poetry icon indicating copy to clipboard operation
poetry copied to clipboard
verified publisher icon python-poetry

Poetry not updating .lock file with the newer dependency version when we're using `-post1` in the dependency version

Open Tin-Nguyen opened this issue 9 months ago • 4 comments

Description

Hi all,

I have an issue with Poetry 1.4.2 (not sure if it happens on the later versions). We have some dependencies in our main poetry project using the version formatted as x.y.z-post1 (-post1 is being used as our hotfix version).

Today I figured out the poetry isn't updating the version in .lock file if we mention the new version as -post1

Do you know if the issue is fixed on the newer version of poetry?

Workarounds

We have to use the regular version format (x.y.z) to get it works

Poetry Installation Method

pipx

Operating System

Amazon Linux 2023

Poetry Version

1.4.2

Poetry Configuration

cache-dir = "/Users/tinnguyen87/Library/Caches/pypoetry"
experimental.new-installer = true
experimental.system-git-client = false
installer.max-workers = null
installer.modern-installation = true
installer.no-binary = null
installer.parallel = true
virtualenvs.create = true
virtualenvs.in-project = null
virtualenvs.options.always-copy = false
virtualenvs.options.no-pip = false
virtualenvs.options.no-setuptools = false
virtualenvs.options.system-site-packages = true
virtualenvs.path = "{cache-dir}/virtualenvs"  # /Users/tinnguyen87/Library/Caches/pypoetry/virtualenvs
virtualenvs.prefer-active-python = false
virtualenvs.prompt = "{project_name}-py{python_version}"

Python Sysconfig

sysconfig.log 
Paste the output of 'python -m sysconfig', over this line.

Example pyproject.toml

Poetry Runtime Logs

poetry-runtime.log 
Paste the output of 'poetry -vvv <command>', over this line.

Tin-Nguyen avatar Mar 18 '25 16:03 Tin-Nguyen

No-one will be interested investigating anything with poetry 1.4.2 (now two years old). Please upgrade, please close.

dimbleby avatar Mar 18 '25 19:03 dimbleby

Tried on poetry 2.1.1 version, the issue is still there. Some additional notes I figured out:

  • If the previous version is 0.0.54 then I updated to 0.0.54-post1 => it doesn't update the .lock file
  • If the previous version is 0.0.55 then I updated to 0.0.54-post1 => the lock file is updated correctly.

Tin-Nguyen avatar Mar 19 '25 16:03 Tin-Nguyen

Just a guess without testing: Post Release according to PEP 440 must in the form X.Y.postN (https://peps.python.org/pep-0440/#post-releases) So in your case -post1 will be interpreted as a local version segment instead (https://peps.python.org/pep-0440/#local-version-segments).

finswimmer avatar Mar 19 '25 17:03 finswimmer

guessing is all anyone can do until you provide the details asked for by the issue template: what is your pyproject.toml, what command are you running, what are you expecting to happen, what is happening instead, show the logs.

dimbleby avatar Mar 19 '25 17:03 dimbleby