Credential access
Reads PyPI tokens, repository credentials, environment variables, and project config.
agent safety
Agent safety answer
poetry manages Python dependencies and package publishing.
Remote mutation
Can install dependencies and interact with package repositories.
Publish/artifact risk
Can build and publish Python packages.
Recommended control
Gate publish, config, and credentialed repository operations.
Agent-use guidance
Allow lock/test/build; require approval for publish and credential changes.
安装
使用 Automic Vault 安装
Automic Vault
sudo av install brew:poetrymacOS
Homebrewverified · 100%
brew install poetrylocal Homebrew formula metadata
MacPortsverified · 94%
sudo port install poetryMacPorts ports tree · python/poetry/Portfile · source: api.github.com
Linux
Alpine Linux apkverified · 92%
sudo apk add poetryAlpine Linux edge package indexes · poetry · source: dl-cdn.alpinelinux.org
Debian aptverified · 92%
sudo apt install python3-poetryDebian stable package indexes · python3-poetry · source: deb.debian.org
Fedora dnfverified · 92%
sudo dnf install poetryFedora Rawhide package metadata · poetry · source: dl.fedoraproject.org
Nixverified · 92%
nix profile install nixpkgs#poetrynixpkgs package indexes · pkgs/by-name/po/poetry/package.nix · source: api.github.com
Arch Linux pacmanverified · 92%
sudo pacman -S python-poetryArch Linux sync databases · python-poetry · source: geo.mirror.pkgbuild.com
Windows
Scoopverified · 92%
scoop install main/poetryScoop official bucket manifest trees · bucket/poetry.json · source: api.github.com
软件包管理器来源
平台说明
- 没有特定于此软件包的平台说明。
概览
软件包摘要
Python package management tool
主页
命令和别名
- poetry
受保护工具覆盖
Plain Text Poetry Repository Credentials
Poetry uses the system keyring when available, but falls back to auth.toml for repository passwords and PyPI tokens. Automic Vault detects plaintext Poetry auth.toml credentials, but does not migrate them because upstream already has keyring-backed storage and the fallback file is shared mutable configuration.
Risk classifier
green risk · low confidence · appliance
Why
- no executable entrypoint in the package index
Signals
- metadata:no-indexed-executables
Install behavior
- No Homebrew post-install hook is recorded in formula metadata.
- Homebrew bottle metadata is available for 6 platform targets.
- Installs with 4 runtime dependencies.
- Build metadata lists 3 build dependencies.
本地 README 摘录
Poetry Protected-tool coverage
Detect-only coverage for Poetry's plaintext auth fallback.
Poetry can store repository passwords and PyPI tokens in auth.toml when a usable system keyring is unavailable. This protected-tool coverage reports those fallback credentials without changing Poetry's keyring behavior.
来源: local coverage notes
覆盖来源
来源摘录
Caveats
- This radioisotope is detect-only.
- We detect XDG, macOS platformdirs, and legacy pypoetry auth.toml paths.
- Keyring-backed credentials are not reported.
可执行文件
已安装的可执行文件
| 命令 | 类型 | 暴露范围 | 备注 |
|---|---|---|---|
poetry | cli | global executable |
新鲜度
版本和新鲜度
这些信号区分页生成时间、软件包管理器活动和上游发布比较。只有存在证据 URL 和可比较版本时,才会提示版本落后。
页面生成时间2026-06-10
管理器版本2.4.1
管理器更新时间2026-05-30
本地数据ok
上游not checked
检测到的最新版本not detected
- infoRelease/tag comparison is only available for GitHub repositories.https://python-poetry.org/none confidence
安装元数据
软件包元数据
| Package key | brew:poetry |
|---|---|
| Version | 2.4.1 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/poetry |
| Homepage | https://python-poetry.org/ |
| Repository | https://github.com/python-poetry/poetry |
| Upstream docs | https://python-poetry.org/docs |
| License | MIT |
| Source archive | https://files.pythonhosted.org/packages/c0/02/a309e58943f77f1947e4a658a9606933ab4a7b9f040025f4e25daf5fafbb/poetry-2.4.1.tar.gz |
| Last updated | 2026-05-30T12:46:15Z |
| Pulse | updated |
| Dependencies | certifi, cffi, python@3.14, zstd |
| Build dependencies | cmake, ninja, rust |
| Uses from macOS | libffi |
| Bottle | available (arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
Source database details
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | poetry |
| Version Scheme | 0 |
| Revision | 3 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Other package-manager records
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
Debian apt95%
python3-poetry 2.1.2+dfsg-1
Python dependency management and packaging made easy (Python 3)
sudo apt install python3-poetry- Section: python
- Architecture: all
- Source Package: poetry
- 24 dependencies
- normalized package name match
- Matched by: Poetry
Nix95%
poetry
nix profile install nixpkgs#poetry- normalized package name match
- Matched by: Poetry
Ubuntu apt95%
python3-poetry 1.8.2+dfsg-1ubuntu2
Python dependency management and packaging made easy (Python 3)
sudo apt install python3-poetry- Section: universe/python
- Architecture: all
- Source Package: poetry
- 26 dependencies
- normalized package name match
- Matched by: Poetry
apk95%
poetry 2.3.3-r0
Python3 dependency management and packaging system
sudo apk add poetry- License: MIT
- Architecture: x86_64
- Source Package: poetry
- 1 dependencies
- 1 provides
- normalized package name match
- Matched by: Poetry
apk95%
poetry-pyc 2.3.3-r0
Precompiled Python bytecode for poetry
sudo apk add poetry-pyc- License: MIT
- Architecture: x86_64
- Source Package: poetry
- 1 dependencies
- normalized package name match
- Matched by: Poetry
dnf95%
poetry 2.3.4-1.fc45
Python dependency management and packaging made easy
sudo dnf install poetry- License: MIT
- Category: Unspecified
- Architecture: noarch
- Source Package: poetry
- 2 dependencies
- 1 provides
- normalized package name match
- Matched by: Poetry
dnf95%
python3-poetry 2.3.4-1.fc45
Python dependency management and packaging made easy
sudo dnf install python3-poetry- License: MIT
- Category: Unspecified
- Architecture: noarch
- Source Package: poetry
- 2 dependencies
- 5 provides
- normalized package name match
- Matched by: Poetry
pacman95%
python-poetry 2.4.1-1
Python dependency management and packaging made easy
sudo pacman -S python-poetry- License: MIT
- Architecture: any
- 28 dependencies
- 1 provides
- 1 optional deps
- normalized package name match
- Matched by: Poetry
MacPorts95%
poetry
sudo port install poetry- normalized package name match
- Matched by: Poetry
Scoop95%
main/poetry
scoop install main/poetry- normalized package name match
- Matched by: Poetry
来源线索
由仓库数据生成
此页面由 av-web 从 scripts/generate-pkg-sqlite.py 生成的私有软件包 SQLite 工件提供。
使用的来源
- Geiger risk classifier
- Nucleus package database
- av.db category and tag curation
- cross-ecosystem install command graph
- curated agent safety answer
- external package-manager database matches
- local coverage README
- package relationship graph
- package version freshness
- package-page enrichment
- secret-handling manifest