-
-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Spring 2024 vendoring #6118
Merged
Merged
Spring 2024 vendoring #6118
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Needs a news fragment, but if you review I can add that after and merge when ready. |
oz123
approved these changes
Apr 13, 2024
achim-k
pushed a commit
to foxglove/ws-protocol
that referenced
this pull request
Jun 10, 2024
Bumps [pipenv](https://github.com/pypa/pipenv) from 2023.12.1 to 2024.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pypa/pipenv/releases">pipenv's releases</a>.</em></p> <blockquote> <h2>Release v2024.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update CONTRIBUTING.md by <a href="https://github.com/PzaThief"><code>@PzaThief</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6084">pypa/pipenv#6084</a></li> <li>Check for name attribute in source parameter. by <a href="https://github.com/jralls"><code>@jralls</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6114">pypa/pipenv#6114</a></li> <li>Smarter uninstall by <a href="https://github.com/matteius"><code>@matteius</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6029">pypa/pipenv#6029</a></li> <li>Use fancy mode for pwsh on *nix (draft) by <a href="https://github.com/samcarswell"><code>@samcarswell</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6108">pypa/pipenv#6108</a></li> <li>Vendor in Pip 24.0 by <a href="https://github.com/matteius"><code>@matteius</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6117">pypa/pipenv#6117</a></li> <li>Update index.md by <a href="https://github.com/mierzejk"><code>@mierzejk</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6129">pypa/pipenv#6129</a></li> <li>Spring 2024 vendoring by <a href="https://github.com/matteius"><code>@matteius</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6118">pypa/pipenv#6118</a></li> <li>Add nested vcs dependency subdirectory when locking to Pipfile.lock (Fix <a href="https://redirect.github.com/pypa/pipenv/issues/6120">#6120</a>) by <a href="https://github.com/AlexandreArpin"><code>@AlexandreArpin</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6136">pypa/pipenv#6136</a></li> <li>pipenv upgrade invoke -d by <a href="https://github.com/matteius"><code>@matteius</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6138">pypa/pipenv#6138</a></li> <li>Bump plette take 2 by <a href="https://github.com/oz123"><code>@oz123</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6134">pypa/pipenv#6134</a></li> <li>Convert off pkg resources by <a href="https://github.com/matteius"><code>@matteius</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6139">pypa/pipenv#6139</a></li> <li>Fix the issue(<a href="https://redirect.github.com/pypa/pipenv/issues/6126">#6126</a>): add lockfile_path presence in pipenv check command by <a href="https://github.com/nitintecg"><code>@nitintecg</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6135">pypa/pipenv#6135</a></li> <li>debugging weird CI failures by <a href="https://github.com/matteius"><code>@matteius</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6143">pypa/pipenv#6143</a></li> <li>apply ruff fixes by <a href="https://github.com/matteius"><code>@matteius</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6145">pypa/pipenv#6145</a></li> <li>docs update for <code>scripts</code> section and other small changes by <a href="https://github.com/sss-ng"><code>@sss-ng</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6152">pypa/pipenv#6152</a></li> <li>Add --from-pipfile subcommand to <code>pipenv requirements</code> by <a href="https://github.com/sanspareilsmyn"><code>@sanspareilsmyn</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6156">pypa/pipenv#6156</a></li> <li>Bump jinja2 from 3.1.3 to 3.1.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6150">pypa/pipenv#6150</a></li> <li>Bump requests from 2.31.0 to 2.32.