Skip to content

⬆️ Update dependency poetry to v2.3.3#2027

Merged
epenet merged 1 commit intomainfrom
renovate/poetry-2.x
Mar 30, 2026
Merged

⬆️ Update dependency poetry to v2.3.3#2027
epenet merged 1 commit intomainfrom
renovate/poetry-2.x

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented Mar 29, 2026
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
poetry (changelog) ==2.3.2==2.3.3 age adoption passing confidence

Release Notes

python-poetry/poetry (poetry)

v2.3.3

Compare Source

Fixed
  • Fix a path traversal vulnerability in the wheel installer that could allow malicious wheel files to write files outside the intended installation directory (#​10792).
  • Fix an issue where git dependencies from annotated tags could not be updated (#​10719).
  • Fix an issue where empty VIRTUAL_ENV or CONDA_PREFIX environment variables (e.g., after conda deactivate) would cause Poetry to incorrectly detect an active virtualenv (#​10784).
  • Fix an issue where an incomprehensible error message was printed when .venv was a file instead of a directory (#​10777).
  • Fix an issue where HTTP Basic Authentication credentials could be corrupted during request preparation, causing authentication failures with long tokens (#​10748).
  • Fix an issue where poetry publish --no-interaction --build requested user interaction (#​10769).
  • Fix an issue where poetry init and poetry new created a deprecated project.license format (#​10787).
Docs
  • Clarify the differences between poetry install and poetry update (#​10713).
  • Clarify the section of fields in the pyproject.toml examples (#​10753).
  • Add a note about the different installation location when Python from the Microsoft Store is used (#​10759).
  • Fix the system requirements for Poetry (#​10739).
  • Fix the poetry cache clear example (#​10749).
  • Fix the link to pipx installation instructions (#​10783).
poetry-core (2.3.2)
  • Fix an issue where platform_release could not be parsed on Debian Trixie (#​930).
  • Fix an issue where using project.readme.text in the pyproject.toml file resulted in broken metadata (#​914).
  • Fix an issue where dependency groups were considered equal when their resolved dependencies were equal, even if the groups themselves were not (#​919).
  • Fix an issue where removing a dependency from a group that included another group resulted in other dependencies being added to the included group (#​922).
  • Fix an issue where PEP 735 include-group entries were lost when [tool.poetry.group] also defined include-groups for the same group (#​924).
  • Fix an issue where the union of <value> not in <marker> constraints was wrongly treated as always satisfied (#​925).
  • Fix an issue where a post release with a local version identifier was wrongly allowed by a > version constraint (#​921).
  • Fix an issue where a version with the local version identifier 0 was treated as equal to the corresponding public version (#​920).
  • Fix an issue where a != <version> constraint wrongly disallowed pre releases and post releases of the specified version (#​929).
  • Fix an issue where in and not in constraints were wrongly not allowed by specific compound constraints (#​927).

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added dependencies Pull requests that update a dependency file no-stale labels Mar 29, 2026
@codecov
Copy link
Copy Markdown

codecov Bot commented Mar 29, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 87.03%. Comparing base (26fa60f) to head (faa5731).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2027   +/-   ##
=======================================
  Coverage   87.03%   87.03%           
=======================================
  Files          34       34           
  Lines        2159     2159           
  Branches      248      248           
=======================================
  Hits         1879     1879           
  Misses        198      198           
  Partials       82       82

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@renovate renovate Bot force-pushed the renovate/poetry-2.x branch 2 times, most recently from 5b6406c to 9923a4f Compare March 30, 2026 00:42
@renovate renovate Bot force-pushed the renovate/poetry-2.x branch from 9923a4f to faa5731 Compare March 30, 2026 06:51
@epenet epenet merged commit 894db3d into main Mar 30, 2026
22 of 23 checks passed
@epenet epenet deleted the renovate/poetry-2.x branch March 30, 2026 07:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file no-stale

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@epenet