A GitHub action that creates a pull request that updates the Python packages in your Poetry configuration files to the latest possible versions.
The action will:
- Find all Poetry configuration files in the repository.
- Bump all Python packages to their latest versions.
- Create a pull request with the changes.
It is considered best practice to pin package versions in any production project, to ensure consistent applications.
For example, a Poetry configuration file might look like this:
[tool.poetry] name = "package"version = "1.0.0"description = ""authors = [] [tool.poetry.dependencies] python = "^3.10"shpyx = "0.0.13"sqlalchemy ={extras = [ "postgresql", "postgresql_asyncpg" ], version = "1.4.36" } [tool.poetry.dev-dependencies] mypy = "0.950"All the packages are fixed to a specific version, which guarantees deterministic behavior. At some point we might want to check if some of the packages that we're using have newer versions. We can do that by running poetry show -o which will output something like this:
mypy 0.950 0.961 Optional static typing for Python shpyx 0.0.13 0.0.14 Configurable shell command execution in Python sqlalchemy 1.4.36 1.4.37 Database Abstraction Library We can then update the package versions in our toml file and run poetry lock or poetry update to regenerate the lock file.
This action automates this whole process.
Create the following workflow:
name: Update Python Poetry packageson: # Allow manual triggers.workflow_dispatch: # Automatically run once a week.schedule: - cron: "0 7 * * MON"jobs: update-packages: runs-on: ubuntu-lateststeps: - uses: Apakottur/action-poetry-package-update@v1with: base-branch: mainThis workflow creates a PR which bumps all Python packages in poetry configuration files to their latest versions. The workflow can be triggered manually and will also run automatically once a week.
The Python script can be run manually:
- Clone the repository.
- From the root directory of the project where the
pyproject.tomlfiles are located, run the following command:
/path/to/action-poetry-package-update/src/main.pyAll inputs are optional. If not set, sensible defaults will be used.
| Name | Description | Default |
|---|---|---|
python-version | Python version. | 3.11 |
poetry-version | Poetry version. | 1.5.1 |
base-branch | Base branch for the updater to run on. Can be a fixed branch like main/master or a dynamic one like ${{github.head_ref || github.ref_name }} for pull requests. | main |
pr-body | The body of the pull request. | Automated changes by [update-python-poetry-packages](https://github.com/Apakottur/action-poetry-package-update) GitHub action |
None
To release a new version:
- Commit all changes to
main. - Test the
mainbranch. - Create and push new tags:
git tag -f -a -m "Update Python Poetry packages v1.0.x" v1.0.x git tag -f -a -m "Update Python Poetry packages v1.0.x" v1 git push -f origin v1.0.x v1- Create and publish a release from the new tag.