Bump pipenv from 2023.11.17 to 2024.0.0 in /python/helpers in the pipenv group

[dependabot]

Bumps the pipenv group in /python/helpers with 1 update: pipenv.

Updates pipenv from 2023.11.17 to 2024.0.0

Release notes

Sourced from pipenv's releases.

Release v2024.0.0

What's Changed

• Update CONTRIBUTING.md by @​PzaThief in pypa/pipenv#6084
• Check for name attribute in source parameter. by @​jralls in pypa/pipenv#6114
• Smarter uninstall by @​matteius in pypa/pipenv#6029
• Use fancy mode for pwsh on *nix (draft) by @​samcarswell in pypa/pipenv#6108
• Vendor in Pip 24.0 by @​matteius in pypa/pipenv#6117
• Update index.md by @​mierzejk in pypa/pipenv#6129
• Spring 2024 vendoring by @​matteius in pypa/pipenv#6118
• Add nested vcs dependency subdirectory when locking to Pipfile.lock (Fix #6120) by @​AlexandreArpin in pypa/pipenv#6136
• pipenv upgrade invoke -d by @​matteius in pypa/pipenv#6138
• Bump plette take 2 by @​oz123 in pypa/pipenv#6134
• Convert off pkg resources by @​matteius in pypa/pipenv#6139
• Fix the issue(#6126): add lockfile_path presence in pipenv check command by @​nitintecg in pypa/pipenv#6135
• debugging weird CI failures by @​matteius in pypa/pipenv#6143
• apply ruff fixes by @​matteius in pypa/pipenv#6145
• docs update for scripts section and other small changes by @​sss-ng in pypa/pipenv#6152
• Add --from-pipfile subcommand to pipenv requirements by @​sanspareilsmyn in pypa/pipenv#6156
• Bump jinja2 from 3.1.3 to 3.1.4 by @​dependabot in pypa/pipenv#6150
• Bump requests from 2.31.0 to 2.32.0 by @​dependabot in pypa/pipenv#6157
• Fix windows CI for 3.8 and the outdated command that was refactored to remove pkg_resources. by @​matteius in pypa/pipenv#6146
• pipenv 2024 install (behavioral refactor) by @​matteius in pypa/pipenv#6098
• Supply the extra pip args in the resolver. by @​matteius in pypa/pipenv#6006
• Handle unsupported python versioning on Pipfile by @​sanspareilsmyn in pypa/pipenv#6164
• Remove secho from pipenv.utils.shell by @​aidencullo in pypa/pipenv#6170

New Contributors

• @​PzaThief made their first contribution in pypa/pipenv#6084
• @​jralls made their first contribution in pypa/pipenv#6114
• @​samcarswell made their first contribution in pypa/pipenv#6108
• @​mierzejk made their first contribution in pypa/pipenv#6129
• @​AlexandreArpin made their first contribution in pypa/pipenv#6136
• @​nitintecg made their first contribution in pypa/pipenv#6135
• @​sss-ng made their first contribution in pypa/pipenv#6152
• @​sanspareilsmyn made their first contribution in pypa/pipenv#6156
• @​aidencullo made their first contribution in pypa/pipenv#6170

Full Changelog: pypa/pipenv@v2023.12.1...v2024.0.0

Release v2023.12.1

What's Changed

• Issue-6079 Remove debug print statements that mistakenly got released by @​matteius in pypa/pipenv#6082

Full Changelog: pypa/pipenv@v2023.12.0...v2023.12.1

Release v2023.12.0

What's Changed

• NOTE: this is our second semver release with a plan to release major version 3000 later this winter/Spring.
• Convert from pydantic to vanilla dataclasses (includes pythonfinder 2.1.0) by @​matteius in pypa/pipenv#6065

... (truncated)

Changelog

Sourced from pipenv's changelog.

2024.0.0 (2024-06-06)

Pipenv 2024.0.0 (2024-06-06)

Features & Improvements

• Supply any --extra-pip-args also in the resolver steps. [#6006](https://github.com/pypa/pipenv/issues/6006) <https://github.com/pypa/pipenv/issues/6006>_
• The uninstall command now does the inverse of upgrade which means it no longer invokes a full lock cycle which was problematic for projects with many dependencies. [#6029](https://github.com/pypa/pipenv/issues/6029) <https://github.com/pypa/pipenv/issues/6029>_
• The pipenv requirements subcommand now supports the --from-pipfile flag. When this flag is used, the requirements file will only include the packages explicitly listed in the Pipfile, excluding any sub-packages. [#6156](https://github.com/pypa/pipenv/issues/6156) <https://github.com/pypa/pipenv/issues/6156>_

Behavior Changes

• pipenv==3000.0.0 denotes the first major release of our semver strategy. As much requested, the install no longer does a complete lock operation. Instead install follows the same code path as pipenv update (which is upgrade + sync). This is what most new users expect the behavior to be; it is a behavioral change, a necessary one to make the tool more usable. Remember that complete lock resolution can be invoked with pipenv lock just as before. [#6098](https://github.com/pypa/pipenv/issues/6098) <https://github.com/pypa/pipenv/issues/6098>_

Bug Fixes

• Fix a bug that passes pipenv check command if Pipfile.lock not exist [#6126](https://github.com/pypa/pipenv/issues/6126) <https://github.com/pypa/pipenv/issues/6126>_
• Fix a bug that vcs subdependencies were locked without their subdirectory fragment if they had one [#6136](https://github.com/pypa/pipenv/issues/6136) <https://github.com/pypa/pipenv/issues/6136>_
• pipenv converts off pkg_resources API usages. This necessitated also vendoring in:
  • latest pipdeptree==2.18.1 which also converted off pkg_resources
  • importlib-metadata==7.1.0 to continue supporting python 3.8 and 3.9
  • packaging==24.0 since the packaging we were utilizing in pip's vendor was insufficient for this conversion. [#6139](https://github.com/pypa/pipenv/issues/6139) <https://github.com/pypa/pipenv/issues/6139>
• Pipenv only supports absolute python version. If the user specifies a Python version with inequality signs like >=3.12, `_

Vendored Libraries

• Vendor in pip==24.0 [#6117](https://github.com/pypa/pipenv/issues/6117) <https://github.com/pypa/pipenv/issues/6117>_
• Spring 2024 Vendoring includes:
  • click-didyoumean==0.3.1
  • expect==4.9.0
  • pipdeptree==2.16.2
  • python-dotenv==1.0.1
  • ruamel.yaml==0.18.6
  • shellingham==1.5.4
  • tomlkit==0.12.4 [#6118](https://github.com/pypa/pipenv/issues/6118) <https://github.com/pypa/pipenv/issues/6118>_

2023.12.1 (2024-02-04)

Pipenv 2023.12.1 (2024-02-04)

... (truncated)

Commits

• 0618fab Prepare actually for 2024.0.0 release after peer feedback.
• fd76351 Release v2024.0.0
• 878d7c4 Bumped version to 2024.0.0.
• a84ecd3 Release v3000.0.0
• 0cee88e Bumped version to 3000.0.0.
• 2c04a63 Remove secho from pipenv.utils.shell
• 6abb08c Merge pull request #6164 from sanspareilsmyn/handle-unspecified-python-version
• 66eef03 Supply the extra pip args in the resolver. (#6006)
• 0979912 pipenv 3000 install (behavioral refactor) (#6098)
• a1fe8d7 Apply feedbacks
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #135.