Bump poetry from 1.3.2 to 1.8.3 in /.github/workflows

[dependabot[bot]]

trafficstars

Bumps poetry from 1.3.2 to 1.8.3.

Release notes

Sourced from poetry's releases.

1.8.3

Added

• Add support for untagged CPython builds with versions ending with a + (#9207).

Changed

• Require pkginfo>=1.10 to ensure support for packages with metadata version 2.3 (#9130).
• Improve locking on FIPS systems (#9152).

Fixed

• Fix an issue where unrecognized package metadata versions silently resulted in empty dependencies (#9203, #9226).
• Fix an issue where trailing slashes in git URLs where not handled correctly (#9205).
• Fix an issue where poetry self commands printed a warning that the current project cannot be installed (#9302).
• Fix an issue where poetry install sporadically failed with a KeyError due to a race condition (#9335).

Docs

• Fix incorrect information about poetry shell (#9060).
• Add a git subdirectory example to poetry add (#9080).
• Mention interactive credential configuration (#9074).
• Add notes for optional advanced installation steps (#9098).
• Add reference to configuration credentials in documentation of poetry publish (#9110).
• Improve documentation for configuring credentials via environment variables (#9121).
• Remove misleading wording around virtual environments (#9213).
• Remove outdated advice regarding seeding keyring backends (#9164).
• Add a pyproject.toml example for a dependency with multiple extras (#9138).
• Clarify help of poetry add (#9230).
• Add a note how to configure credentials for TestPyPI for poetry publish (#9255).
• Fix information about the --readme option in poetry new (#9260).
• Clarify what is special about the Python constraint in dependencies (#9256).
• Update how to uninstall plugins via pipx (#9320).

1.8.2

Fixed

• Harden lazy-wheel error handling if the index server is behaving badly in an unexpected way (#9051).
• Improve lazy-wheel error handling if the index server does not handle HTTP range requests correctly (#9082).
• Improve lazy-wheel error handling if the index server pretends to support HTTP range requests but does not respect them (#9084).
• Improve lazy-wheel to allow redirects for HEAD requests (#9087).
• Improve debug logging for lazy-wheel errors (#9059).
• Fix an issue where the hash of a metadata file could not be calculated correctly due to an encoding issue (#9048).
• Fix an issue where poetry add failed in non-package mode if no project name was set (#9046).
• Fix an issue where a hint to non-package mode was not compliant with the final name of the setting (#9073).

1.8.1

Fixed

• Update the minimum required version of packaging (#9031).

... (truncated)

Changelog

Sourced from poetry's changelog.

[1.8.3] - 2024-05-03

Added

• Add support for untagged CPython builds with versions ending with a + (#9207).

Changed

• Require pkginfo>=1.10 to ensure support for packages with metadata version 2.3 (#9130).
• Improve locking on FIPS systems (#9152).

Fixed

• Fix an issue where unrecognized package metadata versions silently resulted in empty dependencies (#9203, #9226).
• Fix an issue where trailing slashes in git URLs where not handled correctly (#9205).
• Fix an issue where poetry self commands printed a warning that the current project cannot be installed (#9302).
• Fix an issue where poetry install sporadically failed with a KeyError due to a race condition (#9335).

Docs

• Fix incorrect information about poetry shell (#9060).
• Add a git subdirectory example to poetry add (#9080).
• Mention interactive credential configuration (#9074).
• Add notes for optional advanced installation steps (#9098).
• Add reference to configuration credentials in documentation of poetry publish (#9110).
• Improve documentation for configuring credentials via environment variables (#9121).
• Remove misleading wording around virtual environments (#9213).
• Remove outdated advice regarding seeding keyring backends (#9213).
• Add a pyproject.toml example for a dependency with multiple extras (#9138).
• Clarify help of poetry add (#9230).
• Add a note how to configure credentials for TestPyPI for poetry publish (#9255).
• Fix information about the --readme option in poetry new (#9260).
• Clarify what is special about the Python constraint in dependencies (#9256).
• Update how to uninstall plugins via pipx (#9320).

[1.8.2] - 2024-03-02

Fixed

• Harden lazy-wheel error handling if the index server is behaving badly in an unexpected way (#9051).
• Improve lazy-wheel error handling if the index server does not handle HTTP range requests correctly (#9082).
• Improve lazy-wheel error handling if the index server pretends to support HTTP range requests but does not respect them (#9084).
• Improve lazy-wheel to allow redirects for HEAD requests (#9087).
• Improve debug logging for lazy-wheel errors (#9059).
• Fix an issue where the hash of a metadata file could not be calculated correctly due to an encoding issue (#9049).
• Fix an issue where poetry add failed in non-package mode if no project name was set (#9046).
• Fix an issue where a hint to non-package mode was not compliant with the final name of the setting (#9073).

... (truncated)

Commits

• e5e4b0c release: bump version to 1.8.3
• dfd4aa1 Update pipx plugin uninstall docs (#9320)
• 5743357 docs: clarify python version usage (#9256)
• 4118200 Clarify readme help in new command (#9260)
• 779b042 Repositories update to resolve #6659 (#9255)
• 53673bf cli: improve add command help (#9230)
• 2e655b1 doc: add notes for advanced installation steps (#9098)
• 3988652 doc: mention interactive credential configuration
• 38637d1 docs: add git subdirectory example to add command
• c354cfa cmd/shell: fix incorrect documentation (#9060)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)