Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

poetry self update warning: The locked version 1.5.0 for shellingham is a yanked version. #7344

Closed
4 tasks done
bruceadams opened this issue Jan 12, 2023 · 18 comments
Closed
4 tasks done

poetry self update warning: The locked version 1.5.0 for shellingham is a yanked version. #7344

bruceadams opened this issue Jan 12, 2023 · 18 comments
Labels
kind/question User questions (candidates for conversion to discussion)

Comments

@bruceadams
Copy link

  • Poetry version: 1.3.2
  • Python version: 3.10.6
  • OS version and name: macOS 12.6.2
  • pyproject.toml: none
  • I am on the latest stable Poetry version, installed using a recommended method.
  • I have searched the issues of this repo and believe that this is not a duplicate.
  • I have consulted the FAQ and blog for any relevant entries or release notes.
  • If an exception occurs when executing a command, I executed it again in debug mode (-vvv option) and have included the output below.

Issue

Running poetry self update gives the warning message:

Warning: The locked version 1.5.0 for shellingham is a yanked version. Reason for being yanked: Incorrect package metadata

Rerunning poetry self update continues to give the same warning message.

Simple run of poetry self update

% poetry self update
Updating Poetry version ...

Using version ^1.3.2 for poetry

Updating dependencies
Resolving dependencies... (0.2s)
Warning: The locked version 1.5.0 for shellingham is a yanked version. Reason for being yanked: Incorrect package metadata

No dependencies to install or update

Debug run of poetry self update

% poetry self update -vv
Updating Poetry version ...

Using version ^1.3.2 for poetry

Updating dependencies
Resolving dependencies...
   1: fact: poetry-instance is 1.3.2
   1: derived: poetry-instance
   1: fact: poetry-instance depends on poetry (^1.3.2)
   1: selecting poetry-instance (1.3.2)
   1: derived: poetry (>=1.3.2,<2.0.0)
   1: fact: poetry (1.3.2) depends on poetry-core (1.4.0)
   1: fact: poetry (1.3.2) depends on poetry-plugin-export (>=1.2.0,<2.0.0)
   1: fact: poetry (1.3.2) depends on cachecontrol (>=0.12.9,<0.13.0)
   1: fact: poetry (1.3.2) depends on cleo (>=2.0.0,<3.0.0)
   1: fact: poetry (1.3.2) depends on crashtest (>=0.4.1,<0.5.0)
   1: fact: poetry (1.3.2) depends on dulwich (>=0.20.46,<0.21.0)
   1: fact: poetry (1.3.2) depends on filelock (>=3.8.0,<4.0.0)
   1: fact: poetry (1.3.2) depends on html5lib (>=1.0,<2.0)
   1: fact: poetry (1.3.2) depends on jsonschema (>=4.10.0,<5.0.0)
   1: fact: poetry (1.3.2) depends on keyring (>=23.9.0,<24.0.0)
   1: fact: poetry (1.3.2) depends on lockfile (>=0.12.2,<0.13.0)
   1: fact: poetry (1.3.2) depends on packaging (>=20.4)
   1: fact: poetry (1.3.2) depends on pexpect (>=4.7.0,<5.0.0)
   1: fact: poetry (1.3.2) depends on pkginfo (>=1.5,<2.0)
   1: fact: poetry (1.3.2) depends on platformdirs (>=2.5.2,<3.0.0)
   1: fact: poetry (1.3.2) depends on requests (>=2.18,<3.0)
   1: fact: poetry (1.3.2) depends on requests-toolbelt (>=0.9.1,<0.11.0)
   1: fact: poetry (1.3.2) depends on shellingham (>=1.5,<2.0)
   1: fact: poetry (1.3.2) depends on tomli (>=2.0.1,<3.0.0)
   1: fact: poetry (1.3.2) depends on tomlkit (>=0.11.1,<0.11.2 || >0.11.2,<0.11.3 || >0.11.3,<1.0.0)
   1: fact: poetry (1.3.2) depends on trove-classifiers (>=2022.5.19)
   1: fact: poetry (1.3.2) depends on virtualenv (>=20.4.3,<20.4.5 || >20.4.5,<20.4.6 || >20.4.6,<21.0.0)
   1: fact: poetry (1.3.2) depends on xattr (>=0.10.0,<0.11.0)
   1: fact: poetry (1.3.2) depends on urllib3 (>=1.26.0,<2.0.0)
   1: selecting poetry (1.3.2)
   1: derived: urllib3 (>=1.26.0,<2.0.0)
   1: derived: xattr (>=0.10.0,<0.11.0)
   1: derived: virtualenv (>=20.4.3,!=20.4.5,!=20.4.6,<21.0.0)
   1: derived: trove-classifiers (>=2022.5.19)
   1: derived: tomlkit (>=0.11.1,!=0.11.2,!=0.11.3,<1.0.0)
   1: derived: tomli (>=2.0.1,<3.0.0)
   1: derived: shellingham (>=1.5,<2.0)
   1: derived: requests-toolbelt (>=0.9.1,<0.11.0)
   1: derived: requests (>=2.18,<3.0)
   1: derived: platformdirs (>=2.5.2,<3.0.0)
   1: derived: pkginfo (>=1.5,<2.0)
   1: derived: pexpect (>=4.7.0,<5.0.0)
   1: derived: packaging (>=20.4)
   1: derived: lockfile (>=0.12.2,<0.13.0)
   1: derived: keyring (>=23.9.0,<24.0.0)
   1: derived: jsonschema (>=4.10.0,<5.0.0)
   1: derived: html5lib (>=1.0,<2.0)
   1: derived: filelock (>=3.8.0,<4.0.0)
   1: derived: dulwich (>=0.20.46,<0.21.0)
   1: derived: crashtest (>=0.4.1,<0.5.0)
   1: derived: cleo (>=2.0.0,<3.0.0)
   1: derived: cachecontrol[filecache] (>=0.12.9,<0.13.0)
   1: derived: poetry-plugin-export (>=1.2.0,<2.0.0)
   1: derived: poetry-core (==1.4.0)
   1: selecting urllib3 (1.26.12)
   1: selecting trove-classifiers (2022.12.1)
   1: selecting tomlkit (0.11.4)
   1: selecting shellingham (1.5.0)
   1: fact: requests-toolbelt (0.9.1) depends on requests (>=2.0.1,<3.0.0)
   1: selecting requests-toolbelt (0.9.1)
   1: fact: requests (2.28.1) depends on charset-normalizer (>=2,<3)
   1: fact: requests (2.28.1) depends on idna (>=2.5,<4)
   1: fact: requests (2.28.1) depends on urllib3 (>=1.21.1,<1.27)
   1: fact: requests (2.28.1) depends on certifi (>=2017.4.17)
   1: selecting requests (2.28.1)
   1: derived: certifi (>=2017.4.17)
   1: derived: idna (>=2.5,<4)
   1: derived: charset-normalizer (>=2,<3)
   1: selecting platformdirs (2.5.2)
   1: selecting pkginfo (1.8.3)
   1: fact: pexpect (4.8.0) depends on ptyprocess (>=0.5)
   1: selecting pexpect (4.8.0)
   1: derived: ptyprocess (>=0.5)
   1: fact: packaging (21.3) depends on pyparsing (>=2.0.2,<3.0.5 || >3.0.5)
   1: selecting packaging (21.3)
   1: derived: pyparsing (>=2.0.2,!=3.0.5)
   1: selecting lockfile (0.12.2)
