What are best practices for update dependencies in Python with Poetry?
Asked Answered
T

1

12

What is the best practice to automatically update python dependencies when working with poetry on github?

I would simply set up an action that runs poetry update (https://python-poetry.org/docs/cli/#update) in a new branch and opens a PR.

This method makes dependabot and renovate unnecessary, and since I'm used to working with those with other programming languages, I want to check whether my intuition about this as a best practice is a good one.

Side note: poetry + dependabot do not seem to be a good option because of this issue for which I haven't found a good solution.

Tegument answered 30/9, 2023 at 12:6 Comment(2)
when you want poetry to update your packages? i.e. what are scenarios for thisGasket
Yes. Update my dependencies.Tegument
I
13

poetry update updates your dependencies within the version range given in your pyproject.toml. So effectively it updates your poetry.lock file and also installs the updated packages.

Within your Update-CI you probably don't want to install anything. So run poetry lock instead.

At the moment, there is no poetrycommand that will also ugrade the version ranges given in your pyproject.toml. If you have something like ^1.0.0 as a version range for a dependency, a poetry update or poetry lock will never give you a 2.0.0 version of this dependency.

I have very good experience with renovate [docs] [repo] [home] for doing all that update stuff.

Icily answered 2/10, 2023 at 4:42 Comment(1)
Ok, thank for the heads up. I'll give a try with renovate.Tegument

© 2022 - 2024 — McMap. All rights reserved.