Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump pipenv from 2023.12.1 to 2024.0.0 #758

Merged
merged 1 commit into from
Jun 10, 2024
Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 10, 2024

Bumps pipenv from 2023.12.1 to 2024.0.0.

Release notes

Sourced from pipenv's releases.

Release v2024.0.0

What's Changed

New Contributors

Full Changelog: pypa/pipenv@v2023.12.1...v2024.0.0

Changelog

Sourced from pipenv's changelog.

2024.0.0 (2024-06-06)

Pipenv 2024.0.0 (2024-06-06)

Features & Improvements

  • Supply any --extra-pip-args also in the resolver steps. [#6006](https://github.com/pypa/pipenv/issues/6006) <https://github.com/pypa/pipenv/issues/6006>_
  • The uninstall command now does the inverse of upgrade which means it no longer invokes a full lock cycle which was problematic for projects with many dependencies. [#6029](https://github.com/pypa/pipenv/issues/6029) <https://github.com/pypa/pipenv/issues/6029>_
  • The pipenv requirements subcommand now supports the --from-pipfile flag. When this flag is used, the requirements file will only include the packages explicitly listed in the Pipfile, excluding any sub-packages. [#6156](https://github.com/pypa/pipenv/issues/6156) <https://github.com/pypa/pipenv/issues/6156>_

Behavior Changes

  • pipenv==3000.0.0 denotes the first major release of our semver strategy. As much requested, the install no longer does a complete lock operation. Instead install follows the same code path as pipenv update (which is upgrade + sync). This is what most new users expect the behavior to be; it is a behavioral change, a necessary one to make the tool more usable. Remember that complete lock resolution can be invoked with pipenv lock just as before. [#6098](https://github.com/pypa/pipenv/issues/6098) <https://github.com/pypa/pipenv/issues/6098>_

Bug Fixes

  • Fix a bug that passes pipenv check command if Pipfile.lock not exist [#6126](https://github.com/pypa/pipenv/issues/6126) <https://github.com/pypa/pipenv/issues/6126>_
  • Fix a bug that vcs subdependencies were locked without their subdirectory fragment if they had one [#6136](https://github.com/pypa/pipenv/issues/6136) <https://github.com/pypa/pipenv/issues/6136>_
  • pipenv converts off pkg_resources API usages. This necessitated also vendoring in:
    • latest pipdeptree==2.18.1 which also converted off pkg_resources
    • importlib-metadata==7.1.0 to continue supporting python 3.8 and 3.9
    • packaging==24.0 since the packaging we were utilizing in pip's vendor was insufficient for this conversion. [#6139](https://github.com/pypa/pipenv/issues/6139) <https://github.com/pypa/pipenv/issues/6139>
  • Pipenv only supports absolute python version. If the user specifies a Python version with inequality signs like >=3.12, `_

Vendored Libraries

  • Vendor in pip==24.0 [#6117](https://github.com/pypa/pipenv/issues/6117) <https://github.com/pypa/pipenv/issues/6117>_
  • Spring 2024 Vendoring includes:
    • click-didyoumean==0.3.1
    • expect==4.9.0
    • pipdeptree==2.16.2
    • python-dotenv==1.0.1
    • ruamel.yaml==0.18.6
    • shellingham==1.5.4
    • tomlkit==0.12.4 [#6118](https://github.com/pypa/pipenv/issues/6118) <https://github.com/pypa/pipenv/issues/6118>_
Commits
  • 0618fab Prepare actually for 2024.0.0 release after peer feedback.
  • fd76351 Release v2024.0.0
  • 878d7c4 Bumped version to 2024.0.0.
  • a84ecd3 Release v3000.0.0
  • 0cee88e Bumped version to 3000.0.0.
  • 2c04a63 Remove secho from pipenv.utils.shell
  • 6abb08c Merge pull request #6164 from sanspareilsmyn/handle-unspecified-python-version
  • 66eef03 Supply the extra pip args in the resolver. (#6006)
  • 0979912 pipenv 3000 install (behavioral refactor) (#6098)
  • a1fe8d7 Apply feedbacks
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [pipenv](https://github.com/pypa/pipenv) from 2023.12.1 to 2024.0.0.
- [Release notes](https://github.com/pypa/pipenv/releases)
- [Changelog](https://github.com/pypa/pipenv/blob/main/CHANGELOG.md)
- [Commits](pypa/pipenv@v2023.12.1...v2024.0.0)

---
updated-dependencies:
- dependency-name: pipenv
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@achim-k achim-k merged commit b672b54 into main Jun 10, 2024
12 checks passed
@achim-k achim-k deleted the dependabot/pip/pipenv-2024.0.0 branch June 10, 2024 12:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

1 participant