Using Poetry as your package manager for Python? Dependabot can now help keep
pyproject.lock up-to-date. 🎉
If you haven't heard of it, Poetry is a new package manager by
Sébastien Eustace. Like Pipenv it replaces your
files with a manifest and lockfile setup, and does version resolution to ensure
you don't have any version conflicts.
In addition to Pipenv's improvements Poetry includes a full resolver, based on Ruby's Molinillo. It's lightning fast and a big improvement over Pipenv's current resolver (although news on that is coming in the next few weeks).
Pipenv is still the recommended package manager and has
a great team behind it, but if you prefer Poetry then Dependabot has your back.
We now offer support for updating your
We'll be improving Poetry support rapidly based on your feedback, but we're confident it already works well. The only caveat is that your first Dependabot PR for a poetry project will update all of your subdependencies (top-level dependencies will still be updated one-by-one). We have a PR open on the Poetry repo to fix that.