-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deprecate --install-options #11358
Comments
Bumps [pip](https://github.com/pypa/pip) from 22.2.2 to 22.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>22.3 (2022-10-15)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate <code>--install-options</code> which forces pip to use the deprecated <code>install</code> command of <code>setuptools</code>. (<code>[#11358](pypa/pip#11358) <https://github.com/pypa/pip/issues/11358></code>_)</li> <li>Deprecate installation with 'setup.py install' when no-binary is enabled for source distributions without 'pyproject.toml'. (<code>[#11452](pypa/pip#11452) <https://github.com/pypa/pip/issues/11452></code>_)</li> <li>Deprecate ```--no-binary`` disabling the wheel cache. (<code>[#11454](pypa/pip#11454) <https://github.com/pypa/pip/issues/11454></code>_)</li> <li>Remove <code>--use-feature=2020-resolver</code> opt-in flag. This was supposed to be removed in 21.0, but missed during that release cycle. (<code>[#11493](pypa/pip#11493) <https://github.com/pypa/pip/issues/11493></code>_)</li> <li>Deprecate installation with 'setup.py install' when the 'wheel' package is absent for source distributions without 'pyproject.toml'. (<code>[#8559](pypa/pip#8559) <https://github.com/pypa/pip/issues/8559></code>_)</li> <li>Remove the ability to use <code>pip list --outdated</code> in combination with <code>--format=freeze</code>. (<code>[#9789](pypa/pip#9789) <https://github.com/pypa/pip/issues/9789></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Use <code>shell=True</code> for opening the editor with <code>pip config edit</code>. (<code>[#10716](pypa/pip#10716) <https://github.com/pypa/pip/issues/10716></code>_)</li> <li>Use the <code>data-dist-info-metadata</code> attribute from :pep:<code>658</code> to resolve distribution metadata without downloading the dist yet. (<code>[#11111](pypa/pip#11111) <https://github.com/pypa/pip/issues/11111></code>_)</li> <li>Add an option to run the test suite with pip built as a zipapp. (<code>[#11250](pypa/pip#11250) <https://github.com/pypa/pip/issues/11250></code>_)</li> <li>Add a <code>--python</code> option to allow pip to manage Python environments other than the one pip is installed in. (<code>[#11320](pypa/pip#11320) <https://github.com/pypa/pip/issues/11320></code>_)</li> <li>Document the new (experimental) zipapp distribution of pip. (<code>[#11459](pypa/pip#11459) <https://github.com/pypa/pip/issues/11459></code>_)</li> <li>Use the much faster 'bzr co --lightweight' to obtain a copy of a Bazaar tree. (<code>[#5444](pypa/pip#5444) <https://github.com/pypa/pip/issues/5444></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix <code>--no-index</code> when <code>--index-url</code> or <code>--extra-index-url</code> is specified inside a requirements file. (<code>[#11276](pypa/pip#11276) <https://github.com/pypa/pip/issues/11276></code>_)</li> <li>Ensure that the candidate <code>pip</code> executable exists, when checking for a new version of pip. (<code>[#11309](pypa/pip#11309) <https://github.com/pypa/pip/issues/11309></code>_)</li> <li>Ignore distributions with invalid <code>Name</code> in metadata instead of crashing, when using the <code>importlib.metadata</code> backend. (<code>[#11352](pypa/pip#11352) <https://github.com/pypa/pip/issues/11352></code>_)</li> <li>Raise RequirementsFileParseError when parsing malformed requirements options that can't be sucessfully parsed by shlex. (<code>[#11491](pypa/pip#11491) <https://github.com/pypa/pip/issues/11491></code>_)</li> <li>Fix build environment isolation on some system Pythons. (<code>[#6264](pypa/pip#6264) <https://github.com/pypa/pip/issues/6264></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2022.9.24</li> <li>Upgrade distlib to 0.3.6</li> <li>Upgrade idna to 3.4</li> <li>Upgrade pep517 to 0.13.0</li> <li>Upgrade pygments to 2.13.0</li> <li>Upgrade tenacity to 8.1.0</li> <li>Upgrade typing_extensions to 4.4.0</li> <li>Upgrade urllib3 to 1.26.12</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/0a76da3a94130fad58b086e331c3d3e1b02a89eb"><code>0a76da3</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/25638287f8b8bd571a10c4f5ae1b7f4eae454dcc"><code>2563828</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/e86f27fe4ee3fe45fc0fcd2372f71d39d1d013c1"><code>e86f27f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11493">#11493</a> from pradyunsg/remove-2020-resolver-opt-in</li> <li><a href="https://github.com/pypa/pip/commit/1fcc3ce4b531ac6bc80c1d102d4ef9610074e195"><code>1fcc3ce</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11514">#11514</a> from pradyunsg/certifi-update</li> <li><a href="https://github.com/pypa/pip/commit/65c23fa99d19af8ebd375e7129213794dce4b4b2"><code>65c23fa</code></a> Unnormalise the certifi version</li> <li><a href="https://github.com/pypa/pip/commit/739158cc80f138dbed9e426f3408811acef2d993"><code>739158c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11516">#11516</a> from pradyunsg/check-manifest</li> <li><a href="https://github.com/pypa/pip/commit/4e48bbc31cf34b1b4ccd100a787d1204ddb8866b"><code>4e48bbc</code></a> Move check-manifest to a CI check</li> <li><a href="https://github.com/pypa/pip/commit/1b7e5ef34f926f33fa7932239229220dd65eb7a6"><code>1b7e5ef</code></a> Upgrade certifi to 2022.9.24</li> <li><a href="https://github.com/pypa/pip/commit/2a0552ac61ee26df04e08e21943a1e36aa880db1"><code>2a0552a</code></a> Replace complex certifi patch with a more targetted requests patch</li> <li><a href="https://github.com/pypa/pip/commit/eb906997da97bbbd1f74127297d7ce9a54a6a2a0"><code>eb90699</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11502">#11502</a> from pradyunsg/vendoring-updates</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/22.2.2...22.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=22.2.2&new-version=22.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [pip](https://github.com/pypa/pip) from 22.2.2 to 22.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>22.3 (2022-10-15)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate <code>--install-options</code> which forces pip to use the deprecated <code>install</code> command of <code>setuptools</code>. (<code>[#11358](pypa/pip#11358) <https://github.com/pypa/pip/issues/11358></code>_)</li> <li>Deprecate installation with 'setup.py install' when no-binary is enabled for source distributions without 'pyproject.toml'. (<code>[#11452](pypa/pip#11452) <https://github.com/pypa/pip/issues/11452></code>_)</li> <li>Deprecate ```--no-binary`` disabling the wheel cache. (<code>[#11454](pypa/pip#11454) <https://github.com/pypa/pip/issues/11454></code>_)</li> <li>Remove <code>--use-feature=2020-resolver</code> opt-in flag. This was supposed to be removed in 21.0, but missed during that release cycle. (<code>[#11493](pypa/pip#11493) <https://github.com/pypa/pip/issues/11493></code>_)</li> <li>Deprecate installation with 'setup.py install' when the 'wheel' package is absent for source distributions without 'pyproject.toml'. (<code>[#8559](pypa/pip#8559) <https://github.com/pypa/pip/issues/8559></code>_)</li> <li>Remove the ability to use <code>pip list --outdated</code> in combination with <code>--format=freeze</code>. (<code>[#9789](pypa/pip#9789) <https://github.com/pypa/pip/issues/9789></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Use <code>shell=True</code> for opening the editor with <code>pip config edit</code>. (<code>[#10716](pypa/pip#10716) <https://github.com/pypa/pip/issues/10716></code>_)</li> <li>Use the <code>data-dist-info-metadata</code> attribute from :pep:<code>658</code> to resolve distribution metadata without downloading the dist yet. (<code>[#11111](pypa/pip#11111) <https://github.com/pypa/pip/issues/11111></code>_)</li> <li>Add an option to run the test suite with pip built as a zipapp. (<code>[#11250](pypa/pip#11250) <https://github.com/pypa/pip/issues/11250></code>_)</li> <li>Add a <code>--python</code> option to allow pip to manage Python environments other than the one pip is installed in. (<code>[#11320](pypa/pip#11320) <https://github.com/pypa/pip/issues/11320></code>_)</li> <li>Document the new (experimental) zipapp distribution of pip. (<code>[#11459](pypa/pip#11459) <https://github.com/pypa/pip/issues/11459></code>_)</li> <li>Use the much faster 'bzr co --lightweight' to obtain a copy of a Bazaar tree. (<code>[#5444](pypa/pip#5444) <https://github.com/pypa/pip/issues/5444></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix <code>--no-index</code> when <code>--index-url</code> or <code>--extra-index-url</code> is specified inside a requirements file. (<code>[#11276](pypa/pip#11276) <https://github.com/pypa/pip/issues/11276></code>_)</li> <li>Ensure that the candidate <code>pip</code> executable exists, when checking for a new version of pip. (<code>[#11309](pypa/pip#11309) <https://github.com/pypa/pip/issues/11309></code>_)</li> <li>Ignore distributions with invalid <code>Name</code> in metadata instead of crashing, when using the <code>importlib.metadata</code> backend. (<code>[#11352](pypa/pip#11352) <https://github.com/pypa/pip/issues/11352></code>_)</li> <li>Raise RequirementsFileParseError when parsing malformed requirements options that can't be sucessfully parsed by shlex. (<code>[#11491](pypa/pip#11491) <https://github.com/pypa/pip/issues/11491></code>_)</li> <li>Fix build environment isolation on some system Pythons. (<code>[#6264](pypa/pip#6264) <https://github.com/pypa/pip/issues/6264></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2022.9.24</li> <li>Upgrade