Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-poetry for openSUSE:Factory checked in at 2026-06-15 19:43:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-poetry (Old) and /work/SRC/openSUSE:Factory/.python-poetry.new.1981 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-poetry" Mon Jun 15 19:43:42 2026 rev:44 rq:1359282 version:2.4.1 Changes: -------- --- /work/SRC/openSUSE:Factory/python-poetry/python-poetry.changes 2026-05-07 15:46:55.203909227 +0200 +++ /work/SRC/openSUSE:Factory/.python-poetry.new.1981/python-poetry.changes 2026-06-15 19:46:50.243946775 +0200 @@ -1,0 +2,8 @@ +Sun Jun 14 17:05:01 UTC 2026 - Dirk Müller <[email protected]> + +- update to 2.4.1: + * Re-allow `installer==0.7.0` (#10887). + * Fix an issue where `poetry update <package>` failed when + `<package>` was a transitive dependency (#10885). + +------------------------------------------------------------------- Old: ---- poetry-2.4.0.tar.gz New: ---- poetry-2.4.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-poetry.spec ++++++ --- /var/tmp/diff_new_pack.HLgb7e/_old 2026-06-15 19:46:51.299991031 +0200 +++ /var/tmp/diff_new_pack.HLgb7e/_new 2026-06-15 19:46:51.303991198 +0200 @@ -27,7 +27,7 @@ %{?sle15_python_module_pythons} Name: python-poetry%{psuffix} -Version: 2.4.0 +Version: 2.4.1 Release: 0 Summary: Python dependency management and packaging License: MIT @@ -46,7 +46,6 @@ Requires: python-filelock >= 3.8.0 # /cachecontrol[filecache] Requires: (python-cleo >= 2.1.0 with python-cleo < 3.0.0) -Requires: python-installer >= 1.0.0 Requires: python-packaging >= 24.2 Requires: python-pbs-installer >= 2025.6.10 Requires: python-trove-classifiers >= 2022.5.19 @@ -54,6 +53,7 @@ Requires: (python-dulwich >= 0.25.0 with python-dulwich < 2) Requires: (python-fastjsonschema >= 2.18.0 with python-fastjsonschema < 3.0.0) Requires: (python-findpython >= 0.6.2 with python-findpython < 0.9.0) +Requires: (python-installer >= 0.7.0 with python-installer < 2.0.0) Requires: (python-keyring >= 25.1.0 with python-keyring < 26.0.0) Requires: (python-pkginfo >= 1.12 with python-pkginfo < 2.0) Requires: (python-platformdirs >= 3.0.0 with python-platformdirs < 5) @@ -78,10 +78,10 @@ BuildRequires: %{python_module orjson} BuildRequires: %{python_module poetry = %{version}} BuildRequires: %{python_module psutil} -BuildRequires: %{python_module pytest >= 7.1} +BuildRequires: %{python_module pytest >= 9.0} BuildRequires: %{python_module pytest-mock >= 3.9} BuildRequires: %{python_module pytest-xdist >= 3.1} -BuildRequires: %{python_module responses >= 0.25} +BuildRequires: %{python_module responses >= 0.25.8} BuildRequires: git-core %endif %python_subpackages ++++++ poetry-2.4.0.tar.gz -> poetry-2.4.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poetry-2.4.0/.github/workflows/.tests-matrix.yaml new/poetry-2.4.1/.github/workflows/.tests-matrix.yaml --- old/poetry-2.4.0/.github/workflows/.tests-matrix.yaml 2026-05-03 16:50:53.000000000 +0200 +++ new/poetry-2.4.1/.github/workflows/.tests-matrix.yaml 2026-05-09 17:08:34.000000000 +0200 @@ -117,12 +117,6 @@ env: PYTHON_VERSION: ${{ inputs.python-version }} - # This step can be removed after having released a poetry-plugin-export version - # that has cffi>=1.17.0 in its lock file. - - name: Force more recent cffi (workaround for Python 3.13) - working-directory: poetry-plugin-export - run: poetry update --lock cffi - - name: Install working-directory: poetry-plugin-export run: poetry install diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poetry-2.4.0/CHANGELOG.md