Announcing Poetry 1.8.0

Published on February 25, 2024 in Releases with tags 1.X 1.8

The Poetry team is pleased to announce the immediate availability of Poetry 1.8.0.

If you have a previous version of Poetry installed via pipx, getting Poetry 1.8.0 is as easy as:

$ pipx upgrade poetry

If you used the official installer, you can run:

$ poetry self update

Highlights #

Better support for non-package projects #

Poetry is a tool for packaging and dependency management. Yet, it is perfectly fine if you want to use Poetry only for dependency management and not for packaging. However, you had to jump through some hoops to make this work. With Poetry 1.8, you can just specify that your project is not supposed to be packaged by setting the package-mode to false:

package-mode = false

With this setting:

Fetching metadata faster via PEP 658 support and new lazy-wheel feature #

When resolving dependencies with a cold cache, most of the time is spent for fetching metadata. In the past, Poetry had to download wheels to extract metadata (except for PyPI if metadata was available via its custom JSON API). Poetry 1.8 now supports PEP 658 to fetch metadata without having to download wheels.

However, most package indices do not support PEP 658 yet. To mitigate this, Poetry 1.8 introduces a new lazy-wheel feature, which is enabled by default. With this feature, Poetry will extract the metadata from remote wheels via HTTP range requests. This way, Poetry can fetch metadata by only downloading a small amount of the wheel instead of the whole file.

If the package index does not even provide hashes, Poetry still has to download the whole file to calculate the hash itself.

Although we tested this feature with various package indices, there still might be servers that respond to HTTP range requests in an unexpected way. Therefore, if you experience any issues with this feature, you can disable lazy-wheel.

Other important Changes #

Deprecating default source type #

Since Poetry 1.5, a warning is printed that the implicit PyPI source will be disabled automatically in the future if at least one custom primary source is configured. With Poetry 1.8, this warning becomes true. As a result, the default source type is not required anymore because a default source is exactly the same as the first primary source. This is the last deprecation in a series of changes to simplify and improve Poetry’s handling of package sources.

Upgrading warning about inconsistent lockfile to an error #

In the past, Poetry only printed a warning when running poetry install and the pyproject.toml file had been changed significantly since poetry.lock was last generated. As a result, poetry install might fail or succeed with expected or unexpected results. This warning has been upgraded to an error to avoid issues that are hard to debug.

Upcoming Changes #

Removing poetry-plugin-export from the default installation #

Prior Poetry 1.2, export had been a built-in command. With Poetry 1.2, the export command was outsourced into poetry-plugin-export. To avoid a breaking change, we decided to install poetry-plugin-export per default. However, this resulted in a cyclic dependency between poetry and poetry-plugin-export, which causes issues for some third-party tools and results in an increased maintenance effort for the Poetry team.

Therefore, we are planning to not install poetry-plugin-export per default in a future version of Poetry. To ensure that as many users as possible are informed about this upcoming change, a warning, which can be deactivated, will be shown when running poetry export. In order to make your automation forward-compatible, just install poetry-plugin-export explicitly (even though it is already installed per default for now).

Changelog #

Added #

Changed #

Fixed #

Docs #

poetry-core (1.9.0) #