Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Spring 2024 vendoring #6118

Merged
merged 6 commits into from
Apr 16, 2024
Merged

Spring 2024 vendoring #6118

merged 6 commits into from
Apr 16, 2024

Conversation

matteius
Copy link
Member

@matteius matteius commented Apr 3, 2024

Thank you for contributing to Pipenv!

The issue

What is the thing you want to fix? Is it associated with an issue on GitHub? Please mention it.

Always consider opening an issue first to describe your problem, so we can discuss what is the best way to amend it. Note that if you do not describe the goal of this change or link to a related issue, the maintainers may close the PR without further review.

If your pull request makes a non-insignificant change to Pipenv, such as the user interface or intended functionality, please file a PEEP.

https://github.com/pypa/pipenv/blob/master/peeps/PEEP-000.md

The fix

How does this pull request fix your problem? Did you consider any alternatives? Why is this the best solution, in your opinion?

The checklist

  • Associated issue
  • A news fragment in the news/ directory to describe this fix with the extension .bugfix.rst, .feature.rst, .behavior.rst, .doc.rst. .vendor.rst. or .trivial.rst (this will appear in the release changelog). Use semantic line breaks and name the file after the issue number or the PR #.

@matteius matteius marked this pull request as ready for review April 11, 2024 23:47
@matteius
Copy link
Member Author

Needs a news fragment, but if you review I can add that after and merge when ready.

