Change8

2.4.0

Breaking Changes
📦 poetryView on GitHub →
1 breaking3 features🐛 16 fixes🔧 6 symbols

Summary

This release introduces new solver configuration options to control dependency resolution based on package release age and fixes numerous bugs related to publishing, environment activation, and dependency resolution stability.

⚠️ Breaking Changes

  • Running `poetry update <package>` now raises an error if the specified package name is not listed in the project's dependencies, instead of silently ignoring it. Users must ensure the package is defined in `pyproject.toml` to update it via this command.

Migration Steps

  1. If you were relying on `poetry update <package>` to update a package not listed in your dependencies, you must now add that package to your `[tool.poetry.dependencies]` section first.
  2. Ensure your `installer` dependency is at least version `1.0.0`.
  3. Ensure your `findpython` dependency is at least version `0.8`.

✨ New Features

  • Added `solver.min-release-age` setting to enforce a minimum age (in days) for package releases considered during dependency resolution.
  • Added `solver.min-release-age-exclude` to specify packages exempt from release age filtering.
  • Added `solver.min-release-age-exclude-source` to exclude all packages from specific package indexes from release age filtering.

🐛 Bug Fixes

  • Fixed failure of `requires-plugins` on Windows when scheme paths reside on different drives.
  • Fixed non-deterministic ordering of markers in the lock file.
  • Fixed suggestion of the wrong command when `poetry self` commands failed due to an outdated lock file.
  • Fixed `poetry env activate` not working correctly for bash on Windows.
  • Fixed failure of `poetry debug resolve` when dealing with packages that have markers.
  • Fixed garbled `--config-settings` in error messages related to build backend failures.
  • Fixed printing of a false warning regarding circular dependencies.
  • Fixed incorrect handling of falsy configuration values, treating them as not set.
  • Fixed `poetry publish --build` ignoring build failures and uploading stale artifacts.
  • Fixed `poetry publish` aborting instead of retrying after package registration.
  • Fixed corruption of data fetched via `lazy-wheel` when parts were already cached.
  • Fixed zip files not being closed after metadata fetching via `lazy-wheel`.
  • Fixed installation continuing even when it should have been aborted.
  • Fixed exception on Python 3.15+ when installed packages lacked a `METADATA` file.
  • Fixed inability to set `http-basic` authentication for repository names containing periods.
  • Fixed memory error when calculating the hash of large wheels.

Affected Symbols

`poetry update``poetry debug resolve``poetry env activate``poetry publish``requires-plugins``lazy-wheel`