   1: fact: keyring (23.11.0) depends on jaraco.classes (*)
   1: fact: keyring (23.11.0) depends on importlib-metadata (>=4.11.4)
   1: fact: keyring (23.11.0) depends on SecretStorage (>=3.2)
   1: fact: keyring (23.11.0) depends on jeepney (>=0.4.2)
   1: fact: keyring (23.11.0) depends on pywin32-ctypes (<0.1.0 || >0.1.0,<0.1.1 || >0.1.1)
   1: selecting keyring (23.11.0)
   1: derived: pywin32-ctypes (!=0.1.0,!=0.1.1)
   1: derived: jeepney (>=0.4.2)
   1: derived: SecretStorage (>=3.2)
   1: derived: importlib-metadata (>=4.11.4)
   1: derived: jaraco.classes
   1: fact: jsonschema (4.15.0) depends on attrs (>=17.4.0)
   1: fact: jsonschema (4.15.0) depends on pyrsistent (>=0.14.0,<0.17.0 || >0.17.0,<0.17.1 || >0.17.1,<0.17.2 || >0.17.2)
   1: selecting jsonschema (4.15.0)
   1: derived: pyrsistent (>=0.14.0,!=0.17.0,!=0.17.1,!=0.17.2)
   1: derived: attrs (>=17.4.0)
   1: fact: html5lib (1.1) depends on six (>=1.9)
   1: fact: html5lib (1.1) depends on webencodings (*)
   1: selecting html5lib (1.1)
   1: derived: webencodings
   1: derived: six (>=1.9)
   1: selecting filelock (3.8.0)
   1: fact: dulwich (0.20.46) depends on urllib3 (>=1.25)
   1: selecting dulwich (0.20.46)
   1: selecting crashtest (0.4.1)
   1: fact: cleo (2.0.1) depends on crashtest (>=0.4.1,<0.5.0)
   1: fact: cleo (2.0.1) depends on rapidfuzz (>=2.2.0,<3.0.0)
   1: selecting cleo (2.0.1)
   1: derived: rapidfuzz (>=2.2.0,<3.0.0)
   1: fact: cachecontrol (0.12.11) depends on cachecontrol (0.12.11)
   1: fact: cachecontrol (0.12.11) depends on requests (*)
   1: fact: cachecontrol (0.12.11) depends on msgpack (>=0.5.2)
   1: fact: cachecontrol (0.12.11) depends on lockfile (>=0.9)
   1: selecting cachecontrol[filecache] (0.12.11)
   1: derived: msgpack (>=0.5.2)
   1: derived: cachecontrol (==0.12.11)
   1: fact: poetry-plugin-export (1.2.0) depends on poetry (>=1.2.2,<2.0.0)
   1: fact: poetry-plugin-export (1.2.0) depends on poetry-core (>=1.3.0,<2.0.0)
   1: selecting poetry-plugin-export (1.2.0)
   1: selecting poetry-core (1.4.0)
   1: selecting certifi (2022.6.15)
   1: selecting idna (3.3)
   1: selecting charset-normalizer (2.1.1)
   1: selecting ptyprocess (0.7.0)
   1: selecting pyparsing (3.0.9)
   1: fact: jaraco-classes (3.2.3) depends on more-itertools (*)
   1: selecting jaraco-classes (3.2.3)
   1: derived: more-itertools
   1: selecting pyrsistent (0.18.1)
   1: selecting attrs (22.1.0)
   1: selecting webencodings (0.5.1)
   1: selecting six (1.16.0)
   1: selecting rapidfuzz (2.13.4)
   1: selecting msgpack (1.0.4)
   1: selecting more-itertools (9.0.0)
   1: fact: xattr (0.10.1) depends on cffi (>=1.0)
   1: selecting xattr (0.10.1)
   1: derived: cffi (>=1.0)
   1: fact: cffi (1.15.1) depends on pycparser (*)
   1: selecting cffi (1.15.1)
   1: derived: pycparser
   1: selecting pycparser (2.21)
   1: fact: virtualenv (20.16.4) depends on distlib (>=0.3.5,<1)
   1: fact: virtualenv (20.16.4) depends on filelock (>=3.4.1,<4)
   1: fact: virtualenv (20.16.4) depends on platformdirs (>=2.4,<3)
   1: selecting virtualenv (20.16.4)
   1: derived: distlib (>=0.3.5,<1)
   1: selecting distlib (0.3.6)
   1: selecting tomli (2.0.1)
   1: selecting pywin32-ctypes (0.2.0)
   1: selecting jeepney (0.8.0)
   1: fact: secretstorage (3.3.3) depends on cryptography (>=2.0)
   1: fact: secretstorage (3.3.3) depends on jeepney (>=0.6)
   1: selecting secretstorage (3.3.3)
   1: derived: cryptography (>=2.0)
   1: fact: cryptography (37.0.4) depends on cffi (>=1.12)
   1: selecting cryptography (37.0.4)
   1: fact: importlib-metadata (5.1.0) depends on zipp (>=0.5)
   1: selecting importlib-metadata (5.1.0)
   1: derived: zipp (>=0.5)
   1: selecting zipp (3.11.0)
   1: fact: cachecontrol (0.12.11) depends on requests (*)
   1: fact: cachecontrol (0.12.11) depends on msgpack (>=0.5.2)
   1: selecting cachecontrol (0.12.11)
   1: Version solving took 0.141 seconds.
   1: Tried 1 solutions.
Warning: The locked version 1.5.0 for shellingham is a yanked version. Reason for being yanked: Incorrect package metadata