@matteius matteius requested a review from oz123 April 11, 2024 23:57
@matteius matteius merged commit ba7584d into main Apr 16, 2024
1 of 2 checks passed
@matteius matteius deleted the spring-2024-vendoring branch April 16, 2024 01:08
achim-k pushed a commit to foxglove/ws-protocol that referenced this pull request Jun 10, 2024
Bumps [pipenv](https://github.com/pypa/pipenv) from 2023.12.1 to
2024.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pipenv/releases">pipenv's
releases</a>.</em></p>
<blockquote>
<h2>Release v2024.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update CONTRIBUTING.md by <a
href="https://github.com/PzaThief"><code>@​PzaThief</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6084">pypa/pipenv#6084</a></li>
<li>Check for name attribute in source parameter. by <a
href="https://github.com/jralls"><code>@​jralls</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6114">pypa/pipenv#6114</a></li>
<li>Smarter uninstall by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6029">pypa/pipenv#6029</a></li>
<li>Use fancy mode for pwsh on *nix (draft) by <a
href="https://github.com/samcarswell"><code>@​samcarswell</code></a> in
<a
href="https://redirect.github.com/pypa/pipenv/pull/6108">pypa/pipenv#6108</a></li>
<li>Vendor in Pip 24.0 by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6117">pypa/pipenv#6117</a></li>
<li>Update index.md by <a
href="https://github.com/mierzejk"><code>@​mierzejk</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6129">pypa/pipenv#6129</a></li>
<li>Spring 2024 vendoring by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6118">pypa/pipenv#6118</a></li>
<li>Add nested vcs dependency subdirectory when locking to Pipfile.lock
(Fix <a
href="https://redirect.github.com/pypa/pipenv/issues/6120">#6120</a>) by
<a
href="https://github.com/AlexandreArpin"><code>@​AlexandreArpin</code></a>
in <a
href="https://redirect.github.com/pypa/pipenv/pull/6136">pypa/pipenv#6136</a></li>
<li>pipenv upgrade invoke -d by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6138">pypa/pipenv#6138</a></li>
<li>Bump plette take 2 by <a
href="https://github.com/oz123"><code>@​oz123</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6134">pypa/pipenv#6134</a></li>
<li>Convert off pkg resources by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6139">pypa/pipenv#6139</a></li>
<li>Fix the issue(<a
href="https://redirect.github.com/pypa/pipenv/issues/6126">#6126</a>):
add lockfile_path presence in pipenv check command by <a
href="https://github.com/nitintecg"><code>@​nitintecg</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6135">pypa/pipenv#6135</a></li>
<li>debugging weird CI failures by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6143">pypa/pipenv#6143</a></li>
<li>apply ruff fixes by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6145">pypa/pipenv#6145</a></li>
<li>docs update for <code>scripts</code> section and other small changes
by <a href="https://github.com/sss-ng"><code>@​sss-ng</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6152">pypa/pipenv#6152</a></li>
<li>Add --from-pipfile subcommand to <code>pipenv requirements</code> by
<a
href="https://github.com/sanspareilsmyn"><code>@​sanspareilsmyn</code></a>
in <a
href="https://redirect.github.com/pypa/pipenv/pull/6156">pypa/pipenv#6156</a></li>
<li>Bump jinja2 from 3.1.3 to 3.1.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6150">pypa/pipenv#6150</a></li>
<li>Bump requests from 2.31.0 to 2.32.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6157">pypa/pipenv#6157</a></li>
<li>Fix windows CI for 3.8 and the outdated command that was refactored
to remove pkg_resources. by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6146">pypa/pipenv#6146</a></li>
<li>pipenv 2024 install (behavioral refactor) by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6098">pypa/pipenv#6098</a></li>
<li>Supply the extra pip args in the resolver. by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6006">pypa/pipenv#6006</a></li>
<li>Handle unsupported python versioning on Pipfile by <a
href="https://github.com/sanspareilsmyn"><code>@​sanspareilsmyn</code></a>
in <a
href="https://redirect.github.com/pypa/pipenv/pull/6164">pypa/pipenv#6164</a></li>
<li>Remove secho from pipenv.utils.shell by <a
href="https://github.com/aidencullo"><code>@​aidencullo</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6170">pypa/pipenv#6170</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/PzaThief"><code>@​PzaThief</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6084">pypa/pipenv#6084</a></li>
<li><a href="https://github.com/jralls"><code>@​jralls</code></a> made
their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6114">pypa/pipenv#6114</a></li>
<li><a
href="https://github.com/samcarswell"><code>@​samcarswell</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6108">pypa/pipenv#6108</a></li>
<li><a href="https://github.com/mierzejk"><code>@​mierzejk</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6129">pypa/pipenv#6129</a></li>
<li><a
href="https://github.com/AlexandreArpin"><code>@​AlexandreArpin</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6136">pypa/pipenv#6136</a></li>
<li><a href="https://github.com/nitintecg"><code>@​nitintecg</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6135">pypa/pipenv#6135</a></li>
<li><a href="https://github.com/sss-ng"><code>@​sss-ng</code></a> made
their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6152">pypa/pipenv#6152</a></li>
<li><a
href="https://github.com/sanspareilsmyn"><code>@​sanspareilsmyn</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6156">pypa/pipenv#6156</a></li>
<li><a
href="https://github.com/aidencullo"><code>@​aidencullo</code></a> made
their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6170">pypa/pipenv#6170</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/pipenv/compare/v2023.12.1...v2024.0.0">https://github.com/pypa/pipenv/compare/v2023.12.1...v2024.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pipenv/blob/main/CHANGELOG.md">pipenv's
changelog</a>.</em></p>
<blockquote>
<h1>2024.0.0 (2024-06-06)</h1>
<h1>Pipenv 2024.0.0 (2024-06-06)</h1>
<h2>Features &amp; Improvements</h2>
<ul>
<li>Supply any <code>--extra-pip-args</code> also in the resolver steps.
<code>[#6006](pypa/pipenv#6006)
&lt;https://github.com/pypa/pipenv/issues/6006&gt;</code>_</li>
<li>The <code>uninstall</code> command now does the inverse of
<code>upgrade</code> which means it no longer invokes a full
<code>lock</code> cycle which was problematic for projects with many
dependencies. <code>[#6029](pypa/pipenv#6029)
&lt;https://github.com/pypa/pipenv/issues/6029&gt;</code>_</li>
<li>The <code>pipenv requirements</code> subcommand now supports the
<code>--from-pipfile</code> flag. When this flag is used, the
requirements file will only include the packages explicitly listed in
the Pipfile, excluding any sub-packages.
<code>[#6156](pypa/pipenv#6156)
&lt;https://github.com/pypa/pipenv/issues/6156&gt;</code>_</li>
</ul>
<h2>Behavior Changes</h2>
<ul>
<li><code>pipenv==3000.0.0</code> denotes the first major release of our
semver strategy.
As much requested, the <code>install</code> no longer does a complete
lock operation. Instead <code>install</code> follows the same code path
as pipenv update (which is upgrade + sync).
This is what most new users expect the behavior to be; it is a
behavioral change, a necessary one to make the tool more usable.
Remember that complete lock resolution can be invoked with <code>pipenv
lock</code> just as before.
<code>[#6098](pypa/pipenv#6098)
&lt;https://github.com/pypa/pipenv/issues/6098&gt;</code>_</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Fix a bug that passes pipenv check command if Pipfile.lock not exist
<code>[#6126](pypa/pipenv#6126)
&lt;https://github.com/pypa/pipenv/issues/6126&gt;</code>_</li>
<li>Fix a bug that vcs subdependencies were locked without their
subdirectory fragment if they had one
<code>[#6136](pypa/pipenv#6136)
&lt;https://github.com/pypa/pipenv/issues/6136&gt;</code>_</li>
<li><code>pipenv</code> converts off <code>pkg_resources</code> API
usages. This necessitated also vendoring in:
<ul>
<li>latest <code>pipdeptree==2.18.1</code> which also converted off
<code>pkg_resources</code></li>
<li><code>importlib-metadata==7.1.0</code> to continue supporting python
3.8 and 3.9</li>
<li><code>packaging==24.0</code> since the packaging we were utilizing
in pip's <em>vendor was insufficient for this conversion.
<code>[#6139](pypa/pipenv#6139)
&lt;https://github.com/pypa/pipenv/issues/6139&gt;</code></em></li>
</ul>
</li>
<li>Pipenv only supports absolute python version. If the user specifies
a Python version with inequality signs like &gt;=3.12, <!-- raw HTML
omitted -->`_</li>
</ul>
<h2>Vendored Libraries</h2>
<ul>
<li>Vendor in <code>pip==24.0</code>
<code>[#6117](pypa/pipenv#6117)
&lt;https://github.com/pypa/pipenv/issues/6117&gt;</code>_</li>
<li>Spring 2024 Vendoring includes:
<ul>
<li><code>click-didyoumean==0.3.1</code></li>
<li><code>expect==4.9.0</code></li>
<li><code>pipdeptree==2.16.2</code></li>
<li><code>python-dotenv==1.0.1</code></li>
<li><code>ruamel.yaml==0.18.6</code></li>
<li><code>shellingham==1.5.4</code></li>
<li><code>tomlkit==0.12.4</code>
<code>[#6118](pypa/pipenv#6118)
&lt;https://github.com/pypa/pipenv/issues/6118&gt;</code>_</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pipenv/commit/0618fab5f40a599335f0c363abaaa882bf33dd29"><code>0618fab</code></a>
Prepare actually for 2024.0.0 release after peer feedback.</li>
<li><a
href="https://github.com/pypa/pipenv/commit/fd763515d09ae4d0e19b50477f0ffd8d8506e74d"><code>fd76351</code></a>
Release v2024.0.0</li>
<li><a
href="https://github.com/pypa/pipenv/commit/878d7c45dba0a9ec6a2653a2c55d6cd908868981"><code>878d7c4</code></a>
Bumped version to 2024.0.0.</li>
<li><a
href="https://github.com/pypa/pipenv/commit/a84ecd351d1bd558ffdd4c023bcf79e5f4d4d348"><code>a84ecd3</code></a>
Release v3000.0.0</li>
<li><a
href="https://github.com/pypa/pipenv/commit/0cee88e9633d80f9d9c8b6d1a3174d24010d305f"><code>0cee88e</code></a>
Bumped version to 3000.0.0.</li>
<li><a
href="https://github.com/pypa/pipenv/commit/2c04a632ad08f85cdf8224af782235423fe60d4e"><code>2c04a63</code></a>
Remove secho from pipenv.utils.shell</li>
<li><a
href="https://github.com/pypa/pipenv/commit/6abb08cd9a6702912c25a374338b25469517a931"><code>6abb08c</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pipenv/issues/6164">#6164</a>
from sanspareilsmyn/handle-unspecified-python-version</li>
<li><a
href="https://github.com/pypa/pipenv/commit/66eef03cccc0901e830561ea45e97307adac95fa"><code>66eef03</code></a>
Supply the extra pip args in the resolver. (<a
href="https://redirect.github.com/pypa/pipenv/issues/6006">#6006</a>)</li>
<li><a
href="https://github.com/pypa/pipenv/commit/09799120a0fd201976653ec92d5798f21fadac10"><code>0979912</code></a>
pipenv 3000 install (behavioral refactor) (<a
href="https://redirect.github.com/pypa/pipenv/issues/6098">#6098</a>)</li>
<li><a
href="https://github.com/pypa/pipenv/commit/a1fe8d7c40eb3decb667ecb14f7ef584d7bffe55"><code>a1fe8d7</code></a>
Apply feedbacks</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pipenv/compare/v2023.12.1...v2024.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pipenv&package-manager=pip&previous-version=2023.12.1&new-version=2024.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants