Skip to content

build(deps): bump poetry from 2.1.2 to 2.3.2 in /.github/workflows#325

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/dot-github/workflows/poetry-2.3.2
Open

build(deps): bump poetry from 2.1.2 to 2.3.2 in /.github/workflows#325
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/dot-github/workflows/poetry-2.3.2

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 1, 2026

Bumps poetry from 2.1.2 to 2.3.2.

Release notes

Sourced from poetry's releases.

2.3.2

Changed

  • Allow dulwich>=1.0 (#10701).

poetry-core (2.3.1)

  • Fix an issue where platform_release could not be parsed on Windows Server (#911).

2.3.1

Fixed

  • Fix an issue where cached information about each package was always considered outdated (#10699).

Docs

  • Document SHELL_VERBOSITY environment variable (#10678).

2.3.0

Added

  • Add support for exporting pylock.toml files with poetry-plugin-export (#10677).
  • Add support for specifying build constraints for dependencies (#10388).
  • Add support for publishing artifacts whose version is determined dynamically by the build-backend (#10644).
  • Add support for editable project plugins (#10661).
  • Check requires-poetry before any other validation (#10593).
  • Validate the content of project.readme when running poetry check (#10604).
  • Add the option to clear all caches by making the cache name in poetry cache clear optional (#10627).
  • Automatically update the cache for packages where the locked files differ from cached files (#10657).
  • Suggest to clear the cache if running a command with --no-cache solves an issue (#10585).
  • Propose poetry init when trying poetry new for an existing directory (#10563).
  • Add support for poetry publish --skip-existing for new Nexus OSS versions (#10603).
  • Show Poetry's own Python's path in poetry debug info (#10588).

Changed

  • Drop support for Python 3.9 (#10634).
  • Change the default of installer.re-resolve from true to false (#10622).
  • PEP 735 dependency groups are considered in the lock file hash (#10621).
  • Deprecate poetry.utils._compat.metadata, which is sometimes used in plugins, in favor of importlib.metadata (#10634).
  • Improve managing free-threaded Python versions with poetry python (#10606).
  • Prefer JSON API to HTML API in legacy repositories (#10672).
  • When running poetry init, only add the readme field in the pyproject.toml if the readme file exists (#10679).
  • Raise an error if no hash can be determined for any distribution link of a package (#10673).
  • Require dulwich>=0.25.0 (#10674).

Fixed

  • Fix an issue where poetry remove did not work for PEP 735 dependency groups with include-group items (#10587).
  • Fix an issue where poetry remove caused dangling include-group references in PEP 735 dependency groups (#10590).

... (truncated)

Changelog

Sourced from poetry's changelog.

[2.3.2] - 2026-02-01

Changed

  • Allow dulwich>=1.0 (#10701).

poetry-core (2.3.1)

  • Fix an issue where platform_release could not be parsed on Windows Server (#911).

[2.3.1] - 2026-01-20

Fixed

  • Fix an issue where cached information about each package was always considered outdated (#10699).

Docs

  • Document SHELL_VERBOSITY environment variable (#10678).

[2.3.0] - 2026-01-18

Added

  • Add support for exporting pylock.toml files with poetry-plugin-export (#10677).
  • Add support for specifying build constraints for dependencies (#10388).
  • Add support for publishing artifacts whose version is determined dynamically by the build-backend (#10644).
  • Add support for editable project plugins (#10661).
  • Check requires-poetry before any other validation (#10593).
  • Validate the content of project.readme when running poetry check (#10604).
  • Add the option to clear all caches by making the cache name in poetry cache clear optional (#10627).
  • Automatically update the cache for packages where the locked files differ from cached files (#10657).
  • Suggest to clear the cache if running a command with --no-cache solves an issue (#10585).
  • Propose poetry init when trying poetry new for an existing directory (#10563).
  • Add support for poetry publish --skip-existing for new Nexus OSS versions (#10603).
  • Show Poetry's own Python's path in poetry debug info (#10588).

Changed

  • Drop support for Python 3.9 (#10634).
  • Change the default of installer.re-resolve from true to false (#10622).
  • PEP 735 dependency groups are considered in the lock file hash (#10621).
  • Deprecate poetry.utils._compat.metadata, which is sometimes used in plugins, in favor of importlib.metadata (#10634).
  • Improve managing free-threaded Python versions with poetry python (#10606).
  • Prefer JSON API to HTML API in legacy repositories (#10672).
  • When running poetry init, only add the readme field in the pyproject.toml if the readme file exists (#10679).
  • Raise an error if no hash can be determined for any distribution link of a package (#10673).
  • Require dulwich>=0.25.0 (#10674).

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump poetry from 2.1.2 to 2.3.2 in /.github/workflows
e79d277 
Bumps [poetry](https://github.com/python-poetry/poetry) from 2.1.2 to 2.3.2.
- [Release notes](https://github.com/python-poetry/poetry/releases)
- [Changelog](https://github.com/python-poetry/poetry/blob/main/CHANGELOG.md)
- [Commits](python-poetry/poetry@2.1.2...2.3.2)

---
updated-dependencies:
- dependency-name: poetry
  dependency-version: 2.3.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 1, 2026
@dependabot dependabot bot mentioned this pull request Mar 1, 2026
Closed
steven-murray
steven-murray approved these changes Mar 1, 2026
View reviewed changes
Copy link
Member

@steven-murray steven-murray left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot merge

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@steven-murray steven-murray steven-murray approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@steven-murray