distlib to 0.3.6</li> <li>Upgrade idna to 3.4</li> <li>Upgrade pep517 to 0.13.0</li> <li>Upgrade pygments to 2.13.0</li> <li>Upgrade tenacity to 8.1.0</li> <li>Upgrade typing_extensions to 4.4.0</li> <li>Upgrade urllib3 to 1.26.12</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/0a76da3a94130fad58b086e331c3d3e1b02a89eb"><code>0a76da3</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/25638287f8b8bd571a10c4f5ae1b7f4eae454dcc"><code>2563828</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/e86f27fe4ee3fe45fc0fcd2372f71d39d1d013c1"><code>e86f27f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11493">#11493</a> from pradyunsg/remove-2020-resolver-opt-in</li> <li><a href="https://github.com/pypa/pip/commit/1fcc3ce4b531ac6bc80c1d102d4ef9610074e195"><code>1fcc3ce</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11514">#11514</a> from pradyunsg/certifi-update</li> <li><a href="https://github.com/pypa/pip/commit/65c23fa99d19af8ebd375e7129213794dce4b4b2"><code>65c23fa</code></a> Unnormalise the certifi version</li> <li><a href="https://github.com/pypa/pip/commit/739158cc80f138dbed9e426f3408811acef2d993"><code>739158c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11516">#11516</a> from pradyunsg/check-manifest</li> <li><a href="https://github.com/pypa/pip/commit/4e48bbc31cf34b1b4ccd100a787d1204ddb8866b"><code>4e48bbc</code></a> Move check-manifest to a CI check</li> <li><a href="https://github.com/pypa/pip/commit/1b7e5ef34f926f33fa7932239229220dd65eb7a6"><code>1b7e5ef</code></a> Upgrade certifi to 2022.9.24</li> <li><a href="https://github.com/pypa/pip/commit/2a0552ac61ee26df04e08e21943a1e36aa880db1"><code>2a0552a</code></a> Replace complex certifi patch with a more targetted requests patch</li> <li><a href="https://github.com/pypa/pip/commit/eb906997da97bbbd1f74127297d7ce9a54a6a2a0"><code>eb90699</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11502">#11502</a> from pradyunsg/vendoring-updates</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/22.2.2...22.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=22.2.2&new-version=22.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
…s/@jsii/python-runtime (#3803) Updates the requirements on [pip](https://github.com/pypa/pip) to permit the latest version. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>22.3 (2022-10-15)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate <code>--install-options</code> which forces pip to use the deprecated <code>install</code> command of <code>setuptools</code>. (<code>[#11358](pypa/pip#11358) <https://github.com/pypa/pip/issues/11358></code>_)</li> <li>Deprecate installation with 'setup.py install' when no-binary is enabled for source distributions without 'pyproject.toml'. (<code>[#11452](pypa/pip#11452) <https://github.com/pypa/pip/issues/11452></code>_)</li> <li>Deprecate ```--no-binary`` disabling the wheel cache. (<code>[#11454](pypa/pip#11454) <https://github.com/pypa/pip/issues/11454></code>_)</li> <li>Remove <code>--use-feature=2020-resolver</code> opt-in flag. This was supposed to be removed in 21.0, but missed during that release cycle. (<code>[#11493](pypa/pip#11493) <https://github.com/pypa/pip/issues/11493></code>_)</li> <li>Deprecate installation with 'setup.py install' when the 'wheel' package is absent for source distributions without 'pyproject.toml'. (<code>[#8559](pypa/pip#8559) <https://github.com/pypa/pip/issues/8559></code>_)</li> <li>Remove the ability to use <code>pip list --outdated</code> in combination with <code>--format=freeze</code>. (<code>[#9789](pypa/pip#9789) <https://github.com/pypa/pip/issues/9789></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Use <code>shell=True</code> for opening the editor with <code>pip config edit</code>. (<code>[#10716](pypa/pip#10716) <https://github.com/pypa/pip/issues/10716></code>_)</li> <li>Use the <code>data-dist-info-metadata</code> attribute from :pep:<code>658</code> to resolve distribution metadata without downloading the dist yet. (<code>[#11111](pypa/pip#11111) <https://github.com/pypa/pip/issues/11111></code>_)</li> <li>Add an option to run the test suite with pip built as a zipapp. (<code>[#11250](pypa/pip#11250) <https://github.com/pypa/pip/issues/11250></code>_)</li> <li>Add a <code>--python</code> option to allow pip to manage Python environments other than the one pip is installed in. (<code>[#11320](pypa/pip#11320) <https://github.com/pypa/pip/issues/11320></code>_)</li> <li>Document the new (experimental) zipapp distribution of pip. (<code>[#11459](pypa/pip#11459) <https://github.com/pypa/pip/issues/11459></code>_)</li> <li>Use the much faster 'bzr co --lightweight' to obtain a copy of a Bazaar tree. (<code>[#5444](pypa/pip#5444) <https://github.com/pypa/pip/issues/5444></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix <code>--no-index</code> when <code>--index-url</code> or <code>--extra-index-url</code> is specified inside a requirements file. (<code>[#11276](pypa/pip#11276) <https://github.com/pypa/pip/issues/11276></code>_)</li> <li>Ensure that the candidate <code>pip</code> executable exists, when checking for a new version of pip. (<code>[#11309](pypa/pip#11309) <https://github.com/pypa/pip/issues/11309></code>_)</li> <li>Ignore distributions with invalid <code>Name</code> in metadata instead of crashing, when using the <code>importlib.metadata</code> backend. (<code>[#11352](pypa/pip#11352) <https://github.com/pypa/pip/issues/11352></code>_)</li> <li>Raise RequirementsFileParseError when parsing malformed requirements options that can't be sucessfully parsed by shlex. (<code>[#11491](pypa/pip#11491) <https://github.com/pypa/pip/issues/11491></code>_)</li> <li>Fix build environment isolation on some system Pythons. (<code>[#6264](pypa/pip#6264) <https://github.com/pypa/pip/issues/6264></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2022.9.24</li> <li>Upgrade distlib to 0.3.6</li> <li>Upgrade idna to 3.4</li> <li>Upgrade pep517 to 0.13.0</li> <li>Upgrade pygments to 2.13.0</li> <li>Upgrade tenacity to 8.1.0</li> <li>Upgrade typing_extensions to 4.4.0</li> <li>Upgrade urllib3 to 1.26.12</li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/0a76da3a94130fad58b086e331c3d3e1b02a89eb"><code>0a76da3</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/25638287f8b8bd571a10c4f5ae1b7f4eae454dcc"><code>2563828</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/e86f27fe4ee3fe45fc0fcd2372f71d39d1d013c1"><code>e86f27f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11493">#11493</a> from pradyunsg/remove-2020-resolver-opt-in</li> <li><a href="https://github.com/pypa/pip/commit/1fcc3ce4b531ac6bc80c1d102d4ef9610074e195"><code>1fcc3ce</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11514">#11514</a> from pradyunsg/certifi-update</li> <li><a href="https://github.com/pypa/pip/commit/65c23fa99d19af8ebd375e7129213794dce4b4b2"><code>65c23fa</code></a> Unnormalise the certifi version</li> <li><a href="https://github.com/pypa/pip/commit/739158cc80f138dbed9e426f3408811acef2d993"><code>739158c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11516">#11516</a> from pradyunsg/check-manifest</li> <li><a href="https://github.com/pypa/pip/commit/4e48bbc31cf34b1b4ccd100a787d1204ddb8866b"><code>4e48bbc</code></a> Move check-manifest to a CI check</li> <li><a href="https://github.com/pypa/pip/commit/1b7e5ef34f926f33fa7932239229220dd65eb7a6"><code>1b7e5ef</code></a> Upgrade certifi to 2022.9.24</li> <li><a href="https://github.com/pypa/pip/commit/2a0552ac61ee26df04e08e21943a1e36aa880db1"><code>2a0552a</code></a> Replace complex certifi patch with a more targetted requests patch</li> <li><a href="https://github.com/pypa/pip/commit/eb906997da97bbbd1f74127297d7ce9a54a6a2a0"><code>eb90699</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11502">#11502</a> from pradyunsg/vendoring-updates</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/22.2...22.3">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [pip](https://github.com/pypa/pip) from 21.0 to 22.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>22.3.1 (2022-11-05)</h1> <h2>Bug Fixes</h2> <ul> <li>Fix entry point generation of <code>pip.X</code>, <code>pipX.Y</code>, and <code>easy_install-X.Y</code> to correctly account for multi-digit Python version segments (e.g. the "11" part of 3.11). (<code>[#11547](pypa/pip#11547) <https://github.com/pypa/pip/issues/11547></code>_)</li> </ul> <h1>22.3 (2022-10-15)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate <code>--install-options</code> which forces pip to use the deprecated <code>install</code> command of <code>setuptools</code>. (<code>[#11358](pypa/pip#11358) <https://github.com/pypa/pip/issues/11358></code>_)</li> <li>Deprecate installation with 'setup.py install' when no-binary is enabled for source distributions without 'pyproject.toml'. (<code>[#11452](pypa/pip#11452) <https://github.com/pypa/pip/issues/11452></code>_)</li> <li>Deprecate ```--no-binary`` disabling the wheel cache. (<code>[#11454](pypa/pip#11454) <https://github.com/pypa/pip/issues/11454></code>_)</li> <li>Remove <code>--use-feature=2020-resolver</code> opt-in flag. This was supposed to be removed in 21.0, but missed during that release cycle. (<code>[#11493](pypa/pip#11493) <https://github.com/pypa/pip/issues/11493></code>_)</li> <li>Deprecate installation with 'setup.py install' when the 'wheel' package is absent for source distributions without 'pyproject.toml'. (<code>[#8559](pypa/pip#8559) <https://github.com/pypa/pip/issues/8559></code>_)</li> <li>Remove the ability to use <code>pip list --outdated</code> in combination with <code>--format=freeze</code>. (<code>[#9789](pypa/pip#9789) <https://github.com/pypa/pip/issues/9789></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Use <code>shell=True</code> for opening the editor with <code>pip config edit</code>. (<code>[#10716](pypa/pip#10716) <https://github.com/pypa/pip/issues/10716></code>_)</li> <li>Use the <code>data-dist-info-metadata</code> attribute from :pep:<code>658</code> to resolve distribution metadata without downloading the dist yet. (<code>[#11111](pypa/pip#11111) <https://github.com/pypa/pip/issues/11111></code>_)</li> <li>Add an option to run the test suite with pip built as a zipapp. (<code>[#11250](pypa/pip#11250) <https://github.com/pypa/pip/issues/11250></code>_)</li> <li>Add a <code>--python</code> option to allow pip to manage Python environments other than the one pip is installed in. (<code>[#11320](pypa/pip#11320) <https://github.com/pypa/pip/issues/11320></code>_)</li> <li>Document the new (experimental) zipapp distribution of pip. (<code>[#11459](pypa/pip#11459) <https://github.com/pypa/pip/issues/11459></code>_)</li> <li>Use the much faster 'bzr co --lightweight' to obtain a copy of a Bazaar tree. (<code>[#5444](pypa/pip#5444) <https://github.com/pypa/pip/issues/5444></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix <code>--no-index</code> when <code>--index-url</code> or <code>--extra-index-url</code> is specified inside a requirements file. (<code>[#11276](pypa/pip#11276) <https://github.com/pypa/pip/issues/11276></code>_)</li> <li>Ensure that the candidate <code>pip</code> executable exists, when checking for a new version of pip. (<code>[#11309](pypa/pip#11309) <https://github.com/pypa/pip/issues/11309></code>_)</li> <li>Ignore distributions with invalid <code>Name</code> in metadata instead of crashing, when using the <code>importlib.metadata</code> backend. (<code>[#11352](pypa/pip#11352) <https://github.com/pypa/pip/issues/11352></code>_)</li> <li>Raise RequirementsFileParseError when parsing malformed requirements options that can't be sucessfully parsed by shlex. (<code>[#11491](pypa/pip#11491) <https://github.com/pypa/pip/issues/11491></code>_)</li> <li>Fix build environment isolation on some system Pythons. (<code>[#6264](pypa/pip#6264) <https://github.com/pypa/pip/issues/6264></code>_)</li> </ul> <p>Vendored Libraries</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/1463081f10de6bfad81afe0d68272e7c3bedbadf"><code>1463081</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/22fd64ac0b68782acb308e2484b553a2ecadff78"><code>22fd64a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11547">#11547</a> from uranusjr/entry-point-python-version-replacemen...</li> <li><a href="https://github.com/pypa/pip/commit/0a76da3a94130fad58b086e331c3d3e1b02a89eb"><code>0a76da3</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/25638287f8b8bd571a10c4f5ae1b7f4eae454dcc"><code>2563828</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/e86f27fe4ee3fe45fc0fcd2372f71d39d1d013c1"><code>e86f27f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11493">#11493</a> from pradyunsg/remove-2020-resolver-opt-in</li> <li><a href="https://github.com/pypa/pip/commit/1fcc3ce4b531ac6bc80c1d102d4ef9610074e195"><code>1fcc3ce</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11514">#11514</a> from pradyunsg/certifi-update</li> <li><a href="https://github.com/pypa/pip/commit/65c23fa99d19af8ebd375e7129213794dce4b4b2"><code>65c23fa</code></a> Unnormalise the certifi version</li> <li><a href="https://github.com/pypa/pip/commit/739158cc80f138dbed9e426f3408811acef2d993"><code>739158c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11516">#11516</a> from pradyunsg/check-manifest</li> <li><a href="https://github.com/pypa/pip/commit/4e48bbc31cf34b1b4ccd100a787d1204ddb8866b"><code>4e48bbc</code></a> Move check-manifest to a CI check</li> <li><a href="https://github.com/pypa/pip/commit/1b7e5ef34f926f33fa7932239229220dd65eb7a6"><code>1b7e5ef</code></a> Upgrade certifi to 2022.9.24</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/21.0...22.3.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=21.0&new-version=22.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Some discussion here. Title: Passing command line arguments to pip install after --install-options deprecation |
@AlexanderSerov It might be more accurate to expand the sentence to be |
@sbidoul What still give me a little clues as dev how just migrating packaging process from setuptools to pip. I use --install-options previosly and it's no more work in pip, so warning should be extended with more information from this message at least. I am not python dev though, so can give you a little help how it should be formulated exactly. |
For those wondering how to use I use this for explicit optional cythonization, more details here. I'm not sure this is the correct way to use this option (this form of build_option won't be deprecated?), it would be great to get some clarification on the matter. /EDIT: if Also, if your goal is to pass a build option, then you may need to also pass /EDIT2: if you use |
Actually, this would be a question for the setuptools project. The config settings mechanism of passing key/value options to the build backend is standardized, but the actual keys and values are build backend dependent. |
@sbidoul Thank you very much, this actually answers half of my question, because since the key/value options handling is managed by the backend (pip only handling the communication/creation of this key/value store from commandline arguments), then it means this option will at least not get deprecated with pip 23.3 :-) I will see with setuptools what their plans are about it, thank you! |
Bumps [pip](https://github.com/pypa/pip) from 23.0.1 to 23.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>23.1 (2023-04-15)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Remove support for the deprecated <code>--install-options</code>. (<code>[#11358](pypa/pip#11358) <https://github.com/pypa/pip/issues/11358></code>_)</li> <li><code>--no-binary</code> does not imply <code>setup.py install</code> anymore. Instead a wheel will be built locally and installed. (<code>[#11451](pypa/pip#11451) <https://github.com/pypa/pip/issues/11451></code>_)</li> <li><code>--no-binary</code> does not disable the cache of locally built wheels anymore. It only means "don't download wheels". (<code>[#11453](pypa/pip#11453) <https://github.com/pypa/pip/issues/11453></code>_)</li> <li>Deprecate <code>--build-option</code> and <code>--global-option</code>. Users are invited to switch to <code>--config-settings</code>. (<code>[#11859](pypa/pip#11859) <https://github.com/pypa/pip/issues/11859></code>_)</li> <li>Using <code>--config-settings</code> with projects that don't have a <code>pyproject.toml</code> now print a deprecation warning. In the future the presence of config settings will automatically enable the default build backend for legacy projects and pass the setttings to it. (<code>[#11915](pypa/pip#11915) <https://github.com/pypa/pip/issues/11915></code>_)</li> <li>Remove <code>setup.py install</code> fallback when building a wheel failed for projects without <code>pyproject.toml</code>. (<code>[#8368](pypa/pip#8368) <https://github.com/pypa/pip/issues/8368></code>_)</li> <li>When the <code>wheel</code> package is not installed, pip now uses the default build backend instead of <code>setup.py install</code> for project without <code>pyproject.toml</code>. (<code>[#8559](pypa/pip#8559) <https://github.com/pypa/pip/issues/8559></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Specify egg-link location in assertion message when it does not match installed location to provide better error message for debugging. (<code>[#10476](pypa/pip#10476) <https://github.com/pypa/pip/issues/10476></code>_)</li> <li>Present conflict information during installation after each choice that is rejected (pass <code>-vv</code> to <code>pip install</code> to show it) (<code>[#10937](pypa/pip#10937) <https://github.com/pypa/pip/issues/10937></code>_)</li> <li>Display dependency chain on each Collecting/Processing log line. (<code>[#11169](pypa/pip#11169) <https://github.com/pypa/pip/issues/11169></code>_)</li> <li>Support a per-requirement <code>--config-settings</code> option in requirements files. (<code>[#11325](pypa/pip#11325) <https://github.com/pypa/pip/issues/11325></code>_)</li> <li>The <code>--config-settings</code>/<code>-C</code> option now supports using the same key multiple times. When the same key is specified multiple times, all values are passed to the build backend as a list, as opposed to the previous behavior, where pip would only pass the last value if the same key was used multiple times. (<code>[#11681](pypa/pip#11681) <https://github.com/pypa/pip/issues/11681></code>_)</li> <li>Add <code>-C</code> as a short version of the <code>--config-settings</code> option. (<code>[#11786](pypa/pip#11786) <https://github.com/pypa/pip/issues/11786></code>_)</li> <li>Reduce the number of resolver rounds, since backjumping makes the resolver more efficient in finding solutions. This also makes pathological cases fail quicker. (<code>[#11908](pypa/pip#11908) <https://github.com/pypa/pip/issues/11908></code>_)</li> <li>Warn if <code>--hash</code> is used on a line without requirement in a requirements file. (<code>[#11935](pypa/pip#11935) <https://github.com/pypa/pip/issues/11935></code>_)</li> <li>Stop propagating CLI <code>--config-settings</code> to the build dependencies. They already did not propagate to requirements provided in requirement files. To pass the same config settings to several requirements, users should provide the requirements as CLI arguments. (<code>[#11941](pypa/pip#11941) <https://github.com/pypa/pip/issues/11941></code>_)</li> <li>Support wheel cache when using <code>--require-hashes</code>. (<code>[#5037](pypa/pip#5037) <https://github.com/pypa/pip/issues/5037></code>_)</li> <li>Add <code>--keyring-provider</code> flag. See the Authentication page in the documentation for more info. (<code>[#8719](pypa/pip#8719) <https://github.com/pypa/pip/issues/8719></code>_)</li> <li>In the case of virtual environments, configuration files are now also included from the base installation. (<code>[#9752](pypa/pip#9752) <https://github.com/pypa/pip/issues/9752></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix grammar by changing "A new release of pip available:" to "A new release of pip is available:" in the notice used for indicating that. (<code>[#11529](pypa/pip#11529) <https://github.com/pypa/pip/issues/11529></code>_)</li> <li>Normalize paths before checking if installed scripts are on PATH. (<code>[#11719](pypa/pip#11719) <https://github.com/pypa/pip/issues/11719></code>_)</li> <li>Correct the way to decide if keyring is available. (<code>[#11774](pypa/pip#11774) <https://github.com/pypa/pip/issues/11774></code>_)</li> <li>More consistent resolution backtracking by removing legacy hack related to setuptools resolution (<code>[#11837](pypa/pip#11837) <https://github.com/pypa/pip/issues/11837></code>_)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/6424ac4600265490462015c2fc7f9a402dba9ed8"><code>6424ac4</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/868338f9f79b58eff34dafb168aed65480d080d5"><code>868338f</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/4f3a4f72697299da1a412cf10c919a989e0692f5"><code>4f3a4f7</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11919">#11919</a> from sbidoul/deprecate-legacy-ignore-config-setting...</li> <li><a href="https://github.com/pypa/pip/commit/dbf4e6842c9603792f6d3944a5c9cec17bd0a92a"><code>dbf4e68</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11897">#11897</a> from sbidoul/cache-hash-checking-sbi</li> <li><a href="https://github.com/pypa/pip/commit/efe2d27451d50b165df78093bf5885da713fbdf8"><code>efe2d27</code></a> Further refactor is_wheel_from_cache</li> <li><a href="https://github.com/pypa/pip/commit/4beca6b4c9c510b19dbb6180e962425b89e8c839"><code>4beca6b</code></a> Improve test</li> <li><a href="https://github.com/pypa/pip/commit/bd746e3136e5e1be2374a079bac66071dd967a8c"><code>bd746e3</code></a> Introduce ireq.cached_wheel_source_link</li> <li><a href="https://github.com/pypa/pip/commit/caafe6e87d4f2998a77b194297e1c204cf6e10c2"><code>caafe6e</code></a> Add a couple of asserts</li> <li><a href="https://github.com/pypa/pip/commit/a6ef6485be9512f18121298b058797c578f65d45"><code>a6ef648</code></a> Rename original_link_is_in_wheel_cache to is_wheel_from_cache</li> <li><a href="https://github.com/pypa/pip/commit/ff8c8e38887880ad81ffd7cfc6a8373213c087b7"><code>ff8c8e3</code></a> Cosmetics</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/23.0.1...23.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=23.0.1&new-version=23.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pip](https://github.com/pypa/pip) from 23.0.1 to 23.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>23.1 (2023-04-15)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Remove support for the deprecated <code>--install-options</code>. (<code>[#11358](pypa/pip#11358) <https://github.com/pypa/pip/issues/11358></code>_)</li> <li><code>--no-binary</code> does not imply <code>setup.py install</code> anymore. Instead a wheel will be built locally and installed. (<code>[#11451](pypa/pip#11451) <https://github.com/pypa/pip/issues/11451></code>_)</li> <li><code>--no-binary</code> does not disable the cache of locally built wheels anymore. It only means "don't download wheels". (<code>[#11453](pypa/pip#11453) <https://github.com/pypa/pip/issues/11453></code>_)</li> <li>Deprecate <code>--build-option</code> and <code>--global-option</code>. Users are invited to switch to <code>--config-settings</code>. (<code>[#11859](pypa/pip#11859) <https://github.com/pypa/pip/issues/11859></code>_)</li> <li>Using <code>--config-settings</code> with projects that don't have a <code>pyproject.toml</code> now print a deprecation warning. In the future the presence of config settings will automatically enable the default build backend for legacy projects and pass the setttings to it. (<code>[#11915](pypa/pip#11915) <https://github.com/pypa/pip/issues/11915></code>_)</li> <li>Remove <code>setup.py install</code> fallback when building a wheel failed for projects without <code>pyproject.toml</code>. (<code>[#8368](pypa/pip#8368) <https://github.com/pypa/pip/issues/8368></code>_)</li> <li>When the <code>wheel</code> package is not installed, pip now uses the default build backend instead of <code>setup.py install</code> for project without <code>pyproject.toml</code>. (<code>[#8559](pypa/pip#8559) <https://github.com/pypa/pip/issues/8559></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Specify egg-link location in assertion message when it does not match installed location to provide better error message for debugging. (<code>[#10476](pypa/pip#10476) <https://github.com/pypa/pip/issues/10476></code>_)</li> <li>Present conflict information during installation after each choice that is rejected (pass <code>-vv</code> to <code>pip install</code> to show it) (<code>[#10937](pypa/pip#10937) <https://github.com/pypa/pip/issues/10937></code>_)</li> <li>Display dependency chain on each Collecting/Processing log line. (<code>[#11169](pypa/pip#11169) <https://github.com/pypa/pip/issues/11169></code>_)</li> <li>Support a per-requirement <code>--config-settings</code> option in requirements files. (<code>[#11325](pypa/pip#11325) <https://github.com/pypa/pip/issues/11325></code>_)</li> <li>The <code>--config-settings</code>/<code>-C</code> option now supports using the same key multiple times. When the same key is specified multiple times, all values are passed to the build backend as a list, as opposed to the previous behavior, where pip would only pass the last value if the same key was used multiple times. (<code>[#11681](pypa/pip#11681) <https://github.com/pypa/pip/issues/11681></code>_)</li> <li>Add <code>-C</code> as a short version of the <code>--config-settings</code> option. (<code>[#11786](pypa/pip#11786) <https://github.com/pypa/pip/issues/11786></code>_)</li> <li>Reduce the number of resolver rounds, since backjumping makes the resolver more efficient in finding solutions. This also makes pathological cases fail quicker. (<code>[#11908](pypa/pip#11908) <https://github.com/pypa/pip/issues/11908></code>_)</li> <li>Warn if <code>--hash</code> is used on a line without requirement in a requirements file. (<code>[#11935](pypa/pip#11935) <https://github.com/pypa/pip/issues/11935></code>_)</li> <li>Stop propagating CLI <code>--config-settings</code> to the build dependencies. They already did not propagate to requirements provided in requirement files. To pass the same config settings to several requirements, users should provide the requirements as CLI arguments. (<code>[#11941](pypa/pip#11941) <https://github.com/pypa/pip/issues/11941></code>_)</li> <li>Support wheel cache when using <code>--require-hashes</code>. (<code>[#5037](pypa/pip#5037) <https://github.com/pypa/pip/issues/5037></code>_)</li> <li>Add <code>--keyring-provider</code> flag. See the Authentication page in the documentation for more info. (<code>[#8719](pypa/pip#8719) <https://github.com/pypa/pip/issues/8719></code>_)</li> <li>In the case of virtual environments, configuration files are now also included from the base installation. (<code>[#9752](pypa/pip#9752) <https://github.com/pypa/pip/issues/9752></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix grammar by changing "A new release of pip available:" to "A new release of pip is available:" in the notice used for indicating that. (<code>[#11529](pypa/pip#11529) <https://github.com/pypa/pip/issues/11529></code>_)</li> <li>Normalize paths before checking if installed scripts are on PATH. (<code>[#11719](pypa/pip#11719) <https://github.com/pypa/pip/issues/11719></code>_)</li> <li>Correct the way to decide if keyring is available. (<code>[#11774](pypa/pip#11774) <https://github.com/pypa/pip/issues/11774></code>_)</li> <li>More consistent resolution backtracking by removing legacy hack related to setuptools resolution (<code>[#11837](pypa/pip#11837) <https://github.com/pypa/pip/issues/11837></code>_)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/6424ac4600265490462015c2fc7f9a402dba9ed8"><code>6424ac4</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/868338f9f79b58eff34dafb168aed65480d080d5"><code>868338f</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/4f3a4f72697299da1a412cf10c919a989e0692f5"><code>4f3a4f7</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11919">#11919</a> from sbidoul/deprecate-legacy-ignore-config-setting...</li> <li><a href="https://github.com/pypa/pip/commit/dbf4e6842c9603792f6d3944a5c9cec17bd0a92a"><code>dbf4e68</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11897">#11897</a> from sbidoul/cache-hash-checking-sbi</li> <li><a href="https://github.com/pypa/pip/commit/efe2d27451d50b165df78093bf5885da713fbdf8"><code>efe2d27</code></a> Further refactor is_wheel_from_cache</li> <li><a href="https://github.com/pypa/pip/commit/4beca6b4c9c510b19dbb6180e962425b89e8c839"><code>4beca6b</code></a> Improve test</li> <li><a href="https://github.com/pypa/pip/commit/bd746e3136e5e1be2374a079bac66071dd967a8c"><code>bd746e3</code></a> Introduce ireq.cached_wheel_source_link</li> <li><a href="https://github.com/pypa/pip/commit/caafe6e87d4f2998a77b194297e1c204cf6e10c2"><code>caafe6e</code></a> Add a couple of asserts</li> <li><a href="https://github.com/pypa/pip/commit/a6ef6485be9512f18121298b058797c578f65d45"><code>a6ef648</code></a> Rename original_link_is_in_wheel_cache to is_wheel_from_cache</li> <li><a href="https://github.com/pypa/pip/commit/ff8c8e38887880ad81ffd7cfc6a8373213c087b7"><code>ff8c8e3</code></a> Cosmetics</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/23.0.1...23.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=23.0.1&new-version=23.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
…s/@jsii/python-runtime (#4060) Updates the requirements on [pip](https://github.com/pypa/pip) to permit the latest version. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>23.1 (2023-04-15)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Remove support for the deprecated <code>--install-options</code>. (<code>[#11358](pypa/pip#11358) <https://github.com/pypa/pip/issues/11358></code>_)</li> <li><code>--no-binary</code> does not imply <code>setup.py install</code> anymore. Instead a wheel will be built locally and installed. (<code>[#11451](pypa/pip#11451) <https://github.com/pypa/pip/issues/11451></code>_)</li> <li><code>--no-binary</code> does not disable the cache of locally built wheels anymore. It only means "don't download wheels". (<code>[#11453](pypa/pip#11453) <https://github.com/pypa/pip/issues/11453></code>_)</li> <li>Deprecate <code>--build-option</code> and <code>--global-option</code>. Users are invited to switch to <code>--config-settings</code>. (<code>[#11859](pypa/pip#11859) <https://github.com/pypa/pip/issues/11859></code>_)</li> <li>Using <code>--config-settings</code> with projects that don't have a <code>pyproject.toml</code> now print a deprecation warning. In the future the presence of config settings will automatically enable the default build backend for legacy projects and pass the setttings to it. (<code>[#11915](pypa/pip#11915) <https://github.com/pypa/pip/issues/11915></code>_)</li> <li>Remove <code>setup.py install</code> fallback when building a wheel failed for projects without <code>pyproject.toml</code>. (<code>[#8368](pypa/pip#8368) <https://github.com/pypa/pip/issues/8368></code>_)</li> <li>When the <code>wheel</code> package is not installed, pip now uses the default build backend instead of <code>setup.py install</code> for project without <code>pyproject.toml</code>. (<code>[#8559](pypa/pip#8559) <https://github.com/pypa/pip/issues/8559></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Specify egg-link location in assertion message when it does not match installed location to provide better error message for debugging. (<code>[#10476](pypa/pip#10476) <https://github.com/pypa/pip/issues/10476></code>_)</li> <li>Present conflict information during installation after each choice that is rejected (pass <code>-vv</code> to <code>pip install</code> to show it) (<code>[#10937](pypa/pip#10937) <https://github.com/pypa/pip/issues/10937></code>_)</li> <li>Display dependency chain on each Collecting/Processing log line. (<code>[#11169](pypa/pip#11169) <https://github.com/pypa/pip/issues/11169></code>_)</li> <li>Support a per-requirement <code>--config-settings</code> option in requirements files. (<code>[#11325](pypa/pip#11325) <https://github.com/pypa/pip/issues/11325></code>_)</li> <li>The <code>--config-settings</code>/<code>-C</code> option now supports using the same key multiple times. When the same key is specified multiple times, all values are passed to the build backend as a list, as opposed to the previous behavior, where pip would only pass the last value if the same key was used multiple times. (<code>[#11681](pypa/pip#11681) <https://github.com/pypa/pip/issues/11681></code>_)</li> <li>Add <code>-C</code> as a short version of the <code>--config-settings</code> option. (<code>[#11786](pypa/pip#11786) <https://github.com/pypa/pip/issues/11786></code>_)</li> <li>Reduce the number of resolver rounds, since backjumping makes the resolver more efficient in finding solutions. This also makes pathological cases fail quicker. (<code>[#11908](pypa/pip#11908) <https://github.com/pypa/pip/issues/11908></code>_)</li> <li>Warn if <code>--hash</code> is used on a line without requirement in a requirements file. (<code>[#11935](pypa/pip#11935) <https://github.com/pypa/pip/issues/11935></code>_)</li> <li>Stop propagating CLI <code>--config-settings</code> to the build dependencies. They already did not propagate to requirements provided in requirement files. To pass the same config settings to several requirements, users should provide the requirements as CLI arguments. (<code>[#11941](pypa/pip#11941) <https://github.com/pypa/pip/issues/11941></code>_)</li> <li>Support wheel cache when using <code>--require-hashes</code>. (<code>[#5037](pypa/pip#5037) <https://github.com/pypa/pip/issues/5037></code>_)</li> <li>Add <code>--keyring-provider</code> flag. See the Authentication page in the documentation for more info. (<code>[#8719](pypa/pip#8719) <https://github.com/pypa/pip/issues/8719></code>_)</li> <li>In the case of virtual environments, configuration files are now also included from the base installation. (<code>[#9752](pypa/pip#9752) <https://github.com/pypa/pip/issues/9752></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix grammar by changing "A new release of pip available:" to "A new release of pip is available:" in the notice used for indicating that. (<code>[#11529](pypa/pip#11529) <https://github.com/pypa/pip/issues/11529></code>_)</li> <li>Normalize paths before checking if installed scripts are on PATH. (<code>[#11719](pypa/pip#11719) <https://github.com/pypa/pip/issues/11719></code>_)</li> <li>Correct the way to decide if keyring is available. (<code>[#11774](pypa/pip#11774) <https://github.com/pypa/pip/issues/11774></code>_)</li> <li>More consistent resolution backtracking by removing legacy hack related to setuptools resolution (<code>[#11837](pypa/pip#11837) <https://github.com/pypa/pip/issues/11837></code>_)</li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/6424ac4600265490462015c2fc7f9a402dba9ed8"><code>6424ac4</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/868338f9f79b58eff34dafb168aed65480d080d5"><code>868338f</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/4f3a4f72697299da1a412cf10c919a989e0692f5"><code>4f3a4f7</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11919">#11919</a> from sbidoul/deprecate-legacy-ignore-config-setting...</li> <li><a href="https://github.com/pypa/pip/commit/dbf4e6842c9603792f6d3944a5c9cec17bd0a92a"><code>dbf4e68</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11897">#11897</a> from sbidoul/cache-hash-checking-sbi</li> <li><a href="https://github.com/pypa/pip/commit/efe2d27451d50b165df78093bf5885da713fbdf8"><code>efe2d27</code></a> Further refactor is_wheel_from_cache</li> <li><a href="https://github.com/pypa/pip/commit/4beca6b4c9c510b19dbb6180e962425b89e8c839"><code>4beca6b</code></a> Improve test</li> <li><a href="https://github.com/pypa/pip/commit/bd746e3136e5e1be2374a079bac66071dd967a8c"><code>bd746e3</code></a> Introduce ireq.cached_wheel_source_link</li> <li><a href="https://github.com/pypa/pip/commit/caafe6e87d4f2998a77b194297e1c204cf6e10c2"><code>caafe6e</code></a> Add a couple of asserts</li> <li><a href="https://github.com/pypa/pip/commit/a6ef6485be9512f18121298b058797c578f65d45"><code>a6ef648</code></a> Rename original_link_is_in_wheel_cache to is_wheel_from_cache</li> <li><a href="https://github.com/pypa/pip/commit/ff8c8e38887880ad81ffd7cfc6a8373213c087b7"><code>ff8c8e3</code></a> Cosmetics</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/23.0...23.1">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [pip](https://github.com/pypa/pip) from 23.0.1 to 23.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>23.1 (2023-04-15)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Remove support for the deprecated <code>--install-options</code>. (<code>[#11358](pypa/pip#11358) <https://github.com/pypa/pip/issues/11358></code>_)</li> <li><code>--no-binary</code> does not imply <code>setup.py install</code> anymore. Instead a wheel will be built locally and installed. (<code>[#11451](pypa/pip#11451) <https://github.com/pypa/pip/issues/11451></code>_)</li> <li><code>--no-binary</code> does not disable the cache of locally built wheels anymore. It only means "don't download wheels". (<code>[#11453](pypa/pip#11453) <https://github.com/pypa/pip/issues/11453></code>_)</li> <li>Deprecate <code>--build-option</code> and <code>--global-option</code>. Users are invited to switch to <code>--config-settings</code>. (<code>[#11859](pypa/pip#11859) <https://github.com/pypa/pip/issues/11859></code>_)</li> <li>Using <code>--config-settings</code> with projects that don't have a <code>pyproject.toml</code> now prints a deprecation warning. In the future the presence of config settings will automatically enable the default build backend for legacy projects and pass the setttings to it. (<code>[#11915](pypa/pip#11915) <https://github.com/pypa/pip/issues/11915></code>_)</li> <li>Remove <code>setup.py install</code> fallback when building a wheel failed for projects without <code>pyproject.toml</code>. (<code>[#8368](pypa/pip#8368) <https://github.com/pypa/pip/issues/8368></code>_)</li> <li>When the <code>wheel</code> package is not installed, pip now uses the default build backend instead of <code>setup.py install</code> and <code>setup.py develop</code> for project without <code>pyproject.toml</code>. (<code>[#8559](pypa/pip#8559) <https://github.com/pypa/pip/issues/8559></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Specify egg-link location in assertion message when it does not match installed location to provide better error message for debugging. (<code>[#10476](pypa/pip#10476) <https://github.com/pypa/pip/issues/10476></code>_)</li> <li>Present conflict information during installation after each choice that is rejected (pass <code>-vv</code> to <code>pip install</code> to show it) (<code>[#10937](pypa/pip#10937) <https://github.com/pypa/pip/issues/10937></code>_)</li> <li>Display dependency chain on each Collecting/Processing log line. (<code>[#11169](pypa/pip#11169) <https://github.com/pypa/pip/issues/11169></code>_)</li> <li>Support a per-requirement <code>--config-settings</code> option in requirements files. (<code>[#11325](pypa/pip#11325) <https://github.com/pypa/pip/issues/11325></code>_)</li> <li>The <code>--config-settings</code>/<code>-C</code> option now supports using the same key multiple times. When the same key is specified multiple times, all values are passed to the build backend as a list, as opposed to the previous behavior, where pip would only pass the last value if the same key was used multiple times. (<code>[#11681](pypa/pip#11681) <https://github.com/pypa/pip/issues/11681></code>_)</li> <li>Add <code>-C</code> as a short version of the <code>--config-settings</code> option. (<code>[#11786](pypa/pip#11786) <https://github.com/pypa/pip/issues/11786></code>_)</li> <li>Reduce the number of resolver rounds, since backjumping makes the resolver more efficient in finding solutions. This also makes pathological cases fail quicker. (<code>[#11908](pypa/pip#11908) <https://github.com/pypa/pip/issues/11908></code>_)</li> <li>Warn if <code>--hash</code> is used on a line without requirement in a requirements file. (<code>[#11935](pypa/pip#11935) <https://github.com/pypa/pip/issues/11935></code>_)</li> <li>Stop propagating CLI <code>--config-settings</code> to the build dependencies. They already did not propagate to requirements provided in requirement files. To pass the same config settings to several requirements, users should provide the requirements as CLI arguments. (<code>[#11941](pypa/pip#11941) <https://github.com/pypa/pip/issues/11941></code>_)</li> <li>Support wheel cache when using <code>--require-hashes</code>. (<code>[#5037](pypa/pip#5037) <https://github.com/pypa/pip/issues/5037></code>_)</li> <li>Add <code>--keyring-provider</code> flag. See the Authentication page in the documentation for more info. (<code>[#8719](pypa/pip#8719) <https://github.com/pypa/pip/issues/8719></code>_)</li> <li>In the case of virtual environments, configuration files are now also included from the base installation. (<code>[#9752](pypa/pip#9752) <https://github.com/pypa/pip/issues/9752></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix grammar by changing "A new release of pip available:" to "A new release of pip is available:" in the notice used for indicating that. (<code>[#11529](pypa/pip#11529) <https://github.com/pypa/pip/issues/11529></code>_)</li> <li>Normalize paths before checking if installed scripts are on PATH. (<code>[#11719](pypa/pip#11719) <https://github.com/pypa/pip/issues/11719></code>_)</li> <li>Correct the way to decide if keyring is available. (<code>[#11774](pypa/pip#11774) <https://github.com/pypa/pip/issues/11774></code>_)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/6424ac4600265490462015c2fc7f9a402dba9ed8"><code>6424ac4</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/868338f9f79b58eff34dafb168aed65480d080d5"><code>868338f</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/4f3a4f72697299da1a412cf10c919a989e0692f5"><code>4f3a4f7</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11919">#11919</a> from sbidoul/deprecate-legacy-ignore-config-setting...</li> <li><a href="https://github.com/pypa/pip/commit/dbf4e6842c9603792f6d3944a5c9cec17bd0a92a"><code>dbf4e68</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11897">#11897</a> from sbidoul/cache-hash-checking-sbi</li> <li><a href="https://github.com/pypa/pip/commit/efe2d27451d50b165df78093bf5885da713fbdf8"><code>efe2d27</code></a> Further refactor is_wheel_from_cache</li> <li><a href="https://github.com/pypa/pip/commit/4beca6b4c9c510b19dbb6180e962425b89e8c839"><code>4beca6b</code></a> Improve test</li> <li><a href="https://github.com/pypa/pip/commit/bd746e3136e5e1be2374a079bac66071dd967a8c"><code>bd746e3</code></a> Introduce ireq.cached_wheel_source_link</li> <li><a href="https://github.com/pypa/pip/commit/caafe6e87d4f2998a77b194297e1c204cf6e10c2"><code>caafe6e</code></a> Add a couple of asserts</li> <li><a href="https://github.com/pypa/pip/commit/a6ef6485be9512f18121298b058797c578f65d45"><code>a6ef648</code></a> Rename original_link_is_in_wheel_cache to is_wheel_from_cache</li> <li><a href="https://github.com/pypa/pip/commit/ff8c8e38887880ad81ffd7cfc6a8373213c087b7"><code>ff8c8e3</code></a> Cosmetics</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/23.0.1...23.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=23.0.1&new-version=23.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
This is deprecated in pip 23 which we switched to recently. --install option was passed to setuptools, but pip is now using wheel install only from what I understand. --pre signals using pre-releases when available, and it's also a pip option. Lets pass it directly to pip and see what happens. More info: pypa/pip#11358 https://discuss.python.org/t/passing-command-line-arguments-to-pip-install-after-install-options-deprecation/22981/6
This is deprecated in pip 23 which we switched to recently. --install option was passed to setuptools, but pip is now using wheel install only from what I understand. --pre signals using pre-releases when available, and it's also a pip option. Lets pass it directly to pip and see what happens. More info: pypa/pip#11358 https://discuss.python.org/t/passing-command-line-arguments-to-pip-install-after-install-options-deprecation/22981/6
…irements files instead. The install options is deprecated in pip 23 which Plone switched to recently. More info: - pypa/pip#11358 - https://discuss.python.org/t/passing-command-line-arguments-to-pip-install-after-install-options-deprecation/22981/6
Updates the requirements on [pip](https://github.com/pypa/pip) to permit the latest version. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>23.1 (2023-04-15)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Remove support for the deprecated <code>--install-options</code>. (<code>[#11358](pypa/pip#11358) <https://github.com/pypa/pip/issues/11358></code>_)</li> <li><code>--no-binary</code> does not imply <code>setup.py install</code> anymore. Instead a wheel will be built locally and installed. (<code>[#11451](pypa/pip#11451) <https://github.com/pypa/pip/issues/11451></code>_)</li> <li><code>--no-binary</code> does not disable the cache of locally built wheels anymore. It only means "don't download wheels". (<code>[#11453](pypa/pip#11453) <https://github.com/pypa/pip/issues/11453></code>_)</li> <li>Deprecate <code>--build-option</code> and <code>--global-option</code>. Users are invited to switch to <code>--config-settings</code>. (<code>[#11859](pypa/pip#11859) <https://github.com/pypa/pip/issues/11859></code>_)</li> <li>Using <code>--config-settings</code> with projects that don't have a <code>pyproject.toml</code> now prints a deprecation warning. In the future the presence of config settings will automatically enable the default build backend for legacy projects and pass the setttings to it. (<code>[#11915](pypa/pip#11915) <https://github.com/pypa/pip/issues/11915></code>_)</li> <li>Remove <code>setup.py install</code> fallback when building a wheel failed for projects without <code>pyproject.toml</code>. (<code>[#8368](pypa/pip#8368) <https://github.com/pypa/pip/issues/8368></code>_)</li> <li>When the <code>wheel</code> package is not installed, pip now uses the default build backend instead of <code>setup.py install</code> and <code>setup.py develop</code> for project without <code>pyproject.toml</code>. (<code>[#8559](pypa/pip#8559) <https://github.com/pypa/pip/issues/8559></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Specify egg-link location in assertion message when it does not match installed location to provide better error message for debugging. (<code>[#10476](pypa/pip#10476) <https://github.com/pypa/pip/issues/10476></code>_)</li> <li>Present conflict information during installation after each choice that is rejected (pass <code>-vv</code> to <code>pip install</code> to show it) (<code>[#10937](pypa/pip#10937) <https://github.com/pypa/pip/issues/10937></code>_)</li> <li>Display dependency chain on each Collecting/Processing log line. (<code>[#11169](pypa/pip#11169) <https://github.com/pypa/pip/issues/11169></code>_)</li> <li>Support a per-requirement <code>--config-settings</code> option in requirements files. (<code>[#11325](pypa/pip#11325) <https://github.com/pypa/pip/issues/11325></code>_)</li> <li>The <code>--config-settings</code>/<code>-C</code> option now supports using the same key multiple times. When the same key is specified multiple times, all values are passed to the build backend as a list, as opposed to the previous behavior, where pip would only pass the last value if the same key was used multiple times. (<code>[#11681](pypa/pip#11681) <https://github.com/pypa/pip/issues/11681></code>_)</li> <li>Add <code>-C</code> as a short version of the <code>--config-settings</code> option. (<code>[#11786](pypa/pip#11786) <https://github.com/pypa/pip/issues/11786></code>_)</li> <li>Reduce the number of resolver rounds, since backjumping makes the resolver more efficient in finding solutions. This also makes pathological cases fail quicker. (<code>[#11908](pypa/pip#11908) <https://github.com/pypa/pip/issues/11908></code>_)</li> <li>Warn if <code>--hash</code> is used on a line without requirement in a requirements file. (<code>[#11935](pypa/pip#11935) <https://github.com/pypa/pip/issues/11935></code>_)</li> <li>Stop propagating CLI <code>--config-settings</code> to the build dependencies. They already did not propagate to requirements provided in requirement files. To pass the same config settings to several requirements, users should provide the requirements as CLI arguments. (<code>[#11941](pypa/pip#11941) <https://github.com/pypa/pip/issues/11941></code>_)</li> <li>Support wheel cache when using <code>--require-hashes</code>. (<code>[#5037](pypa/pip#5037) <https://github.com/pypa/pip/issues/5037></code>_)</li> <li>Add <code>--keyring-provider</code> flag. See the Authentication page in the documentation for more info. (<code>[#8719](pypa/pip#8719) <https://github.com/pypa/pip/issues/8719></code>_)</li> <li>In the case of virtual environments, configuration files are now also included from the base installation. (<code>[#9752](pypa/pip#9752) <https://github.com/pypa/pip/issues/9752></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix grammar by changing "A new release of pip available:" to "A new release of pip is available:" in the notice used for indicating that. (<code>[#11529](pypa/pip#11529) <https://github.com/pypa/pip/issues/11529></code>_)</li> <li>Normalize paths before checking if installed scripts are on PATH. (<code>[#11719](pypa/pip#11719) <https://github.com/pypa/pip/issues/11719></code>_)</li> <li>Correct the way to decide if keyring is available. (<code>[#11774](pypa/pip#11774) <https://github.com/pypa/pip/issues/11774></code>_)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/6424ac4600265490462015c2fc7f9a402dba9ed8"><code>6424ac4</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/868338f9f79b58eff34dafb168aed65480d080d5"><code>868338f</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/4f3a4f72697299da1a412cf10c919a989e0692f5"><code>4f3a4f7</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11919">#11919</a> from sbidoul/deprecate-legacy-ignore-config-setting...</li> <li><a href="https://github.com/pypa/pip/commit/dbf4e6842c9603792f6d3944a5c9cec17bd0a92a"><code>dbf4e68</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11897">#11897</a> from sbidoul/cache-hash-checking-sbi</li> <li><a href="https://github.com/pypa/pip/commit/efe2d27451d50b165df78093bf5885da713fbdf8"><code>efe2d27</code></a> Further refactor is_wheel_from_cache</li> <li><a href="https://github.com/pypa/pip/commit/4beca6b4c9c510b19dbb6180e962425b89e8c839"><code>4beca6b</code></a> Improve test</li> <li><a href="https://github.com/pypa/pip/commit/bd746e3136e5e1be2374a079bac66071dd967a8c"><code>bd746e3</code></a> Introduce ireq.cached_wheel_source_link</li> <li><a href="https://github.com/pypa/pip/commit/caafe6e87d4f2998a77b194297e1c204cf6e10c2"><code>caafe6e</code></a> Add a couple of asserts</li> <li><a href="https://github.com/pypa/pip/commit/a6ef6485be9512f18121298b058797c578f65d45"><code>a6ef648</code></a> Rename original_link_is_in_wheel_cache to is_wheel_from_cache</li> <li><a href="https://github.com/pypa/pip/commit/ff8c8e38887880ad81ffd7cfc6a8373213c087b7"><code>ff8c8e3</code></a> Cosmetics</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/21.0...23.1">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Thanks @Irq3000! Actually, I think it should be |
@cacti77 Ah thank you for pointing this out, indeed in /EDIT: Ah I know why I chose the singular form, it's because this is the only one supported by the |
* Pin virtualenv * Fixup: use 20.21.1 instead * Replace install-options with config-settings See pypa/pip#11358. * Temporarily disable kafka tests
Updates the requirements on [pip](https://github.com/pypa/pip) to permit the latest version. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>23.1 (2023-04-15)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Remove support for the deprecated <code>--install-options</code>. (<code>[#11358](pypa/pip#11358) <https://github.com/pypa/pip/issues/11358></code>_)</li> <li><code>--no-binary</code> does not imply <code>setup.py install</code> anymore. Instead a wheel will be built locally and installed. (<code>[#11451](pypa/pip#11451) <https://github.com/pypa/pip/issues/11451></code>_)</li> <li><code>--no-binary</code> does not disable the cache of locally built wheels anymore. It only means "don't download wheels". (<code>[#11453](pypa/pip#11453) <https://github.com/pypa/pip/issues/11453></code>_)</li> <li>Deprecate <code>--build-option</code> and <code>--global-option</code>. Users are invited to switch to <code>--config-settings</code>. (<code>[#11859](pypa/pip#11859) <https://github.com/pypa/pip/issues/11859></code>_)</li> <li>Using <code>--config-settings</code> with projects that don't have a <code>pyproject.toml</code> now prints a deprecation warning. In the future the presence of config settings will automatically enable the default build backend for legacy projects and pass the setttings to it. (<code>[#11915](pypa/pip#11915) <https://github.com/pypa/pip/issues/11915></code>_)</li> <li>Remove <code>setup.py install</code> fallback when building a wheel failed for projects without <code>pyproject.toml</code>. (<code>[#8368](pypa/pip#8368) <https://github.com/pypa/pip/issues/8368></code>_)</li> <li>When the <code>wheel</code> package is not installed, pip now uses the default build backend instead of <code>setup.py install</code> and <code>setup.py develop</code> for project without <code>pyproject.toml</code>. (<code>[#8559](pypa/pip#8559) <https://github.com/pypa/pip/issues/8559></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Specify egg-link location in assertion message when it does not match installed location to provide better error message for debugging. (<code>[#10476](pypa/pip#10476) <https://github.com/pypa/pip/issues/10476></code>_)</li> <li>Present conflict information during installation after each choice that is rejected (pass <code>-vv</code> to <code>pip install</code> to show it) (<code>[#10937](pypa/pip#10937) <https://github.com/pypa/pip/issues/10937></code>_)</li> <li>Display dependency chain on each Collecting/Processing log line. (<code>[#11169](pypa/pip#11169) <https://github.com/pypa/pip/issues/11169></code>_)</li> <li>Support a per-requirement <code>--config-settings</code> option in requirements files. (<code>[#11325](pypa/pip#11325) <https://github.com/pypa/pip/issues/11325></code>_)</li> <li>The <code>--config-settings</code>/<code>-C</code> option now supports using the same key multiple times. When the same key is specified multiple times, all values are passed to the build backend as a list, as opposed to the previous behavior, where pip would only pass the last value if the same key was used multiple times. (<code>[#11681](pypa/pip#11681) <https://github.com/pypa/pip/issues/11681></code>_)</li> <li>Add <code>-C</code> as a short version of the <code>--config-settings</code> option. (<code>[#11786](pypa/pip#11786) <https://github.com/pypa/pip/issues/11786></code>_)</li> <li>Reduce the number of resolver rounds, since backjumping makes the resolver more efficient in finding solutions. This also makes pathological cases fail quicker. (<code>[#11908](pypa/pip#11908) <https://github.com/pypa/pip/issues/11908></code>_)</li> <li>Warn if <code>--hash</code> is used on a line without requirement in a requirements file. (<code>[#11935](pypa/pip#11935) <https://github.com/pypa/pip/issues/11935></code>_)</li> <li>Stop propagating CLI <code>--config-settings</code> to the build dependencies. They already did not propagate to requirements provided in requirement files. To pass the same config settings to several requirements, users should provide the requirements as CLI arguments. (<code>[#11941](pypa/pip#11941) <https://github.com/pypa/pip/issues/11941></code>_)</li> <li>Support wheel cache when using <code>--require-hashes</code>. (<code>[#5037](pypa/pip#5037) <https://github.com/pypa/pip/issues/5037></code>_)</li> <li>Add <code>--keyring-provider</code> flag. See the Authentication page in the documentation for more info. (<code>[#8719](pypa/pip#8719) <https://github.com/pypa/pip/issues/8719></code>_)</li> <li>In the case of virtual environments, configuration files are now also included from the base installation. (<code>[#9752](pypa/pip#9752) <https://github.com/pypa/pip/issues/9752></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix grammar by changing "A new release of pip available:" to "A new release of pip is available:" in the notice used for indicating that. (<code>[#11529](pypa/pip#11529) <https://github.com/pypa/pip/issues/11529></code>_)</li> <li>Normalize paths before checking if installed scripts are on PATH. (<code>[#11719](pypa/pip#11719) <https://github.com/pypa/pip/issues/11719></code>_)</li> <li>Correct the way to decide if keyring is available. (<code>[#11774](pypa/pip#11774) <https://github.com/pypa/pip/issues/11774></code>_)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/6424ac4600265490462015c2fc7f9a402dba9ed8"><code>6424ac4</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/868338f9f79b58eff34dafb168aed65480d080d5"><code>868338f</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/4f3a4f72697299da1a412cf10c919a989e0692f5"><code>4f3a4f7</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11919">#11919</a> from sbidoul/deprecate-legacy-ignore-config-setting...</li> <li><a href="https://github.com/pypa/pip/commit/dbf4e6842c9603792f6d3944a5c9cec17bd0a92a"><code>dbf4e68</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11897">#11897</a> from sbidoul/cache-hash-checking-sbi</li> <li><a href="https://github.com/pypa/pip/commit/efe2d27451d50b165df78093bf5885da713fbdf8"><code>efe2d27</code></a> Further refactor is_wheel_from_cache</li> <li><a href="https://github.com/pypa/pip/commit/4beca6b4c9c510b19dbb6180e962425b89e8c839"><code>4beca6b</code></a> Improve test</li> <li><a href="https://github.com/pypa/pip/commit/bd746e3136e5e1be2374a079bac66071dd967a8c"><code>bd746e3</code></a> Introduce ireq.cached_wheel_source_link</li> <li><a href="https://github.com/pypa/pip/commit/caafe6e87d4f2998a77b194297e1c204cf6e10c2"><code>caafe6e</code></a> Add a couple of asserts</li> <li><a href="https://github.com/pypa/pip/commit/a6ef6485be9512f18121298b058797c578f65d45"><code>a6ef648</code></a> Rename original_link_is_in_wheel_cache to is_wheel_from_cache</li> <li><a href="https://github.com/pypa/pip/commit/ff8c8e38887880ad81ffd7cfc6a8373213c087b7"><code>ff8c8e3</code></a> Cosmetics</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/21.0...23.1">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
commit c2d4629 Author: Timothy Pansino <11214426+TimPansino@users.noreply.github.com> Date: Wed May 10 15:59:13 2023 -0700 Add required option for tox v4 (#795) * Add required option for tox v4 * Update tox in GHA * Remove py27 no-cache-dir commit a963649 Author: Hannah Stepanek <hstepanek@newrelic.com> Date: Tue May 9 10:46:39 2023 -0700 Run coverage around pytest (#813) * Run coverage around pytest * Trigger tests * Fixup * Add redis client_no_touch to ignore list * Temporarily remove kafka from coverage * Remove coverage for old libs commit 3d82845 Author: Lalleh Rafeei <84813886+lrafeei@users.noreply.github.com> Date: Wed May 3 14:50:30 2023 -0700 Omit some frameworks from coverage analysis (#810) * Omit some frameworks from coverage analysis * Remove commas * Change format of omit * Add relative_files option to coverage * Add absolute directory * Add envsitepackagedir * Add coveragerc file * Add codecov.yml * [Mega-Linter] Apply linters fixes * Revert coveragerc file settings * Add files in packages and more frameworks * Remove commented line --------- Co-authored-by: lrafeei <lrafeei@users.noreply.github.com> Co-authored-by: Hannah Stepanek <hstepanek@newrelic.com> commit fd0fa35 Author: Uma Annamalai <uannamalai@newrelic.com> Date: Tue May 2 10:55:36 2023 -0700 Add testing for genshi and mako. (#799) * Add testing for genshi and mako. * [Mega-Linter] Apply linters fixes --------- Co-authored-by: umaannamalai <umaannamalai@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> commit be4fb3d Author: Lalleh Rafeei <84813886+lrafeei@users.noreply.github.com> Date: Mon May 1 16:01:09 2023 -0700 Add tests for Waitress (#797) * Change import format * Initial commit * Add more tests to adapter_waitress * Remove commented out code * [Mega-Linter] Apply linters fixes * Add assertions to all tests * Add more NR testing to waitress --------- Co-authored-by: lrafeei <lrafeei@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> commit 7103506 Author: Hannah Stepanek <hstepanek@newrelic.com> Date: Mon May 1 14:12:31 2023 -0700 Add tests for pyodbc (#796) * Add tests for pyodbc * Move imports into tests to get import coverage * Fixup: remove time import * Trigger tests --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> commit 363122a Author: Hannah Stepanek <hstepanek@newrelic.com> Date: Mon May 1 13:34:35 2023 -0700 Pin virtualenv, fix pip arg deprecation & disable kafka tests (#803) * Pin virtualenv * Fixup: use 20.21.1 instead * Replace install-options with config-settings See pypa/pip#11358. * Temporarily disable kafka tests
…mak/test/generated-code (#4072) Bumps [pip](https://github.com/pypa/pip) from 23.0.1 to 23.1.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>23.1.2 (2023-04-26)</h1> <h2>Vendored Libraries</h2> <ul> <li>Upgrade setuptools to 67.7.2</li> </ul> <h1>23.1.1 (2023-04-22)</h1> <h2>Bug Fixes</h2> <ul> <li>Revert <code>[#11487](pypa/pip#11487) <https://github.com/pypa/pip/pull/11487></code><em>, as it causes issues with virtualenvs created by the Windows Store distribution of Python. (<code>[#11987](pypa/pip#11987) <https://github.com/pypa/pip/issues/11987></code></em>)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Revert pkg_resources (via setuptools) back to 65.6.3</li> </ul> <h2>Improved Documentation</h2> <ul> <li>Update documentation to reflect the new behavior of using the cache of locally built wheels in hash-checking mode. (<code>[#11967](pypa/pip#11967) <https://github.com/pypa/pip/issues/11967></code>_)</li> </ul> <h1>23.1 (2023-04-15)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Remove support for the deprecated <code>--install-options</code>. (<code>[#11358](pypa/pip#11358) <https://github.com/pypa/pip/issues/11358></code>_)</li> <li><code>--no-binary</code> does not imply <code>setup.py install</code> anymore. Instead a wheel will be built locally and installed. (<code>[#11451](pypa/pip#11451) <https://github.com/pypa/pip/issues/11451></code>_)</li> <li><code>--no-binary</code> does not disable the cache of locally built wheels anymore. It only means "don't download wheels". (<code>[#11453](pypa/pip#11453) <https://github.com/pypa/pip/issues/11453></code>_)</li> <li>Deprecate <code>--build-option</code> and <code>--global-option</code>. Users are invited to switch to <code>--config-settings</code>. (<code>[#11859](pypa/pip#11859) <https://github.com/pypa/pip/issues/11859></code>_)</li> <li>Using <code>--config-settings</code> with projects that don't have a <code>pyproject.toml</code> now prints a deprecation warning. In the future the presence of config settings will automatically enable the default build backend for legacy projects and pass the setttings to it. (<code>[#11915](pypa/pip#11915) <https://github.com/pypa/pip/issues/11915></code>_)</li> <li>Remove <code>setup.py install</code> fallback when building a wheel failed for projects without <code>pyproject.toml</code>. (<code>[#8368](pypa/pip#8368) <https://github.com/pypa/pip/issues/8368></code>_)</li> <li>When the <code>wheel</code> package is not installed, pip now uses the default build backend instead of <code>setup.py install</code> and <code>setup.py develop</code> for project without <code>pyproject.toml</code>. (<code>[#8559](pypa/pip#8559) <https://github.com/pypa/pip/issues/8559></code>_)</li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/3fe7e54fceac7a03bcb88ce26cfd0937acfe5e40"><code>3fe7e54</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/bc7621aaf827a992a455fe5c2c4ec59cfc26186e"><code>bc7621a</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11997">#11997</a> from pfmoore/vendoring-setuptools</li> <li><a href="https://github.com/pypa/pip/commit/cbc92fd6dd7e0bae4ec81b87521b5c27b0601be5"><code>cbc92fd</code></a> Upgrade setuptools to 67.7.2</li> <li><a href="https://github.com/pypa/pip/commit/4428130fbe44259562280f0601f034bb8c43bef2"><code>4428130</code></a> Suppress pkg_resources deprecation warning</li> <li><a href="https://github.com/pypa/pip/commit/f1a7a6f942b869ae3428dbf55dfc1ca756c78d94"><code>f1a7a6f</code></a> Upgrade setuptools to 67.6.1</li> <li><a href="https://github.com/pypa/pip/commit/51afe45cda2854d810d9714e3891e256b1509737"><code>51afe45</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11992">#11992</a> from pfmoore/release/23.1.1</li> <li><a href="https://github.com/pypa/pip/commit/5cbf00c49e2a6974d794534d8041cf370218e98d"><code>5cbf00c</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/ee40d71817df8346af3d96051a298db8f22e52f1"><code>ee40d71</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/d5a779d96c0460f49da23abe8b4f557ce80b0a70"><code>d5a779d</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/11987">#11987</a> from pfmoore/revert_56e5fa3</li> <li><a href="https://github.com/pypa/pip/commit/b64e74de42d0a6e4f3a81a06b7fd33eea00b7160"><code>b64e74d</code></a> Add a news file</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/23.0.1...23.1.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=23.0.1&new-version=23.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
--install-options
forces pip to usesetuptools
'sinstall
command which is deprecated.So we need to deprecate this pip option.
Towards #8102
The text was updated successfully, but these errors were encountered: