From 6a63f0dcd7e59df6acceb9ee8049325a99481c5b Mon Sep 17 00:00:00 2001 From: Quentin Gliech Date: Tue, 17 Mar 2026 15:45:28 +0100 Subject: [PATCH] Migrate dev dependencies to PEP 735 dependency groups (#19490) This moves the dev dependencies to PEP 735 dependency groups, to help us move to standard project metadata, which will help us moving to `uv` (#19566) This requires poetry 2.2.0 --- .github/workflows/fix_lint.yaml | 2 +- .github/workflows/latest_deps.yml | 2 +- .github/workflows/tests.yml | 18 +++---- .github/workflows/twisted_trunk.yml | 4 +- changelog.d/19490.misc | 1 + debian/build_virtualenv | 2 +- debian/changelog | 1 + docker/Dockerfile | 2 +- docs/development/dependencies.md | 2 +- mypy.ini | 2 +- poetry.lock | 2 +- pyproject.toml | 83 +++++++++++++++-------------- 12 files changed, 63 insertions(+), 58 deletions(-) create mode 100644 changelog.d/19490.misc diff --git a/.github/workflows/fix_lint.yaml b/.github/workflows/fix_lint.yaml index babc3bc5de..4752b6afeb 100644 --- a/.github/workflows/fix_lint.yaml +++ b/.github/workflows/fix_lint.yaml @@ -31,7 +31,7 @@ jobs: uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 with: install-project: "false" - poetry-version: "2.1.1" + poetry-version: "2.2.1" - name: Run ruff check continue-on-error: true diff --git a/.github/workflows/latest_deps.yml b/.github/workflows/latest_deps.yml index 5bc78062cd..2d945c2096 100644 --- a/.github/workflows/latest_deps.yml +++ b/.github/workflows/latest_deps.yml @@ -54,7 +54,7 @@ jobs: - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 with: python-version: "3.x" - poetry-version: "2.1.1" + poetry-version: "2.2.1" extras: "all" # Dump installed versions for debugging. - run: poetry run pip list > before.txt diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index b39c453959..a03d27472d 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -95,7 +95,7 @@ jobs: - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 with: python-version: "3.x" - poetry-version: "2.1.1" + poetry-version: "2.2.1" extras: "all" - run: poetry run scripts-dev/generate_sample_config.sh --check - run: poetry run scripts-dev/config-lint.sh @@ -134,7 +134,7 @@ jobs: - name: Setup Poetry uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 with: - poetry-version: "2.1.1" + poetry-version: "2.2.1" install-project: "false" - name: Run ruff check @@ -169,7 +169,7 @@ jobs: # https://github.com/matrix-org/synapse/pull/15376#issuecomment-1498983775 # To make CI green, err towards caution and install the project. install-project: "true" - poetry-version: "2.1.1" + poetry-version: "2.2.1" # Cribbed from # https://github.com/AustinScola/mypy-cache-github-action/blob/85ea4f2972abed39b33bd02c36e341b28ca59213/src/restore.ts#L10-L17 @@ -265,7 +265,7 @@ jobs: # Install like a normal project from source with all optional dependencies extras: all install-project: "true" - poetry-version: "2.1.1" + poetry-version: "2.2.1" - name: Ensure `Cargo.lock` is up to date (no stray changes after install) # The `::error::` syntax is using GitHub Actions' error annotations, see @@ -398,7 +398,7 @@ jobs: - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 with: python-version: ${{ matrix.job.python-version }} - poetry-version: "2.1.1" + poetry-version: "2.2.1" extras: ${{ matrix.job.extras }} - name: Await PostgreSQL if: ${{ matrix.job.postgres-version }} @@ -500,7 +500,7 @@ jobs: - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 with: python-version: ${{ matrix.python-version }} - poetry-version: "2.1.1" + poetry-version: "2.2.1" extras: ${{ matrix.extras }} - run: poetry run trial --jobs=2 tests - name: Dump logs @@ -595,7 +595,7 @@ jobs: - run: sudo apt-get -qq install xmlsec1 postgresql-client - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 with: - poetry-version: "2.1.1" + poetry-version: "2.2.1" extras: "postgres" - run: .ci/scripts/test_export_data_command.sh env: @@ -648,7 +648,7 @@ jobs: - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 with: python-version: ${{ matrix.python-version }} - poetry-version: "2.1.1" + poetry-version: "2.2.1" extras: "postgres" - run: .ci/scripts/test_synapse_port_db.sh id: run_tester_script @@ -708,7 +708,7 @@ jobs: # We use `poetry` in `complement.sh` - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 with: - poetry-version: "2.1.1" + poetry-version: "2.2.1" # Matches the `path` where we checkout Synapse above working-directory: "synapse" diff --git a/.github/workflows/twisted_trunk.yml b/.github/workflows/twisted_trunk.yml index 12fdbbe7c4..d38e38ebcb 100644 --- a/.github/workflows/twisted_trunk.yml +++ b/.github/workflows/twisted_trunk.yml @@ -54,7 +54,7 @@ jobs: with: python-version: "3.x" extras: "all" - poetry-version: "2.1.1" + poetry-version: "2.2.1" - run: | poetry remove twisted poetry add --extras tls git+https://github.com/twisted/twisted.git#${{ inputs.twisted_ref || 'trunk' }} @@ -82,7 +82,7 @@ jobs: with: python-version: "3.x" extras: "all test" - poetry-version: "2.1.1" + poetry-version: "2.2.1" - run: | poetry remove twisted poetry add --extras tls git+https://github.com/twisted/twisted.git#trunk diff --git a/changelog.d/19490.misc b/changelog.d/19490.misc new file mode 100644 index 0000000000..924197a1cb --- /dev/null +++ b/changelog.d/19490.misc @@ -0,0 +1 @@ +Migrate `dev` dependencies to [PEP 735](https://peps.python.org/pep-0735/) dependency groups. diff --git a/debian/build_virtualenv b/debian/build_virtualenv index 70d4efcbd0..7bbf52ddd9 100755 --- a/debian/build_virtualenv +++ b/debian/build_virtualenv @@ -35,7 +35,7 @@ TEMP_VENV="$(mktemp -d)" python3 -m venv "$TEMP_VENV" source "$TEMP_VENV/bin/activate" pip install -U pip -pip install poetry==2.1.1 poetry-plugin-export==1.9.0 +pip install poetry==2.2.1 poetry-plugin-export==1.9.0 poetry export \ --extras all \ --extras test \ diff --git a/debian/changelog b/debian/changelog index 9cd39ee76c..1a21a105b8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,7 @@ matrix-synapse-py3 (1.149.1+nmu1) UNRELEASED; urgency=medium * Change how the systemd journald integration is installed. + * Update Poetry used at build time to 2.2.1. -- Quentin Gliech Fri, 20 Feb 2026 19:19:51 +0100 diff --git a/docker/Dockerfile b/docker/Dockerfile index 59771ae88f..6070d5c355 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -22,7 +22,7 @@ ARG DEBIAN_VERSION=trixie ARG PYTHON_VERSION=3.13 -ARG POETRY_VERSION=2.1.1 +ARG POETRY_VERSION=2.2.1 ### ### Stage 0: generate requirements.txt diff --git a/docs/development/dependencies.md b/docs/development/dependencies.md index 1b3348703f..fe0667194a 100644 --- a/docs/development/dependencies.md +++ b/docs/development/dependencies.md @@ -6,7 +6,7 @@ This is a quick cheat sheet for developers on how to use [`poetry`](https://pyth See the [contributing guide](contributing_guide.md#4-install-the-dependencies). -Developers should use Poetry 1.3.2 or higher. If you encounter problems related +Developers should use Poetry 2.2.0 or higher. If you encounter problems related to poetry, please [double-check your poetry version](#check-the-version-of-poetry-with-poetry---version). # Background diff --git a/mypy.ini b/mypy.ini index d6a3434293..ec73ce9f6e 100644 --- a/mypy.ini +++ b/mypy.ini @@ -69,7 +69,7 @@ warn_unused_ignores = False ;; https://github.com/python/typeshed/tree/master/stubs ;; and for each package `foo` there's a corresponding `types-foo` package on PyPI, ;; which we can pull in as a dev dependency by adding to `pyproject.toml`'s -;; `[tool.poetry.group.dev.dependencies]` list. +;; `[dependency-groups]` `dev` list. # https://github.com/lepture/authlib/issues/460 [mypy-authlib.*] diff --git a/poetry.lock b/poetry.lock index 15cc023f22..681a183b42 100644 --- a/poetry.lock +++ b/poetry.lock @@ -3754,4 +3754,4 @@ url-preview = ["lxml"] [metadata] lock-version = "2.1" python-versions = ">=3.10.0,<4.0.0" -content-hash = "dd63614889e7e181fca33760741a490e65fe4ef4f42756cafd0f804ae7324916" +content-hash = "ce9ac9da9e7ffaf24b3e1e7892342ba486e7af4ea25385f875d0f3a2d5c5d133" diff --git a/pyproject.toml b/pyproject.toml index 07ab1ee5db..f655a1ef8b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -224,6 +224,9 @@ update_synapse_database = "synapse._scripts.update_synapse_database:main" [tool.poetry] packages = [{ include = "synapse" }] +# We're using PEP 735 dependency groups, which requires Poetry 2.2.0+ +requires-poetry = ">=2.2.0" + [tool.poetry.build] # Compile our rust module when using `poetry install`. This is still required # while using `poetry` as the build frontend. Saves the developer from needing @@ -251,55 +254,55 @@ generate-setup-file = true # Dependencies used for developing Synapse itself. # -# Hold off on migrating these to `dev-dependencies` (PEP 735) for now until -# Poetry 2.2.0+, pip 25.1+ are more widely available. -[tool.poetry.group.dev.dependencies] # We pin development dependencies in poetry.lock so that our tests don't start # failing on new releases. Keeping lower bounds loose here means that dependabot # can bump versions without having to update the content-hash in the lockfile. # This helps prevents merge conflicts when running a batch of dependabot updates. -ruff = "0.14.6" +[dependency-groups] +dev = [ + "ruff==0.14.6", -# Typechecking -lxml-stubs = ">=0.4.0" -mypy = "*" -mypy-zope = "*" -types-bleach = ">=4.1.0" -types-jsonschema = ">=3.2.0" -types-netaddr = ">=0.8.0.6" -types-opentracing = ">=2.4.2" -types-Pillow = ">=8.3.4" -types-psycopg2 = ">=2.9.9" -types-pyOpenSSL = ">=20.0.7" -types-PyYAML = ">=5.4.10" -types-requests = ">=2.26.0" -types-setuptools = ">=57.4.0" + # Typechecking + "lxml-stubs>=0.4.0", + "mypy", + "mypy-zope", + "types-bleach>=4.1.0", + "types-jsonschema>=3.2.0", + "types-netaddr>=0.8.0.6", + "types-opentracing>=2.4.2", + "types-Pillow>=8.3.4", + "types-psycopg2>=2.9.9", + "types-pyOpenSSL>=20.0.7", + "types-PyYAML>=5.4.10", + "types-requests>=2.26.0", + "types-setuptools>=57.4.0", -# Dependencies which are exclusively required by unit test code. This is -# NOT a list of all modules that are necessary to run the unit tests. -# Tests assume that all optional dependencies are installed. -# -# If this is updated, don't forget to update the equivalent lines in -# project.optional-dependencies.test. -parameterized = ">=0.9.0" -idna = ">=3.3" + # Dependencies which are exclusively required by unit test code. This is + # NOT a list of all modules that are necessary to run the unit tests. + # Tests assume that all optional dependencies are installed. + # + # If this is updated, don't forget to update the equivalent lines in + # project.optional-dependencies.test. + "parameterized>=0.9.0", + "idna>=3.3", -# The following are used by the release script -click = ">=8.1.3" -# GitPython was == 3.1.14; bumped to 3.1.20, the first release with type hints. -GitPython = ">=3.1.20" -markdown-it-py = ">=3.0.0" -pygithub = ">=1.59" -# The following are executed as commands by the release script. -twine = "*" -# Towncrier min version comes from https://github.com/matrix-org/synapse/pull/3425. Rationale unclear. -towncrier = ">=18.6.0rc1" + # The following are used by the release script + "click>=8.1.3", + # GitPython was == 3.1.14; bumped to 3.1.20, the first release with type hints. + "GitPython>=3.1.20", + "markdown-it-py>=3.0.0", + "pygithub>=1.59", + # The following are executed as commands by the release script. + "twine", + # Towncrier min version comes from https://github.com/matrix-org/synapse/pull/3425. Rationale unclear. + "towncrier>=18.6.0rc1", -# Used for checking the Poetry lockfile -tomli = ">=1.2.3" + # Used for checking the Poetry lockfile + "tomli>=1.2.3", -# Used for checking the schema delta files -sqlglot = ">=28.0.0" + # Used for checking the schema delta files + "sqlglot>=28.0.0", +] [tool.towncrier] package = "synapse"