Skip to content

README.md

Latest commit

 

History

History
87 lines (66 loc) · 3.88 KB

README.md

File metadata and controls

87 lines (66 loc) · 3.88 KB

Diff poetry.lock with diff-poetry-lock in CI

GitHub Release GitHub Release Date GitHub commits since latest release

GitHub License Contributors are expected to signoff using Developer Certificate of Origin, --sign-off when committing GitHub contributors GitHub commit activity

Poetry's TOML lockfiles are very verbose and difficult to review quickly. This friction complicates the responsible acceptance of pull requests that change dependencies. diff-poetry-lock aims to solve this problem by posting a readable summary of all lockfile changes to pull requests.

Example

### Detected 6 changes to dependencies in Poetry lockfile

From base f4e6ca0f4d67d9bb3f8ab43a89ceca2d0d2be7a1 to target a86b84f85d0bb2bf2fca6d6e8c58f2ce6f9e393c:

Added **pydantic** (1.10.6)
Added **requests-mock** (1.10.0)
Added **six** (1.16.0)
Added **tomli** (2.0.1)
Added **typing-extensions** (4.5.0)
Updated **urllib3** (1.26.14 -> 1.26.15)

*(5 added, 0 removed, 1 updated, 4 not changed)*

<small>Generated by diff-poetry-lock 1.0.1</small>

Usage

GitHub Actions action

Simply add the following step to your GitHub Action:

    steps:
      - name: Diff poetry.lock
        uses: target/diff-poetry-lock@30a153ca2d5cbdd209fc78b0ec013915748b6bab # v0.0.2
        with:
          # Optional: force a specific Poetry runtime version for lockfile compatibility.
          # The version must align with the major version that diff-poetry-lock uses,
          # or incompatible API changes may cause failures.
          poetry_version: "2.3.2"

When the diff changes during the lifetime of a pull request, the original comment will be updated. If all changes are rolled back, the comment will be deleted.

Vela CI plugin

stages:
  diff-poetry-lock:
    steps:
      - name: Post changed Poetry packages when poetry.lock changes
        image: ghcr.io/target/diff-poetry-lock:v0.0.3
        ruleset:
          event: [ push ]
          path: [ "poetry.lock" ]
          continue: true
        secrets:
          # setup the secret, too!
          - source: service_account_github_token
            target: github_token
        parameters:
          github_token: ${GITHUB_TOKEN}
          github_api_url: https://git.example.com/api/v3

Debug logging

Set the DEBUG_MODE environment variable to true (or 1, yes, on) to enable verbose debug logging. When unset, only informational and higher-level log messages are emitted, reducing noise in CI logs.

History