Skip to content

Commit

Permalink
Bump pip from 23.3.2 to 24.0 (PR #7120)
Browse files Browse the repository at this point in the history
Bumps [pip](https://github.com/pypa/pip) from 23.3.2 to 24.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>24.0 (2024-02-03)</h1>
<h2>Features</h2>
<ul>
<li>Retry on HTTP status code 502 (<code>[#11843](pypa/pip#11843) &lt;https://github.com/pypa/pip/issues/11843&gt;</code>_)</li>
<li>Automatically use the setuptools PEP 517 build backend when <code>--config-settings</code> is
used for projects without <code>pyproject.toml</code>. (<code>[#11915](pypa/pip#11915) &lt;https://github.com/pypa/pip/issues/11915&gt;</code>_)</li>
<li>Make pip freeze and pip uninstall of legacy editable installs of packages whose name
contains <code>_</code> compatible with <code>setuptools&gt;=69.0.3</code>. (<code>[#12477](pypa/pip#12477) &lt;https://github.com/pypa/pip/issues/12477&gt;</code>_)</li>
<li>Support per requirement <code>--config-settings</code> for editable installs. (<code>[#12480](pypa/pip#12480) &lt;https://github.com/pypa/pip/issues/12480&gt;</code>_)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Optimized usage of <code>--find-links=&lt;path-to-dir&gt;</code>, by only scanning the relevant directory once, only considering file names that are valid wheel or sdist names, and only considering files in the directory that are related to the install. (<code>[#12327](pypa/pip#12327) &lt;https://github.com/pypa/pip/issues/12327&gt;</code>_)</li>
<li>Removed <code>wheel</code> from the <code>[build-system].requires</code> list fallback
that is used when <code>pyproject.toml</code> is absent. (<code>[#12449](pypa/pip#12449) &lt;https://github.com/pypa/pip/issues/12449&gt;</code>_)</li>
</ul>
<h2>Vendored Libraries</h2>
<ul>
<li>Upgrade distlib to 0.3.8</li>
</ul>
<h2>Improved Documentation</h2>
<ul>
<li>Fix explanation of how PIP_CONFIG_FILE works (<code>[#11815](pypa/pip#11815) &lt;https://github.com/pypa/pip/issues/11815&gt;</code>_)</li>
<li>Fix outdated pip install argument description in documentation. (<code>[#12417](pypa/pip#12417) &lt;https://github.com/pypa/pip/issues/12417&gt;</code>_)</li>
<li>Replace some links to PEPs with links to the canonical specifications on the :doc:<code>pypug:index</code> (<code>[#12434](pypa/pip#12434) &lt;https://github.com/pypa/pip/issues/12434&gt;</code>_)</li>
<li>Updated the <code>pyproject.toml</code> document to stop suggesting
to depend on <code>wheel</code> as a build dependency directly. (<code>[#12449](pypa/pip#12449) &lt;https://github.com/pypa/pip/issues/12449&gt;</code>_)</li>
<li>Update supported interpreters in development docs (<code>[#12475](pypa/pip#12475) &lt;https://github.com/pypa/pip/issues/12475&gt;</code>_)</li>
</ul>
<h2>Process</h2>
<ul>
<li>Most project metadata is now defined statically via pip's <code>pyproject.toml</code> file.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/ef78c129b1a966dbbbdb8ebfffc43723e89110d1"><code>ef78c12</code></a> Tweak NEWS.rst</li>
<li><a href="https://github.com/pypa/pip/commit/6681c02710b81278adb874007286960108867768"><code>6681c02</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/ef56d47f90eb3881dba5134241de94d504576f1b"><code>ef56d47</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/53e5f192bab27cad793e9dbfd9849717c1ed3617"><code>53e5f19</code></a> Tweak news before release</li>
<li><a href="https://github.com/pypa/pip/commit/456db06c0312b6ce971d7c7a97806be8868b79b7"><code>456db06</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12507">#12507</a> from jeanas/mailmap</li>
<li><a href="https://github.com/pypa/pip/commit/0b93dfc7c319449a71c50233c4fb344f9c24a668"><code>0b93dfc</code></a> Add mailmap entry for <a href="https://github.com/jeanas"><code>@​jeanas</code></a></li>
<li><a href="https://github.com/pypa/pip/commit/c0801efcb5251d5704d67dd77dc77b5499d900c5"><code>c0801ef</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12500">#12500</a> from bdraco/add_502</li>
<li><a href="https://github.com/pypa/pip/commit/aa930c49983e11c89d00d959c5d412a3211c2cbf"><code>aa930c4</code></a> Update src/pip/_internal/network/session.py</li>
<li><a href="https://github.com/pypa/pip/commit/99a82b7e49a1657d18c8453c42f7eff971ce1cb5"><code>99a82b7</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12494">#12494</a> from sbidoul/pass-config-settings-to-editable-in-re...</li>
<li><a href="https://github.com/pypa/pip/commit/ff30ba86c1d04ade84843b02d251f97f1a2c3c2c"><code>ff30ba8</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12501">#12501</a> from VladimirFokow/fix-small-typo</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/23.3.2...24.0">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=23.3.2&new-version=24.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
  • Loading branch information
dependabot[bot] authored and inmantaci committed Feb 5, 2024
1 parent 4d8c0ef commit dac5809
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 1 deletion.
6 changes: 6 additions & 0 deletions changelogs/unreleased/7120-dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
change-type: patch
description: Bump pip from 23.3.2 to 24.0
destination-branches:
- master
- iso7
sections: {}
2 changes: 1 addition & 1 deletion requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ importlib_metadata==7.0.1
jinja2==3.1.3
more-itertools==10.2.0
packaging==23.2
pip==23.3.2
pip==24.0
ply==3.11
pydantic==2.6.0
pyformance==0.4
Expand Down

0 comments on commit dac5809

Please sign in to comment.