Credential access
Reads PyPI tokens, repository credentials, environment variables, and project config.
brew / 保護ツール対応 / 順位 382
poetry をインストール
poetry のインストール経路、実行ファイル、メタデータ、AI エージェント向けセキュリティノートを確認します。
agent safety
Agent safety answer
poetry manages Python dependencies and package publishing.
Remote mutation
Can install dependencies and interact with package repositories.
Publish/artifact risk
Can build and publish Python packages.
Recommended control
Gate publish, config, and credentialed repository operations.
Agent-use guidance
Allow lock/test/build; require approval for publish and credential changes.
インストール
Automic Vault でインストール
Automic Vault
sudo av install brew:poetrymacOS
Homebrewverified · 100%
brew install poetrylocal Homebrew formula metadata
MacPortsverified · 94%
sudo port install poetryMacPorts ports tree · python/poetry/Portfile · source: api.github.com
Linux
Alpine Linux apkverified · 92%
sudo apk add poetryAlpine Linux edge package indexes · poetry · source: dl-cdn.alpinelinux.org
Debian aptverified · 92%
sudo apt install python3-poetryDebian stable package indexes · python3-poetry · source: deb.debian.org
Fedora dnfverified · 92%
sudo dnf install poetryFedora Rawhide package metadata · poetry · source: dl.fedoraproject.org
Nixverified · 92%
nix profile install nixpkgs#poetrynixpkgs package indexes · pkgs/by-name/po/poetry/package.nix · source: api.github.com
Arch Linux pacmanverified · 92%
sudo pacman -S python-poetryArch Linux sync databases · python-poetry · source: geo.mirror.pkgbuild.com
Windows
Scoopverified · 92%
scoop install main/poetryScoop official bucket manifest trees · bucket/poetry.json · source: api.github.com
パッケージマネージャソース
プラットフォームノート
- パッケージ固有のプラットフォームノートはありません。
概要
パッケージ概要
Python package management tool
ホームページ
コマンドとエイリアス
- poetry
保護ツール対応
Plain Text Poetry Repository Credentials
Poetry uses the system keyring when available, but falls back to auth.toml for repository passwords and PyPI tokens. Automic Vault detects plaintext Poetry auth.toml credentials, but does not migrate them because upstream already has keyring-backed storage and the fallback file is shared mutable configuration.
Risk classifier
green risk · low confidence · appliance
Why
- no executable entrypoint in the package index
Signals
- metadata:no-indexed-executables
Install behavior
- No Homebrew post-install hook is recorded in formula metadata.
- Homebrew bottle metadata is available for 6 platform targets.
- Installs with 4 runtime dependencies.
- Build metadata lists 3 build dependencies.
ローカル README 抜粋
Poetry Protected-tool coverage
Detect-only coverage for Poetry's plaintext auth fallback.
Poetry can store repository passwords and PyPI tokens in auth.toml when a usable system keyring is unavailable. This protected-tool coverage reports those fallback credentials without changing Poetry's keyring behavior.
ソース: local coverage notes
カバレッジソース
ソース抜粋
Caveats
- This radioisotope is detect-only.
- We detect XDG, macOS platformdirs, and legacy pypoetry auth.toml paths.
- Keyring-backed credentials are not reported.
実行可能ファイル
インストールされる実行可能ファイル
| コマンド | 種類 | 公開範囲 | メモ |
|---|---|---|---|
poetry | cli | global executable |
鮮度
バージョンと鮮度
これらの信号は、ページ生成時期、パッケージマネージャの活動、上流リリース比較を分けて示します。バージョン遅れは、証拠 URL と比較可能なバージョンがある場合だけ警告されます。
ページ生成日2026-06-10
マネージャ版2.4.1
マネージャ更新日2026-05-30
ローカルデータok
上流not checked
検出された最新not detected
- infoRelease/tag comparison is only available for GitHub repositories.https://python-poetry.org/none confidence
インストールメタデータ
パッケージメタデータ
| Package key | brew:poetry |
|---|---|
| Version | 2.4.1 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/poetry |
| Homepage | https://python-poetry.org/ |
| Repository | https://github.com/python-poetry/poetry |
| Upstream docs | https://python-poetry.org/docs |
| License | MIT |
| Source archive | https://files.pythonhosted.org/packages/c0/02/a309e58943f77f1947e4a658a9606933ab4a7b9f040025f4e25daf5fafbb/poetry-2.4.1.tar.gz |
| Last updated | 2026-05-30T12:46:15Z |
| Pulse | updated |
| Dependencies | certifi, cffi, python@3.14, zstd |
| Build dependencies | cmake, ninja, rust |
| Uses from macOS | libffi |
| Bottle | available (arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
Source database details
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | poetry |
| Version Scheme | 0 |
| Revision | 3 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Other package-manager records
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
Debian apt95%
python3-poetry 2.1.2+dfsg-1
Python dependency management and packaging made easy (Python 3)
sudo apt install python3-poetry- Section: python
- Architecture: all
- Source Package: poetry
- 24 dependencies
- normalized package name match
- Matched by: Poetry
Nix95%
poetry
nix profile install nixpkgs#poetry- normalized package name match
- Matched by: Poetry
Ubuntu apt95%
python3-poetry 1.8.2+dfsg-1ubuntu2
Python dependency management and packaging made easy (Python 3)
sudo apt install python3-poetry- Section: universe/python
- Architecture: all
- Source Package: poetry
- 26 dependencies
- normalized package name match
- Matched by: Poetry
apk95%
poetry 2.3.3-r0
Python3 dependency management and packaging system
sudo apk add poetry- License: MIT
- Architecture: x86_64
- Source Package: poetry
- 1 dependencies
- 1 provides
- normalized package name match
- Matched by: Poetry
apk95%
poetry-pyc 2.3.3-r0
Precompiled Python bytecode for poetry
sudo apk add poetry-pyc- License: MIT
- Architecture: x86_64
- Source Package: poetry
- 1 dependencies
- normalized package name match
- Matched by: Poetry
dnf95%
poetry 2.3.4-1.fc45
Python dependency management and packaging made easy
sudo dnf install poetry- License: MIT
- Category: Unspecified
- Architecture: noarch
- Source Package: poetry
- 2 dependencies
- 1 provides
- normalized package name match
- Matched by: Poetry
dnf95%
python3-poetry 2.3.4-1.fc45
Python dependency management and packaging made easy
sudo dnf install python3-poetry- License: MIT
- Category: Unspecified
- Architecture: noarch
- Source Package: poetry
- 2 dependencies
- 5 provides
- normalized package name match
- Matched by: Poetry
pacman95%
python-poetry 2.4.1-1
Python dependency management and packaging made easy
sudo pacman -S python-poetry- License: MIT
- Architecture: any
- 28 dependencies
- 1 provides
- 1 optional deps
- normalized package name match
- Matched by: Poetry
MacPorts95%
poetry
sudo port install poetry- normalized package name match
- Matched by: Poetry
Scoop95%
main/poetry
scoop install main/poetry- normalized package name match
- Matched by: Poetry
ソース経路
リポジトリデータから生成
このページは scripts/generate-pkg-sqlite.py が生成した非公開のパッケージ SQLite アーティファクトから av-web によって提供されます。
使用ソース
- Geiger risk classifier
- Nucleus package database
- av.db category and tag curation
- cross-ecosystem install command graph
- curated agent safety answer
- external package-manager database matches
- local coverage README
- package relationship graph
- package version freshness
- package-page enrichment
- secret-handling manifest