release: bump version to 2.3.0

[radoering]

Added

• Add support for exporting pylock.toml files with poetry-plugin-export (#10677).
• Add support for specifying build constraints for dependencies (#10388).
• Add support for publishing artifacts whose version is determined dynamically by the build-backend (#10644).
• Add support for editable project plugins (#10661).
• Check requires-poetry before any other validation (#10593).
• Validate the content of project.readme when running poetry check (#10604).
• Add the option to clear all caches by making the cache name in poetry cache clear optional (#10627).
• Automatically update the cache for packages where the locked files differ from cached files (#10657).
• Suggest to clear the cache if running a command with --no-cache solves an issue (#10585).
• Propose poetry init when trying poetry new for an existing directory (#10563).
• Add support of poetry publish --skip-existing for new Nexus OSS versions (#10603).
• Show Poetry's own Python's path in poetry debug info (#10588).

Changed

• Drop support for Python 3.9 (#10634).
• Change the default of installer.re-resolve from true to false (#10622).
• PEP 735 dependency groups are considered in the lock file hash (#10621).
• Deprecate poetry.utils._compat.metadata, which is sometimes used in plugins, in favor of importlib.metadata (#10634).
• Improve managing free-threaded Python versions with poetry python (#10606).
• Prefer JSON API to HTML API in legacy repositories (#10672).
• When running poetry init, only add the readme field in the pyproject.toml if the readme file exists (#10679).
• Raise an error if no hash can be determined for any distribution link of a package (#10673).
• Require dulwich>=0.25.0 (#10674).

Fixed

• Fix an issue where poetry remove did not work for PEP 735 dependency groups with include-group items (#10587).
• Fix an issue where poetry remove caused dangling include-group references in PEP 735 dependency groups (#10590).
• Fix an issue where poetry add did not work for PEP 735 dependency groups with include-group items (#10636).
• Fix an issue where PEP 735 dependency groups were not considered in the lock file hash (#10621).
• Fix an issue where wrong markers were locked for a dependency that was required by several groups with different markers (#10613).
• Fix an issue where indeterministic markers were created in a method used by poetry-plugin-export (#10667).
• Fix an issue where wrong wheels were chosen for installation in free-threaded Python environments if Poetry itself was not installed with free-threaded Python (#10614).
• Fix an issue where poetry publish used the metadata of the project instead of the metadata of the build artifact (#10624).
• Fix an issue where poetry env use just used another Python version instead of failing when the requested version was not supported by the project (#10685).
• Fix an issue where data-dir and python.installation-dir could not be set (#10595).
• Fix an issue where Python and pip executables were not correctly detected on Windows (#10645).
• Fix an issue where invalid template variables in virtualenvs.prompt caused an incomprehensible error message (#10648).

Docs

• Add a warning about ~/.netrc for Poetry credential configuration (#10630).
• Clarify that the local configuration takes precedence over the global configuration (#10676).
• Add an explanation in which cases packages are automatically detected (#10680).

poetry-core (2.3.0)

TODO

[sourcery-ai]

Reviewer's Guide

Release prep for Poetry 2.3.0: adds a full 2.3.0 changelog entry, updates comparison links, and bumps the project version in pyproject.toml while keeping poetry-core on a git dependency with a TODO to pin to the released core version.

Flow diagram for Poetry 2.3.0 release preparation steps

flowchart TD
  Start[Start release prep] --> Update_changelog[Add 2.3.0 section to CHANGELOG]
  Update_changelog --> Update_links[Update Unreleased compare link to 2.3.0...main]
  Update_links --> Bump_version[Bump project version in pyproject.toml to 2.3.0]
  Bump_version --> Keep_core_git[Keep poetry-core as git dependency with TODO to pin]
  Keep_core_git --> End[Release metadata ready]

Loading

File-Level Changes

Change	Details	Files
Add 2.3.0 release notes to the changelog.	Insert a new 2.3.0 section with Added/Changed/Fixed/Docs subsections and detailed bullets for each user-facing change. Document the bundled poetry-core 2.3.0 release.	CHANGELOG.md
Update changelog release links for the new version.	Change the Unreleased comparison link to start from 2.3.0 instead of 2.2.1. Add a reference link for the new 2.3.0 tag alongside existing version links.	CHANGELOG.md
Bump the Poetry package version to 2.3.0 and prepare dependency pinning for poetry-core.	Update the project version field from 2.2.1 to 2.3.0. Leave poetry-core as a git dependency but annotate it with a TODO comment to pin it to the released core version later.	pyproject.toml

Possibly linked issues

• #N/A: The PR finalizes the 2.3.0 release (version bump and changelog) that this tracking issue manages.