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6157">pypa/pipenv#6157</a></li> <li>Fix windows CI for 3.8 and the outdated command that was refactored to remove pkg_resources. by <a href="https://github.com/matteius"><code>@matteius</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6146">pypa/pipenv#6146</a></li> <li>pipenv 2024 install (behavioral refactor) by <a href="https://github.com/matteius"><code>@matteius</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6098">pypa/pipenv#6098</a></li> <li>Supply the extra pip args in the resolver. by <a href="https://github.com/matteius"><code>@matteius</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6006">pypa/pipenv#6006</a></li> <li>Handle unsupported python versioning on Pipfile by <a href="https://github.com/sanspareilsmyn"><code>@sanspareilsmyn</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6164">pypa/pipenv#6164</a></li> <li>Remove secho from pipenv.utils.shell by <a href="https://github.com/aidencullo"><code>@aidencullo</code></a> in <a href="https://redirect.github.com/pypa/pipenv/pull/6170">pypa/pipenv#6170</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/PzaThief"><code>@PzaThief</code></a> made their first contribution in <a href="https://redirect.github.com/pypa/pipenv/pull/6084">pypa/pipenv#6084</a></li> <li><a href="https://github.com/jralls"><code>@jralls</code></a> made their first contribution in <a href="https://redirect.github.com/pypa/pipenv/pull/6114">pypa/pipenv#6114</a></li> <li><a href="https://github.com/samcarswell"><code>@samcarswell</code></a> made their first contribution in <a href="https://redirect.github.com/pypa/pipenv/pull/6108">pypa/pipenv#6108</a></li> <li><a href="https://github.com/mierzejk"><code>@mierzejk</code></a> made their first contribution in <a href="https://redirect.github.com/pypa/pipenv/pull/6129">pypa/pipenv#6129</a></li> <li><a href="https://github.com/AlexandreArpin"><code>@AlexandreArpin</code></a> made their first contribution in <a href="https://redirect.github.com/pypa/pipenv/pull/6136">pypa/pipenv#6136</a></li> <li><a href="https://github.com/nitintecg"><code>@nitintecg</code></a> made their first contribution in <a href="https://redirect.github.com/pypa/pipenv/pull/6135">pypa/pipenv#6135</a></li> <li><a href="https://github.com/sss-ng"><code>@sss-ng</code></a> made their first contribution in <a href="https://redirect.github.com/pypa/pipenv/pull/6152">pypa/pipenv#6152</a></li> <li><a href="https://github.com/sanspareilsmyn"><code>@sanspareilsmyn</code></a> made their first contribution in <a href="https://redirect.github.com/pypa/pipenv/pull/6156">pypa/pipenv#6156</a></li> <li><a href="https://github.com/aidencullo"><code>@aidencullo</code></a> made their first contribution in <a href="https://redirect.github.com/pypa/pipenv/pull/6170">pypa/pipenv#6170</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pypa/pipenv/compare/v2023.12.1...v2024.0.0">https://github.com/pypa/pipenv/compare/v2023.12.1...v2024.0.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pipenv/blob/main/CHANGELOG.md">pipenv's changelog</a>.</em></p> <blockquote> <h1>2024.0.0 (2024-06-06)</h1> <h1>Pipenv 2024.0.0 (2024-06-06)</h1> <h2>Features & Improvements</h2> <ul> <li>Supply any <code>--extra-pip-args</code> also in the resolver steps. <code>[#6006](pypa/pipenv#6006) <https://github.com/pypa/pipenv/issues/6006></code>_</li> <li>The <code>uninstall</code> command now does the inverse of <code>upgrade</code> which means it no longer invokes a full <code>lock</code> cycle which was problematic for projects with many dependencies. <code>[#6029](pypa/pipenv#6029) <https://github.com/pypa/pipenv/issues/6029></code>_</li> <li>The <code>pipenv requirements</code> subcommand now supports the <code>--from-pipfile</code> flag. When this flag is used, the requirements file will only include the packages explicitly listed in the Pipfile, excluding any sub-packages. <code>[#6156](pypa/pipenv#6156) <https://github.com/pypa/pipenv/issues/6156></code>_</li> </ul> <h2>Behavior Changes</h2> <ul> <li><code>pipenv==3000.0.0</code> denotes the first major release of our semver strategy. As much requested, the <code>install</code> no longer does a complete lock operation. Instead <code>install</code> follows the same code path as pipenv update (which is upgrade + sync). This is what most new users expect the behavior to be; it is a behavioral change, a necessary one to make the tool more usable. Remember that complete lock resolution can be invoked with <code>pipenv lock</code> just as before. <code>[#6098](pypa/pipenv#6098) <https://github.com/pypa/pipenv/issues/6098></code>_</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix a bug that passes pipenv check command if Pipfile.lock not exist <code>[#6126](pypa/pipenv#6126) <https://github.com/pypa/pipenv/issues/6126></code>_</li> <li>Fix a bug that vcs subdependencies were locked without their subdirectory fragment if they had one <code>[#6136](pypa/pipenv#6136) <https://github.com/pypa/pipenv/issues/6136></code>_</li> <li><code>pipenv</code> converts off <code>pkg_resources</code> API usages. This necessitated also vendoring in: <ul> <li>latest <code>pipdeptree==2.18.1</code> which also converted off <code>pkg_resources</code></li> <li><code>importlib-metadata==7.1.0</code> to continue supporting python 3.8 and 3.9</li> <li><code>packaging==24.0</code> since the packaging we were utilizing in pip's <em>vendor was insufficient for this conversion. <code>[#6139](pypa/pipenv#6139) <https://github.com/pypa/pipenv/issues/6139></code></em></li> </ul> </li> <li>Pipenv only supports absolute python version. If the user specifies a Python version with inequality signs like >=3.12, <!-- raw HTML omitted -->`_</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Vendor in <code>pip==24.0</code> <code>[#6117](pypa/pipenv#6117) <https://github.com/pypa/pipenv/issues/6117></code>_</li> <li>Spring 2024 Vendoring includes: <ul> <li><code>click-didyoumean==0.3.1</code></li> <li><code>expect==4.9.0</code></li> <li><code>pipdeptree==2.16.2</code></li> <li><code>python-dotenv==1.0.1</code></li> <li><code>ruamel.yaml==0.18.6</code></li> <li><code>shellingham==1.5.4</code></li> <li><code>tomlkit==0.12.4</code> <code>[#6118](pypa/pipenv#6118) <https://github.com/pypa/pipenv/issues/6118></code>_</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pipenv/commit/0618fab5f40a599335f0c363abaaa882bf33dd29"><code>0618fab</code></a> Prepare actually for 2024.0.0 release after peer feedback.</li> <li><a href="https://github.com/pypa/pipenv/commit/fd763515d09ae4d0e19b50477f0ffd8d8506e74d"><code>fd76351</code></a> Release v2024.0.0</li> <li><a href="https://github.com/pypa/pipenv/commit/878d7c45dba0a9ec6a2653a2c55d6cd908868981"><code>878d7c4</code></a> Bumped version to 2024.0.0.</li> <li><a href="https://github.com/pypa/pipenv/commit/a84ecd351d1bd558ffdd4c023bcf79e5f4d4d348"><code>a84ecd3</code></a> Release v3000.0.0</li> <li><a href="https://github.com/pypa/pipenv/commit/0cee88e9633d80f9d9c8b6d1a3174d24010d305f"><code>0cee88e</code></a> Bumped version to 3000.0.0.</li> <li><a href="https://github.com/pypa/pipenv/commit/2c04a632ad08f85cdf8224af782235423fe60d4e"><code>2c04a63</code></a> Remove secho from pipenv.utils.shell</li> <li><a href="https://github.com/pypa/pipenv/commit/6abb08cd9a6702912c25a374338b25469517a931"><code>6abb08c</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pipenv/issues/6164">#6164</a> from sanspareilsmyn/handle-unspecified-python-version</li> <li><a href="https://github.com/pypa/pipenv/commit/66eef03cccc0901e830561ea45e97307adac95fa"><code>66eef03</code></a> Supply the extra pip args in the resolver. (<a href="https://redirect.github.com/pypa/pipenv/issues/6006">#6006</a>)</li> <li><a href="https://github.com/pypa/pipenv/commit/09799120a0fd201976653ec92d5798f21fadac10"><code>0979912</code></a> pipenv 3000 install (behavioral refactor) (<a href="https://redirect.github.com/pypa/pipenv/issues/6098">#6098</a>)</li> <li><a href="https://github.com/pypa/pipenv/commit/a1fe8d7c40eb3decb667ecb14f7ef584d7bffe55"><code>a1fe8d7</code></a> Apply feedbacks</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pipenv/compare/v2023.12.1...v2024.0.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pipenv&package-manager=pip&previous-version=2023.12.1&new-version=2024.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Thank you for contributing to Pipenv!
The issue
What is the thing you want to fix? Is it associated with an issue on GitHub? Please mention it.
Always consider opening an issue first to describe your problem, so we can discuss what is the best way to amend it. Note that if you do not describe the goal of this change or link to a related issue, the maintainers may close the PR without further review.
If your pull request makes a non-insignificant change to Pipenv, such as the user interface or intended functionality, please file a PEEP.
The fix
How does this pull request fix your problem? Did you consider any alternatives? Why is this the best solution, in your opinion?
The checklist
news/
directory to describe this fix with the extension.bugfix.rst
,.feature.rst
,.behavior.rst
,.doc.rst
..vendor.rst
. or.trivial.rst
(this will appear in the release changelog). Use semantic line breaks and name the file after the issue number or the PR #.