Vendoring Updates

news/certifi.vendor

@@ -0,0 +1 @@
+Upgrade certifi to 2019.6.16

news/distlib.vendor

@@ -0,0 +1 @@
+Upgrade distlib to 0.2.9.post0

news/msgpack.vendor

@@ -0,0 +1 @@
+Upgrade msgpack to 0.6.1

news/requests.vendor

@@ -0,0 +1 @@
+Upgrade requests to 2.22.0

news/urllib3.vendor

@@ -0,0 +1 @@
+Upgrade urllib3 to 1.25.3

src/pip/_vendor/certifi/__init__.py

@@ -1,3 +1,3 @@
 from .core import where
 
-__version__ = "2019.03.09"
+__version__ = "2019.06.16"

src/pip/_vendor/certifi/cacert.pem

@@ -3453,46 +3453,6 @@ AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ
 5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su
 -----END CERTIFICATE-----
 
-# Issuer: CN=Certinomis - Root CA O=Certinomis OU=0002 433998903
-# Subject: CN=Certinomis - Root CA O=Certinomis OU=0002 433998903
-# Label: "Certinomis - Root CA"
-# Serial: 1
-# MD5 Fingerprint: 14:0a:fd:8d:a8:28:b5:38:69:db:56:7e:61:22:03:3f
-# SHA1 Fingerprint: 9d:70:bb:01:a5:a4:a0:18:11:2e:f7:1c:01:b9:32:c5:34:e7:88:a8
-# SHA256 Fingerprint: 2a:99:f5:bc:11:74:b7:3c:bb:1d:62:08:84:e0:1c:34:e5:1c:cb:39:78:da:12:5f:0e:33:26:88:83:bf:41:58
------BEGIN CERTIFICATE-----
-MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET
-MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb
-BgNVBAMTFENlcnRpbm9taXMgLSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMz
-MTAyMTA5MTcxOFowWjELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMx
-FzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRDZXJ0aW5vbWlzIC0g
-Um9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANTMCQosP5L2
-fxSeC5yaah1AMGT9qt8OHgZbn1CF6s2Nq0Nn3rD6foCWnoR4kkjW4znuzuRZWJfl
-LieY6pOod5tK8O90gC3rMB+12ceAnGInkYjwSond3IjmFPnVAy//ldu9n+ws+hQV
-WZUKxkd8aRi5pwP5ynapz8dvtF4F/u7BUrJ1Mofs7SlmO/NKFoL21prbcpjp3vDF
-TKWrteoB4owuZH9kb/2jJZOLyKIOSY008B/sWEUuNKqEUL3nskoTuLAPrjhdsKkb
-5nPJWqHZZkCqqU2mNAKthH6yI8H7KsZn9DS2sJVqM09xRLWtwHkziOC/7aOgFLSc
-CbAK42C++PhmiM1b8XcF4LVzbsF9Ri6OSyemzTUK/eVNfaoqoynHWmgE6OXWk6Ri
-wsXm9E/G+Z8ajYJJGYrKWUM66A0ywfRMEwNvbqY/kXPLynNvEiCL7sCCeN5LLsJJ
-wx3tFvYk9CcbXFcx3FXuqB5vbKziRcxXV4p1VxngtViZSTYxPDMBbRZKzbgqg4SG
-m/lg0h9tkQPTYKbVPZrdd5A9NaSfD171UkRpucC63M9933zZxKyGIjK8e2uR73r4
-F2iw4lNVYC2vPsKD2NkJK/DAZNuHi5HMkesE/Xa0lZrmFAYb1TQdvtj/dBxThZng
-WVJKYe2InmtJiUZ+IFrZ50rlau7SZRFDAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIB
-BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTvkUz1pcMw6C8I6tNxIqSSaHh0
-2TAfBgNVHSMEGDAWgBTvkUz1pcMw6C8I6tNxIqSSaHh02TANBgkqhkiG9w0BAQsF
-AAOCAgEAfj1U2iJdGlg+O1QnurrMyOMaauo++RLrVl89UM7g6kgmJs95Vn6RHJk/
-0KGRHCwPT5iVWVO90CLYiF2cN/z7ZMF4jIuaYAnq1fohX9B0ZedQxb8uuQsLrbWw
-F6YSjNRieOpWauwK0kDDPAUwPk2Ut59KA9N9J0u2/kTO+hkzGm2kQtHdzMjI1xZS
-g081lLMSVX3l4kLr5JyTCcBMWwerx20RoFAXlCOotQqSD7J6wWAsOMwaplv/8gzj
-qh8c3LigkyfeY+N/IZ865Z764BNqdeuWXGKRlI5nU7aJ+BIJy29SWwNyhlCVCNSN
-h4YVH5Uk2KRvms6knZtt0rJ2BobGVgjF6wnaNsIbW0G+YSrjcOa4pvi2WsS9Iff/
-ql+hbHY5ZtbqTFXhADObE5hjyW/QASAJN1LnDE8+zbz1X5YnpyACleAu6AdBBR8V
-btaw5BngDwKTACdyxYvRVB9dSsNAl35VpnzBMwQUAR1JIGkLGZOdblgi90AMRgwj
-Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ
-8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nMcyrDflOR1m749fPH0FFNjkulW+YZFzvW
-gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUE=
------END CERTIFICATE-----
-
 # Issuer: CN=OISTE WISeKey Global Root GB CA O=WISeKey OU=OISTE Foundation Endorsed
 # Subject: CN=OISTE WISeKey Global Root GB CA O=WISeKey OU=OISTE Foundation Endorsed
 # Label: "OISTE WISeKey Global Root GB CA"

