-
Notifications
You must be signed in to change notification settings - Fork 3.1k
Comparing changes
Open a pull request
base repository: pypa/pip
base: 24.3.1
head repository: pypa/pip
compare: 25.0
Commits on Oct 27, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 0f9e238 - Browse repository at this point
Copy the full SHA 0f9e238View commit details -
Merge pull request #13049 from sbidoul/release/24.3.1
Release/24.3.1
Configuration menu - View commit details
-
Copy full SHA for 4204359 - Browse repository at this point
Copy the full SHA 4204359View commit details
Commits on Nov 3, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 69533e3 - Browse repository at this point
Copy the full SHA 69533e3View commit details
Commits on Nov 9, 2024
-
Override rich.console pipe handler for rich 13.8.0+
Explicitly override `rich.console.Console.on_broken_pipe()` to reraise the original exception, to bring the behavior of rich 13.8.0+ in line with older versions. The new versions instead close output fds and exit with error instead, which prevents pip's pipe handler from firing. This is the minimal change needed to make pip's test suite pass after upgrading vendored rich. Bug #13006 Bug #13072
Configuration menu - View commit details
-
Copy full SHA for 099ae97 - Browse repository at this point
Copy the full SHA 099ae97View commit details -
1
Configuration menu - View commit details
-
Copy full SHA for fe0925b - Browse repository at this point
Copy the full SHA fe0925bView commit details
Commits on Dec 7, 2024
-
Accommodate for recent pathname2url() changes upstream
- UNC paths converted to URLs now start with two slashes, like earlier (yes, really) - Trailing slashes are now preserved on Windows, matching POSIX behaviour
Configuration menu - View commit details
-
Copy full SHA for 5beed92 - Browse repository at this point
Copy the full SHA 5beed92View commit details -
Merge pull request #13105 from ichard26/windows-paths
Accommodate for recent pathname2url() changes upstream
Configuration menu - View commit details
-
Copy full SHA for a75dad5 - Browse repository at this point
Copy the full SHA a75dad5View commit details -
Import self version check eagerly in install command to fix RCE (#13085)
The comment was preserved as it is still relevant, but a note about preventing arbitrary code execution was added. See #13079 for the security bug report. Signed-off-by: Caleb Brown <calebbrown@google.com>
Configuration menu - View commit details
-
Copy full SHA for 634bf25 - Browse repository at this point
Copy the full SHA 634bf25View commit details -
Configuration menu - View commit details
-
Copy full SHA for 60cba9c - Browse repository at this point
Copy the full SHA 60cba9cView commit details -
pre-commit autoupdate (#12898)
updates: - [github.com/pre-commit/pre-commit-hooks: v4.6.0 → v5.0.0](pre-commit/pre-commit-hooks@v4.6.0...v5.0.0) - [github.com/psf/black-pre-commit-mirror: 24.4.2 → 24.10.0](psf/black-pre-commit-mirror@24.4.2...24.10.0) - [github.com/astral-sh/ruff-pre-commit: v0.5.6 → v0.8.1](astral-sh/ruff-pre-commit@v0.5.6...v0.8.1) - [github.com/pre-commit/mirrors-mypy: v1.12.1 → v1.13.0](pre-commit/mirrors-mypy@v1.12.1...v1.13.0) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 07c7a14 - Browse repository at this point
Copy the full SHA 07c7a14View commit details -
Configuration menu - View commit details
-
Copy full SHA for dc6c4f3 - Browse repository at this point
Copy the full SHA dc6c4f3View commit details -
Configuration menu - View commit details
-
Copy full SHA for c0900b8 - Browse repository at this point
Copy the full SHA c0900b8View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0904ed7 - Browse repository at this point
Copy the full SHA 0904ed7View commit details -
Configuration menu - View commit details
-
Copy full SHA for c530f32 - Browse repository at this point
Copy the full SHA c530f32View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0daddaf - Browse repository at this point
Copy the full SHA 0daddafView commit details -
Configuration menu - View commit details
-
Copy full SHA for 2845a52 - Browse repository at this point
Copy the full SHA 2845a52View commit details -
Configuration menu - View commit details
-
Copy full SHA for 79148f1 - Browse repository at this point
Copy the full SHA 79148f1View commit details -
Convert more record classes to dataclasses (#12659)
- Removes BestCandidateResult's iter_all() and iter_applicable() methods as they were redundant - Removes ParsedLine's is_requirement attribute as it was awkward to use (to please mypy, you would need to add asserts on .requirement) - Removes ParsedRequirement's defaults as they conflict with slots (Python 3.10 dataclasses have a built-in workaround that we can't use yet...)
Configuration menu - View commit details
-
Copy full SHA for 8dbbb2e - Browse repository at this point
Copy the full SHA 8dbbb2eView commit details -
Correct typos in docs and code comments (#13032)
Also move "Selected quotes from research participants" out of a random paragraph.
Configuration menu - View commit details
-
Copy full SHA for a194b45 - Browse repository at this point
Copy the full SHA a194b45View commit details
Commits on Dec 8, 2024
-
Merge pull request #13074 from ichard26/vendoring-bumps-25.0
Vendoring bumps for 25.0
Configuration menu - View commit details
-
Copy full SHA for 4599fc7 - Browse repository at this point
Copy the full SHA 4599fc7View commit details -
Merge pull request #13106 from sbidoul/rm-gone-in-for-11859-sbi
Remove gone_in for issue 11859 (deprecation of --build-option and --global-option)
Configuration menu - View commit details
-
Copy full SHA for c432c33 - Browse repository at this point
Copy the full SHA c432c33View commit details -
Merge pull request #13064 from ichard26/block-upgrade-prompt
Skip self version check on EXTERNALLY-MANAGED environments
Configuration menu - View commit details
-
Copy full SHA for 2324303 - Browse repository at this point
Copy the full SHA 2324303View commit details
Commits on Dec 9, 2024
-
Inherit HTTP cache file read/write permissions from cache directory (#…
…13070) The NamedTemporaryFile class used to create HTTP cache files is hard-coded to use file mode 600 (owner read/write only). This makes it impossible to share a pip cache with other users. With this patch, once a cache file is committed, its permissions are updated to inherit the read/write permissions of the cache directory. As before, the owner read/write permissions will always be set to avoid a completely unusable cache. --------- Co-authored-by: Richard Si <sichard26@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 667acf4 - Browse repository at this point
Copy the full SHA 667acf4View commit details
Commits on Dec 10, 2024
-
Remove unused news file GHA workflow and bot config (#13107)
The PSF Chronographer essentially replaces the news file check GHA workflow. And we haven't used the triage-new-issues bot in ages.
1Configuration menu - View commit details
-
Copy full SHA for d3ac6a2 - Browse repository at this point
Copy the full SHA d3ac6a2View commit details -
Fix options and default in
--keyring-provider
help (#13110)The `auto` mode was added a while ago, but the option help was not updated to reflect this.
Configuration menu - View commit details
-
Copy full SHA for 947917b - Browse repository at this point
Copy the full SHA 947917bView commit details
Commits on Dec 12, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 8936fee - Browse repository at this point
Copy the full SHA 8936feeView commit details
Commits on Dec 14, 2024
-
Pass CA and client TLS certificates to build subprocesses (#13063)
The _PIP_STANDALONE_CERT environment variable hack is no longer required as pip doesn't run a zip archive of itself to provision build dependencies these days (which due to a CPython bug would leave behind temporary certifi files). Some people do depend on this private envvar in the wild, so the removal has been called out in the news entry.
1Configuration menu - View commit details
-
Copy full SHA for 34fc0e2 - Browse repository at this point
Copy the full SHA 34fc0e2View commit details
Commits on Dec 16, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 90add48 - Browse repository at this point
Copy the full SHA 90add48View commit details -
Rerun time based retry tests to avoid flaky failures (#12869)
Also increase the time tolerance to account for more extreme variation.
