Scheduled monthly dependency update for May

[pyup-bot]

Update click from 6.7 to 7.1.2.

Changelog

7.1.1

-------------

Released 2020-03-09

-   Fix ``ClickException`` output going to stdout instead of stderr.
 :issue:`1495`

7.1

-----------

Released 2020-03-09

-   Fix PyPI package name, "click" is lowercase again.
-   Fix link in ``unicode_literals`` error message. :pr:`1151`
-   Add support for colored output on UNIX Jupyter notebooks.
 :issue:`1185`
-   Operations that strip ANSI controls will strip the cursor hide/show
 sequences. :issue:`1216`
-   Remove unused compat shim for ``bytes``. :pr:`1195`
-   Expand testing around termui, especially getchar on Windows.
 :issue:`1116`
-   Fix output on Windows Python 2.7 built with MSVC 14. :pr:`1342`
-   Fix ``OSError`` when running in MSYS2. :issue:`1338`
-   Fix ``OSError`` when redirecting to ``NUL`` stream on Windows.
 :issue:`1065`
-   Fix memory leak when parsing Unicode arguments on Windows.
 :issue:`1136`
-   Fix error in new AppEngine environments. :issue:`1462`
-   Always return one of the passed choices for ``click.Choice``
 :issue:`1277`, :pr:`1318`
-   Add ``no_args_is_help`` option to ``click.Command``, defaults to
 False :pr:`1167`
-   Add ``show_defaults`` parameter to ``Context`` to enable showing
 defaults globally. :issue:`1018`
-   Handle ``env MYPATH=''`` as though the option were not passed.
 :issue:`1196`
-   It is once again possible to call ``next(bar)`` on an active
 progress bar instance. :issue:`1125`
-   ``open_file`` with ``atomic=True`` retains permissions of existing
 files and respects the current umask for new files. :issue:`1376`
-   When using the test ``CliRunner`` with ``mix_stderr=False``, if
 ``result.stderr`` is empty it will not raise a ``ValueError``.
 :issue:`1193`
-   Remove the unused ``mix_stderr`` parameter from
 ``CliRunner.invoke``. :issue:`1435`
-   Fix ``TypeError`` raised when using bool flags and specifying
 ``type=bool``. :issue:`1287`
-   Newlines in option help text are replaced with spaces before
 re-wrapping to avoid uneven line breaks. :issue:`834`
-   ``MissingParameter`` exceptions are printable in the Python
 interpreter. :issue:`1139`
-   Fix how default values for file-type options are shown during
 prompts. :issue:`914`
-   Fix environment variable automatic generation for commands
 containing ``-``. :issue:`1253`
-   Option help text replaces newlines with spaces when rewrapping, but
 preserves paragraph breaks, fixing multiline formatting.
 :issue:`834, 1066, 1397`
-   Option help text that is wrapped adds an extra newline at the end to
 distinguish it from the next option. :issue:`1075`
-   Consider ``sensible-editor`` when determining the editor to use for
 ``click.edit()``. :pr:`1469`
-   Arguments to system calls such as the executable path passed to
 ``click.edit`` can contains spaces. :pr:`1470`
-   Add ZSH completion autoloading and error handling. :issue:`1348`
-   Add a repr to ``Command``, ``Group``, ``Option``, and ``Argument``,
 showing the name for friendlier debugging. :issue:`1267`
-   Completion doesn't consider option names if a value starts with
 ``-`` after the ``--`` separator. :issue:`1247`
-   ZSH completion escapes special characters in values. :pr:`1418`
-   Add completion support for Fish shell. :pr:`1423`
-   Decoding bytes option values falls back to UTF-8 in more cases.
 :pr:`1468`
-   Make the warning about old 2-arg parameter callbacks a deprecation
 warning, to be removed in 8.0. This has been a warning since Click
 2.0. :pr:`1492`

7.0

-----------

Released 2018-09-25

-   Drop support for Python 2.6 and 3.3. :pr:`967, 976`
-   Wrap ``click.Choice``'s missing message. :issue:`202`, :pr:`1000`
-   Add native ZSH autocompletion support. :issue:`323`, :pr:`865`
-   Document that ANSI color info isn't parsed from bytearrays in Python
 2. :issue:`334`
-   Document byte-stripping behavior of ``CliRunner``. :issue:`334`,
 :pr:`1010`
-   Usage errors now hint at the ``--help`` option. :issue:`393`,
 :pr:`557`
-   Implement streaming pager. :issue:`409`, :pr:`889`
-   Extract bar formatting to its own method. :pr:`414`
-   Add ``DateTime`` type for converting input in given date time
 formats. :pr:`423`
-   ``secho``'s first argument can now be ``None``, like in ``echo``.
 :pr:`424`
-   Fixes a ``ZeroDivisionError`` in ``ProgressBar.make_step``, when the
 arg passed to the first call of ``ProgressBar.update`` is 0.
 :issue:`447`, :pr:`1012`
-   Show progressbar only if total execution time is visible. :pr:`487`
-   Added the ability to hide commands and options from help. :pr:`500`
-   Document that options can be ``required=True``. :issue:`514`,
 :pr:`1022`
-   Non-standalone calls to ``Context.exit`` return the exit code,
 rather than calling ``sys.exit``. :issue:`667`, :pr:`533, 1098`
-   ``click.getchar()`` returns Unicode in Python 3 on Windows,
 consistent with other platforms. :issue:`537, 821, 822, 1088`,
 :pr:`1108`
-   Added ``FloatRange`` type. :pr:`538, 553`
-   Added support for bash completion of ``type=click.Choice`` for
 ``Options`` and ``Arguments``. :issue:`535`, :pr:`681`
-   Only allow one positional arg for ``Argument`` parameter
 declaration. :issue:`568, 574`, :pr:`1014`
-   Add ``case_sensitive=False`` as an option to Choice. :issue:`569`
-   ``click.getchar()`` correctly raises ``KeyboardInterrupt`` on "^C"
 and ``EOFError`` on "^D" on Linux. :issue:`583`, :pr:`1115`
-   Fix encoding issue with ``click.getchar(echo=True)`` on Linux.
 :pr:`1115`
-   ``param_hint`` in errors now derived from param itself.
 :issue:`598, 704`, :pr:`709`
-   Add a test that ensures that when an argument is formatted into a
 usage error, its metavar is used, not its name. :pr:`612`
-   Allow setting ``prog_name`` as extra in ``CliRunner.invoke``.
 :issue:`616`, :pr:`999`
-   Help text taken from docstrings truncates at the ``\f`` form feed
 character, useful for hiding Sphinx-style parameter documentation.
 :pr:`629, 1091`
-   ``launch`` now works properly under Cygwin. :pr:`650`
-   Update progress after iteration. :issue:`651`, :pr:`706`
-   ``CliRunner.invoke`` now may receive ``args`` as a string
 representing a Unix shell command. :pr:`664`
-   Make ``Argument.make_metavar()`` default to type metavar. :pr:`675`
-   Add documentation for ``ignore_unknown_options``. :pr:`684`
-   Add bright colors support for ``click.style`` and fix the reset
 option for parameters ``fg`` and ``bg``. :issue:`703`, :pr:`809`
-   Add ``show_envvar`` for showing environment variables in help.
 :pr:`710`
-   Avoid ``BrokenPipeError`` during interpreter shutdown when stdout or
 stderr is a closed pipe. :issue:`712`, :pr:`1106`
-   Document customizing option names. :issue:`725`, :pr:`1016`
-   Disable ``sys._getframes()`` on Python interpreters that don't
 support it. :pr:`728`
-   Fix bug in test runner when calling ``sys.exit`` with ``None``.
 :pr:`739`
-   Clarify documentation on command line options. :issue:`741`,
 :pr:`1003`
-   Fix crash on Windows console. :issue:`744`
-   Fix bug that caused bash completion to give improper completions on
 chained commands. :issue:`754`, :pr:`774`
-   Added support for dynamic bash completion from a user-supplied
 callback. :pr:`755`
-   Added support for bash completions containing spaces. :pr:`773`
-   Allow autocompletion function to determine whether or not to return
 completions that start with the incomplete argument. :issue:`790`,
 :pr:`806`
-   Fix option naming routine to match documentation and be
 deterministic. :issue:`793`, :pr:`794`
-   Fix path validation bug. :issue:`795`, :pr:`1020`
-   Add test and documentation for ``Option`` naming: functionality.
 :pr:`799`
-   Update doc to match arg name for ``path_type``. :pr:`801`
-   Raw strings added so correct escaping occurs. :pr:`807`
-   Fix 16k character limit of ``click.echo`` on Windows. :issue:`816`,
 :pr:`819`
-   Overcome 64k character limit when writing to binary stream on
 Windows 7. :issue:`825`, :pr:`830`
-   Add bool conversion for "t" and "f". :pr:`842`
-   ``NoSuchOption`` errors take ``ctx`` so that ``--help`` hint gets
 printed in error output. :pr:`860`
-   Fixed the behavior of Click error messages with regards to Unicode
 on 2.x and 3.x. Message is now always Unicode and the str and
 Unicode special methods work as you expect on that platform.
 :issue:`862`
-   Progress bar now uses stderr by default. :pr:`863`
-   Add support for auto-completion documentation. :issue:`866`,
 :pr:`869`
-   Allow ``CliRunner`` to separate stdout and stderr. :pr:`868`
-   Fix variable precedence. :issue:`873`, :pr:`874`
-   Fix invalid escape sequences. :pr:`877`
-   Fix ``ResourceWarning`` that occurs during some tests. :pr:`878`
-   When detecting a misconfigured locale, don't fail if the ``locale``
 command fails. :pr:`880`
-   Add ``case_sensitive=False`` as an option to ``Choice`` types.
 :pr:`887`
-   Force stdout/stderr writable. This works around issues with badly
 patched standard streams like those from Jupyter. :pr:`918`
-   Fix completion of subcommand options after last argument
 :issue:`919`, :pr:`930`
-   ``_AtomicFile`` now uses the ``realpath`` of the original filename
 so that changing the working directory does not affect it. :pr:`920`
-   Fix incorrect completions when defaults are present :issue:`925`,
 :pr:`930`
-   Add copy option attrs so that custom classes can be re-used.
 :issue:`926`, :pr:`994`
-   "x" and "a" file modes now use stdout when file is ``"-"``.
 :pr:`929`
-   Fix missing comma in ``__all__`` list. :pr:`935`
-   Clarify how parameters are named. :issue:`949`, :pr:`1009`
-   Stdout is now automatically set to non blocking. :pr:`954`
-   Do not set options twice. :pr:`962`
-   Move ``fcntl`` import. :pr:`965`
-   Fix Google App Engine ``ImportError``. :pr:`995`
-   Better handling of help text for dynamic default option values.
 :pr:`996`
-   Fix ``get_winter_size()`` so it correctly returns ``(0,0)``.
 :pr:`997`
-   Add test case checking for custom param type. :pr:`1001`
-   Allow short width to address cmd formatting. :pr:`1002`
-   Add details about Python version support. :pr:`1004`
-   Added deprecation flag to commands. :pr:`1005`
-   Fixed issues where ``fd`` was undefined. :pr:`1007`
-   Fix formatting for short help. :pr:`1008`
-   Document how ``auto_envvar_prefix`` works with command groups.
 :pr:`1011`
-   Don't add newlines by default for progress bars. :pr:`1013`
-   Use Python sorting order for ZSH completions. :issue:`1047`,
 :pr:`1059`
-   Document that parameter names are converted to lowercase by default.
 :pr:`1055`
-   Subcommands that are named by the function now automatically have
 the underscore replaced with a dash. If you register a function
 named ``my_command`` it becomes ``my-command`` in the command line
 interface.
-   Hide hidden commands and options from completion. :issue:`1058`,
 :pr:`1061`
-   Fix absolute import blocking Click from being vendored into a
 project on Windows. :issue:`1068`, :pr:`1069`
-   Fix issue where a lowercase ``auto_envvar_prefix`` would not be
 converted to uppercase. :pr:`1105`

Links

• PyPI: https://pypi.org/project/click
• Changelog: https://pyup.io/changelogs/click/
• Homepage: https://palletsprojects.com/p/click/

Update first from 2.0.1 to 2.0.2.

Changelog

2.0.2

++++++++++++++++++

- Package tests as part of the dist.
- Update docs.
- Drop unsupported Python versions from CI.
N.B. The code hasn't changed and ``first`` continues to work as before.

Links

• PyPI: https://pypi.org/project/first
• Changelog: https://pyup.io/changelogs/first/
• Repo: http://github.com/hynek/first/

Update pip-tools from 1.8.0 to 5.1.1.

Changelog

5.1.1

Bug Fixes:
- Fix a bug where `pip-compile` would generate hashes for `*.egg` files
([1122](https://github.com/jazzband/pip-tools/pull/1122)). Thanks atugushev

5.1.0

Features:
- Show progress bar when downloading packages in `pip-compile` verbose mode
([949](https://github.com/jazzband/pip-tools/pull/949)). Thanks atugushev
- `pip-compile` now gets hashes from `PyPI` JSON API (if available) which significantly
increases the speed of hashes generation
([1109](https://github.com/jazzband/pip-tools/pull/1109)). Thanks atugushev

5.0.0

Backwards Incompatible Changes:
- `pip-tools` now requires `pip>=20.0` (previosly `8.1.x` - `20.0.x`). Windows users,
make sure to use `python -m pip install pip-tools` to avoid issues with `pip`
self-update from now on
([1055](https://github.com/jazzband/pip-tools/pull/1055)). Thanks atugushev
- `--build-isolation` option now set on by default for `pip-compile`
([1060](https://github.com/jazzband/pip-tools/pull/1060)). Thanks hramezani

Features:
- Exclude requirements with non-matching markers from `pip-sync`
([927](https://github.com/jazzband/pip-tools/pull/927)). Thanks AndydeCleyre
- Add `pre-commit` hook for `pip-compile`
([976](https://github.com/jazzband/pip-tools/pull/976)). Thanks atugushev
- `pip-compile` and `pip-sync` now pass anything provided to the new `--pip-args` option on to `pip`
([1080](https://github.com/jazzband/pip-tools/pull/1080)). Thanks AndydeCleyre
- `pip-compile` output headers are now more accurate when `--` is used to escape filenames
([1080](https://github.com/jazzband/pip-tools/pull/1080)). Thanks AndydeCleyre
- Add `pip>=20.1` support
([1088](https://github.com/jazzband/pip-tools/pull/1088)). Thanks atugushev

Bug Fixes:
- Fix a bug where editables that are both direct requirements and constraints wouldn't appear in `pip-compile` output
([1093](https://github.com/jazzband/pip-tools/pull/1093)). Thanks richafrank
- `pip-compile` now sorts format controls (`--no-binary/--only-binary`) to ensure consistent results
([1098](https://github.com/jazzband/pip-tools/pull/1098)). Thanks richafrank

Improved Documentation:
- Add cross-environment usage documentation to `README`
([651](https://github.com/jazzband/pip-tools/pull/651)). Thanks vphilippon
- Add versions compatibility table to `README`
([1106](https://github.com/jazzband/pip-tools/pull/1106)). Thanks atugushev

4.5.1

Bug Fixes:
- Strip line number annotations such as "(line XX)" from file requirements, to prevent diff noise when modifying input requirement files
([1075](https://github.com/jazzband/pip-tools/pull/1075)). Thanks adamchainz

Improved Documentation:
- Updated `README` example outputs for primary requirement annotations
([1072](https://github.com/jazzband/pip-tools/pull/1072)). Thanks richafrank

4.5.0

Features:
- Primary requirements and VCS dependencies are now get annotated with any source `.in` files and reverse dependencies
([1058](https://github.com/jazzband/pip-tools/pull/1058)). Thanks AndydeCleyre

Bug Fixes:
- Always use normalized path for cache directory as it is required in newer versions of `pip`
([1062](https://github.com/jazzband/pip-tools/pull/1062)). Thanks kammala

Improved Documentation:
- Replace outdated link in the `README` with rationale for pinning
([1053](https://github.com/jazzband/pip-tools/pull/1053)). Thanks m-aciek

4.4.1

Bug Fixes:
- Fix a bug where `pip-compile` would keep outdated options from `requirements.txt`
([1029](https://github.com/jazzband/pip-tools/pull/1029)). Thanks atugushev
- Fix the `No handlers could be found for logger "pip.*"` error by configuring the builtin logging module
([1035](https://github.com/jazzband/pip-tools/pull/1035)). Thanks vphilippon
- Fix a bug where dependencies of relevant constraints may be missing from output file
([1037](https://github.com/jazzband/pip-tools/pull/1037)). Thanks jeevb
- Upgrade the minimal version of `click` from `6.0` to `7.0` version in `setup.py`
([1039](https://github.com/jazzband/pip-tools/pull/1039)). Thanks hramezani
- Ensure that depcache considers the python implementation such that (for example) `cpython3.6` does not poison the results of `pypy3.6`
([1050](https://github.com/jazzband/pip-tools/pull/1050)). Thanks asottile

Improved Documentation:
- Make the `README` more imperative about installing into a project's virtual environment to avoid confusion
([1023](https://github.com/jazzband/pip-tools/pull/1023)). Thanks tekumara
- Add a note to the `README` about how to install requirements on different stages to [Workflow for layered requirements](https://github.com/jazzband/pip-toolsworkflow-for-layered-requirements) section
([1044](https://github.com/jazzband/pip-tools/pull/1044)). Thanks hramezani

4.4.0

Features:
- Add `--cache-dir` option to `pip-compile`
([1022](https://github.com/jazzband/pip-tools/pull/1022)).  Thanks richafrank
- Add `pip>=20.0` support
([1024](https://github.com/jazzband/pip-tools/pull/1024)). Thanks atugushev

Bug Fixes:
- Fix a bug where `pip-compile --upgrade-package` would upgrade those passed packages not already required according to the `*.in` and `*.txt` files
([1031](https://github.com/jazzband/pip-tools/pull/1031)). Thanks AndydeCleyre

4.3.0

Features:
- Add Python 3.8 support
([956](https://github.com/jazzband/pip-tools/pull/956)). Thanks hramezani
- Unpin commented out unsafe packages in `requirements.txt`
([975](https://github.com/jazzband/pip-tools/pull/975)).  Thanks atugushev

Bug Fixes:
- Fix `pip-compile` doesn't copy `--trusted-host` from `requirements.in` to `requirements.txt`
([964](https://github.com/jazzband/pip-tools/pull/964)). Thanks atugushev
- Add compatibility with `pip>=20.0`
([953](https://github.com/jazzband/pip-tools/pull/953) and [978](https://github.com/jazzband/pip-tools/pull/978)). Thanks atugushev
- Fix a bug where the resolver wouldn't clean up the ephemeral wheel cache
([968](https://github.com/jazzband/pip-tools/pull/968)). Thanks atugushev

Improved Documentation:
- Add a note to `README` about `requirements.txt` file, which would possibly interfere if you're compiling from scratch
([959](https://github.com/jazzband/pip-tools/pull/959)). Thanks hramezani

4.2.0

Features:
- Add `--ask` option to `pip-sync`
([913](https://github.com/jazzband/pip-tools/pull/913)). Thanks georgek

Bug Fixes:
- Add compatibility with `pip>=19.3`
([864](https://github.com/jazzband/pip-tools/pull/864), [904](https://github.com/jazzband/pip-tools/pull/904), [910](https://github.com/jazzband/pip-tools/pull/910), [912](https://github.com/jazzband/pip-tools/pull/912) and [915](https://github.com/jazzband/pip-tools/pull/915)). Thanks atugushev
- Ensure `pip-compile --no-header <blank requirements.in>` creates/overwrites `requirements.txt`
([909](https://github.com/jazzband/pip-tools/pull/909)). Thanks AndydeCleyre
- Fix `pip-compile --upgrade-package` removes «via» annotation
([931](https://github.com/jazzband/pip-tools/pull/931)). Thanks hramezani

Improved Documentation:
- Add info to `README` about layered requirements files and `-c` flag
([905](https://github.com/jazzband/pip-tools/pull/905)). Thanks jamescooke

4.1.0

Features:
- Add `--no-emit-find-links` option to `pip-compile`
([873](https://github.com/jazzband/pip-tools/pull/873)). Thanks jacobtolar

Bug Fixes:
- Prevent `--dry-run` log message from being printed with `--quiet` option in `pip-compile`
([861](https://github.com/jazzband/pip-tools/pull/861)). Thanks ddormer
- Fix resolution of requirements from Git URLs without `-e`
([879](https://github.com/jazzband/pip-tools/pull/879)). Thanks andersk

4.0.0

Backwards Incompatible Changes:
- Drop support for EOL Python 3.4
([803](https://github.com/jazzband/pip-tools/pull/803)). Thanks auvipy

Bug Fixes:
- Fix `pip>=19.2` compatibility
([857](https://github.com/jazzband/pip-tools/pull/857)). Thanks atugushev

3.9.0

Features:
- Print provenance information when `pip-compile` fails
([837](https://github.com/jazzband/pip-tools/pull/837)). Thanks jakevdp

Bug Fixes:
- Output all logging to stderr instead of stdout
([834](https://github.com/jazzband/pip-tools/pull/834)). Thanks georgek
- Fix output file update with `--dry-run` option in `pip-compile`
([842](https://github.com/jazzband/pip-tools/pull/842)). Thanks shipmints and atugushev

3.8.0

Features:
- Options `--upgrade` and `--upgrade-package` are no longer mutually exclusive
([831](https://github.com/jazzband/pip-tools/pull/831)). Thanks adamchainz

Bug Fixes:
- Fix `--generate-hashes` with bare VCS URLs
([812](https://github.com/jazzband/pip-tools/pull/812)). Thanks jcushman
- Fix issues with `UnicodeError` when installing `pip-tools` from source in some systems
([816](https://github.com/jazzband/pip-tools/pull/816)). Thanks AbdealiJK
- Respect `--pre` option in the input file
([822](https://github.com/jazzband/pip-tools/pull/822)). Thanks atugushev
- Option `--upgrade-package` now works even if the output file does not exist
([831](https://github.com/jazzband/pip-tools/pull/831)). Thanks adamchainz

3.7.0

Features:
- Show progressbar on generation hashes in `pip-compile` verbose mode
([743](https://github.com/jazzband/pip-tools/pull/743)). Thanks atugushev
- Add options `--cert` and `--client-cert` to `pip-sync`
([798](https://github.com/jazzband/pip-tools/pull/798)). Thanks atugushev
- Add support for `--find-links` in `pip-compile` output
([793](https://github.com/jazzband/pip-tools/pull/793)). Thanks estan and atugushev
- Normalize «command to run» in `pip-compile` headers
([800](https://github.com/jazzband/pip-tools/pull/800)). Thanks atugushev
- Support URLs as packages
([807](https://github.com/jazzband/pip-tools/pull/807)). Thanks jcushman, nim65s and toejough

Bug Fixes:
- Fix replacing password to asterisks in `pip-compile`
([808](https://github.com/jazzband/pip-tools/pull/808)). Thanks atugushev

3.6.1

Bug Fixes:
- Fix `pip>=19.1` compatibility
([795](https://github.com/jazzband/pip-tools/pull/795)). Thanks atugushev

3.6.0

Features:
- Show less output on `pip-sync` with `--quiet` option
([765](https://github.com/jazzband/pip-tools/pull/765)). Thanks atugushev
- Support the flag `--trusted-host` in `pip-sync`
([777](https://github.com/jazzband/pip-tools/pull/777)). Thanks firebirdberlin

3.5.0

Features:
- Show default index url provided by `pip`
([735](https://github.com/jazzband/pip-tools/pull/735)). Thanks atugushev
- Add an option to allow enabling/disabling build isolation
([758](https://github.com/jazzband/pip-tools/pull/758)). Thanks atugushev

Bug Fixes:
- Fix the output file for `pip-compile` with an explicit `setup.py` as source file
([731](https://github.com/jazzband/pip-tools/pull/731)). Thanks atugushev
- Fix order issue with generated lock file when `hashes` and `markers` are used together
([763](https://github.com/jazzband/pip-tools/pull/763)). Thanks milind-shakya-sp

3.4.0

Features:
- Add option `--quiet` to `pip-compile`
([720](https://github.com/jazzband/pip-tools/pull/720)). Thanks bendikro
- Emit the original command to the `pip-compile`'s header
([733](https://github.com/jazzband/pip-tools/pull/733)). Thanks atugushev

Bug Fixes:
- Fix `pip-sync` to use pip script depending on a python version
([737](https://github.com/jazzband/pip-tools/pull/737)). Thanks atugushev

3.3.2

Bug Fixes:
- Fix `pip-sync` with a temporary requirement file on Windows
([723](https://github.com/jazzband/pip-tools/pull/723)). Thanks atugushev
- Fix `pip-sync` to prevent uninstall of stdlib and dev packages
([718](https://github.com/jazzband/pip-tools/pull/718)). Thanks atugushev

3.3.1

Features:
- Added support of `pip` 19.0
([715](https://github.com/jazzband/pip-tools/pull/715)). Thanks atugushev
- Add `--allow-unsafe` to update instructions in the generated `requirements.txt`
([708](https://github.com/jazzband/pip-tools/pull/708)). Thanks richafrank

Bug Fixes:
- Fix `pip-sync` to check hashes
([706](https://github.com/jazzband/pip-tools/pull/706)). Thanks atugushev

3.2.0

Features:
- Apply version constraints specified with package upgrade option (`-P, --upgrade-package`)
([694](https://github.com/jazzband/pip-tools/pull/694)). Thanks richafrank

3.1.0

Features:
- Added support of `pip` 18.1
([689](https://github.com/jazzband/pip-tools/pull/689)). Thanks vphilippon

3.0.0

Major changes:
- Update `pip-tools` for native `pip` 8, 9, 10 and 18 compatibility, un-vendoring `pip` to use the user-installed `pip`
([657](https://github.com/jazzband/pip-tools/pull/657) and [672](https://github.com/jazzband/pip-tools/pull/672)).
Thanks to techalchemy, suutari, tysonclugg and vphilippon for contributing on this.

Features:
- Removed the dependency on the external library `first`
([676](https://github.com/jazzband/pip-tools/pull/676)). Thanks jdufresne

2.0.2

Bug Fixes:
- Added clearer error reporting when skipping pre-releases
([655](https://github.com/jazzband/pip-tools/pull/655)). Thanks WoLpH

2.0.1

Bug Fixes:
- Added missing package data from vendored pip, such as missing cacert.pem file. Thanks vphilippon

2.0.0

Major changes:
- Vendored `pip` 9.0.3 to keep compatibility for users with `pip` 10.0.0
([644](https://github.com/jazzband/pip-tools/pull/644)). Thanks vphilippon

Features:
- Improved the speed of pip-compile --generate-hashes by caching the hashes from an existing output file
([641](https://github.com/jazzband/pip-tools/pull/641)). Thanks justicz
- Added a `pip-sync --user` option to restrict attention to user-local directory
([642](https://github.com/jazzband/pip-tools/pull/642)). Thanks jbergknoff-10e
- Removed the hard dependency on setuptools
([645](https://github.com/jazzband/pip-tools/pull/645)). Thanks vphilippon

Bug fixes:
- The pip environment markers on top-level requirements in the source file (requirements.in)
are now properly handled and will only be processed in the right environment
([647](https://github.com/jazzband/pip-tools/pull/647)). Thanks JoergRittinger

1.11.0

Features:
- Allow editable packages in requirements.in with `pip-compile --generate-hashes` ([524](https://github.com/jazzband/pip-tools/pull/524)). Thanks jdufresne
- Allow for CA bundles with `pip-compile --cert` ([612](https://github.com/jazzband/pip-tools/pull/612)). Thanks khwilson
- Improved `pip-compile` duration with large locally available editable requirement by skipping a copy to the cache
([583](https://github.com/jazzband/pip-tools/pull/583)). Thanks costypetrisor
- Slightly improved the `NoCandidateFound` error message on potential causes ([614](https://github.com/jazzband/pip-tools/pull/614)). Thanks vphilippon

Bug Fixes:
- Add `-markerlib` to the list of `PACKAGES_TO_IGNORE` of `pip-sync` ([613](https://github.com/jazzband/pip-tools/pull/613)).

1.10.2

Bug Fixes:
- Fixed bug causing dependencies from invalid wheels for the current platform to be included ([571](https://github.com/jazzband/pip-tools/pull/571)).
- `pip-sync` will respect environment markers in the requirements.txt ([600](https://github.com/jazzband/pip-tools/pull/600)). Thanks hazmat345
- Converted the ReadMe to have a nice description rendering on PyPI. Thanks bittner

1.10.1

Bug Fixes:
- Fixed bug breaking `pip-sync` on Python 3, raising `TypeError: '<' not supported between instances of 'InstallRequirement' and 'InstallRequirement'` ([570](https://github.com/jazzband/pip-tools/pull/570)).

1.10.0

Features:
- `--generate-hashes` now generates hashes for all wheels,
not only wheels for the currently running platform ([520](https://github.com/jazzband/pip-tools/pull/520)). Thanks jdufresne
- Added a `-q`/`--quiet` argument to the pip-sync command to reduce log output.

Bug Fixes:
- Fixed bug where unsafe packages would get pinned in generated requirements files
when `--allow-unsafe` was not set. ([517](https://github.com/jazzband/pip-tools/pull/517)). Thanks dschaller
- Fixed bug where editable PyPI dependencies would have a `download_dir` and be exposed to `git-checkout-index`,
(thus losing their VCS directory) and `python setup.py egg_info` fails. ([385](https://github.com/jazzband/pip-tools/pull/385) and [538](https://github.com/jazzband/pip-tools/pull/538)). Thanks blueyed and dfee
- Fixed bug where some primary dependencies were annotated with "via" info comments. ([542](https://github.com/jazzband/pip-tools/pull/542)). Thanks quantus
- Fixed bug where pkg-resources would be removed by pip-sync in Ubuntu. ([555](https://github.com/jazzband/pip-tools/pull/555)). Thanks cemsbr
- Fixed bug where the resolver would sometime not stabilize on requirements specifying extras. ([566](https://github.com/jazzband/pip-tools/pull/566)). Thanks vphilippon
- Fixed an unicode encoding error when distribution package contains non-ASCII file names ([567](https://github.com/jazzband/pip-tools/pull/567)). Thanks suutari
- Fixed package hashing doing unnecessary unpacking ([557](https://github.com/jazzband/pip-tools/pull/557)). Thanks suutari-ai

