Skip to content

Commit

Permalink
chore(deps): Bump pip from 23.0 to 23.0.1 in /.github/workflows (#144)
Browse files Browse the repository at this point in the history
Bumps [pip](https://github.com/pypa/pip) from 23.0 to 23.0.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>23.0.1 (2023-02-17)</h1>
<h2>Features</h2>
<ul>
<li>Ignore PIP_REQUIRE_VIRTUALENV for <code>pip index</code>
(<code>[#11671](pypa/pip#11671)
&lt;https://github.com/pypa/pip/issues/11671&gt;</code>_)</li>
<li>Implement <code>--break-system-packages</code> to permit installing
packages into
<code>EXTERNALLY-MANAGED</code> Python installations.
(<code>[#11780](pypa/pip#11780)
&lt;https://github.com/pypa/pip/issues/11780&gt;</code>_)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Improve handling of isolated build environments on platforms that
customize the Python's installation schemes, such as Debian and
Homebrew. (<code>[#11740](pypa/pip#11740)
&lt;https://github.com/pypa/pip/issues/11740&gt;</code>_)</li>
<li>Do not crash in presence of misformatted hash field in
<code>direct_url.json</code>.
(<code>[#11773](pypa/pip#11773)
&lt;https://github.com/pypa/pip/issues/11773&gt;</code>_)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/3817aef07f4c8a0cb1c43bb9a73f1bb624fc263b"><code>3817aef</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/9a0d9301c24dc5268ce2640096c301ff7190dd8d"><code>9a0d930</code></a>
Reconcile computation of isolated build environment paths (<a
href="https://github-redirect.dependabot.com/pypa/pip/issues/11740">#11740</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/e6deb9b87c18cdd27a9ba27cb7e0670ffb81d45e"><code>e6deb9b</code></a>
Implement <code>--break-system-packages</code> for EXTERNALLY-MANAGED
installations (<a
href="https://github-redirect.dependabot.com/pypa/pip/issues/11">#11</a>...</li>
<li><a
href="https://github.com/pypa/pip/commit/864fd7764b97ffac8c08946caccc2286bee36ed1"><code>864fd77</code></a>
Ignore PIP_REQUIRE_VIRTUALENV for <code>pip index</code> (<a
href="https://github-redirect.dependabot.com/pypa/pip/issues/11671">#11671</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/0138bd54c6d346fc2b14e0a9554a1b636fe17001"><code>0138bd5</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/pypa/pip/issues/11779">#11779</a>
from sbidoul/fix-direct_url-invalid-hash-sbi</li>
<li>See full diff in <a
href="https://github.com/pypa/pip/compare/23.0...23.0.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=23.0&new-version=23.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
dependabot[bot] authored Feb 20, 2023
1 parent e7e1697 commit 561be27
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/constraints.txt
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
pip==23.0
pip==23.0.1
poetry==1.3.2
tox==4.4.5

0 comments on commit 561be27

Please sign in to comment.