new patch versions of `pip`, `setuptools` & `wheel` are not considered for 28 days #2266

mayeut · 2021-12-31T12:06:08Z

Issue

New patch versions of pip, setuptools & wheel are not considered for 28 days.
The expected behavior is that patch versions are always considered "immediately" (after the 1 hour grace period for CI).

Environment

up-to-date main branch: 51408e6

tox -e dev

Reproducer

I guess the test was buggy ?

diff --git a/tests/unit/seed/wheels/test_periodic_update.py b/tests/unit/seed/wheels/test_periodic_update.py
index 9b32770..282297f 100644
--- a/tests/unit/seed/wheels/test_periodic_update.py
+++ b/tests/unit/seed/wheels/test_periodic_update.py
@@ -107,12 +107,13 @@ def test_periodic_update_stops_at_current(mocker, session_app_data, for_py_versi
 
 def test_periodic_update_latest_per_patch(mocker, session_app_data, for_py_version):
     current = get_embed_wheel("setuptools", for_py_version)
+    expected_path = wheel_path(current, (0, 1, 2))
     now, completed = datetime.now(), datetime.now() - timedelta(days=29)
     u_log = UpdateLog(
         started=completed,
         completed=completed,
         versions=[
-            NewVersion(wheel_path(current, (0, 1, 2)), completed, now - timedelta(days=1)),
+            NewVersion(expected_path, completed, now - timedelta(days=1)),
             NewVersion(wheel_path(current, (0, 1, 1)), completed, now - timedelta(days=30)),
             NewVersion(filename=str(current.path), found_date=completed, release_date=now - timedelta(days=2)),
         ],
@@ -121,7 +122,7 @@ def test_periodic_update_latest_per_patch(mocker, session_app_data, for_py_versi
     mocker.patch("virtualenv.app_data.via_disk_folder.JSONStoreDisk.read", return_value=u_log.to_dict())
 
     result = periodic_update("setuptools", None, for_py_version, current, [], session_app_data, False, os.environ)
-    assert result.path == current.path
+    assert str(result.path) == expected_path
 
 
 def wheel_path(wheel, of):

The text was updated successfully, but these errors were encountered:

[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p> <blockquote> <h2>v20.13.0 (2022-01-02)</h2> <p>Features - 20.13.0</p> <pre><code>- Add downloaded wheel information in the relevant JSON embed file to prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) <https://github.com/pypa/virtualenv/issues/2268>`_) <p>Bugfixes - 20.13.0 </code></pre></p> <ul> <li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) <https://github.com/pypa/virtualenv/issues/2269></code>_)</li> <li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) <https://github.com/pypa/virtualenv/issues/2271></code>_)</li> </ul> <h2>v20.12.1 (2022-01-01)</h2> <p>Bugfixes - 20.12.1</p> <pre><code>- Try using previous updates of ``pip``, ``setuptools`` & ``wheel`` when inside an update grace period rather than always falling back to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) <https://github.com/pypa/virtualenv/issues/2265>`_) - New patch versions of ``pip``, ``setuptools`` & ``wheel`` are now returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) <https://github.com/pypa/virtualenv/issues/2266>`_) - Manual upgrades of ``pip``, ``setuptools`` & ``wheel`` are not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) <https://github.com/pypa/virtualenv/issues/2267>`_) <h2>v20.12.0 (2021-12-31)</h2> <p>Features - 20.12.0 </code></pre></p> <ul> <li>Sign the python2 exe on Darwin arm64 - by :user:<code>tmspicer</code>. (<code>[#2233](pypa/virtualenv#2233) <https://github.com/pypa/virtualenv/issues/2233></code>_)</li> </ul> <p>Bugfixes - 20.12.0</p> <pre><code>- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](pypa/virtualenv#2120) <https://github.com/pypa/virtualenv/issues/2120>`_) - Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](pypa/virtualenv#2263) <https://github.com/pypa/virtualenv/issues/2263>`_) </code></pre> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.13.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

472: build(deps): bump virtualenv from 20.11.2 to 20.13.0 r=ChrisRBe a=dependabot[bot] Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p> <blockquote> <h2>v20.13.0 (2022-01-02)</h2> <p>Features - 20.13.0</p> <pre><code>- Add downloaded wheel information in the relevant JSON embed file to prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) <https://github.com/pypa/virtualenv/issues/2268>`_) <p>Bugfixes - 20.13.0 </code></pre></p> <ul> <li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) <https://github.com/pypa/virtualenv/issues/2269></code>_)</li> <li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) <https://github.com/pypa/virtualenv/issues/2271></code>_)</li> </ul> <h2>v20.12.1 (2022-01-01)</h2> <p>Bugfixes - 20.12.1</p> <pre><code>- Try using previous updates of ``pip``, ``setuptools`` & ``wheel`` when inside an update grace period rather than always falling back to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) <https://github.com/pypa/virtualenv/issues/2265>`_) - New patch versions of ``pip``, ``setuptools`` & ``wheel`` are now returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) <https://github.com/pypa/virtualenv/issues/2266>`_) - Manual upgrades of ``pip``, ``setuptools`` & ``wheel`` are not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) <https://github.com/pypa/virtualenv/issues/2267>`_) <h2>v20.12.0 (2021-12-31)</h2> <p>Features - 20.12.0 </code></pre></p> <ul> <li>Sign the python2 exe on Darwin arm64 - by :user:<code>tmspicer</code>. (<code>[#2233](pypa/virtualenv#2233) <https://github.com/pypa/virtualenv/issues/2233></code>_)</li> </ul> <p>Bugfixes - 20.12.0</p> <pre><code>- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](pypa/virtualenv#2120) <https://github.com/pypa/virtualenv/issues/2120>`_) - Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](pypa/virtualenv#2263) <https://github.com/pypa/virtualenv/issues/2263>`_) </code></pre> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.13.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 473: build(deps): bump astroid from 2.9.0 to 2.9.2 r=ChrisRBe a=dependabot[bot] Bumps [astroid](https://github.com/PyCQA/astroid) from 2.9.0 to 2.9.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/PyCQA/astroid/blob/main/ChangeLog">astroid's changelog</a>.</em></p> <blockquote> <h1>What's New in astroid 2.9.2?</h1> <p>Release date: 2022-01-04</p> <ul> <li>Fixed regression in <code>astroid.scoped_nodes</code> where <code>_is_metaclass</code> was not accessible anymore.</li> </ul> <p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1325">#1325</a></p> <h1>What's New in astroid 2.9.1?</h1> <p>Release date: 2021-12-31</p> <ul> <li> <p><code>NodeNG.frame()</code> and <code>NodeNG.statement()</code> will start raising <code>ParentMissingError</code> instead of <code>AttributeError</code> in astroid 3.0. This behaviour can already be triggered by passing <code>future=True</code> to a <code>frame()</code> or <code>statement()</code> call.</p> </li> <li> <p>Prefer the module loader get_source() method in AstroidBuilder's module_build() when possible to avoid assumptions about source code being available on a filesystem. Otherwise the source cannot be found and application behavior changes when running within an embedded hermetic interpreter environment (pyoxidizer, etc.).</p> </li> <li> <p>Require Python 3.6.2 to use astroid.</p> </li> <li> <p>Removed custom <code>distutils</code> handling for resolving paths to submodules.</p> <p>Ref <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1321">#1321</a></p> </li> <li> <p>Fix <code>deque.insert()</code> signature in <code>collections</code> brain.</p> <p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1260">#1260</a></p> </li> <li> <p>Fix <code>Module</code> nodes not having a <code>col_offset</code>, <code>end_lineno</code>, and <code>end_col_offset</code> attributes.</p> </li> <li> <p>Fix typing and update explanation for <code>Arguments.args</code> being <code>None</code>.</p> </li> <li> <p>Fix crash if a variable named <code>type</code> is subscripted in a generator expression.</p> <p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/pylint/issues/5461">PyCQA/pylint#5461</a></p> </li> <li> <p>Enable inference of dataclass import from marshmallow_dataclass. This allows the dataclasses brain to recognize dataclasses annotated by marshmallow_dataclass.</p> </li> <li> <p>Resolve symlinks in the import path Fixes inference error when the import path includes symlinks (e.g. Python installed on macOS via Homebrew).</p> <p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/823">#823</a></p> </li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PyCQA/astroid/commit/101aed9d304cae4c3d0d9140f151b852b21c7ddf"><code>101aed9</code></a> Bump astroid to 2.9.2, update changelog</li> <li><a href="https://github.com/PyCQA/astroid/commit/c44b1de2d5ab17898534ec44db8ee9090eb26f7f"><code>c44b1de</code></a> Fix import astroid.scoped_nodes (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1325">#1325</a>)</li> <li><a href="https://github.com/PyCQA/astroid/commit/fe51be5cd051cea8699f30b338e85f7763cd2ab7"><code>fe51be5</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1328">#1328</a>)</li> <li><a href="https://github.com/PyCQA/astroid/commit/21a2983826c903878bdd23e283dbc00545b32daa"><code>21a2983</code></a> Upgrade the version to 2.9.2-dev0 following 2.9.2 release</li> <li><a href="https://github.com/PyCQA/astroid/commit/e36b4388aebb892c10ed779bafc9c1a07a325b8d"><code>e36b438</code></a> Bump astroid to 2.9.1, update changelog</li> <li><a href="https://github.com/PyCQA/astroid/commit/51f552cecd15569cb651337fa7f8f9e27eeec579"><code>51f552c</code></a> Remove distutils path patching (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1321">#1321</a>)</li> <li><a href="https://github.com/PyCQA/astroid/commit/0d1211558670cfefd95b39984b8d5f7f34837f32"><code>0d12115</code></a> Add typing to <code>brain_dataclasses</code> (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1292">#1292</a>)</li> <li><a href="https://github.com/PyCQA/astroid/commit/aa4f5bed58dc6521a6c2c0927ca0e0da48fd5ea5"><code>aa4f5be</code></a> Add future=True to frame calls (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1305">#1305</a>)</li> <li><a href="https://github.com/PyCQA/astroid/commit/7afd696520f70a46334adea6d39f7150379198f3"><code>7afd696</code></a> Revert "Revert "Remove useless NoReturn in NodeNG.statement's typing (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1304">#1304</a>)"...</li> <li><a href="https://github.com/PyCQA/astroid/commit/12e2e8ce8a33b06c9b3d97007ca89120b529c215"><code>12e2e8c</code></a> Fix frame() error on inferred node (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1263">#1263</a>)</li> <li>Additional commits viewable in <a href="https://github.com/PyCQA/astroid/compare/v2.9.0...v2.9.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=astroid&package-manager=pip&previous-version=2.9.0&new-version=2.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 474: build(deps): bump requests from 2.26.0 to 2.27.0 r=ChrisRBe a=dependabot[bot] Bumps [requests](https://github.com/psf/requests) from 2.26.0 to 2.27.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's changelog</a>.</em></p> <blockquote> <h2>2.27.0 (2022-01-03)</h2> <p><strong>Improvements</strong></p> <ul> <li> <p>Officially added support for Python 3.10. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5928">#5928</a>)</p> </li> <li> <p>Added a <code>requests.exceptions.JSONDecodeError</code> to unify JSON exceptions between Python 2 and 3. This gets raised in the <code>response.json()</code> method, and is backwards compatible as it inherits from previously thrown exceptions. Can be caught from <code>requests.exceptions.RequestException</code> as well. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5856">#5856</a>)</p> </li> <li> <p>Improved error text for misnamed <code>InvalidSchema</code> and <code>MissingSchema</code> exceptions. This is a temporary fix until exceptions can be renamed (Schema->Scheme). (<a href="https://github-redirect.dependabot.com/psf/requests/issues/6017">#6017</a>)</p> </li> <li> <p>Improved proxy parsing for proxy URLs missing a scheme. This will address recent changes to <code>urlparse</code> in Python 3.9+. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5917">#5917</a>)</p> </li> </ul> <p><strong>Bugfixes</strong></p> <ul> <li> <p>Fixed defect in <code>extract_zipped_paths</code> which could result in an infinite loop for some paths. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5851">#5851</a>)</p> </li> <li> <p>Fixed handling for <code>AttributeError</code> when calculating length of files obtained by <code>Tarfile.extractfile()</code>. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5239">#5239</a>)</p> </li> <li> <p>Fixed urllib3 exception leak, wrapping <code>urllib3.exceptions.InvalidHeader</code> with <code>requests.exceptions.InvalidHeader</code>. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5914">#5914</a>)</p> </li> <li> <p>Fixed bug where two Host headers were sent for chunked requests. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5391">#5391</a>)</p> </li> <li> <p>Fixed regression in Requests 2.26.0 where <code>Proxy-Authorization</code> was incorrectly stripped from all requests sent with <code>Session.send</code>. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5924">#5924</a>)</p> </li> <li> <p>Fixed performance regression in 2.26.0 for hosts with a large number of proxies available in the environment. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5924">#5924</a>)</p> </li> <li> <p>Fixed idna exception leak, wrapping <code>UnicodeError</code> with <code>requests.exceptions.InvalidURL</code> for URLs with a leading dot (.) in the domain. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5414">#5414</a>)</p> </li> </ul> <p><strong>Deprecations</strong></p> <ul> <li>Requests support for Python 2.7 and 3.6 will be ending in 2022. While we don't have exact dates, Requests 2.27.x is likely to be the last release series providing support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/psf/requests/commit/0192aac24123735b3eaf9b08df46429bb770c283"><code>0192aac</code></a> v2.27.0</li> <li><a href="https://github.com/psf/requests/commit/e50dc12b0f620ff80a0d2026b5b0a5282894bfd4"><code>e50dc12</code></a> Fix doc link</li> <li><a href="https://github.com/psf/requests/commit/17e6e27a93131b7295165408e69b4cadb098b0d7"><code>17e6e27</code></a> General cleanup for 2.27.0</li> <li><a href="https://github.com/psf/requests/commit/ab38e2c72608b95b047b05ccfaca833edb9db1b1"><code>ab38e2c</code></a> Make the <code>data</code> vs <code>json</code> parameters more clear (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5382">#5382</a>)</li> <li><a href="https://github.com/psf/requests/commit/77d1e9aa3e000b40fdf93cfc355e1fe7cc52b6ac"><code>77d1e9a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/5894">#5894</a> from dbaxa/do-not-re-build-proxies-when-proxies-have...</li> <li><a href="https://github.com/psf/requests/commit/b0829a869081c2a6180db2cdc41a5676922becd0"><code>b0829a8</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/6020">#6020</a> from nateprewitt/pypy_37</li> <li><a href="https://github.com/psf/requests/commit/28d537dde33b35c3b7071afd99122eff3538b42c"><code>28d537d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/5917">#5917</a> from nateprewitt/proxy_scheme_unknown_fix</li> <li><a href="https://github.com/psf/requests/commit/86bbee71b286d6d6e968381a7a49a0831d3ab67b"><code>86bbee7</code></a> Update 3.10-dev to 3.10 and add pypy-3.7</li> <li><a href="https://github.com/psf/requests/commit/0d5347e6281c85059be176fe650b0aa7128f1dcb"><code>0d5347e</code></a> Only compute should_bypass_proxies if needed</li> <li><a href="https://github.com/psf/requests/commit/ef59aa0227bf463f0ed3d752b26db9b3acc64afb"><code>ef59aa0</code></a> Move from urlparse to parse_url for prepending schemes</li> <li>Additional commits viewable in <a href="https://github.com/psf/requests/compare/v2.26.0...v2.27.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=pip&previous-version=2.26.0&new-version=2.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

472: build(deps): bump virtualenv from 20.11.2 to 20.13.0 r=ChrisRBe a=dependabot[bot] Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p> <blockquote> <h2>v20.13.0 (2022-01-02)</h2> <p>Features - 20.13.0</p> <pre><code>- Add downloaded wheel information in the relevant JSON embed file to prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) <https://github.com/pypa/virtualenv/issues/2268>`_) <p>Bugfixes - 20.13.0 </code></pre></p> <ul> <li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) <https://github.com/pypa/virtualenv/issues/2269></code>_)</li> <li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) <https://github.com/pypa/virtualenv/issues/2271></code>_)</li> </ul> <h2>v20.12.1 (2022-01-01)</h2> <p>Bugfixes - 20.12.1</p> <pre><code>- Try using previous updates of ``pip``, ``setuptools`` & ``wheel`` when inside an update grace period rather than always falling back to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) <https://github.com/pypa/virtualenv/issues/2265>`_) - New patch versions of ``pip``, ``setuptools`` & ``wheel`` are now returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) <https://github.com/pypa/virtualenv/issues/2266>`_) - Manual upgrades of ``pip``, ``setuptools`` & ``wheel`` are not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) <https://github.com/pypa/virtualenv/issues/2267>`_) <h2>v20.12.0 (2021-12-31)</h2> <p>Features - 20.12.0 </code></pre></p> <ul> <li>Sign the python2 exe on Darwin arm64 - by :user:<code>tmspicer</code>. (<code>[#2233](pypa/virtualenv#2233) <https://github.com/pypa/virtualenv/issues/2233></code>_)</li> </ul> <p>Bugfixes - 20.12.0</p> <pre><code>- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](pypa/virtualenv#2120) <https://github.com/pypa/virtualenv/issues/2120>`_) - Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](pypa/virtualenv#2263) <https://github.com/pypa/virtualenv/issues/2263>`_) </code></pre> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.13.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.12.0 to 20.13.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p> <blockquote> <h2>v20.13.0 (2022-01-02)</h2> <p>Features - 20.13.0</p> <pre><code>- Add downloaded wheel information in the relevant JSON embed file to prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) <https://github.com/pypa/virtualenv/issues/2268>`_) <p>Bugfixes - 20.13.0 </code></pre></p> <ul> <li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) <https://github.com/pypa/virtualenv/issues/2269></code>_)</li> <li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) <https://github.com/pypa/virtualenv/issues/2271></code>_)</li> </ul> <h2>v20.12.1 (2022-01-01)</h2> <p>Bugfixes - 20.12.1</p> <pre><code>- Try using previous updates of ``pip``, ``setuptools`` & ``wheel`` when inside an update grace period rather than always falling back to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) <https://github.com/pypa/virtualenv/issues/2265>`_) - New patch versions of ``pip``, ``setuptools`` & ``wheel`` are now returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) <https://github.com/pypa/virtualenv/issues/2266>`_) - Manual upgrades of ``pip``, ``setuptools`` & ``wheel`` are not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) <https://github.com/pypa/virtualenv/issues/2267>`_) </code></pre> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li> <li>See full diff in <a href="https://github.com/pypa/virtualenv/compare/20.12.0...20.13.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.12.0&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

472: build(deps): bump virtualenv from 20.11.2 to 20.13.0 r=ChrisRBe a=dependabot[bot] Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p> <blockquote> <h2>v20.13.0 (2022-01-02)</h2> <p>Features - 20.13.0</p> <pre><code>- Add downloaded wheel information in the relevant JSON embed file to prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) <https://github.com/pypa/virtualenv/issues/2268>`_) <p>Bugfixes - 20.13.0 </code></pre></p> <ul> <li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) <https://github.com/pypa/virtualenv/issues/2269></code>_)</li> <li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) <https://github.com/pypa/virtualenv/issues/2271></code>_)</li> </ul> <h2>v20.12.1 (2022-01-01)</h2> <p>Bugfixes - 20.12.1</p> <pre><code>- Try using previous updates of ``pip``, ``setuptools`` & ``wheel`` when inside an update grace period rather than always falling back to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) <https://github.com/pypa/virtualenv/issues/2265>`_) - New patch versions of ``pip``, ``setuptools`` & ``wheel`` are now returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) <https://github.com/pypa/virtualenv/issues/2266>`_) - Manual upgrades of ``pip``, ``setuptools`` & ``wheel`` are not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) <https://github.com/pypa/virtualenv/issues/2267>`_) <h2>v20.12.0 (2021-12-31)</h2> <p>Features - 20.12.0 </code></pre></p> <ul> <li>Sign the python2 exe on Darwin arm64 - by :user:<code>tmspicer</code>. (<code>[#2233](pypa/virtualenv#2233) <https://github.com/pypa/virtualenv/issues/2233></code>_)</li> </ul> <p>Bugfixes - 20.12.0</p> <pre><code>- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](pypa/virtualenv#2120) <https://github.com/pypa/virtualenv/issues/2120>`_) - Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](pypa/virtualenv#2263) <https://github.com/pypa/virtualenv/issues/2263>`_) </code></pre> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li> <li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li> <li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.13.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

mayeut added the bug label Dec 31, 2021

This was referenced Dec 31, 2021

virtualenv always switch back to embedded wheels after a recent periodic update #2265

Closed

Do not attempt to download previously downloaded wheels #2268

Closed

feature: store version update source in embed JSON file #2273

Merged

gaborbernat closed this as completed in #2273 Jan 1, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

new patch versions of `pip`, `setuptools` & `wheel` are not considered for 28 days #2266

new patch versions of `pip`, `setuptools` & `wheel` are not considered for 28 days #2266

mayeut commented Dec 31, 2021

new patch versions of pip, setuptools & wheel are not considered for 28 days #2266

new patch versions of pip, setuptools & wheel are not considered for 28 days #2266

Comments

mayeut commented Dec 31, 2021

new patch versions of `pip`, `setuptools` & `wheel` are not considered for 28 days #2266

new patch versions of `pip`, `setuptools` & `wheel` are not considered for 28 days #2266