build(deps-dev): bump poethepoet from 0.42.1 to 0.43.0

[dependabot]

Bumps poethepoet from 0.42.1 to 0.43.0.

Release notes

Sourced from poethepoet's releases.

0.43.0

Enhancements

• Add task groups for grouping tasks under a heading in help output by @​brolewis in nat-n/poethepoet#354
• Treat false boolean args as unset env vars and add private vars by @​kzrnm in nat-n/poethepoet#359

Breaking changes

This release includes a refactor of how task variables are managed, improving boolean arg semantics and introducing private variables. These changes may affect a small number of existing configurations:

• Boolean args now produce unset env vars when false. Previously false mapped to the string "False"; now the env var is removed entirely. This gives consistent falsy behavior across shells and parameter expansion operators (:-, :+). Tasks checking for the literal string "False" or using os.environ["flag"] will need updating.

• Private env vars are filtered from subprocesses. Variables starting with _ and containing no uppercase characters (e.g. _secret) are now treated as private — available for config-time interpolation but excluded from the task subprocess environment. This is unlikely to affect existing configurations, but any task that relies on a subprocess reading a _lowercase env var will need to rename it.

• Private arg option names strip leading underscores. An arg named _flag with no explicit options now generates --flag instead of --_flag. A new validation rejects duplicate CLI options across args.

See the migration guide for details and recommended fixes.

New Contributors

• @​brolewis made their first contribution in nat-n/poethepoet#354

Full Changelog: nat-n/poethepoet@v0.42.1...v0.43.0

Commits

• 6a25fba chore: bump version to 0.43.0
• 83091a5 feat!: treat false boolean args as unset env vars and add private vars (#359)
• 456094a feat: Add task groups for grouping tasks under a heading in help output (#354)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)