new/poetry-2.4.1/CHANGELOG.md --- old/poetry-2.4.0/CHANGELOG.md 2026-05-03 16:50:53.000000000 +0200 +++ new/poetry-2.4.1/CHANGELOG.md 2026-05-09 17:08:34.000000000 +0200 @@ -1,5 +1,16 @@ # Change Log +## [2.4.1] - 2026-05-09 + +### Changed + +- Re-allow `installer==0.7.0` ([#10887](https://github.com/python-poetry/poetry/pull/10887)). + +### Fixed + +- Fix an issue where `poetry update <package>` failed when `<package>` was a transitive dependency ([#10885](https://github.com/python-poetry/poetry/pull/10885)). + + ## [2.4.0] - 2026-05-03 ### Added @@ -2745,7 +2756,8 @@ -[Unreleased]: https://github.com/python-poetry/poetry/compare/2.4.0...main +[Unreleased]: https://github.com/python-poetry/poetry/compare/2.4.1...main +[2.4.1]: https://github.com/python-poetry/poetry/releases/tag/2.4.1 [2.4.0]: https://github.com/python-poetry/poetry/releases/tag/2.4.0 [2.3.4]: https://github.com/python-poetry/poetry/releases/tag/2.3.4 [2.3.3]: https://github.com/python-poetry/poetry/releases/tag/2.3.3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poetry-2.4.0/poetry.lock new/poetry-2.4.1/poetry.lock --- old/poetry-2.4.0/poetry.lock 2026-05-03 16:50:53.000000000 +0200 +++ new/poetry-2.4.1/poetry.lock 2026-05-09 17:08:34.000000000 +0200 @@ -2267,4 +2267,4 @@ [metadata] lock-version = "2.1" python-versions = ">=3.10,<4.0" -content-hash = "aaa48ef867f604f545182fae11b744abdf8c1f4b0d75b47647d598140666a4c3" +content-hash = "5cfdc2e870f25504fe57aa00e30688d352a4b6f9ad42d49ce20fcdb4f2c29a77" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poetry-2.4.0/pyproject.toml new/poetry-2.4.1/pyproject.toml --- old/poetry-2.4.0/pyproject.toml 2026-05-03 16:50:53.000000000 +0200 +++ new/poetry-2.4.1/pyproject.toml 2026-05-09 17:08:34.000000000 +0200 @@ -1,6 +1,6 @@ [project] name = "poetry" -version = "2.4.0" +version = "2.4.1" description = "Python dependency management and packaging made easy." requires-python = ">=3.10,<4.0" dependencies = [ @@ -10,7 +10,7 @@ "cleo (>=2.1.0,<3.0.0)", "dulwich (>=0.25.0,<2)", "fastjsonschema (>=2.18.0,<3.0.0)", - "installer (>=1.0.0,<2.0.0)", + "installer (>=0.7.0,<2.0.0)", "keyring (>=25.1.0,<26.0.0)", # packaging uses calver, so version is unclamped "packaging (>=24.2)", # PEP 639 support was added in 24.2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poetry-2.4.0/src/poetry/console/commands/update.py new/poetry-2.4.1/src/poetry/console/commands/update.py --- old/poetry-2.4.0/src/poetry/console/commands/update.py 2026-05-03 16:50:53.000000000 +0200 +++ new/poetry-2.4.1/src/poetry/console/commands/update.py 2026-05-09 17:08:34.000000000 +0200 @@ -67,8 +67,16 @@ ) return 1 - # Validate that all specified packages are declared dependencies + # Validate that all specified packages appear somewhere in the + # project's dependency graph. We union two sources: + # - declared deps in pyproject.toml (covers a freshly-edited + # pyproject where the lockfile has not caught up yet) + # - locked deps in poetry.lock (covers transitive deps that + # are not declared directly in pyproject.toml) all_dependencies = {dep.name for dep in self.poetry.package.all_requires} + all_dependencies |= { + p.name for p in self.poetry.locker.locked_repository().packages + } invalid_packages = [ p for p in packages if canonicalize_name(p) not in all_dependencies diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poetry-2.4.0/tests/config/test_config_source.py new/poetry-2.4.1/tests/config/test_config_source.py --- old/poetry-2.4.0/tests/config/test_config_source.py 2026-05-03 16:50:53.000000000 +0200 +++ new/poetry-2.4.1/tests/config/test_config_source.py 2026-05-09 17:08:34.000000000 +0200 @@ -23,7 +23,7 @@ migration.apply(config_source) - config_source._config = { + assert config_source._config == { "virtualenvs": { "use-poetry-python": True, }, @@ -49,7 +49,7 @@ migration.apply(config_source) - config_source._config = { + assert config_source._config == { "virtualenvs": {}, "system-git-client": True, } @@ -74,7 +74,7 @@ migration.apply(config_source) - config_source._config = { + assert config_source._config == { "virtualenvs": {}, "system-git-client": True, } @@ -99,7 +99,7 @@ migration.apply(config_source) - config_source._config = { + assert config_source._config == { "virtualenvs": { "use-poetry-python": None, }, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/poetry-2.4.0/tests/console/commands/test_update.py new/poetry-2.4.1/tests/console/commands/test_update.py --- old/poetry-2.4.0/tests/console/commands/test_update.py 2026-05-03 16:50:53.000000000 +0200 +++ new/poetry-2.4.1/tests/console/commands/test_update.py 2026-05-09 17:08:34.000000000 +0200 @@ -145,6 +145,76 @@ assert tester.io.fetch_error() == "" +def test_update_with_transitive_dependency( + project_factory: ProjectFactory, + fixture_dir: FixtureDirGetter, + repo: DummyRepository, + command_tester_factory: CommandTesterFactory, + mocker: MockerFixture, +) -> None: + """ + Regression test: `poetry update <pkg>` must work when <pkg> is a + transitive dependency present in the lockfile but not declared + directly in pyproject.toml. In the fixture, `requests` is pulled in + by `docker`. + """ + source = fixture_dir("outdated_lock") + poetry = project_factory( + name="foobar", + pyproject_content=(source / "pyproject.toml").read_text(encoding="utf-8"), + poetry_lock_content=(source / "poetry.lock").read_text(encoding="utf-8"), + use_test_locker=False, + ) + + tester = command_tester_factory("update", poetry=poetry) + assert isinstance(tester.command, UpdateCommand) + mocker.patch.object(tester.command.installer, "run", return_value=0) + + repo.add_package(get_package("requests", "2.25.0")) + + status = tester.execute("requests") + + assert status == 0 + assert tester.io.fetch_error() == "" + + +def test_update_with_dependency_added_to_pyproject_but_not_locked( + project_factory: ProjectFactory, + fixture_dir: FixtureDirGetter, + repo: DummyRepository, + command_tester_factory: CommandTesterFactory, + mocker: MockerFixture, +) -> None: + """ + Regression test: a dependency that has been added to pyproject.toml but + is not yet present in the lockfile (because the user has not run + `poetry lock` yet) must still be acceptable to `poetry update`. + """ + source = fixture_dir("outdated_lock") + pyproject_content = (source / "pyproject.toml").read_text(encoding="utf-8") + pyproject_content = pyproject_content.replace( + '"docker>=4.3.1",', + '"docker>=4.3.1",\n "pendulum>=3.0.0",', + ) + poetry = project_factory( + name="foobar", + pyproject_content=pyproject_content, + poetry_lock_content=(source / "poetry.lock").read_text(encoding="utf-8"), + use_test_locker=False, + ) + + tester = command_tester_factory("update", poetry=poetry) + assert isinstance(tester.command, UpdateCommand) + mocker.patch.object(tester.command.installer, "run", return_value=0) + + repo.add_package(get_package("pendulum", "3.0.0")) + + status = tester.execute("pendulum") + + assert status == 0 + assert tester.io.fetch_error() == "" + + def test_update_with_invalid_package_name_shows_error( poetry_with_outdated_lockfile: Poetry, command_tester_factory: CommandTesterFactory,