Configuration menu - View commit details
-
Copy full SHA for 3b91f42 - Browse repository at this point
Copy the full SHA 3b91f42View commit details
Commits on Dec 21, 2024
-
Remove redundant prefix in failed PEP 517 builds error message
The error handling logic will add the ERROR: prefix already. Including one in the error message results in two ERROR: prefixes. ERROR: ERROR: Failed to build installable wheels for some pyproject.toml based projects (simplewheel, singlemodule)
Configuration menu - View commit details
-
Copy full SHA for e9f58aa - Browse repository at this point
Copy the full SHA e9f58aaView commit details
Commits on Dec 22, 2024
-
Merge pull request #13122 from pypa/ichard26-patch-1
Remove redundant prefix in failed PEP 517 builds error message
Configuration menu - View commit details
-
Copy full SHA for 9626dec - Browse repository at this point
Copy the full SHA 9626decView commit details -
Speed up nox docs sessions (#13118)
* Use --jobs auto in docs nox sessions On my 8 core system, a clean cold build takes 5-6 seconds instead of 10-11 seconds. Nothing major, but it's a welcomed QoL improvement. FYI, this flag doesn't work and will be ignored on Windows. * Stop installing pip twice in docs nox sessions At some point, session.install("pip") in the docs and docs-live nox sessions was changed to install pip in editable mode, presumably to enable reruns w/o dependency installation (-R flag) to pick up changes for our pip sphinx extension. This doesn't do anything though as pip is reinstalled normally as it's declared in docs/requirements.txt. I think it's a fair compromise that if you want to pick up changes in pip's source that show up in the documentation, you should not be using the -R nox flag.
Configuration menu - View commit details
-
Copy full SHA for 7c218b9 - Browse repository at this point
Copy the full SHA 7c218b9View commit details
Commits on Dec 24, 2024
-
test: Skip build/install steps with nox's --no-install flag
This saves time when you want to rerun the test suite with different pytest arguments but you haven't made any code changes in-between.
Configuration menu - View commit details
-
Copy full SHA for c340d7e - Browse repository at this point
Copy the full SHA c340d7eView commit details
Commits on Dec 25, 2024
-
CI: micro-optimize test collection & pass nox's --no-install
Pytest can be pretty slow to collect pip's entire test suite and prepare for test execution. I've observed a ~15s delay from invoking pytest to the first test running in CI in the worst case. This can be improved by reducing how many files pytest has to process while collecting tests. In short, passing tests/unit is faster than -m unit. In addition, use nox's --no-install flag to skip redundant build and install steps on the 2nd nox session invocation (for the integration tests), which was made possible by the previous commit.
Configuration menu - View commit details
-
Copy full SHA for 5ce1145 - Browse repository at this point
Copy the full SHA 5ce1145View commit details
Commits on Dec 26, 2024
-
Merge pull request #13126 from ichard26/microoptimize-ci
Faster test session reruns & microoptimize CI
Configuration menu - View commit details
-
Copy full SHA for c10dda5 - Browse repository at this point
Copy the full SHA c10dda5View commit details
Commits on Dec 28, 2024
-
Remove section about non-existing
--force-keyring
flag (#12455)I must have messed up while merging/rebasing at some point...
Configuration menu - View commit details
-
Copy full SHA for dd6c4ad - Browse repository at this point
Copy the full SHA dd6c4adView commit details
Commits on Dec 29, 2024
-
ci: use much faster D: drive for TEMP on Windows (#13129)
This is apparently an inherent limitation of Azure (which powers GHA) which uses a slow C: drive for the OS (read-optimized) and a fast D: drive for working space. A Dev Drive/ReFS volume was considered, but after a fair bit of testing, it offered a smaller improvement in Windows CI times than simply moving TEMP to the D: drive.
Configuration menu - View commit details
-
Copy full SHA for f8f0f5a - Browse repository at this point
Copy the full SHA f8f0f5aView commit details
Commits on Dec 31, 2024
-
Trim pyproject.toml and MANIFEST.in (#13137)
This mostly removes legacy references to files that do not exist anymore. In addition, the smarter exclude_also coverage option is used instead of exclude_lines.
Configuration menu - View commit details
-
Copy full SHA for bc553db - Browse repository at this point
Copy the full SHA bc553dbView commit details
Commits on Jan 5, 2025
-
perf: Avoid unnecessary URL processing while parsing links (#13132)
There are three optimizations in this commit, in descending order of impact: - If the file URL in the "project detail" response is already absolute, then avoid calling urljoin() as it's expensive (mostly because it calls urlparse() on both of its URL arguments) and does nothing. While it'd be more correct to check whether the file URL has a scheme, we'd need to parse the URL which is what we're trying to avoid in the first place. Anyway, by simply checking if the URL starts with http[s]://, we can avoid slow urljoin() calls for PyPI responses. - Replacing urllib.parse.urlparse() with urllib.parse.urlsplit() in _ensure_quoted_url(). The URL parsing functions are equivalent for our needs[^1]. However, urlsplit() is faster, and we achieve better cache utilization of its internal cache if we call it directly[^2]. - Calculating the Link.path property in advance as it's very hot. [^1]: we don't care about URL parameters AFAIK (which are different than the query component!) [^2]: urlparse() calls urlsplit() internally, but it passes the authority parameter (unlike any of our calls) so it bypasses the cache. Co-authored-by: Stéphane Bidoul <stephane.bidoul@acsone.eu>
Configuration menu - View commit details
-
Copy full SHA for ffbf6f0 - Browse repository at this point
Copy the full SHA ffbf6f0View commit details
Commits on Jan 10, 2025
-
Configuration menu - View commit details
-
Copy full SHA for eafc29e - Browse repository at this point
Copy the full SHA eafc29eView commit details -
Configuration menu - View commit details
-
Copy full SHA for c93a9c0 - Browse repository at this point
Copy the full SHA c93a9c0View commit details -
Merge pull request #13152 from notatallshaw/ubuntu-22.04
Switch to ubuntu-22.04 for github workflow
Configuration menu - View commit details
-
Copy full SHA for 285ff72 - Browse repository at this point
Copy the full SHA 285ff72View commit details
Commits on Jan 11, 2025
-
ci: run zipapp tests on M1 macOS (#13130)
The macos-latest runner is significantly faster than even the ubuntu-latest runners (11 minutes vs 17 minutes). Once the Windows jobs are made faster in a separate commit, we should have ~15 minute CI. ✨
Configuration menu - View commit details
-
Copy full SHA for cb56edb - Browse repository at this point
Copy the full SHA cb56edbView commit details -
Configuration menu - View commit details
-
Copy full SHA for 23e9222 - Browse repository at this point
Copy the full SHA 23e9222View commit details -
pre-commit autoupdate: ruff (#13144)
updates: - [github.com/astral-sh/ruff-pre-commit: v0.8.2 → v0.8.6](astral-sh/ruff-pre-commit@v0.8.2...v0.8.6) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 39be130 - Browse repository at this point
Copy the full SHA 39be130View commit details
Commits on Jan 12, 2025
-
Pass --proxy to build subprocesses (#13124)
Similar to --cert and --client-cert, the --proxy flag was not passed down to the isolated build environment. This was simply an oversight. I opted to store the original proxy string in a new attribute on the session as digging into the .proxies dictionary felt janky, and so did passing the proxy string to the finder as an argument. Co-authored-by: lcmartin <luis.martinez@collins.com>
Configuration menu - View commit details
-
Copy full SHA for d1c0dad - Browse repository at this point
Copy the full SHA d1c0dadView commit details -
Support PEP 639 License-Expression and License-File in JSON output (#…
…13134) Adds PEP 639 support to `pip inspect` and `pip install --report`.
Configuration menu - View commit details
-
Copy full SHA for 394e032 - Browse repository at this point
Copy the full SHA 394e032View commit details -
Add non-functional WheelDistribution.locate_file() method (#11685)
importlib.metadata.Distribution was always meant to be a proper ABC with API enforcement, but this enforcement was never added (probably due to Python 2.7 compatibility concerns). Upstream would like to fix this wart, so let's define a locate_file() method that simply raises NotImplementedError as permitted. Co-authored-by: Stéphane Bidoul <stephane.bidoul@gmail.com> Co-authored-by: Richard Si <sichard26@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for d2bb8eb - Browse repository at this point
Copy the full SHA d2bb8ebView commit details -
Configuration menu - View commit details
-
Copy full SHA for dafc095 - Browse repository at this point
Copy the full SHA dafc095View commit details -
Configuration menu - View commit details
-
Copy full SHA for d18fca1 - Browse repository at this point
Copy the full SHA d18fca1View commit details
There are no files selected for viewing
This file was deleted.
This file was deleted.
This file was deleted.
Large diffs are not rendered by default.
Large diffs are not rendered by default.
Large diffs are not rendered by default.
Large diffs are not rendered by default.