Fix for failing dependabot PRs #395
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@jbonzo here's the root cause after some digging on why things were failing. |
justinpolygon
added a commit
that referenced
this pull request
Mar 28, 2023
In #395 we fixed a gitub action to support the poetry version that dependabot is using so we can parse the poetry.lock syntax. However, this broke the automated release pipeline to https://pypi.org/project/polygon-api-client/ since we needed to update it's ability to parse the new poetry.lock syntax too.
Merged
justinpolygon
added a commit
that referenced
this pull request
Mar 28, 2023
In #395 we fixed a gitub action to support the poetry version that dependabot is using so we can parse the poetry.lock syntax. However, this broke the automated release pipeline to https://pypi.org/project/polygon-api-client/ since we needed to update it's ability to parse the new poetry.lock syntax too.
justinpolygon
added a commit
that referenced
this pull request
Mar 28, 2023
In #395 and #413 we fixed a gitub action to support the poetry version that dependabot is using so we can parse the poetry.lock syntax. However, this broke the automated release pipeline to https://pypi.org/project/polygon-api-client/ since we needed to update it's ability to parse the new poetry.lock syntax too. The impact here is that we have not released 1.8.x.
Merged
justinpolygon
added a commit
that referenced
this pull request
Mar 28, 2023
In #395 and #413 we fixed a gitub action to support the poetry version that dependabot is using so we can parse the poetry.lock syntax. However, this broke the automated release pipeline to https://pypi.org/project/polygon-api-client/ since we needed to update it's ability to parse the new poetry.lock syntax too. The impact here is that we have not released 1.8.x.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We have multiple PRs from dependabot where the linting and unit tests are failing with the error below. Turns out that dependabot is running an updated version of poetry where the syntax of the
poetry.lockhas been updated. So, when dependabot submits patches, using the new syntax, our version of theabatilo/actions-poetry@v2.0.0github action cannot parse the newpoetry.locksyntax and fails. There is no support to revert dependabot to an older version of poetry (open issue here: dependabot/dependabot-core#1556).Error we are seeing:
So, it seems our only fix is to update the gitub action to support the poetry version that dependabot is using so we can parse the
poetry.locksyntax. I have run a successful test by manually tweaking the github actions along with bumping the version of types-setuptools and got the linting and tests to pass (#394).My plan here is to bump the version of the github action with this PR. Then, we'll get dependabot to recreate it's patches and we should have an automated system again.
Here's the PRs this patch will unblock: