Poetry: Difference between revisions

Latest revision as of 22:24, 22 February 2025

as with many so-called modern tools, solutions take a back seat to gloss
- composability also suffers

recommended install of poetry itself is to a venv (makes sense) but you must not activate that venv
- this violates the principle of least astonishment, especially when poetry then breezily installs app requirements into its own venv

install all poetry commands (in practice just one, also called poetry) using motivate -S poetry where motivate is provided by venvpool
- the poetry command (in ~/.local/bin) will then create/use a suitable venv for itself just-in-time
- you can specify version constraints e.g. motivate -S 'poetry>=1.8,<2'
  - use -f to overwrite existing command

downloading packages from pypi is anonymous, but poetry tries to unlock your keyring to do so, and hangs if you refuse
- to be fair, the keyring package has an all or nothing design
to fix you can do poetry config keyring.enabled false
- but according to the docs, this will cause credentials to be stored in plaintext which is replacing one problem with a time bomb

@@ Line 10: / Line 10: @@
 * recommended install of poetry itself is to a venv (makes sense) but you must not activate that venv
-** this violates the principle of least astonishment, especially when poetry then breezily installs app requirements into its own venv
+** this violates the [[principle of least astonishment]], especially when poetry then breezily installs app requirements into its own venv
 === Solution ===
@@ Line 22: / Line 22: @@
 * downloading packages from pypi is anonymous, but poetry tries to unlock your keyring to do so, and hangs if you refuse
+** to be fair, the keyring package has an all or nothing design
 * to fix you can do <code>poetry config keyring.enabled false</code>
 ** but according to the docs, this will cause credentials to be stored in plaintext which is replacing one problem with a time bomb
 [[Category:Programming]]