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've found 2 issues, and left some high level feedback:

• The # TODO placeholder at the end of the 2.3.0 changelog section should be either filled in with its intended content (e.g., a brief summary of poetry-core changes) or removed before release.
• The poetry-core dependency in pyproject.toml is still pointing to git+https://github.com/python-poetry/poetry-core.git with a TODO comment; consider updating this to the released 2.3.0 tag as part of the version bump to keep the release self-contained.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The `# TODO` placeholder at the end of the 2.3.0 changelog section should be either filled in with its intended content (e.g., a brief summary of poetry-core changes) or removed before release.
- The `poetry-core` dependency in `pyproject.toml` is still pointing to `git+https://github.com/python-poetry/poetry-core.git` with a TODO comment; consider updating this to the released 2.3.0 tag as part of the version bump to keep the release self-contained.

## Individual Comments

### Comment 1
<location> `CHANGELOG.md:28-30` </location>
<code_context>
+- Improve managing free-threaded Python versions with `poetry python` ([#10606](https://github.com/python-poetry/poetry/pull/10606)).
+- Prefer JSON API to HTML API in legacy repositories ([#10672](https://github.com/python-poetry/poetry/pull/10672)).
+- When running `poetry init`, only add the readme field in the `pyproject.toml` if the readme file exists ([#10679](https://github.com/python-poetry/poetry/pull/10679)).
+- Raise an error if no hash can be determined for any distribution link of package ([#10673](https://github.com/python-poetry/poetry/pull/10673)).
+- Require `dulwich>=0.25.0` ([#10674](https://github.com/python-poetry/poetry/pull/10674)).
+
</code_context>

<issue_to_address>
**issue (typo):** Missing article in "distribution link of package"; consider "of a package" or "of the package".

Depending on whether this is generic or about a specific package, choose either "for any distribution link of a package" or "for any distribution link of the package."

```suggestion
- When running `poetry init`, only add the readme field in the `pyproject.toml` if the readme file exists ([#10679](https://github.com/python-poetry/poetry/pull/10679)).
- Raise an error if no hash can be determined for any distribution link of a package ([#10673](https://github.com/python-poetry/poetry/pull/10673)).
- Require `dulwich>=0.25.0` ([#10674](https://github.com/python-poetry/poetry/pull/10674)).
```
</issue_to_address>

### Comment 2
<location> `CHANGELOG.md:44` </location>
<code_context>
+- Fix an issue where `poetry publish` used the metadata of the project instead of the metadata of the build artifact ([#10624](https://github.com/python-poetry/poetry/pull/10624)).
+- Fix an issue where `poetry env use` just used another Python version instead of failing when the requested version was not supported by the project ([#10685](https://github.com/python-poetry/poetry/pull/10685)).
+- Fix an issue where `data-dir` and `python.installation-dir` could not be set ([#10595](https://github.com/python-poetry/poetry/pull/10595)).
+- Fix an issue where Python and pip executables where not correctly detected on Windows ([#10645](https://github.com/python-poetry/poetry/pull/10645)).
+- Fix an issue where invalid template variables in `virtualenvs.prompt` caused an incomprehensible error message ([#10648](https://github.com/python-poetry/poetry/pull/10648)).
+
</code_context>

<issue_to_address>
**issue (typo):** Typo: the second "where" should be "were".

In this bullet, "executables where not correctly detected" should read "executables were not correctly detected".

Suggested implementation:

```
- Fix an issue where `data-dir` and `python.installation-dir` could not be set ([#10595](https://github.com/python-poetry/poetry/pull/10595)).
- Fix an issue where Python and pip executables were not correctly detected on Windows ([#10645](https://github.com/python-poetry/poetry/pull/10645)).

```

In your local version of `CHANGELOG.md`, if the bullet already exists but reads:

`- Fix an issue where Python and pip executables where not correctly detected on Windows (...)`

then instead of inserting a new line, you should edit that existing line to replace `where not` with `were not`.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}