Finding the necessary packages for the current system

Package operations: 0 installs, 0 updates, 0 removals, 43 skipped

  • Installing attrs (22.1.0): Skipped for the following reason: Already installed
  • Installing jsonschema (4.15.0): Skipped for the following reason: Already installed
  • Installing charset-normalizer (2.1.1): Skipped for the following reason: Already installed
  • Installing lockfile (0.12.2): Skipped for the following reason: Already installed
  • Installing dulwich (0.20.46): Skipped for the following reason: Already installed
  • Installing msgpack (1.0.4): Skipped for the following reason: Already installed
  • Installing idna (3.3): Skipped for the following reason: Already installed
  • Installing jaraco-classes (3.2.3): Skipped for the following reason: Already installed
  • Installing pexpect (4.8.0): Skipped for the following reason: Already installed
  • Installing pkginfo (1.8.3): Skipped for the following reason: Already installed
  • Installing platformdirs (2.5.2): Skipped for the following reason: Already installed
  • Installing poetry (1.3.2): Skipped for the following reason: Already installed
  • Installing html5lib (1.1): Skipped for the following reason: Already installed
  • Installing poetry-plugin-export (1.2.0): Skipped for the following reason: Already installed
  • Installing ptyprocess (0.7.0): Skipped for the following reason: Already installed
  • Installing pycparser (2.21): Skipped for the following reason: Already installed
  • Installing pyparsing (3.0.9): Skipped for the following reason: Already installed
  • Installing pyrsistent (0.18.1): Skipped for the following reason: Already installed
  • Installing rapidfuzz (2.13.4): Skipped for the following reason: Already installed
  • Installing requests (2.28.1): Skipped for the following reason: Already installed
  • Installing packaging (21.3): Skipped for the following reason: Already installed
  • Installing requests-toolbelt (0.9.1): Skipped for the following reason: Already installed
  • Installing cffi (1.15.1): Skipped for the following reason: Already installed
  • Installing shellingham (1.5.0): Skipped for the following reason: Already installed
  • Installing six (1.16.0): Skipped for the following reason: Already installed
  • Installing tomli (2.0.1): Skipped for the following reason: Already installed
  • Installing tomlkit (0.11.4): Skipped for the following reason: Already installed
  • Installing importlib-metadata (5.1.0): Skipped for the following reason: Already installed
  • Installing trove-classifiers (2022.12.1): Skipped for the following reason: Already installed
  • Installing urllib3 (1.26.12): Skipped for the following reason: Already installed
  • Installing certifi (2022.6.15): Skipped for the following reason: Already installed
  • Installing cachecontrol (0.12.11): Skipped for the following reason: Already installed
  • Installing more-itertools (9.0.0): Skipped for the following reason: Already installed
  • Installing cleo (2.0.1): Skipped for the following reason: Already installed
  • Installing filelock (3.8.0): Skipped for the following reason: Already installed
  • Installing keyring (23.11.0): Skipped for the following reason: Already installed
  • Installing virtualenv (20.16.4): Skipped for the following reason: Already installed
  • Installing zipp (3.11.0): Skipped for the following reason: Already installed
  • Installing distlib (0.3.6): Skipped for the following reason: Already installed
  • Installing webencodings (0.5.1): Skipped for the following reason: Already installed
  • Installing xattr (0.10.1): Skipped for the following reason: Already installed
  • Installing poetry-core (1.4.0): Skipped for the following reason: Already installed
  • Installing crashtest (0.4.1): Skipped for the following reason: Already installed
@bruceadams bruceadams added kind/bug Something isn't working as expected status/triage This issue needs to be triaged labels Jan 12, 2023
@neersighted
Copy link
Member

I'm not sure this is a bug or there's anything that makes sense to do here; if you reinstall Poetry this should solve itself. The release became yanked between the time you installed Poetry and the time you attempted to self-update, and Poetry will not opt out of a yanked version when already selected.

It's possible to manually massage this, but if you are concerned, reinstalling is a better/easier way to handle this.

@neersighted neersighted added kind/question User questions (candidates for conversion to discussion) and removed kind/bug Something isn't working as expected status/triage This issue needs to be triaged labels Jan 12, 2023
@bruceadams
Copy link
Author

A reinstall gets me a different set of dependencies than an update? This sounds like I get a different poetry every time I install it. This is … terrifying!

@neersighted
Copy link
Member

Yes, Poetry is installed as a normal Python package and the version constraints we set in pyproject.toml are exported. poetry update will only do anything if there is an update to do (e.g. an update available).

@bruceadams
Copy link
Author

Reinstall (without an intervening uninstall) didn't help.

% curl -sSL https://install.python-poetry.org | python3 -
Retrieving Poetry metadata

# Welcome to Poetry!

This will download and install the latest version of Poetry,
a dependency and package manager for Python.

It will add the `poetry` command to Poetry's bin directory, located at:

/Users/bruce/.local/bin

You can uninstall at any time by executing this script with the --uninstall option,
and these changes will be reverted.

Installing Poetry (1.3.2): Done

Poetry (1.3.2) is installed now. Great!

You can test that everything is set up by executing:

`poetry --version`

% poetry --version
Poetry (version 1.3.2)
% poetry self update
Updating Poetry version ...

Using version ^1.3.2 for poetry

Updating dependencies
Resolving dependencies... (0.4s)
Warning: The locked version 1.5.0 for shellingham is a yanked version. Reason for being yanked: Incorrect package metadata

Writing lock file

Package operations: 1 install, 20 updates, 0 removals

  • Updating certifi (2022.12.7 -> 2022.6.15)
  • Updating charset-normalizer (3.0.1 -> 2.1.1)
  • Updating idna (3.4 -> 3.3)
  • Updating urllib3 (1.26.14 -> 1.26.12)
  • Updating attrs (22.2.0 -> 22.1.0)
  • Updating filelock (3.9.0 -> 3.8.0)
  • Updating platformdirs (2.6.2 -> 2.5.2)
  • Installing pyparsing (3.0.9)
  • Updating pyrsistent (0.19.3 -> 0.18.1)
  • Updating rapidfuzz (2.13.7 -> 2.13.4)
  • Updating requests (2.28.2 -> 2.28.1)
  • Updating dulwich (0.20.50 -> 0.20.46)
  • Updating jsonschema (4.17.3 -> 4.15.0)
  • Updating keyring (23.13.1 -> 23.11.0)
  • Updating packaging (23.0 -> 21.3)
  • Updating pkginfo (1.9.6 -> 1.8.3)
  • Updating requests-toolbelt (0.10.1 -> 0.9.1)
  • Updating shellingham (1.5.0.post1 -> 1.5.0)
  • Updating tomlkit (0.11.6 -> 0.11.4)
  • Updating trove-classifiers (2023.1.12 -> 2022.12.1)
  • Updating virtualenv (20.17.1 -> 20.16.4)
Warning: The file chosen for install of shellingham 1.5.0 (shellingham-1.5.0-py2.py3-none-any.whl) is yanked. Reason for being yanked: Incorrect package metadata

Same behavior with an uninstall.

% curl -sSL https://install.python-poetry.org | python3 - --uninstall
Removing Poetry (1.3.2)
% curl -sSL https://install.python-poetry.org | python3 -
Retrieving Poetry metadata

# Welcome to Poetry!

This will download and install the latest version of Poetry,
a dependency and package manager for Python.

It will add the `poetry` command to Poetry's bin directory, located at:

/Users/bruce/.local/bin

You can uninstall at any time by executing this script with the --uninstall option,
and these changes will be reverted.

Installing Poetry (1.3.2): Done

Poetry (1.3.2) is installed now. Great!

You can test that everything is set up by executing:

`poetry --version`

% poetry self update
Updating Poetry version ...

Using version ^1.3.2 for poetry

Updating dependencies
Resolving dependencies... (0.2s)
Warning: The locked version 1.5.0 for shellingham is a yanked version. Reason for being yanked: Incorrect package metadata

Writing lock file

Package operations: 1 install, 21 updates, 0 removals

  • Updating certifi (2022.12.7 -> 2022.6.15)
  • Updating charset-normalizer (3.0.1 -> 2.1.1)
  • Updating idna (3.4 -> 3.3)
  • Updating urllib3 (1.26.14 -> 1.26.12)
  • Updating attrs (22.2.0 -> 22.1.0)
  • Updating filelock (3.9.0 -> 3.8.0)
  • Updating importlib-metadata (6.0.0 -> 4.13.0)
  • Updating platformdirs (2.6.2 -> 2.5.2)
  • Installing pyparsing (3.0.9)
  • Updating pyrsistent (0.19.3 -> 0.18.1)
  • Updating rapidfuzz (2.13.7 -> 2.13.4)
  • Updating requests (2.28.2 -> 2.28.1)
  • Updating dulwich (0.20.50 -> 0.20.46)
  • Updating jsonschema (4.17.3 -> 4.15.0)
  • Updating keyring (23.13.1 -> 23.11.0)
  • Updating packaging (23.0 -> 21.3)
  • Updating pkginfo (1.9.6 -> 1.8.3)
  • Updating requests-toolbelt (0.10.1 -> 0.9.1)
  • Updating shellingham (1.5.0.post1 -> 1.5.0)
  • Updating tomlkit (0.11.6 -> 0.11.4)
  • Updating trove-classifiers (2023.1.12 -> 2022.12.1)
  • Updating virtualenv (20.17.1 -> 20.16.4)
Warning: The file chosen for install of shellingham 1.5.0 (shellingham-1.5.0-py2.py3-none-any.whl) is yanked. Reason for being yanked: Incorrect package metadata

