Poetry: Difference between revisions
From YM2149.org
Jump to navigationJump to search
No edit summary |
No edit summary |
||
| Line 15: | Line 15: | ||
** you can specify version constraints e.g. <code>motivate -S 'poetry>=1.8,<2'</code> | ** you can specify version constraints e.g. <code>motivate -S 'poetry>=1.8,<2'</code> | ||
*** use <code>-f</code> to overwrite existing command | *** use <code>-f</code> to overwrite existing command | ||
== Keyring == | |||
* downloading packages from pypi is anonymous, but poetry tries to unlock your keyring to do so, and hangs if you refuse | |||
* to fix you can do <code>poetry config keyring.enabled false</code> | |||
** but according to the docs, this causes credentials to be stored in plaintext which is replacing one problem with a time bomb | |||
[[Category:Programming]] | [[Category:Programming]] | ||
Revision as of 09:37, 7 February 2025
Same old stuff
- as with many so-called modern tools, solutions take a back seat to gloss
- composability also suffers
Install
- recommended install of poetry itself is to a venv (makes sense) but you must not activate that venv
- this violates the principle of least astonishment, especially when poetry then breezily installs app requirements into its own venv
Solution
- install all poetry commands (in practice just one, also called poetry) using
motivate -S poetrywhere motivate is provided by venvpool- the poetry command (in ~/.local/bin) will then create/use a suitable venv for itself just-in-time
- you can specify version constraints e.g.
motivate -S 'poetry>=1.8,<2'- use
-fto overwrite existing command
- use
Keyring
- downloading packages from pypi is anonymous, but poetry tries to unlock your keyring to do so, and hangs if you refuse
- to fix you can do
poetry config keyring.enabled false- but according to the docs, this causes credentials to be stored in plaintext which is replacing one problem with a time bomb
