Update dependency pipenv to v2023.11.15
This MR contains the following updates:
| Package | Update | Change |
|---|---|---|
| pipenv | minor |
2023.3.20 -> 2023.11.15
|
| pipenv | minor |
==2023.3.20 -> ==2023.11.15
|
Release Notes
pypa/pipenv
v2023.11.15
=======================
v2023.11.14
=======================
v2023.10.24
=======================
v2023.10.20
=======================
Features & Improvements
- Add quiet option to pipenv shell, hiding "Launching subshell in virtual environment..."
#​5966 <https://github.com/pypa/pipenv/issues/5966>_ - Vendor in pip==23.3 which includes updates to certifi, urllib3, and adds truststore among other improvements.
#​5979 <https://github.com/pypa/pipenv/issues/5979>_
Behavior Changes
- Change
--pyto useprintpreventing insertion of newline characters#​5969 <https://github.com/pypa/pipenv/issues/5969>_
Vendored Libraries
- Drop pep517 - as it is no longer used.
#​5970 <https://github.com/pypa/pipenv/issues/5970>_
Removals and Deprecations
- Drop support for Python 3.7
#​5879 <https://github.com/pypa/pipenv/issues/5879>_
v2023.10.3
======================
Bug Fixes
- Eveb better handling of vcs branch references that contain special characters.
#​5934 <https://github.com/pypa/pipenv/issues/5934>_ - Bump certifi from 2023.5.7 to 2023.7.22 in /examples to address a security vulnerability
#​5941 <https://github.com/pypa/pipenv/issues/5941>_
v2023.9.8
=====================
Bug Fixes
- ignore_compatibility was supposed to default to False (except for hash collection)
#​5926 <https://github.com/pypa/pipenv/issues/5926>_
v2023.9.7
=====================
Features & Improvements
-
Updates build to use exclusively
pyproject.tomlModernizes the build process by consolidating all of
setuptoolsmetadata withinpyproject.tomland removing deprecatedsetup.cfgandsetup.py.#​5837 <https://github.com/pypa/pipenv/issues/5837>_
Bug Fixes
- Restore the ignore compatibility finder pip patch to resolve issues collecting hashes from google artifact registry (and possibly others).
#​5887 <https://github.com/pypa/pipenv/issues/5887>_ - Handle case better where setup.py name is referencing a variable that is a string while encouraging folks to migrate their projects to pyproject.toml
#​5905 <https://github.com/pypa/pipenv/issues/5905>_ - Better handling of local file install edge cases; handle local file extras.
#​5919 <https://github.com/pypa/pipenv/issues/5919>_ - Include the Pipfile markers in the install phase when using
--skip-lock.#​5920 <https://github.com/pypa/pipenv/issues/5920>_ - Fallback to default vcs ref when no ref is supplied.
More proactively determine package name from the pip line where possible, fallback to the existing file scanning logics when unable to determine name.
#​5921 <https://github.com/pypa/pipenv/issues/5921>_
v2023.9.1
v2023.8.28
Bug Fixes
- Revert change that caused the credentials in source url issue. #5878
- Do not treat named requirements as file installs just becacuse a match path exists; better handling of editable keyword for local file installs. Handle additional edge cases in the setup.py ast parser logic for trying to determine local install package name. #5885
v2023.8.26
Bug Fixes
- Additional property caching to avoid duplication of sources in the resolver. #5863
- Fix recent regressions with local/editable file installs. #5870
- Fixes the vcs subdirectory fragments regression; fixes sys_platform markers regression. #5871
- Fix regression that caused printing non-printable ascii characters when help was called. #5872
v2023.8.25
Bug Fixes
- Fix regression of hash collection when downloading package from private indexes when the hash is not found in the index href url fragment. #5866
v2023.8.23
Bug Fixes
- More gracefully handle @ symbols in vcs URLs to address recent regression with vcs URLs. #5849
v2023.8.22
Bug Fixes
- Fix regression with
ssh://vcs URLs introduced in2023.8.21whereby ssh vcs URLs are expected to have at least one@symbol. #5846
v2023.8.21
Bug Fixes
- Add back some relevant caching to increase performance after the major refactor released with
2023.8.19#5841 - Fix some edge cases around vcs dependencies without a ref, and older Pipfile/lockfile formats. #5843
Vendored Libraries
- Remove unused command line interface for vendored packages. #5840
v2023.8.20
Bug Fixes
- Fix the expected output of the
versioncommand. #5838
v2023.8.19
Features & Improvements
- The
--categoriesoption now works with requirements.txt file. #5722
Bug Fixes
- Drop requirementslib for managing pip lines and InstallRequirements, bring remaining requirementslib functionality into pipenv. Fixes numerous reports about extras installs with vcs and file installs; format pip lines correctly to not generate deprecation warnings. #5793
Vendored Libraries
- Update pip 23.2 -> 23.2.1 #5822
Improved Documentation
- Added documentation on how to move or rename a project directory #5129
Removals and Deprecations
- The
--skip-lockflag which was deprecated, has now been removed to unblock modernizing the pipenv resolver code. #5805
v2023.7.23
Features & Improvements
- Upgrades
pip==23.2which includes everything from the pip changelog. Drops the "install_compatatability_finder" pip internals patch. #5808
Bug Fixes
- Fix issue parsing some Pipfiles with separate packages.<pkg> sections (tomlkit OutOfOrderTableProxy) #5794
- Fix all ruff linter warnings #5807
- Restore running Resolver in sub-process using the project python by default; maintains ability to run directly by setting
PIPENV_RESOLVER_PARENT_PYTHONenvironment variable to 1 (useful for internal debugging). #5809 - Fix error when a Windows path begins with a '' with
pythonfinder==2.0.5. #5812
Vendored Libraries
- Remove usage of click.secho in some modules. #5804
2023.7.11 (2023-07-11)
Bug Fixes
- Invoke the resolver in the same process as pipenv rather than utilizing subprocess. #5787
- Fix regression markers being included as None/null in requirements command. #5788
v2023.7.11
What's Changed
- Fix markers being included as None/null by @matteius in https://github.com/pypa/pipenv/pull/5788
- Invoke the resolver in the same process as pipenv rather than utilzing subprocess. by @matteius in https://github.com/pypa/pipenv/pull/5787
Full Changelog: https://github.com/pypa/pipenv/compare/v2023.7.9...v2023.7.11
v2023.7.9
Bug Fixes
- Drop the --keep-outdated flag and --selective-upgrade flags that have been deprecated in favor of update/upgrade commands. #5730
- Fix regressions in the
requirementscommand related to standard index extras and handling of local file requirements. #5784
v2023.7.4
Bug Fixes
- Fixes regression on Pipfile requirements syntax. Ensure default operator is provided to requirement lib to avoid crash. #5765
- Ensure hashes included in a generated requirements file are after any markers. #5777
v2023.7.3
Bug Fixes
- Fix regression with
--systemflag usage. #5773
v2023.7.1
Bug Fixes
- Patch
_get_requests_sessionmethod to considerPIP_CLIENT_CERTvalue when present. #5746 - Fix regression in
requirementscommand that was causing package installs after upgrade torequirementslib==3.0.0. #5755 - Fix
error: invalid command 'egg_info'edge case with requirementslib 3.0.0. It exposed pipenv resolver sometimes was using a different python than expected. #5760 - Fix issue in requirementslib 3.0.0 where dependencies defined in pyproject.toml were not being included in the lock file. #5766
Removals and Deprecations
- Bump dparse to 0.6.3 #5750
v2023.6.26
Improved Documentation
- Add missing environment variable descriptions back to documentation #missing_env_var_desc
v2023.6.18
Bug Fixes
- Fixes resolver to only consider the default index for packages when a secondary index is not specified. This brings the code into alignment with stated assumptions about index restricted packages behavior of
pipenv. #5737
Removals and Deprecations
- Deprecation of
--skip-lockflag as it bypasses the security benefits of pipenv. Plus it lacks proper deterministic support of installation from multiple package indexes. #5737
v2023.6.12
Bug Fixes
- Remove the
sys.pathmodifications and as a result fixes keyring support. #5719
v2023.6.11
Vendored Libraries
- Upgrades to
pipdeptree==2.8.0which fixes edge cases of thepipenv graphcommand. #5720
v2023.6.2
Improved Documentation
- Add missing environment variable descriptions back to documentation #missing_env_var_desc
v2023.5.19
Bug Fixes
- Consider
--indexargument inupdateandupgradecommands. #5692
Vendored Libraries
- Upgrade
pythonfinder==2.0.0which also brings inpydantic==1.10.7. #5677
v2023.4.29
Vendored Libraries
- Vendor in
pip==23.1.2latest. #5671 - Vendor in
requirementslib==2.3.0which drops usage ofvistir. #5672
v2023.4.20
Features & Improvements
-
Checks environment variable
PIP_TRUSTED_HOSTSwhen evaluating an index specified at the command line when adding toPipfile.For example, this command line
PIP_TRUSTED_HOSTS=internal.mycompany.com pipenv install pypkg --index=https://internal.mycompany.com/pypi/simplewill add the following to the
Pipfile:[[source]] url = 'https://internal.mycompany.com/pypi/simple' verify_ssl = false name = 'Internalmycompany' [packages] pypkg = {version="*", index="Internalmycompany"}This allows users with private indexes to add them to
Pipfileinitially from command line with correct permissions using environment variablePIP_TRUSTED_HOSTS. #5572 -
Vendor in the updates, upgrades and fixes provided by
pip==23.1. #5655
Bug Fixes
- Fix regression with
--skip-lockoption withinstallcommand. #5653
Vendored Libraries
- Vendor in latest
python-dotenv==1.0.0#5656 - Vendor in latest available dependencies:
attrs==23.1.0click-didyoumean==0.3.0click==8.1.3markupsafe==2.1.2pipdeptree==2.7.0shellingham==1.5.0.post1tomlkit==0.11.7#5657 - Vendor in latest
requirementslib==2.2.5which includes updates for pip 23.1 #5659
Improved Documentation
- Made documentation clear about tilde-equals operator for package versions. #5594
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.