Python: Support PEP 735 [dependency-groups] in pyproject.toml
#10847
Comments
vrslev
changed the title
[dependency-groups] in pyproject.toml[dependency-groups] in pyproject.toml
|
Additional context to hopefully nudge this one along: this is a dependency declaration standard being used right now by at least one Python package / project manager with a significant userbase ( |
|
It's also used by PDM. Our team encountered error from dependabot if there were multiple groups listed under the
The logs do not include additional information about the parsing error. We were able to troubleshoot by placing all dependency-groups into one EDIT: after placing all development dependencies into one |
|
I really hope that Dependabot is updated to support dev dependencies for modern python tooling. My codebases currently use two package managers, one for dependabot and the real one, which I have to update manually when dependabot pings us to update the old one. It is gross. I'm so glad that the python community is landing on a standard, and I hope it gets implemented soon! |
|
The pip project has just merged support for the PEP 735 |
…ency groups yet
|
We have raised an issue for the If they don't have a quick fix for this we have the option to use # minimal.toml
[dependency-groups]
dev = [
{"include-group" = "docs"},
"deptry>=0.15.0",
]
docs = [
"furo>=2024.5.6",
]irb(main):005:0> Tomlrb.load_file("minimal.toml")
=> {"dependency-groups"=>{"dev"=>[{"include-group"=>"docs"}, "deptry>=0.15.0"], "docs"=>["furo>=2024.5.6"]}}
irb(main):006:0> PerfectTOML.load_file("minimal.toml")
=> {"dependency-groups"=>{"dev"=>[{"include-group"=>"docs"}, "deptry>=0.15.0"], "docs"=>["furo>=2024.5.6"]}} |
|
This is closed for |
|
@markhallen Thanks for doing this. If I'm reading this correctly, if I switch from |
|
I can't find the code that looks for dependency-groups in dependabot, according to the comment above it seems to have been fixed, but what was fixed is only the parser understanding the toml, not the actual extraction of dependency-groups ? |
<!-- Please, go through these steps when you submit a PR. 1. Make sure your branch is not protected. In particular, avoid making PRs from the `main` branch of your fork. 2. Give a descriptive title to your PR. We use semantic titles, and the accepted types and scopes are listed in https://github.com/meltano/meltano/blob/main/.github/semantic.yml. A good title should look like this: ``` feat(cli): The `meltano run` command now accepts a `--timeout` option to limit the time it runs ``` 3. Provide a description of your changes. 4. Put "Closes #XXXX" in your comment to auto-close the issue that your PR fixes (if such). --> ## Description <!-- Describe the changes introduced by this PR --> Started with [`uvx migrate-to-uv`](https://github.com/mkniewallner/migrate-to-uv/) but had to fix some re-ordering of pyproject sections and removed comments. GitHub GA announcement: https://github.blog/changelog/2025-03-13-dependabot-version-updates-now-support-uv-in-general-availability/. ## Related Issues * Closes #8474 * Closes #9014 * #8938 * dependabot/dependabot-core#10478 * dependabot/dependabot-core#10847
|
As you can see here: https://github.com/dependabot/dependabot-core/blob/main/uv/helpers/lib/parser.py#L58 the only sections that are parsed are |
|
The issue fixed by #11796 was that the updater, which uses rb-toml, errored out as described in this comment |
|
Unfortunately the uv ecosystem still doesn't look for the legacy |
Is there an existing issue for this?
Feature description
uv recently released new version that supports now standardized
[dependency-groups]table. See uv 0.4.27 and PEP 735.The text was updated successfully, but these errors were encountered: