Workflow

Pdm

Latest version: v2.15.2

Safety actively analyzes 625297 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 6 of 33

2.8.0a0

Not secure
-----------------------------

Features & Improvements

- `pdm init` now accepts a template argument to initialize project from a built-in or Git template. [2053](https://github.com/pdm-project/pdm/issues/2053)
- Replace the `DeprecationWarning` with `FutureWarning` for better exposure. [2012](https://github.com/pdm-project/pdm/issues/2012)
- Serve `install-pdm.py` and its checksum file on the docs site. [2026](https://github.com/pdm-project/pdm/issues/2026)
- Add new option `--edit/-e` to `pdm config` to edit the config file in default editor. [2028](https://github.com/pdm-project/pdm/issues/2028)
- Add `--project` option to `pdm venv` to support another path as the project root. [2042](https://github.com/pdm-project/pdm/issues/2042)
- Add support for using `truststore` as the SSL backend. This only works on Python 3.10 or newer. [2049](https://github.com/pdm-project/pdm/issues/2049)

Bug Fixes

- Fix the breaking change by adding the functions back to the old location with deprecation warnings. [2013](https://github.com/pdm-project/pdm/issues/2013)
- Fix the duplicate entries in the output of `pdm self list`. [2018](https://github.com/pdm-project/pdm/issues/2018)
- Disable hashes caching for local files. [2019](https://github.com/pdm-project/pdm/issues/2019)
- Populate the `url` field when converting requirements from a Pipfile-style file requirement. [2032](https://github.com/pdm-project/pdm/issues/2032)
- Fix a bug that empty source tables in configuration files causes errors when running pdm commands. [2034](https://github.com/pdm-project/pdm/issues/2034)
- Fix a resolution conflict caused by requested yanked version also in other transitive dependencies. [2038](https://github.com/pdm-project/pdm/issues/2038)
- Fix a bug that binary executables are corrupted when replacing shebangs. [2045](https://github.com/pdm-project/pdm/issues/2045)
- Do not normalize the package name when uploading to PyPI. [2057](https://github.com/pdm-project/pdm/issues/2057)

2.7.4

Not secure
---------------------------

No significant changes.

2.7.3

Not secure
---------------------------

Bug Fixes

- Fix the warning of extras not found due to extra names not normalized. [2006](https://github.com/pdm-project/pdm/issues/2006)
- Pop up a warning when the deprecated `parser` argument is passed to `BaseCommand.__init__()` method. [2007](https://github.com/pdm-project/pdm/issues/2007)
- Fix a bug that merging settings with AoTs causing a failure. [2011](https://github.com/pdm-project/pdm/issues/2011)

2.7.2

Not secure
---------------------------

Features & Improvements

- Add option to expand environment variables when exporting requirements. [1997](https://github.com/pdm-project/pdm/issues/1997)

Bug Fixes

- Case-insensitive sorting in `pdm list`. [1973](https://github.com/pdm-project/pdm/issues/1973)
- Make a compatible cache reader to read the old cache files. [1981](https://github.com/pdm-project/pdm/issues/1981)
- Fix a bug that `pdm init -n` doesn't respect the `--python` option. [1984](https://github.com/pdm-project/pdm/issues/1984)
- Do not use the deprecated nested argument groups. [1988](https://github.com/pdm-project/pdm/issues/1988)
- Fix an error parsing `setup.py` if it prints something to stdout. [1995](https://github.com/pdm-project/pdm/issues/1995)
- Exclude yanked versions when running `install-pdm.py`. [1996](https://github.com/pdm-project/pdm/issues/1996)

2.7.1

Not secure
---------------------------

Features & Improvements

- Switch HTTP data cache to use a split body setup, where the actual body contents are not written to disk unless changed. Previously, any changed headers would write the whole body to disk again. [1971](https://github.com/pdm-project/pdm/issues/1971)
- Show the specific install commands for different installations when checking update. This was removed before. [1972](https://github.com/pdm-project/pdm/issues/1972)

Bug Fixes

- PDM ignores env vars `PDM_PYPI_USERNAME` and `PDM_PYPI_PASSWORD` when there are no defaults in config. [1961](https://github.com/pdm-project/pdm/issues/1961)
- Guess the project name from VCS url if it is missing when importing from requirements.txt. [1970](https://github.com/pdm-project/pdm/issues/1970)
- Correctly read the config from environment variables. [1977](https://github.com/pdm-project/pdm/issues/1977)

2.7.0

Not secure
---------------------------

Features & Improvements

- When keyring is available, either by importing or by CLI, the credentials of repositories and PyPI indexes will be saved into it. [1908](https://github.com/pdm-project/pdm/issues/1908)
- Add support for reading metadata from simple index directly. [1919](https://github.com/pdm-project/pdm/issues/1919)
- Add a configuration to specify constant command arguments for every pdm invocation. [1923](https://github.com/pdm-project/pdm/issues/1923)
- Add ability to skip SSL verification for publish repositories via `repository.custom.verify_ssl` config option as well as new command line argument of `publish` command. [1928](https://github.com/pdm-project/pdm/issues/1928)
- Use lazy import to reduce the startup time of the CLI. [1929](https://github.com/pdm-project/pdm/issues/1929)
- Add the local plugin scripts to `PATH` env var. [1944](https://github.com/pdm-project/pdm/issues/1944)

Bug Fixes

- Don't use install cache when installing build requirements to avoid race condition. [1869](https://github.com/pdm-project/pdm/issues/1869)
- Fix a number of `ResourceWarning`s when running the test suite with warnings enabled. [1915](https://github.com/pdm-project/pdm/issues/1915)
- Fix a bug that dev-dependencies group gets updated with the optional dependencies, causing the hash mismatch. [1916](https://github.com/pdm-project/pdm/issues/1916)
- Fix format conversion error from Poetry when `tool.poetry.build` doesn't exist. [1935](https://github.com/pdm-project/pdm/issues/1935)
- Add timeout when fetching .gitignore from GitHub. [1937](https://github.com/pdm-project/pdm/issues/1937)
- Keep the variables in the URL credentials when exporting. [1939](https://github.com/pdm-project/pdm/issues/1939)
- Convert to boolean when setting verify_ssl for custom indexes. [1945](https://github.com/pdm-project/pdm/issues/1945)
- `pdm import` clobbers `build-system.requires` value in `pyproject.toml`. [1948](https://github.com/pdm-project/pdm/issues/1948)

Documentation

- Update publish.md to use run instead of runs to match GitHub Actions steps documentation [1936](https://github.com/pdm-project/pdm/issues/1936)
- Update advanced.md to use `pdm sync` instead of `pdm install --no-lock`. [1947](https://github.com/pdm-project/pdm/issues/1947)

Page 6 of 33

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.