Skip to content

0.0.0 version is considered "latest" even though it isn't #12310

New issue
New issue
Open
Open
0.0.0 version is considered "latest" even though it isn't#12310
Labels
L: github:actionsGitHub ActionsL: go:modulesGolang modulesL: pythonT: bug 🐞Something isn't working
@CiottiGiorgio

Description

@CiottiGiorgio
CiottiGiorgio
opened on May 23, 2025

Is there an existing issue for this?

  • I have searched the existing issues

Package ecosystem

pip

Package manager version

poetry

Language version

Python

Manifest location and content before the Dependabot update

[tool.poetry]
package-mode = false
name = "d-asa"
version = "0.4.0"
description = "Debt Algorand Standard Application"
license = "AGPL-3.0"
authors = ["cusma [email protected]"]
maintainers = ["cusma [email protected]"]
readme = ["README.md", "docs/SUMMARY.md"]
documentation = "https://cusma.github.io/d-asa/"
repository = "https://github.com/cusma/d-asa"
keywords = [
"algorand",
"blockchain",
"debt",
"finance",
"tokenization",
"actus",
]

[tool.poetry.dependencies]
python = "^3.12"
algokit-utils = "^3.0.2"
python-dotenv = "^1.1.0"
algorand-python = "^2.7.0"
algorand-python-testing = "^0.4.1"

[tool.poetry.group.dev.dependencies]
algokit-client-generator = "^2.0.0"
black = { extras = ["d"], version = "^25.1.0" }
ruff = "^0.11.2"
mypy = "^1.15.0"
pytest = "^8.3.5"
pytest-cov = "^6.1.0"
pytest-sugar = "^1.0.0"
pip-audit = "^2.7.3"
pre-commit = "^4.2.0"
puyapy = "^4.6.1"

[build-system]
requires = ["poetry-core"]
build-backend = "poetry.core.masonry.api"

[tool.ruff]
line-length = 120
lint.select = [
"E",
"F",
"ANN",
"UP",
"N",
"C4",
"B",
"A",
"YTT",
"W",
"FBT",
"Q",
"RUF",
"I",
]
lint.unfixable = ["B", "RUF"]

[tool.ruff.lint.flake8-annotations]
allow-star-arg-any = true
suppress-none-returning = true

[tool.pytest.ini_options]
pythonpath = ["smart_contracts", "tests"]

[tool.mypy]
files = "smart_contracts/"
python_version = "3.12"
disallow_any_generics = true
disallow_subclassing_any = true
disallow_untyped_calls = true
disallow_untyped_defs = true
disallow_incomplete_defs = true
check_untyped_defs = true
disallow_untyped_decorators = true
warn_redundant_casts = true
warn_unused_ignores = true
warn_return_any = true
strict_equality = true
extra_checks = true
disallow_any_unimported = true
disallow_any_expr = true
disallow_any_decorated = true
disallow_any_explicit = true
untyped_calls_exclude = ["algosdk"]

[[tool.mypy.overrides]]
module = "tests.*"
disallow_any_expr = false

dependabot.yml content

version: 2
updates:

  • package-ecosystem: pip
    directory: "/"
    schedule:
    interval: "monthly"
    groups:
    minor-and-patch:
    update-types:
    - minor
    - patch

  • package-ecosystem: "github-actions"
    directory: "/"
    schedule:
    interval: "monthly"
    groups:
    minor-and-patch:
    update-types:
    - minor
    - patch

Updated dependency

algokit-utils

What you expected to see, versus what you actually saw

algokit-utils should go from 3.0.2 to 4.0.1 but it doesn't because dependabot sees 0.0.0 as latest and 3.0.2 as current and therefore proposes no update

Native package manager behavior

algokit-utils is correctly updates to a new major when updating to latest with Poetry

Images of the diff or a link to the PR, issue, or logs

Image

Smallest manifest that reproduces the issue

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    L: github:actionsGitHub ActionsL: go:modulesGolang modulesL: pythonT: bug 🐞Something isn't working

    Type

    No type

    Projects

    Dependabot

    Status

    No status

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions