-
-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sign the python2 exe on Darwin arm64 #2233
Conversation
@@ -176,6 +175,33 @@ def fix_mach_o(exe, current, new, max_size): | |||
raise | |||
|
|||
|
|||
def fix_signature(exe): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rather than force it into the cpythonmacos creator can we add a cpythonm1macoscreator instead?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've restructured it to introduce a CPython2macOsArmFramework class, and have it just passing in the python interpreter to sign.
It was tested on the M1 and an existing Darwin intel machine.
In the latest commit I've also removed can_create from CPython2macOsFramework since it is now only calling the parent function.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you inline this into the create above, otherwise looks 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've inlined the function into the arm specific class
@@ -176,6 +175,33 @@ def fix_mach_o(exe, current, new, max_size): | |||
raise | |||
|
|||
|
|||
def fix_signature(exe): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you inline this into the create above, otherwise looks 👍
subprocess.check_call(cmd) | ||
|
||
except Exception: | ||
logging.fatal("Could not change MacOS code signing on copied python exe at %s" % exe) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
drop the % formatting, use log formatting
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
logging fixed, thanks for catching that
os.rmdir(bak_dir) | ||
|
||
cmd = ["codesign", "-s", "-", "--preserve-metadata=identifier,entitlements,flags,runtime", "-f", exe] | ||
logging.debug("Changing Signature: %s" % cmd) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same here
I just tested this on my M1 mac, and it does indeed perform the code signing, but the final $ virtualenv venv2 -p $(which python2)
/Users/karlk/src/venv2/bin/python: replacing existing signature
created virtual environment CPython2.7.18.final.0-64 in 112ms
creator CPython2macOsArmFramework(dest=/Users/karlk/src/venv2, clear=False, no_vcs_ignore=False, global=False)
seeder FromAppData(download=False, pip=bundle, setuptools=bundle, wheel=bundle, via=copy, app_data_dir=/Users/karlk/Library/Application Support/virtualenv)
added seed packages: pip==20.3.4, setuptools==44.1.1, wheel==0.37.0
activators BashActivator,CShellActivator,FishActivator,NushellActivator,PowerShellActivator,PythonActivator
$ venv2/bin/python
Killed: 9 Extra info: $ which python2
/usr/bin/python2
$ readlink -f $(which python2)
/System/Library/Frameworks/Python.framework/Versions/2.7/Resources/pythonwrapper.app/Contents/MacOS/pythonwrapper
$ python2 --version
Python 2.7.18 (edit): It does work with $ arch --x86_64 venv2/bin/python
WARNING: Python 2.7 is not recommended.
This version is included in macOS for compatibility with legacy software.
Future versions of macOS will not include Python 2.7.
Instead, it is recommended that you transition to using 'python3' from within Terminal.
Python 2.7.18 (default, Oct 2 2021, 04:20:39)
[GCC Apple LLVM 13.0.0 (clang-1300.0.29.1) [+internal-os, ptrauth-isa=deploymen on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> |
On your M1 are you installing your ports as x86 or universal? By default they get installed as x86 unless you change your mapport.conf. I have python27 port installed just for arm64 and am on Big Sur virtualenv --version
virtualenv 20.10.1.dev4+g9fd06b8 from /opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/virtualenv/__init__.pyc
virtualenv env_py2 -p $(which python2)
env_py2/bin/python -c 'import os; print os.uname()[-1]'
arm64
env_py2/bin/python
Python 2.7.18 (default, Nov 9 2021, 05:10:32)
[GCC Apple LLVM 12.0.5 (clang-1205.0.22.11)] on darwin
If I try to run it as x86 it fails with invalid CPU arch --x86_64 env_py2/bin/python
arch: posix_spawnp: env_py2/bin/python: Bad CPU type in executable |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I made some changes, can you please validate it works?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please also add a changelog entry?
Possible bug, or user error on my part. I see an AttributeError in
|
@tmspicer @gaborbernat Do you happen to have any plans of when this could be release? |
No plans. Sometimes after we make the CI pass 😊 |
Edit: Disregard. virtualenv does not use /System/Library/Frameworks/Python.framework/Versions/2.7/Resources/pythonwrapper.app/Contents/MacOS/pythonwrapper (pointed to by /usr/bin/python), signed with Identifier=org.python.pythonwrapper). It uses /System/Library/Frameworks/Python.framework/Versions/2.7/Resources/Python.app/Contents/MacOS/Python, signed with Identifier=org.python.python.
|
0284755
to
bb82a73
Compare
49a6115
to
c28c478
Compare
Signed-off-by: Bernát Gábor <gaborjbernat@gmail.com>
c28c478
to
04000b6
Compare
The fix now has been released via https://virtualenv.pypa.io/en/latest/changelog.html#v20-12-0-2021-12-31 |
Thanks for persevering with this Gabor. Something is still wrong on macOS 12.x + arm64, using 51408e6. I'll raise seperate PRs, or issues as appropriate.
|
Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.12.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p> <blockquote> <h2>v20.12.0 (2021-12-31)</h2> <p>Features - 20.12.0</p> <pre><code>- Sign the python2 exe on Darwin arm64 - by :user:`tmspicer`. (`[#2233](pypa/virtualenv#2233) <https://github.com/pypa/virtualenv/issues/2233>`_) <p>Bugfixes - 20.12.0 </code></pre></p> <ul> <li>Fix <code>--download</code> option - by :user:<code>mayeut</code>. (<code>[#2120](pypa/virtualenv#2120) <https://github.com/pypa/virtualenv/issues/2120></code>_)</li> <li>Ugrade embedded setuptools to <code>60.2.0</code> from <code>60.1.1</code> - by :user:<code>gaborbernat</code>. (<code>[#2263](pypa/virtualenv#2263) <https://github.com/pypa/virtualenv/issues/2263></code>_)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/614b023492f66b07ae96716c308f1560f7ce5230"><code>614b023</code></a> Bump embed setuptools (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2263">#2263</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/f7ababdf0be4db3625444bbb20fa268a3885e645"><code>f7ababd</code></a> Sign the python2 exe on Darwin arm64 (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2233">#2233</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/61c065ba7731b65bdc15af7900aa530963695868"><code>61c065b</code></a> fix: <code>--download</code> option (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2262">#2262</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/b17dcd4ce1f608059448566fb3e929e911d8bf43"><code>b17dcd4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2261">#2261</a> from pypa/release-20.11.2</li> <li>See full diff in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.12.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
@tmspicer do you remember if you were running macOS 11 (Big Sur), or macOS 12 (Monterey) when you tested this |
[//]: # (dependabot-start)⚠️ **Dependabot is rebasing this PR**⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p> <blockquote> <h2>v20.13.0 (2022-01-02)</h2> <p>Features - 20.13.0</p> <pre><code>- Add downloaded wheel information in the relevant JSON embed file to prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) <https://github.com/pypa/virtualenv/issues/2268>`_) <p>Bugfixes - 20.13.0 </code></pre></p> <ul> <li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) <https://github.com/pypa/virtualenv/issues/2269></code>_)</li> <li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) <https://github.com/pypa/virtualenv/issues/2271></code>_)</li> </ul> <h2>v20.12.1 (2022-01-01)</h2> <p>Bugfixes - 20.12.1</p> <pre><code>- Try using previous updates of ``pip``, ``setuptools`` & ``wheel`` when inside an update grace period rather than always falling back to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) <https://github.com/pypa/virtualenv/issues/2265>`_) - New patch versions of ``pip``, ``setuptools`` & ``wheel`` are now returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) <https://github.com/pypa/virtualenv/issues/2266>`_) - Manual upgrades of ``pip``, ``setuptools`` & ``wheel`` are not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) <https://github.com/pypa/virtualenv/issues/2267>`_) <h2>v20.12.0 (2021-12-31)</h2> <p>Features - 20.12.0 </code></pre></p> <ul> <li>Sign the python2 exe on Darwin arm64 - by :user:<code>tmspicer</code>. (<code>[#2233](pypa/virtualenv#2233) <https://github.com/pypa/virtualenv/issues/2233></code>_)</li> </ul> <p>Bugfixes - 20.12.0</p> <pre><code>- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](pypa/virtualenv#2120) <https://github.com/pypa/virtualenv/issues/2120>`_) - Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](pypa/virtualenv#2263) <https://github.com/pypa/virtualenv/issues/2263>`_) </code></pre> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.13.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
@moreati I was on Big Sur when I tested this. I'm just getting my M1 onto Monterey so I didn't test it there. |
472: build(deps): bump virtualenv from 20.11.2 to 20.13.0 r=ChrisRBe a=dependabot[bot] Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p> <blockquote> <h2>v20.13.0 (2022-01-02)</h2> <p>Features - 20.13.0</p> <pre><code>- Add downloaded wheel information in the relevant JSON embed file to prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) <https://github.com/pypa/virtualenv/issues/2268>`_) <p>Bugfixes - 20.13.0 </code></pre></p> <ul> <li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) <https://github.com/pypa/virtualenv/issues/2269></code>_)</li> <li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) <https://github.com/pypa/virtualenv/issues/2271></code>_)</li> </ul> <h2>v20.12.1 (2022-01-01)</h2> <p>Bugfixes - 20.12.1</p> <pre><code>- Try using previous updates of ``pip``, ``setuptools`` & ``wheel`` when inside an update grace period rather than always falling back to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) <https://github.com/pypa/virtualenv/issues/2265>`_) - New patch versions of ``pip``, ``setuptools`` & ``wheel`` are now returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) <https://github.com/pypa/virtualenv/issues/2266>`_) - Manual upgrades of ``pip``, ``setuptools`` & ``wheel`` are not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) <https://github.com/pypa/virtualenv/issues/2267>`_) <h2>v20.12.0 (2021-12-31)</h2> <p>Features - 20.12.0 </code></pre></p> <ul> <li>Sign the python2 exe on Darwin arm64 - by :user:<code>tmspicer</code>. (<code>[#2233](pypa/virtualenv#2233) <https://github.com/pypa/virtualenv/issues/2233></code>_)</li> </ul> <p>Bugfixes - 20.12.0</p> <pre><code>- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](pypa/virtualenv#2120) <https://github.com/pypa/virtualenv/issues/2120>`_) - Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](pypa/virtualenv#2263) <https://github.com/pypa/virtualenv/issues/2263>`_) </code></pre> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.13.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 473: build(deps): bump astroid from 2.9.0 to 2.9.2 r=ChrisRBe a=dependabot[bot] Bumps [astroid](https://github.com/PyCQA/astroid) from 2.9.0 to 2.9.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/PyCQA/astroid/blob/main/ChangeLog">astroid's changelog</a>.</em></p> <blockquote> <h1>What's New in astroid 2.9.2?</h1> <p>Release date: 2022-01-04</p> <ul> <li>Fixed regression in <code>astroid.scoped_nodes</code> where <code>_is_metaclass</code> was not accessible anymore.</li> </ul> <p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1325">#1325</a></p> <h1>What's New in astroid 2.9.1?</h1> <p>Release date: 2021-12-31</p> <ul> <li> <p><code>NodeNG.frame()</code> and <code>NodeNG.statement()</code> will start raising <code>ParentMissingError</code> instead of <code>AttributeError</code> in astroid 3.0. This behaviour can already be triggered by passing <code>future=True</code> to a <code>frame()</code> or <code>statement()</code> call.</p> </li> <li> <p>Prefer the module loader get_source() method in AstroidBuilder's module_build() when possible to avoid assumptions about source code being available on a filesystem. Otherwise the source cannot be found and application behavior changes when running within an embedded hermetic interpreter environment (pyoxidizer, etc.).</p> </li> <li> <p>Require Python 3.6.2 to use astroid.</p> </li> <li> <p>Removed custom <code>distutils</code> handling for resolving paths to submodules.</p> <p>Ref <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1321">#1321</a></p> </li> <li> <p>Fix <code>deque.insert()</code> signature in <code>collections</code> brain.</p> <p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1260">#1260</a></p> </li> <li> <p>Fix <code>Module</code> nodes not having a <code>col_offset</code>, <code>end_lineno</code>, and <code>end_col_offset</code> attributes.</p> </li> <li> <p>Fix typing and update explanation for <code>Arguments.args</code> being <code>None</code>.</p> </li> <li> <p>Fix crash if a variable named <code>type</code> is subscripted in a generator expression.</p> <p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/pylint/issues/5461">PyCQA/pylint#5461</a></p> </li> <li> <p>Enable inference of dataclass import from marshmallow_dataclass. This allows the dataclasses brain to recognize dataclasses annotated by marshmallow_dataclass.</p> </li> <li> <p>Resolve symlinks in the import path Fixes inference error when the import path includes symlinks (e.g. Python installed on macOS via Homebrew).</p> <p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/823">#823</a></p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PyCQA/astroid/commit/101aed9d304cae4c3d0d9140f151b852b21c7ddf"><code>101aed9</code></a> Bump astroid to 2.9.2, update changelog</li> <li><a href="https://github.com/PyCQA/astroid/commit/c44b1de2d5ab17898534ec44db8ee9090eb26f7f"><code>c44b1de</code></a> Fix import astroid.scoped_nodes (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1325">#1325</a>)</li> <li><a href="https://github.com/PyCQA/astroid/commit/fe51be5cd051cea8699f30b338e85f7763cd2ab7"><code>fe51be5</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1328">#1328</a>)</li> <li><a href="https://github.com/PyCQA/astroid/commit/21a2983826c903878bdd23e283dbc00545b32daa"><code>21a2983</code></a> Upgrade the version to 2.9.2-dev0 following 2.9.2 release</li> <li><a href="https://github.com/PyCQA/astroid/commit/e36b4388aebb892c10ed779bafc9c1a07a325b8d"><code>e36b438</code></a> Bump astroid to 2.9.1, update changelog</li> <li><a href="https://github.com/PyCQA/astroid/commit/51f552cecd15569cb651337fa7f8f9e27eeec579"><code>51f552c</code></a> Remove distutils path patching (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1321">#1321</a>)</li> <li><a href="https://github.com/PyCQA/astroid/commit/0d1211558670cfefd95b39984b8d5f7f34837f32"><code>0d12115</code></a> Add typing to <code>brain_dataclasses</code> (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1292">#1292</a>)</li> <li><a href="https://github.com/PyCQA/astroid/commit/aa4f5bed58dc6521a6c2c0927ca0e0da48fd5ea5"><code>aa4f5be</code></a> Add future=True to frame calls (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1305">#1305</a>)</li> <li><a href="https://github.com/PyCQA/astroid/commit/7afd696520f70a46334adea6d39f7150379198f3"><code>7afd696</code></a> Revert "Revert "Remove useless NoReturn in NodeNG.statement's typing (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1304">#1304</a>)"...</li> <li><a href="https://github.com/PyCQA/astroid/commit/12e2e8ce8a33b06c9b3d97007ca89120b529c215"><code>12e2e8c</code></a> Fix frame() error on inferred node (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1263">#1263</a>)</li> <li>Additional commits viewable in <a href="https://github.com/PyCQA/astroid/compare/v2.9.0...v2.9.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=astroid&package-manager=pip&previous-version=2.9.0&new-version=2.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 474: build(deps): bump requests from 2.26.0 to 2.27.0 r=ChrisRBe a=dependabot[bot] Bumps [requests](https://github.com/psf/requests) from 2.26.0 to 2.27.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's changelog</a>.</em></p> <blockquote> <h2>2.27.0 (2022-01-03)</h2> <p><strong>Improvements</strong></p> <ul> <li> <p>Officially added support for Python 3.10. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5928">#5928</a>)</p> </li> <li> <p>Added a <code>requests.exceptions.JSONDecodeError</code> to unify JSON exceptions between Python 2 and 3. This gets raised in the <code>response.json()</code> method, and is backwards compatible as it inherits from previously thrown exceptions. Can be caught from <code>requests.exceptions.RequestException</code> as well. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5856">#5856</a>)</p> </li> <li> <p>Improved error text for misnamed <code>InvalidSchema</code> and <code>MissingSchema</code> exceptions. This is a temporary fix until exceptions can be renamed (Schema->Scheme). (<a href="https://github-redirect.dependabot.com/psf/requests/issues/6017">#6017</a>)</p> </li> <li> <p>Improved proxy parsing for proxy URLs missing a scheme. This will address recent changes to <code>urlparse</code> in Python 3.9+. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5917">#5917</a>)</p> </li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li> <p>Fixed defect in <code>extract_zipped_paths</code> which could result in an infinite loop for some paths. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5851">#5851</a>)</p> </li> <li> <p>Fixed handling for <code>AttributeError</code> when calculating length of files obtained by <code>Tarfile.extractfile()</code>. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5239">#5239</a>)</p> </li> <li> <p>Fixed urllib3 exception leak, wrapping <code>urllib3.exceptions.InvalidHeader</code> with <code>requests.exceptions.InvalidHeader</code>. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5914">#5914</a>)</p> </li> <li> <p>Fixed bug where two Host headers were sent for chunked requests. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5391">#5391</a>)</p> </li> <li> <p>Fixed regression in Requests 2.26.0 where <code>Proxy-Authorization</code> was incorrectly stripped from all requests sent with <code>Session.send</code>. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5924">#5924</a>)</p> </li> <li> <p>Fixed performance regression in 2.26.0 for hosts with a large number of proxies available in the environment. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5924">#5924</a>)</p> </li> <li> <p>Fixed idna exception leak, wrapping <code>UnicodeError</code> with <code>requests.exceptions.InvalidURL</code> for URLs with a leading dot (.) in the domain. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5414">#5414</a>)</p> </li> </ul> <p><strong>Deprecations</strong></p> <ul> <li>Requests support for Python 2.7 and 3.6 will be ending in 2022. While we don't have exact dates, Requests 2.27.x is likely to be the last release series providing support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/psf/requests/commit/0192aac24123735b3eaf9b08df46429bb770c283"><code>0192aac</code></a> v2.27.0</li> <li><a href="https://github.com/psf/requests/commit/e50dc12b0f620ff80a0d2026b5b0a5282894bfd4"><code>e50dc12</code></a> Fix doc link</li> <li><a href="https://github.com/psf/requests/commit/17e6e27a93131b7295165408e69b4cadb098b0d7"><code>17e6e27</code></a> General cleanup for 2.27.0</li> <li><a href="https://github.com/psf/requests/commit/ab38e2c72608b95b047b05ccfaca833edb9db1b1"><code>ab38e2c</code></a> Make the <code>data</code> vs <code>json</code> parameters more clear (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5382">#5382</a>)</li> <li><a href="https://github.com/psf/requests/commit/77d1e9aa3e000b40fdf93cfc355e1fe7cc52b6ac"><code>77d1e9a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/5894">#5894</a> from dbaxa/do-not-re-build-proxies-when-proxies-have...</li> <li><a href="https://github.com/psf/requests/commit/b0829a869081c2a6180db2cdc41a5676922becd0"><code>b0829a8</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/6020">#6020</a> from nateprewitt/pypy_37</li> <li><a href="https://github.com/psf/requests/commit/28d537dde33b35c3b7071afd99122eff3538b42c"><code>28d537d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/5917">#5917</a> from nateprewitt/proxy_scheme_unknown_fix</li> <li><a href="https://github.com/psf/requests/commit/86bbee71b286d6d6e968381a7a49a0831d3ab67b"><code>86bbee7</code></a> Update 3.10-dev to 3.10 and add pypy-3.7</li> <li><a href="https://github.com/psf/requests/commit/0d5347e6281c85059be176fe650b0aa7128f1dcb"><code>0d5347e</code></a> Only compute should_bypass_proxies if needed</li> <li><a href="https://github.com/psf/requests/commit/ef59aa0227bf463f0ed3d752b26db9b3acc64afb"><code>ef59aa0</code></a> Move from urlparse to parse_url for prepending schemes</li> <li>Additional commits viewable in <a href="https://github.com/psf/requests/compare/v2.26.0...v2.27.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=pip&previous-version=2.26.0&new-version=2.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
472: build(deps): bump virtualenv from 20.11.2 to 20.13.0 r=ChrisRBe a=dependabot[bot] Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p> <blockquote> <h2>v20.13.0 (2022-01-02)</h2> <p>Features - 20.13.0</p> <pre><code>- Add downloaded wheel information in the relevant JSON embed file to prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) <https://github.com/pypa/virtualenv/issues/2268>`_) <p>Bugfixes - 20.13.0 </code></pre></p> <ul> <li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) <https://github.com/pypa/virtualenv/issues/2269></code>_)</li> <li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) <https://github.com/pypa/virtualenv/issues/2271></code>_)</li> </ul> <h2>v20.12.1 (2022-01-01)</h2> <p>Bugfixes - 20.12.1</p> <pre><code>- Try using previous updates of ``pip``, ``setuptools`` & ``wheel`` when inside an update grace period rather than always falling back to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) <https://github.com/pypa/virtualenv/issues/2265>`_) - New patch versions of ``pip``, ``setuptools`` & ``wheel`` are now returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) <https://github.com/pypa/virtualenv/issues/2266>`_) - Manual upgrades of ``pip``, ``setuptools`` & ``wheel`` are not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) <https://github.com/pypa/virtualenv/issues/2267>`_) <h2>v20.12.0 (2021-12-31)</h2> <p>Features - 20.12.0 </code></pre></p> <ul> <li>Sign the python2 exe on Darwin arm64 - by :user:<code>tmspicer</code>. (<code>[#2233](pypa/virtualenv#2233) <https://github.com/pypa/virtualenv/issues/2233></code>_)</li> </ul> <p>Bugfixes - 20.12.0</p> <pre><code>- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](pypa/virtualenv#2120) <https://github.com/pypa/virtualenv/issues/2120>`_) - Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](pypa/virtualenv#2263) <https://github.com/pypa/virtualenv/issues/2263>`_) </code></pre> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.13.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
472: build(deps): bump virtualenv from 20.11.2 to 20.13.0 r=ChrisRBe a=dependabot[bot] Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p> <blockquote> <h2>v20.13.0 (2022-01-02)</h2> <p>Features - 20.13.0</p> <pre><code>- Add downloaded wheel information in the relevant JSON embed file to prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) <https://github.com/pypa/virtualenv/issues/2268>`_) <p>Bugfixes - 20.13.0 </code></pre></p> <ul> <li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) <https://github.com/pypa/virtualenv/issues/2269></code>_)</li> <li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) <https://github.com/pypa/virtualenv/issues/2271></code>_)</li> </ul> <h2>v20.12.1 (2022-01-01)</h2> <p>Bugfixes - 20.12.1</p> <pre><code>- Try using previous updates of ``pip``, ``setuptools`` & ``wheel`` when inside an update grace period rather than always falling back to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) <https://github.com/pypa/virtualenv/issues/2265>`_) - New patch versions of ``pip``, ``setuptools`` & ``wheel`` are now returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) <https://github.com/pypa/virtualenv/issues/2266>`_) - Manual upgrades of ``pip``, ``setuptools`` & ``wheel`` are not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) <https://github.com/pypa/virtualenv/issues/2267>`_) <h2>v20.12.0 (2021-12-31)</h2> <p>Features - 20.12.0 </code></pre></p> <ul> <li>Sign the python2 exe on Darwin arm64 - by :user:<code>tmspicer</code>. (<code>[#2233](pypa/virtualenv#2233) <https://github.com/pypa/virtualenv/issues/2233></code>_)</li> </ul> <p>Bugfixes - 20.12.0</p> <pre><code>- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](pypa/virtualenv#2120) <https://github.com/pypa/virtualenv/issues/2120>`_) - Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](pypa/virtualenv#2263) <https://github.com/pypa/virtualenv/issues/2263>`_) </code></pre> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.13.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@gaborbernat this is still popping up in Monterey using virtual 20.15.1 when creating a py2 virtualenv using py2 (the zsh: killed msg due to codesigning). Any thoughts on how to proceed? |
No plans or suggestions on my side. Python 2 is no longer supported. |
As part of #2024 , the latest version of virtualenv will not run on Darwin Arm64 (Apple M1).
The original issue was that the python exe would be killed due to the exe not being properly signed. There is a workaround for the issue which is to sign the python exe that has been moved/modified in the virtualenv. Up until 20.8.1 running the codesign process after virtualenv was ran would allow for a usable environment.
This PR is to propose that we just add the workaround of adhoc signing the exe into the virtualenv process.
With the latest version of virtualenv this only affect python2 on Darwin ARM64.
This PR adds a fix_signature function to perform the codesign if on MAC_ARM64 and removes the change to can_create to return false if MAC_ARM64.
Tested on an M1 machine using python2.7 and python3.7 without any issues.
Thanks for contributing, make sure you address all the checklists (for details on how see
development documentation)!
tox -e fix_lint
)docs/changelog
folder