Automated Dependency Updates for Poetry

Categories: python

Renovate supports updating Poetry dependencies.

File Matching¶

By default, Renovate will check any files matching the following regular expression: /(^|/)pyproject\.toml$/.

For details on how to extend a manager's managerFilePatterns value, please follow this link.

Supported datasources¶

This manager supports extracting the following datasources: pypi, github-tags, github-releases, gitlab-tags, git-refs, git-tags.

Dependency types¶

This manager extracts the following depType values:

`depType`	Description
`dependencies`	Listed under `[tool.poetry.dependencies]`
`dev-dependencies`	Listed under `[tool.poetry.dev-dependencies]`
`extras`	An optional dependency marked with `optional = true`
`build-system.requires`	Listed under `[build-system.requires]`
`project.dependencies`	Listed under `[project.dependencies]` (PEP 621 style)
`project.optional-dependencies`	Listed under `[project.optional-dependencies]` (PEP 621 style)
`dependency-groups`	Listed under `[dependency-groups]` (PEP 735)

Dependency group names from [tool.poetry.group.<name>.dependencies] are also used as depType values.

Default config¶

{
  "managerFilePatterns": [
    "/(^|/)pyproject\\.toml$/"
  ]
}

Lock File Maintenance¶

This manager supports lockFileMaintenance for the following file(s):

poetry.lock

Additional Information¶

Poetry 0.x, 1.x and 2.x versions are supported.

Whenever the pyproject.toml file is updated, the Poetry lock file will be checked for updates as well.

Warning

Updating locked versions of Poetry dependencies is at times unreliable. We recommended that you pin dependency versions in your pyproject.toml instead.

Renovate cannot accurately update locked versions of Poetry dependency ranges due to limitations in Poetry. For example, if the pyproject.toml has a constraint like coverage = "^7.2", and the version in poetry.lock is 7.4.1, and we know that 7.4.3 is available, then Renovate can only run poetry update --lock --no-interaction coverage and hope the result is 7.4.3. Poetry does not support updating to a specific/exact version with the update command, and the above update command may not even update at all sometimes. For this reason it's much better to pin dependency versions in pyproject.toml, such as coverage = "7.4.1" because it then gives Renovate more control and the ability to accurate upgrade dependencies in increments like 7.4.1 to 7.4.3.