This continues to feel like a bug to me. (I won't claim it is a terribly important bug, but it feels like a bug.)

@neersighted
Copy link
Member

Okay, right, a uninstall won't remove the lock file. So I think this relates more to how we handle the internal lock file (seen here, because it was preserved, you downgraded to match your previous Poetry install).

@bruceadams
Copy link
Author

Interesting. OK. Took me a moment to find the lock file. Deleting it and reinstalling poetry got me to a better place. Thanks!

@rayrapetyan
Copy link

rayrapetyan commented Jan 12, 2023
edited
Loading

Same here:

curl -sSL https://install.python-poetry.org | python3 - --uninstall
curl -sSL https://install.python-poetry.org | python3 -
poetry self add "poetry-dynamic-versioning[plugin]"

Results:

Warning: The file chosen for install of shellingham 1.5.0 (shellingham-1.5.0-py2.py3-none-any.whl) is yanked. Reason for being yanked: Incorrect package metadata

@toaster-code
Copy link

toaster-code commented Jan 16, 2023
edited
Loading

Interesting. OK. Took me a moment to find the lock file. Deleting it and reinstalling poetry got me to a better place. Thanks!

I confirm this. It was the only way I found to restore my poetry install.

@Bogdan-Torkhov
Copy link

Also have these error. Tried to remove it from poetry. But i don't know how to do that. And python don't know that module.

@neersighted
Copy link
Member

You can rm ~/.config/pypoetry/poetry.lock and then reinstall Poetry. This is only an issue if you have self-updated once before Shellingham was yanked, and self-update again after. If you reinstall Poetry you will not have the yanked version until you self-update again, at which point Poetry will use the versions from the internal lockfile.

@Bogdan-Torkhov
Copy link

You can rm ~/.config/pypoetry/poetry.lock and then reinstall Poetry. This is only an issue if you have self-updated once before Shellingham was yanked, and self-update again after. If you reinstall Poetry you will not have the yanked version until you self-update again, at which point Poetry will use the versions from the internal lockfile.

These helped!

@finswimmer
Copy link
Member

The poetry self update is different from the normal poetry update in that way, that it only runs updates if there is a new version of Poetry.

To update the dependencies one can do:

poetry self lock
poetry self install --sync

@mglbrr
Copy link

mglbrr commented Mar 6, 2023

Hi all,

I am getting the same bug however I am not able to find the file pypoetry/poetry.lock

I tried installing and reinstalling poetry and I still get the bug and I can't find the pypoetry/poetry.lock

How can I find the lock file?

@raratiru
Copy link

@mglbrr

Did you try:

poetry self lock
poetry self install --sync

@johnthagen
Copy link
Contributor

johnthagen commented Mar 20, 2023
edited
Loading

As a note I hit this when upgrading from 1.3.2 to 1.4.1, so in this case I was upgrading to a new Poetry release but still see the yanked warning.

I personally feel like Poetry should be treated like an application with its versions pinned so that every user on Poetry version X would get the same exact dependencies.

@danieleades
Copy link
Contributor

I personally feel like Poetry should be treated like an application with its versions pinned so that every user on Poetry version X would get the same exact dependencies.

I would have the same expectation

@johnthagen johnthagen mentioned this issue May 23, 2023
Open
2 tasks
@johnthagen
Copy link
Contributor

I opened the following issue to propose Poetry ship with locked dependencies to address the root cause of this issue

@github-actions GitHub Actions
Copy link

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
kind/question User questions (candidates for conversion to discussion)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@toaster-code @bruceadams @neersighted @finswimmer @rayrapetyan @raratiru @johnthagen @danieleades @mglbrr @Bogdan-Torkhov