Verify that the lock file is up to date

[wesleykendall]

• I have searched the issues of this repo and believe that this is not a duplicate.
• I have searched the documentation and believe that my question is not covered.

Feature Request

• I have searched the issues of this repo and believe that this is not a duplicate.

Issue

When I run poetry export or poetry install, I receive a warning message that says Warning: The lock file is not up to date with the latest changes in pyproject.toml. You may be getting outdated dependencies. Run update to update them. if I have manually updated the pyproject.toml file.

Although I understand one should not edit dependencies in pyproject.toml and instead use poetry add, I have no control over what the other engineers at my company do and want to prevent this from happening in an automated test.

I see no way of verifying the lock file is up to date with CLI, and it does not appear that poetry install or poetry export return non-zero exit codes when this warning is displayed. I'd really like to avoid the brittle solution of parsing stdout for a warning message that may change.

I'd like to propose either:

1. A poetry lock --check flag that will check if the lock file is up to date and return a non-zero exit code if it isn't.
2. Adding this check to poetry check. I'm just not certain if this fits in the scope of poetry check.
3. Updating the docs (the FAQ) if there is a standard solution to doing this. If parsing stdout is an acceptable solution to the community, I think putting it in the docs will at least make it a less brittle solution for us
4. I think I read that poetry will have an extension system somewhere (similar to pytest). If this is the case, I could also write this as an extension

I'm happy to implement any solution the maintainers see fit

[sdispater]

I think this would be a good fit for the check command since its purpose is to verify the status and validity of the current project.

Since the 1.0.0 release is now feature-frozen, it will have to wait a next minor release

[wesleykendall]

@sdispater sounds great! I'll plan on adding a simple check to the poetry check command in a pull request so that it can go in a later release (I set a reminder to do this by October 15th 2019 if people here want to hold me accountable). I'm assuming there is a function in poetry that already takes care of this check and that this should be straightforward. Thanks for the feedback, and thanks again for such an amazing tool

[b0g3r]

Hey, @wesleykendall, I also want to implement this feature. How is your progress?

[b0g3r]

Duplicate issue: #453

[ashokdelphia]

I wonder if it would be reasonable to have a flag to pass to poetry install that would exit with a failure if the lock file is out of sync.

When building a container or using CI, I'd expect that would be the usual intent, so it would be nice if there was a succinct way to do it. If not, then poetry check && poetry install … isn't terribly onerous.

[wesleykendall]

@b0g3r I finally have some time this weekend to take a look at implementing it. Did you already start on it?

[Qu4tro]

I just want to chime in to argue for @ashokdelphia solution.
As far as I can tell, there's currently no reason to run check, other to have better information on what's wrong.

I agree that adding a simple flag, i.e. --enforce-lock to the install command, would be more pragmatic. In my IMO, running the aforementioned poetry check && poetry install would be, the vast majority of the times, to actually get the hypothetical poetry install --enforce-lock.

[Qu4tro]

Just found out this ticket is a duplicate of #453 .

Workarounds have been posted recently in there.

There's also a PR open for it: #1954

[paulmelnikow]

It looks like this was implemented as poetry lock --check in #1954, which shipped in 1.2.0a1.

[lig]

@wesleykendall Any plans to release 1.2.0 yet? This feature would really help.

[jacobperron]

I guess this can be closed since this was implemented in #1954?

[perlun]

@jacobperron Might make sense to keep it open until 1.2.0 is released, since the feature is not yet available to end-users. (I came here because I was looking for this feature myself. 🙂)

[kalfa]

I have the impression that #453 fixed that in #1954

poetry lock --check

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.