Huge thumbs up to Poetry. It's drastically simplified package management for me and replaced Pipenv (which I simply dreaded working with due to performance and DX issues).
I no longer start Python projects without Poetry. It's really good.
EDIT: Also, it's being integrated to most PaaS as well. I deploy to Render.com with Poetry now.
That's a 72MB download, and yet another way to fragment the ecosystem. Not something I'd get just to make a package when a default Python setup has recommended tools and everything I need to make and/or install packages.
> a default Python setup has recommended tools and everything I need to make and/or install packages
No it doesn't. Neither setuptools nor pip are part of the standard library. Yes, they are installed by default in many cases, but they are still "extra tools".
72MB? On a development machine? Are you on dialup?
Poetry doesn't fragment the ecosystem. Unlike setuptools it uses pyproject.toml, which can be read by other tools, and is the correct way of storing package configuration.
A package built using Poetry is installable without Poetry in the exact same way as one built using setuptools.
I think it's the right direction, and I look forward to Poetry maturing. But right now it has a lot of gotchas, and I would only recommend it for people who are serious about dependency management/compliance/reproducibility.
That's if you want to pin transitive dependencies, which is the de facto standard in JS world but not always true in Python world, depending on your context.
Which, like any jazzband project, you must not use for a commercial project, as stated by their CoC, the Contributor Covenant with a vague & bizarre modification about ethical use at the end. You are simply not allowed to contribute in any way on any kind of paid time, nor are you allowed to pay someone to contribute. This is of course not advertised for when they tell you to give them your OSS projects, for which you have already chosen a license and maybe even a CoC for. For this reason, despite the many non profit projects I maintain, I stay away from jazzband.
`poetry` and `pipenv` are both so much slower than `pip-compile` for me (there are many open issues for both complaining about lock speed), and manage to update locked dependencies half the time despite me asking them not to with e.g. `poetry lock --no-update`.
Pipenv only targets applications; Poetry targets both applications and libraries. Pipenv has quite some drama behind it that I do not want to get into; in contrast, Poetry's development has been quite professional. Pipenv enjoys better tool support, e.g. it is recognized and supported by VS Code; but Poetry does not have the same level of support.
The drama was surrounding false advertising so to speak. Pipenv promised a lot but did not quite deliver, much like the earlier days of MongoDB. But more importantly, it pretended or at least heavily implied it was an official PSF-affiliated project, when it was not. How that claim was substantiated was also subject to drama.
It also had no releases for over a year, even though the master branch was getting frequent updates and the performance of the last release was atrocious (and I'm not sure if it has improved much).
From memory, there was a whole thing where pipenv, created by Kenneth Reitz of requests fame, was misaccurately portrayed as the official successor to pip when that wasn't true
I just moved a project from pipenv to poetry at work. My biggest issue with pipenv is that you can't selectively upgrade dependencies. Trying to `pipenv update xyz` basically blows away your lockfile and updates everything. There's a command line flag to be more selective but it doesn't work. I found an open GitHub issue about it that's years old.
Poetry by contrast works pretty much like any modern dependency system you'd be familiar with from another language like cargo, npm, or hex.
For poetry, it makes sense to use `poetry self update --preview` — I often come across weird bugs that take too long to get fixed in the current release.
[1] https://python-poetry.org/