github.com/pdm-project/pdm/issues/333)

Bug Fixes

- Fix a parsing error when non-ascii characters exist in `pyproject.toml`. [308](https://github.com/pdm-project/pdm/issues/308)
- Fix a bug that non-editable VCS candidates can't satisfy their requirements once locked in the lock file. [314](https://github.com/pdm-project/pdm/issues/314)
- Fix a bug of import-on-init that fails when requirements.txt is detected. [328](https://github.com/pdm-project/pdm/issues/328)

Miscellany

- refactor `pdm.iostream` to improve 'typing' support [301](https://github.com/pdm-project/pdm/issues/301)
- fix some typos [323](https://github.com/pdm-project/pdm/issues/323)

1.4.2

Not secure
---------------------------

Features & Improvements

- Refactor the code, extract the version related logic from `specifiers.py` to a separated module. [303](https://github.com/pdm-project/pdm/issues/303)

Bug Fixes

- Fix a bug that get_dependencies() returns error when the `setup.py` has no `install_requires` key. [299](https://github.com/pdm-project/pdm/issues/299)
- Pin the VCS revision for non-editable VCS candidates in the lock file. [305](https://github.com/pdm-project/pdm/issues/305)
- Fix a bug that editable build hits the cached wheel unexpectedly. [307](https://github.com/pdm-project/pdm/issues/307)

Miscellany

- replace 'typing comments' with type annotations throughout [298](https://github.com/pdm-project/pdm/issues/298)

1.4.1

Not secure
---------------------------

Features & Improvements

- Support importing dependencies from requirements.txt to dev-dependencies or sections. [291](https://github.com/pdm-project/pdm/issues/291)

Bug Fixes

- Fallback to static parsing when building was failed to find the dependencies of a candidate. [293](https://github.com/pdm-project/pdm/issues/293)
- Fix a bug that `pdm init` fails when `pyproject.toml` exists but has no `[project]` section. [295](https://github.com/pdm-project/pdm/issues/295)

Improved Documentation

- Document about how to use PDM with Nox. [281](https://github.com/pdm-project/pdm/issues/281)

1.4.0

Not secure
---------------------------

Features & Improvements

- When `-I/--ignore-python` passed or `PDM_IGNORE_SAVED_PYTHON=1`, ignore the interpreter set in `.pdm.toml` and don't save to it afterwards. [283](https://github.com/pdm-project/pdm/issues/283)
- A new option `-p/--project` is introduced to specify another path for the project base. It can also be combined with `-g/--global` option.
The latter is changed to a flag only option that does not accept values. [286](https://github.com/pdm-project/pdm/issues/286)
- Support `-f setuppy` for `pdm export` to export the metadata as setup.py [289](https://github.com/pdm-project/pdm/issues/289)

Bug Fixes

- Fix a bug that editable local package requirements cannot be parsed rightly. [285](https://github.com/pdm-project/pdm/issues/285)
- Change the priority of metadata files to parse so that PEP 621 metadata will be parsed first. [288](https://github.com/pdm-project/pdm/issues/288)

Improved Documentation

- Add examples of how to integrate with CI pipelines (and tox). [281](https://github.com/pdm-project/pdm/issues/281)

1.3.4

Not secure
---------------------------

Improved Documentation

- added documentation on a [task provider for vscode](https://marketplace.visualstudio.com/items?itemName=knowsuchagency.pdm-task-provider) [#280](https://github.com/pdm-project/pdm/issues/280)

Bug Fixes

- Ignore the python requires constraints when fetching the link from the PyPI index.

1.3.3

Not secure
---------------------------

Bug Fixes

- Fix the requirement string of a VCS requirement to comply with PEP 508. [275](https://github.com/pdm-project/pdm/issues/275)
- Fix a bug that editable packages with `src` directory can't be uninstalled correctly. [277](https://github.com/pdm-project/pdm/issues/277)
- Fix a bug that editable package doesn't override the non-editable version in the working set. [278](https://github.com/pdm-project/pdm/issues/278)

Page 27 of 37

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.