0.14.1

What's Changed

This release improves runtime performance of built wheels by about 5%, and reduces their size (by @mkniewallner in #594).

PyPy wheels are now also published on PyPI (by @edgarrmondragon in #612).

Bug fixes

• Improve handling of comments in requirements.txt files by @fpgmaas in #588
• Avoid process hanging on error when parsing Python files by @mkniewallner in #619

Full Changelog: 0.14.0...0.14.1

0.14.0

What's Changed

This release significantly improves the speed of deptry, particularly for large projects, by utilizing Rust to manage the parsing of Abstract Syntax Trees (AST) from .py files and to extract the import statements. For some benchmarks, see below:

Changes

Since the changes are all in the back-end, little has changed for the user other than the execution speed. The two minor notable changes are:

• Improved identification of column identifier in imports detection. Where earlier the column identifier for an imported module foo in the line import foo would be 0, it now points to column 8

Available wheels on PyPi

Where earlier releases published a single .whl file to PyPi, with the move to Rust we now build and publish wheels for a variety of platforms and architectures. More specifically, wheel files for the following combinations are now available on PyPi:

• Linux: ABI3 wheels for x86_64 and aarch64 architectures.
• Windows: ABI3 wheels for the x64 architecture.
• macOS: ABI3 wheels for x86_64 and aarch64 (Apple Silicon) architectures.

Alongside the ABI3 wheels, we provide a source distribution (sdist) package.

Full Changelog: 0.13.0...0.14.0

0.14.0a1

This release speeds up deptry significantly, especially on large projects, by leveraging Rust to handle the parsing of the Abstract Syntax Trees (AST) from .py files and the extraction of import statements.

What's Changed

• WIP: Import extraction with Rust by @fpgmaas in #581

Full Changelog: 0.13.0...0.14.0a1

0.13.0

What's Changed

Features

• deptry will now report invalid configuration options defined in pyproject.toml by @mkniewallner in #571

Bug Fixes

• Stricten URL detection to avoid flagging libraries like httpx as URLs by @mkniewallner in #570

Full Changelog: 0.12.0...0.13.0

0.12.0

What's Changed

This release introduces a significant change to the command-line flags and configuration options to make use of the error codes introduced in release 0.10.0.

Code	Issue
DEP001	Missing dependency
DEP002	Unused/obsolete dependency
DEP003	Transitive dependency
DEP004	Misplaced development dependency

Features

• Replaced --skip-unused, --skip-obsolete, --skip-missing, --skip-misplaced-dev flags: We have replaced the currently existing flags with the more generalized --ignore flag. Now, instead of skipping types of checks, you can specify the exact error codes to ignore using the --ignore flag (e.g., deptry . --ignore "DEP001,DEP002" to ignore checking for missing and unused dependencies).

The changes are also reflected in pyproject.toml. For example,

[tool.deptry]
skip_missing = true
skip_unused = true

is superseded by

[tool.deptry]
ignore = ["DEP001", "DEP002"]

• Replaced --ignore-unused, --ignore-obsolete, --ignore-missing, --ignore-misplaced-dev flags: Previously, specific checks for spefific dependencies/modules could be ingored using the --ignore-<code> flags. We are replacing these flags with the more generalized --per-rule-ignores flag. This flag allows you to specify dependencies that should be ignored for specific error codes, offering granular control over which errors are ignored for which dependencies. For instance, deptry . --per-rule-ignores DEP001=matplotlib,DEP002=pandas|numpy means DEP001 will be ignored for matplotlib, while DEP002 will be ignored for both pandas and numpy.

The changes are also reflected in pyproject.toml. For example,

[tool.deptry]
ignore_missing = ["matplotlib"]
ignore_unused = ["pandas", "numpy"]

is superseded by

[tool.deptry.per_rule_ignores]
DEP001 = ["matplotlib"]
DEP002 = ["pandas", "numpy"]

Please note that while the legacy arguments are still functional as of Deptry 0.12.0, we do plan to remove them in a future 1.0.0 release.

• Consider all groups for dev dependencies (#392)

Bug Fixes

• Handle SyntaxError raised by ast.parse (#426)

Full Changelog

0.11.0...0.12.0

0.11.0

What's Changed

Deprecations

• --skip-obsolete CLI option and its skip_obsolete couterpart in pyproject.toml are being replaced with --skip-unused and skip_unused, respectively
• --ignore-obsolete CLI option and its ignore_obsolete counterpart in pyproject.toml are being replaced with --ignore-unused and ignore_unused, respectively

This is done to account for a wording change, as we are replacing "obsolete" with "unused", since it has a clearer meaning for users.

The legacy options will still be usable for the time being, with a warning being shown in the terminal, but they will be removed in a future release, so you are advised to migrate to the new ones.

Features

• Add ability to pass multiple source directories by @mkniewallner in #381
• Replace the word obsolete with unused by @fpgmaas in #373

Bug Fixes

• Load gitignore from where CLI is invoked by @mkniewallner in #380

Full Changelog: 0.10.1...0.11.0

0.10.1

What's Changed

Bug Fixes

• Fix terminal output when only a single file is scanned by @fpgmaas in #372
• Fix issue with DEP004 being raised incorrectly when a dependency is defined both as a dev one and non-dev one by @fpgmaas in #376

Full Changelog: 0.10.0...0.10.1

0.10.0

What's Changed

Breaking changes

Release 0.10.0 of deptry brings a significant improvement to the way in which issues are reported. Previously, issues were reported in a summarized format, making it difficult for users to pinpoint exactly where in the code the issue was occurring. This is resolved by #357, which adds location information to the detected issues.

#367 adds error codes to identify the different issue types:

Code	Issue
DEP001	Missing dependency
DEP002	Obsolete dependency
DEP003	Transitive dependency
DEP004	Misplaced development dependency

Here's an example of how issues are now reported in release 0.10.0:

foo/bar.py:11:11: DEP002 'an_import' imported but missing from the dependencies
foo/bar.py:12:11: DEP002 'another_import' imported but missing from the dependencies
foo/baz.py:13:11: DEP003 'cfgv' imported but it is a transitive dependency
pyproject.toml: DEP001 'pandas' defined as a dependency but not used in the codebase

The json output generated by using the -o or --json-output is also modified to include the new error codes and location information:

    {
        "error": {
            "code": "DEP001",
            "message": "'seven' imported but missing from the dependency definitions"
        },
        "module": "seven",
        "location": {
            "file": "foo/bar.py",
            "line": 2,
            "column": 0
        }
    },

Features

• Add location to error reports by @mkniewallner in #357
• Add colours to text output by @mkniewallner in #368

Full Changelog: 0.9.0...0.10.0

0.9.0

What's Changed

Breaking changes

Python 3.7 support dropped

Support for Python 3.7 has been dropped in #352, given that it will reach end of life soon, and that PyPI stats show a really low usage of it. If you are using deptry on Python 3.7, consider upgrading to 3.8, or staying on <0.9.0.

Behaviour changes in package name guessing

In case packages don't provide the Python modules they expose, deptry tries to guess the package name by converting - to _, as a best effort, and warns about it in the logs. Before #337, deptry always guessed the module name, regardless of if the package provided the necessary information or not. Now, it will only guess the module name if the package does not provide the information and no mapping has been provided using the new --package-module-name-map flag (or package_module_name_map option in pyproject.toml).

Handling modules without __init__.py

With #285, deptry will now consider the following things as local modules:

• directories without __init__.py (and at least one Python file)
• single Python files

Previously, deptry only considered directories as local modules if an __init__.py was present, and did not account for cases where a single Python file could also be a local module, alongside directories.

Features

• Drop support for Python 3.7 by @mkniewallner in #352
• Only try to guess module associated to a dependency as a fallback for when the package doesn't provide such information by @akeeman in #337
• Handle local modules without __init__.py by @mkniewallner in #285
• Ability to configure a map of package names to module names by @akeeman in #333

Bug Fixes

• Replace 'PDM' with 'poetry' (typo) by @baggiponte in #294
• fix: account for Windows in code and tests by @mkniewallner in #343

Miscellaneous

• Run tests on macOS and Windows on CI by @mkniewallner in #342

Full Changelog: 0.8.0...0.9.0

0.8.0

What's Changed

Features

• Don't filter out setuptools by @mkniewallner in #262
• Use sys.stdlib_module_names to get stdlibs in Python >= 3.10 by @mkniewallner in #275

Miscellaneous

• Drop flake8 to only use ruff by @mkniewallner in #268
• Use more ruff rules and replace pyupgrade and pygrep-hooks usages by @mkniewallner in #276

Full Changelog: 0.7.1...0.8.0