src/pip/_vendor/distlib/__init__.py

@@ -1,12 +1,12 @@
 # -*- coding: utf-8 -*-
 #
-# Copyright (C) 2012-2017 Vinay Sajip.
+# Copyright (C) 2012-2019 Vinay Sajip.
 # Licensed to the Python Software Foundation under a contributor agreement.
 # See LICENSE.txt and CONTRIBUTORS.txt.
 #
 import logging
 
-__version__ = '0.2.8'
+__version__ = '0.2.9.post0'
 
 class DistlibException(Exception):
     pass

src/pip/_vendor/distlib/index.py

@@ -22,7 +22,7 @@
 
 logger = logging.getLogger(__name__)
 
-DEFAULT_INDEX = 'https://pypi.python.org/pypi'
+DEFAULT_INDEX = 'https://pypi.org/pypi'
 DEFAULT_REALM = 'pypi'
 
 class PackageIndex(object):

src/pip/_vendor/distlib/locators.py

@@ -36,7 +36,7 @@
 HASHER_HASH = re.compile(r'^(\w+)=([a-f0-9]+)')
 CHARSET = re.compile(r';\s*charset\s*=\s*(.*)\s*$', re.I)
 HTML_CONTENT_TYPE = re.compile('text/html|application/x(ht)?ml')
-DEFAULT_INDEX = 'https://pypi.python.org/pypi'
+DEFAULT_INDEX = 'https://pypi.org/pypi'
 
 def get_all_distribution_names(url=None):
     """
@@ -197,7 +197,7 @@ def score_url(self, url):
         is_downloadable = basename.endswith(self.downloadable_extensions)
         if is_wheel:
             compatible = is_compatible(Wheel(basename), self.wheel_tags)
-        return (t.scheme == 'https', 'pypi.python.org' in t.netloc,
+        return (t.scheme == 'https', 'pypi.org' in t.netloc,
                 is_downloadable, is_wheel, compatible, basename)
 
     def prefer_url(self, url1, url2):
@@ -1049,7 +1049,7 @@ def get_distribution_names(self):
 # versions which don't conform to PEP 426 / PEP 440.
 default_locator = AggregatingLocator(
                     JSONLocator(),
-                    SimpleScrapingLocator('https://pypi.python.org/simple/',
+                    SimpleScrapingLocator('https://pypi.org/simple/',
                                           timeout=3.0),
                     scheme='legacy')
 

src/pip/_vendor/distlib/metadata.py

@@ -91,9 +91,11 @@ class MetadataInvalidError(DistlibException):
 _426_MARKERS = ('Private-Version', 'Provides-Extra', 'Obsoleted-By',
                 'Setup-Requires-Dist', 'Extension')
 
-# See issue #106: Sometimes 'Requires' occurs wrongly in the metadata. Include
-# it in the tuple literal below to allow it (for now)
-_566_FIELDS = _426_FIELDS + ('Description-Content-Type', 'Requires')
+# See issue #106: Sometimes 'Requires' and 'Provides' occur wrongly in
+# the metadata. Include them in the tuple literal below to allow them
+# (for now).
+_566_FIELDS = _426_FIELDS + ('Description-Content-Type',
+                             'Requires', 'Provides')
 
 _566_MARKERS = ('Description-Content-Type',)
 

src/pip/_vendor/distlib/scripts.py

@@ -39,27 +39,12 @@
 # check if Python is called on the first line with this expression
 FIRST_LINE_RE = re.compile(b'^#!.*pythonw?[0-9.]*([ \t].*)?$')
 SCRIPT_TEMPLATE = r'''# -*- coding: utf-8 -*-
+import re
+import sys
+from %(module)s import %(import_name)s
 if __name__ == '__main__':
-    import sys, re
-
-    def _resolve(module, func):
-        __import__(module)
-        mod = sys.modules[module]
-        parts = func.split('.')
-        result = getattr(mod, parts.pop(0))
-        for p in parts:
-            result = getattr(result, p)
-        return result
-
-    try:
-        sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?$', '', sys.argv[0])
-
-        func = _resolve('%(module)s', '%(func)s')
-        rc = func() # None interpreted as 0
-    except Exception as e:  # only supporting Python >= 2.6
-        sys.stderr.write('%%s\n' %% e)
-        rc = 1
-    sys.exit(rc)
+    sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+    sys.exit(%(func)s())
 '''
 
 
@@ -225,6 +210,7 @@ def _get_shebang(self, encoding, post_interp=b'', options=None):
 
     def _get_script_text(self, entry):
         return self.script_template % dict(module=entry.prefix,
+                                           import_name=entry.suffix.split('.')[0],
                                            func=entry.suffix)
 
     manifest = _DEFAULT_MANIFEST

src/pip/_vendor/distlib/util.py

@@ -804,11 +804,15 @@ def ensure_slash(s):
 def parse_credentials(netloc):
     username = password = None
     if '@' in netloc:
-        prefix, netloc = netloc.split('@', 1)
+        prefix, netloc = netloc.rsplit('@', 1)
         if ':' not in prefix:
             username = prefix
         else:
             username, password = prefix.split(':', 1)
+    if username:
+        username = unquote(username)
+    if password:
+        password = unquote(password)
     return username, password, netloc
 
 

src/pip/_vendor/distlib/wheel.py

@@ -433,6 +433,22 @@ def build(self, paths, tags=None, wheel_version=None):
         self.build_zip(pathname, archive_paths)
         return pathname
 
+    def skip_entry(self, arcname):
+        """
+        Determine whether an archive entry should be skipped when verifying
+        or installing.
+        """
+        # The signature file won't be in RECORD,
+        # and we  don't currently don't do anything with it
+        # We also skip directories, as they won't be in RECORD
+        # either. See:
+        #
+        # https://github.com/pypa/wheel/issues/294
+        # https://github.com/pypa/wheel/issues/287
+        # https://github.com/pypa/wheel/pull/289
+        #
+        return arcname.endswith(('/', '/RECORD.jws'))
+
     def install(self, paths, maker, **kwargs):
         """
         Install a wheel to the specified paths. If kwarg ``warner`` is
@@ -514,9 +530,7 @@ def install(self, paths, maker, **kwargs):
                         u_arcname = arcname
                     else:
                         u_arcname = arcname.decode('utf-8')
-                    # The signature file won't be in RECORD,
-                    # and we  don't currently don't do anything with it
-                    if u_arcname.endswith('/RECORD.jws'):
+                    if self.skip_entry(u_arcname):
                         continue
                     row = records[u_arcname]
                     if row[2] and str(zinfo.file_size) != row[2]:
@@ -786,13 +800,15 @@ def verify(self):
                     u_arcname = arcname
                 else:
                     u_arcname = arcname.decode('utf-8')
-                if '..' in u_arcname:
+                # See issue #115: some wheels have .. in their entries, but
+                # in the filename ... e.g. __main__..py ! So the check is
+                # updated to look for .. in the directory portions
+                p = u_arcname.split('/')
+                if '..' in p:
                     raise DistlibException('invalid entry in '
                                            'wheel: %r' % u_arcname)
 
-                # The signature file won't be in RECORD,
-                # and we  don't currently don't do anything with it
-                if u_arcname.endswith('/RECORD.jws'):
+                if self.skip_entry(u_arcname):
                     continue
                 row = records[u_arcname]
                 if row[2] and str(zinfo.file_size) != row[2]:

src/pip/_vendor/msgpack/__init__.py

@@ -22,8 +22,7 @@ def __new__(cls, code, data):
     from pip._vendor.msgpack.fallback import Packer, unpackb, Unpacker
 else:
     try:
-        from pip._vendor.msgpack._packer import Packer
-        from pip._vendor.msgpack._unpacker import unpackb, Unpacker
+        from pip._vendor.msgpack._cmsgpack import Packer, unpackb, Unpacker
     except ImportError:
         from pip._vendor.msgpack.fallback import Packer, unpackb, Unpacker
 

src/pip/_vendor/msgpack/_version.py

@@ -1 +1 @@
-version = (0, 5, 6)
+version = (0, 6, 1)

src/pip/_vendor/msgpack/exceptions.py

@@ -1,5 +1,10 @@
 class UnpackException(Exception):
-    """Deprecated.  Use Exception instead to catch all exception during unpacking."""
+    """Base class for some exceptions raised while unpacking.
+
+    NOTE: unpack may raise exception other than subclass of
+    UnpackException.  If you want to catch all error, catch
+    Exception instead.
+    """
 
 
 class BufferFull(UnpackException):
@@ -10,32 +15,34 @@ class OutOfData(UnpackException):
     pass
 
 
-class UnpackValueError(UnpackException, ValueError):
-    """Deprecated.  Use ValueError instead."""
+class FormatError(ValueError, UnpackException):
+    """Invalid msgpack format"""
 
 
-class ExtraData(UnpackValueError):
-    def __init__(self, unpacked, extra):
-        self.unpacked = unpacked
-        self.extra = extra
-
-    def __str__(self):
-        return "unpack(b) received extra data."
+class StackError(ValueError, UnpackException):
+    """Too nested"""
 
 
-class PackException(Exception):
-    """Deprecated.  Use Exception instead to catch all exception during packing."""
+# Deprecated.  Use ValueError instead
+UnpackValueError = ValueError
 
 
-class PackValueError(PackException, ValueError):
-    """PackValueError is raised when type of input data is supported but it's value is unsupported.
+class ExtraData(UnpackValueError):
+    """ExtraData is raised when there is trailing data.
 
-    Deprecated.  Use ValueError instead.
+    This exception is raised while only one-shot (not streaming)
+    unpack.
     """
 
+    def __init__(self, unpacked, extra):
+        self.unpacked = unpacked
+        self.extra = extra
+
+    def __str__(self):
+        return "unpack(b) received extra data."
 
-class PackOverflowError(PackValueError, OverflowError):
-    """PackOverflowError is raised when integer value is out of range of msgpack support [-2**31, 2**32).
 
-    Deprecated.  Use ValueError instead.
-    """
+# Deprecated.  Use Exception instead to catch all exception during packing.
+PackException = Exception
+PackValueError = ValueError
+PackOverflowError = OverflowError