Releases: conda/conda-lock
v2.5.7
This is a bugfix release that fixes a few edge cases. The first issue involves corrupt channel URLs when updating with micromamba. For the second, conda-lock would fail to parse pip lines containing --hash.
What's Changed
Bugfix
- Fix
conda-lock --update --micromambaby @maresb in #626 - Add support for pip hash checking by @sfinkens in #629
Maintenance
New Contributors
Full Changelog: v2.5.6...v2.5.7
Contributors
Assets 2
v2.5.6
What's Changed
This release fixes a bug where the content hash may not be updated correctly.
Also fixed is a spurious --file argument to the conda-lock install command suggested in the lockfile header.
Bugfix
- Ensure that content hashes are updated for an existing lock file when re-locking by @jeffseif in #618
- Update header cmdlines in generated lockfiles (#518) by @timsnyder in #616
Infrastructure
New Contributors
- @timsnyder made their first contribution in #616
- @jeffseif made their first contribution in #618
Full Changelog: v2.5.5...v2.5.6
Contributors
Assets 2
v2.5.5
What's Changed
This is a bugfix so that conda-lock can work in environments where setuptools is not preinstalled.
Bugfix
Infrastructure
Full Changelog: v2.5.4...v2.5.5
Contributors
Assets 2
v2.5.4
What's Changed
This release fixes #594 which involves credentials leaking into lockfiles when using certain private pip repositories like AWS CodeArtifact. Specifically, some servers may echo the basic authentication credentials in their response. Conda-lock previously failed to sanitize these echoed credentials when writing the lockfile. This was identified and fixed by @wholtz in #594 and #600.
Bugfix
- Remove credentials from response URLs by @wholtz in #600
- Fix broken
--pypi_to_conda_lookup_fileoption by @ianpye in #588
New feature
- The PyPI mapping can now be specified as a local file (in addition to an http[s] URL) by @maresb in #588
Infrastructure
- Save mock private pypi package to temp directory by @maresb in #601
- Minor improvements to pytest configuration by @maresb in #602
- Improve docs related to contribution by @maresb in #603
- Catch CalledProcessErrors from both subprocess and Poetry by @maresb in #604
- Add explanation and minor improvement to #581 by @tadeu in #586
New Contributors
Full Changelog: v2.5.3...v2.5.4
Contributors
Assets 2
v2.5.3
This release fixes #596 and now works with the recent ensureconda release which removed disttools and enabled Python 3.12 compatibility.
What's Changed
- Increase minimum ensureconda version for py3.12 compatibility by @jfrost-mo in #597
New Contributors
- @jfrost-mo made their first contribution in #597
Full Changelog: v2.5.2...v2.5.3
Contributors
Assets 2
v2.5.2
What's Changed
This is primarily a bugfix release.
It also improves the formatting of environment.yml-style lockfiles (those produced with --kind=env).
Bugfixes
- Fix case when using multiple platforms but pip contains a single platform by @basnijholt in #564
- Fix an issue when specifying full wheel URLs for a pypi package. by @romain-intel in #567
- Make the Python resolver respect any __glibc constraint by @romain-intel in #566
- Avoid I/O deadlock with conda by @tadeu in #581
Lockfile formatting enhancements
- alphasort env files by @jamesmyatt in #557
- Synchronize pip indentation with conda env export by @jamesmyatt in #573
Maintenance / infrastructure
- Don't filter in toposort by @maresb in #560
- Test to make sure virtual packages aren't included in lockfiles by @maresb in #583
- Test on Python 3.12 by @maresb in #585
- Reenable testing with Conda by @maresb in #584
Docs
- add search to docs site by @harelwa in #575
- Fix typo in flags.md by @IsaacWarren in #576
New Contributors
- @basnijholt made their first contribution in #564
- @jamesmyatt made their first contribution in #557
- @harelwa made their first contribution in #575
- @IsaacWarren made their first contribution in #576
- @tadeu made their first contribution in #581
Full Changelog: v2.5.1...v2.6.0
Contributors
Assets 2
v2.5.1
What's Changed
This fixes a bug where virtual packages were being included in unified lockfiles. (They should have been filtered out.) This can lead to warnings and/or errors during installation as reported in #556.
Bugfix
Full Changelog: v2.5.0...v2.5.1
Contributors
Assets 2
v2.5.0
What's Changed
Unified lockfiles (i.e. conda-lock.yml) are now generated with the packages listed in alphabetical order. (In earlier versions, packages were sorted in "topological order", meaning that if packages are installed in the given order then their dependencies will always be satisfied.) Alphabetical ordering should be more stable, making it easier for humans to read diffs between lockfiles.
The precise ordering of packages is as follows. Conda packages are always listed before pip packages. Then packages are sorted alphabetically by package name. If multiple platforms are being locked, then packages with the same name are ordered by platform name.
New features
- Alphabetize the lockfile by @mariusvniekerk in #524
Bugfix
Infrastructure
Full Changelog: v2.4.2...v2.5.0
Contributors
Assets 2
v2.4.2
This is a bugfix which should enable conda-lock to discover more PyPI wheels.
What's Changed
New Contributors
Full Changelog: v2.4.1...v2.4.2
Contributors
Assets 2
v2.4.1
Bugfix for lockfile type detection when using nonstandard lockfile filenames
What's Changed
Bugfix
- Fix platform validation for non-default names by @jacksmith15 in #535
Infrastructure
Full Changelog: v2.4.0...v2.4.1
