All notes in this series:
In Poetry, if you have defined custom sources but have not set a default source, you will get the following warning:
Warning: In a future version of Poetry, PyPI will be disabled automatically if at least one custom source is configured with another priority than 'explicit'. In order to avoid a breaking change and make your pyproject.toml forward compatible, add PyPI explicitly via 'poetry source add pypi'. By the way, this has the advantage that you can set the priority of PyPI as with any other source.
As the message implies, this warning can be addressed by adding a default source.
Public PyPI §
If you need the public PyPI, add it as the default by running:
poetry source add --priority=default PyPI
pyproject.toml will contain:
[[tool.poetry.source]] name = "PyPI" priority = "default"
Private PyPI §
If you already have a private PyPI as a source, you need to ensure at least one of your sources has a
"default". For example, if you have two existing sources which are
"supplemental", you will get the warning.
To fix this, you could modify your
pyproject.toml to change the
priority of your
"primary" source to
"default", then run
poetry lock --no-update1.
Bonus: Adding a private PyPI §
If you want to add a private PyPI source, you can do it similar to adding the public PyPI, except you will need to specify the URL:
poetry source add --priority=default --url=https://my.private.pypi.com/simple PrivatePyPI
This will add these lines to your
[[tool.poetry.source]] name = "PrivatePyPI" url = "https://my.private.pypi.com/simple" priority = "default"
Assuming your private PyPI requires authentication, you will need to use
poetry config to authenticate, e.g.:
poetry config http-basic.PrivatePyPI <username> <password>
The only change this should make to the
poetry.lockfile is to update the
content-hash, which is essentially a SHA256 checksum of the contents of the
pyproject.tomlfile. So, even though changing the
priorityhas no impact on the contents of the generated
poetry.lock, it still causes the checksum to change because that is based upon the
pyproject.tomlwhich was modified. ↩︎