1.9.0

Features:
- Added ability to read requirements from `setup.py` instead of just `requirements.in` ([418](https://github.com/jazzband/pip-tools/pull/418)). Thanks to tysonclugg and majuscule.
- Added a `--max-rounds` argument to the pip-compile command to allow for solving large requirement sets ([472](https://github.com/jazzband/pip-tools/pull/472)). Thanks derek-miller.
- Exclude unsafe packages' dependencies when `--allow-unsafe` is not in use ([441](https://github.com/jazzband/pip-tools/pull/441)). Thanks jdufresne.
- Exclude irrelevant pip constraints ([471](https://github.com/jazzband/pip-tools/pull/471)). Thanks derek-miller.
- Allow control over emitting trusted-host to the compiled requirements. ([448](https://github.com/jazzband/pip-tools/pull/448)). Thanks tonyseek.
- Allow running as a Python module ([461](https://github.com/jazzband/pip-tools/pull/461)). Thanks AndreLouisCaron.
- Preserve environment markers in generated requirements.txt. ([460](https://github.com/jazzband/pip-tools/pull/460)). Thanks barrywhart.

Bug Fixes:
- Fixed the --upgrade-package option to respect the given package list to update ([491](https://github.com/jazzband/pip-tools/pull/491)).
- Fixed the default output file name when the source file has no extension ([488](https://github.com/jazzband/pip-tools/pull/488)). Thanks vphilippon
- Fixed crash on editable requirements introduced in 1.8.2.
- Fixed duplicated --trusted-host, --extra-index-url and --index-url in the generated requirements.

1.8.2

- Regression fix: editable reqs were loosing their dependencies after first round ([476](https://github.com/jazzband/pip-tools/pull/476))
Thanks mattlong
- Remove duplicate index urls in generated requirements.txt ([468](https://github.com/jazzband/pip-tools/pull/468))
Thanks majuscule

1.8.1

- Recalculate secondary dependencies between rounds (378)
- Calculated dependencies could be left with wrong candidates when
toplevel requirements happen to be also pinned in sub-dependencies (450)
- Fix duplicate entries that could happen in generated requirements.txt (427)
- Gracefully report invalid pip version (457)
- Fix capitalization in the generated requirements.txt, packages will always be lowercased (452)

Links

• PyPI: https://pypi.org/project/pip-tools
• Changelog: https://pyup.io/changelogs/pip-tools/
• Repo: https://github.com/jazzband/pip-tools/

Update pkginfo from 1.4.1 to 1.5.0.1.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/pkginfo
• Homepage: https://code.launchpad.net/~tseaver/pkginfo/trunk
• Docs: https://pythonhosted.org/pkginfo/

Update requests-toolbelt from 0.7.1 to 0.9.1.

Changelog

0.9.1

-------------------

Fixed Bugs
~~~~~~~~~~

- Fix import of pyOpenSSL shim from urllib3 for PKCS12 adapter

0.9.0

-------------------

New Features
~~~~~~~~~~~~

- Add X509 Adapter that can handle PKCS12 
- Add stateless solution for streaming files by MultipartEncoder from one host to another (in chunks)

Fixed Bugs
~~~~~~~~~~

- Update link to example
- Move import of ``ABCs`` from collections into version-specific part of
_compat module
- Fix backwards incompatibility in ``get_encodings_from_content``
- Correct callback documentation for ``MultipartEncoderMonitor``
- Fix bug when ``MultipartEncoder`` is asked to encode zero parts
- Correct the type of non string request body dumps
- Removed content from being stored in MultipartDecoder
- Fix bug by enabling support for contenttype with capital letters. 
- Coerce proxy URL to bytes before dumping request
- Avoid bailing out with exception upon empty response reason
- Corrected Pool documentation
- Corrected parentheses match in example usage
- Fix "oject" to "object" in ``MultipartEncoder``
- Fix URL for the project after the move 
- Add fix for OSX TCPKeepAliveAdapter

Miscellaneous
~~~~~~~~~~~~~

- Remove py33 from testing and add Python 3.6 and nightly testing to the travis matrix.

0.8.0

-------------------

More information about this release can be found on the `0.8.0 milestone`_.

New Features
~~~~~~~~~~~~

- Add ``UserAgentBuilder`` to provide more control over generated User-Agent
strings.

Fixed Bugs
~~~~~~~~~~

- Include ``_validate_certificate`` in the lits of picked attributes on the
``AppEngineAdapter``.
- Fix backwards incompatibility in ``get_encodings_from_content``

.. _0.8.0 milestone:
 https://github.com/requests/toolbelt/milestones/0.8.0

Links

• PyPI: https://pypi.org/project/requests-toolbelt
• Changelog: https://pyup.io/changelogs/requests-toolbelt/
• Docs: https://toolbelt.readthedocs.org

Update requests from 2.13.0 to 2.23.0.

Changelog

2.23.0

-------------------

**Improvements**

- Remove defunct reference to `prefetch` in Session `__attrs__` (5110)

**Bugfixes**

- Requests no longer outputs password in basic auth usage warning. (5099)

**Dependencies**

- Pinning for `chardet` and `idna` now uses major version instead of minor.
This hopefully reduces the need for releases everytime a dependency is updated.

2.22.0

-------------------

**Dependencies**

- Requests now supports urllib3 v1.25.2.
(note: 1.25.0 and 1.25.1 are incompatible)

**Deprecations**

- Requests has officially stopped support for Python 3.4.

2.21.0

-------------------

**Dependencies**

- Requests now supports idna v2.8.

2.20.1

-------------------

**Bugfixes**

- Fixed bug with unintended Authorization header stripping for
redirects using default ports (http/80, https/443).

2.20.0

-------------------

**Bugfixes**

-   Content-Type header parsing is now case-insensitive (e.g.
 charset=utf8 v Charset=utf8).
-   Fixed exception leak where certain redirect urls would raise
 uncaught urllib3 exceptions.
-   Requests removes Authorization header from requests redirected
 from https to http on the same hostname. (CVE-2018-18074)
-   `should_bypass_proxies` now handles URIs without hostnames (e.g.
 files).

**Dependencies**

- Requests now supports urllib3 v1.24.

**Deprecations**

- Requests has officially stopped support for Python 2.6.

2.19.1

-------------------

**Bugfixes**

-   Fixed issue where status\_codes.py's `init` function failed trying
 to append to a `__doc__` value of `None`.

2.19.0

-------------------

**Improvements**

-   Warn user about possible slowdown when using cryptography version
 < 1.3.4
-   Check for invalid host in proxy URL, before forwarding request to
 adapter.
-   Fragments are now properly maintained across redirects. (RFC7231
 7.1.2)
-   Removed use of cgi module to expedite library load time.
-   Added support for SHA-256 and SHA-512 digest auth algorithms.
-   Minor performance improvement to `Request.content`.
-   Migrate to using collections.abc for 3.7 compatibility.

**Bugfixes**

-   Parsing empty `Link` headers with `parse_header_links()` no longer
 return one bogus entry.
-   Fixed issue where loading the default certificate bundle from a zip
 archive would raise an `IOError`.
-   Fixed issue with unexpected `ImportError` on windows system which do
 not support `winreg` module.
-   DNS resolution in proxy bypass no longer includes the username and
 password in the request. This also fixes the issue of DNS queries
 failing on macOS.
-   Properly normalize adapter prefixes for url comparison.
-   Passing `None` as a file pointer to the `files` param no longer
 raises an exception.
-   Calling `copy` on a `RequestsCookieJar` will now preserve the cookie
 policy correctly.

**Dependencies**

-   We now support idna v2.7.
-   We now support urllib3 v1.23.

2.18.4

-------------------

**Improvements**

-   Error messages for invalid headers now include the header name for
 easier debugging

**Dependencies**

-   We now support idna v2.6.

2.18.3

-------------------

**Improvements**

-   Running `$ python -m requests.help` now includes the installed
 version of idna.

**Bugfixes**

-   Fixed issue where Requests would raise `ConnectionError` instead of
 `SSLError` when encountering SSL problems when using urllib3 v1.22.

2.18.2

-------------------

**Bugfixes**

-   `requests.help` no longer fails on Python 2.6 due to the absence of
 `ssl.OPENSSL_VERSION_NUMBER`.

**Dependencies**

-   We now support urllib3 v1.22.

2.18.1

-------------------

**Bugfixes**

-   Fix an error in the packaging whereby the `*.whl` contained
 incorrect data that regressed the fix in v2.17.3.

2.18.0

-------------------

**Improvements**

-   `Response` is now a context manager, so can be used directly in a
 `with` statement without first having to be wrapped by
 `contextlib.closing()`.

**Bugfixes**

-   Resolve installation failure if multiprocessing is not available
-   Resolve tests crash if multiprocessing is not able to determine the
 number of CPU cores
-   Resolve error swallowing in utils set\_environ generator

2.17.3

-------------------

**Improvements**

-   Improved `packages` namespace identity support, for monkeypatching
 libraries.

2.17.2

-------------------

**Improvements**

-   Improved `packages` namespace identity support, for monkeypatching
 libraries.

2.17.1

-------------------

**Improvements**

-   Improved `packages` namespace identity support, for monkeypatching
 libraries.

2.17.0

-------------------

**Improvements**

-   Removal of the 301 redirect cache. This improves thread-safety.

2.16.5

-------------------

-   Improvements to `$ python -m requests.help`.

2.16.4

-------------------

-   Introduction of the `$ python -m requests.help` command, for
 debugging with maintainers!

2.16.3

-------------------

-   Further restored the `requests.packages` namespace for compatibility
 reasons.

2.16.2

-------------------

-   Further restored the `requests.packages` namespace for compatibility
 reasons.

No code modification (noted below) should be necessary any longer.

2.16.1

-------------------

-   Restored the `requests.packages` namespace for compatibility
 reasons.
-   Bugfix for `urllib3` version parsing.

**Note**: code that was written to import against the
`requests.packages` namespace previously will have to import code that
rests at this module-level now.

For example:

 from requests.packages.urllib3.poolmanager import PoolManager

Will need to be re-written to be:

 from requests.packages import urllib3
 urllib3.poolmanager.PoolManager

Or, even better:

 from urllib3.poolmanager import PoolManager

2.16.0

-------------------

-   Unvendor ALL the things!

2.15.1

-------------------

-   Everyone makes mistakes.

2.15.0

-------------------

**Improvements**

-   Introduction of the `Response.next` property, for getting the next
 `PreparedResponse` from a redirect chain (when
 `allow_redirects=False`).
-   Internal refactoring of `__version__` module.

**Bugfixes**

-   Restored once-optional parameter for
 `requests.utils.get_environ_proxies()`.

2.14.2

-------------------

**Bugfixes**

-   Changed a less-than to an equal-to and an or in the dependency
 markers to widen compatibility with older setuptools releases.

2.14.1

-------------------

**Bugfixes**

-   Changed the dependency markers to widen compatibility with older pip
 releases.

2.14.0

-------------------

**Improvements**

-   It is now possible to pass `no_proxy` as a key to the `proxies`
 dictionary to provide handling similar to the `NO_PROXY` environment
 variable.
-   When users provide invalid paths to certificate bundle files or
 directories Requests now raises `IOError`, rather than failing at
 the time of the HTTPS request with a fairly inscrutable certificate
 validation error.
-   The behavior of `SessionRedirectMixin` was slightly altered.
 `resolve_redirects` will now detect a redirect by calling
 `get_redirect_target(response)` instead of directly querying
 `Response.is_redirect` and `Response.headers['location']`. Advanced
 users will be able to process malformed redirects more easily.
-   Changed the internal calculation of elapsed request time to have
 higher resolution on Windows.
-   Added `win_inet_pton` as conditional dependency for the `[socks]`
 extra on Windows with Python 2.7.
-   Changed the proxy bypass implementation on Windows: the proxy bypass
 check doesn't use forward and reverse DNS requests anymore
-   URLs with schemes that begin with `http` but are not `http` or
 `https` no longer have their host parts forced to lowercase.

**Bugfixes**

-   Much improved handling of non-ASCII `Location` header values in
 redirects. Fewer `UnicodeDecodeErrors` are encountered on Python 2,
 and Python 3 now correctly understands that Latin-1 is unlikely to
 be the correct encoding.
-   If an attempt to `seek` file to find out its length fails, we now
 appropriately handle that by aborting our content-length
 calculations.
-   Restricted `HTTPDigestAuth` to only respond to auth challenges made
 on 4XX responses, rather than to all auth challenges.
-   Fixed some code that was firing `DeprecationWarning` on Python 3.6.
-   The dismayed person emoticon (`/o\\`) no longer has a big head. I'm
 sure this is what you were all worrying about most.

**Miscellaneous**

-   Updated bundled urllib3 to v1.21.1.
-   Updated bundled chardet to v3.0.2.
-   Updated bundled idna to v2.5.
-   Updated bundled certifi to 2017.4.17.

Links

• PyPI: https://pypi.org/project/requests
• Changelog: https://pyup.io/changelogs/requests/
• Docs: https://requests.readthedocs.io

Update six from 1.10.0 to 1.14.0.

Changelog

1.14.0

------

- Issue 288, pull request 289: Add `six.assertNotRegex`.

- Issue 317: `six.moves._dummy_thread` now points to the `_thread` module on
Python 3.9+. Python 3.7 and later requires threading and deprecated the
`_dummy_thread` module.

- Issue 308, pull request 314: Remove support for Python 2.6 and Python 3.2.

- Issue 250, issue 165, pull request 251: `six.wraps` now ignores missing
attributes. This follows the Python 3.2+ standard library behavior.

1.13.0

------

- Issue 298, pull request 299: Add `six.moves.dbm_ndbm`.

- Issue 155: Add `six.moves.collections_abc`, which aliases the `collections`
module on Python 2-3.2 and the `collections.abc` on Python 3.3 and greater.

- Pull request 304: Re-add distutils fallback in `setup.py`.

- Pull request 305: On Python 3.7, `with_metaclass` supports classes using PEP
560 features.

1.12.0

------

- Issue 259, pull request 260: `six.add_metaclass` now preserves
`__qualname__` from the original class.

- Pull request 204: Add `six.ensure_binary`, `six.ensure_text`, and
`six.ensure_str`.

1.11.0

------

- Pull request 178: `with_metaclass` now properly proxies `__prepare__` to the
underlying metaclass.

- Pull request 191: Allow `with_metaclass` to work with metaclasses implemented
in C.

- Pull request 203: Add parse_http_list and parse_keqv_list to moved
urllib.request.

- Pull request 172 and issue 171: Add unquote_to_bytes to moved urllib.parse.

- Pull request 167: Add `six.moves.getoutput`.

- Pull request 80: Add `six.moves.urllib_parse.splitvalue`.

- Pull request 75: Add `six.moves.email_mime_image`.

- Pull request 72: Avoid creating reference cycles through tracebacks in
`reraise`.

Links

• PyPI: https://pypi.org/project/six
• Changelog: https://pyup.io/changelogs/six/
• Repo: https://github.com/benjaminp/six

Update twine from 1.8.1 to 3.1.1.

Changelog

3.1.1

* :bug:`548` Restore ``--non-interactive`` as a flag not expecting an
argument.

3.1.0

* :feature:`547` Add support for specifying ``--non-interactive`` as an
environment variable.

3.0.0

* :feature:`336` When a client certificate is indicated, all password
processing is disabled.
* :feature:`489` Add ``--non-interactive`` flag to abort upload rather than
interactively prompt if credentials are missing.
* :feature:`524` Twine now unconditionally requires the keyring library
and no longer supports uninstalling ``keyring`` as a means to disable
that functionality. Instead, use ``keyring --disable`` keyring functionality
if necessary.
* :feature:`518` Add Python 3.8 to classifiers.
* :bug:`332 major` More robust handling of server response in
``--skip-existing``

2.0.0

* :feature:`437` Twine now requires Python 3.6 or later. Use pip
9 or pin to "twine<2" to install twine on older Python versions.
* :bug:`491 major` Require requests 2.20 or later to avoid reported security
vulnerabilities in earlier releases.

1.15.0

* :feature:`488` Improved output on ``check`` command:
Prints a message when there are no distributions given to check.
Improved handling of errors in a distribution's markup, avoiding
messages flowing through to the next distribution's errors.

1.14.0

* :feature:`456` Better error handling and gpg2 fallback if gpg not available.
* :bug:`341 major` Fail more gracefully when encountering bad metadata
* :feature:`459` Show Warehouse URL after uploading a package
* :feature:`310` Now provide a more meaningful error on redirect during upload.

1.13.0

* :bug:`452 major` Restore prompts while retaining support for suppressing
prompts.
* :bug:`447 major` Avoid requests-toolbelt to 0.9.0 to prevent attempting to
use
openssl when it isn't available.
* :feature:`427` Add disable_progress_bar option to disable tqdm.
* :feature:`426` Allow defining an empty username and password in .pypirc.
* :bug:`441 major` Only install pyblake2 if needed.
* :bug:`444 major` Use io.StringIO instead of StringIO.
* :bug:`436 major` Use modern Python language features.
* :support:`439` Refactor tox env and travis config.
* :bug:`435 major` Specify python_requires in setup.py
* :bug:`432 major` Use https URLs everywhere.
* :bug:`428 major` Fix --skip-existing for Nexus Repos.
* :feature:`419` Support keyring.get_credential.
* :feature:`418` Support keyring.get_username_and_password.
* :bug:`421 major` Remove unnecessary usage of readme_render.markdown.
* :feature:`416` Add Python 3.7 to classifiers.
* :bug:`412 major` Don't crash if there's no package description.
* :bug:`408 major` Fix keyring support.

1.12.1

* :bug:`404` Fix regression with upload exit code

1.12.0

* :feature:`395 major` Add ``twine check`` command to check long description
* :feature:`392 major` Drop support for Python 3.3
* :feature:`363` Empower ``--skip-existing`` for Artifactory repositories
* :bug:`367 major` Avoid MD5 when Python is compiled in FIPS mode

1.11.0

* :bug:`269 major` Avoid uploading to PyPI when given alternate
repository URL, and require ``http://`` or ``https://`` in
``repository_url``.
* :support:`277` Add instructions on how to use keyring.
* :support:`314` Add new maintainer, release checklists.
* :bug:`322 major` Raise exception if attempting upload to deprecated legacy
PyPI URLs.
* :feature:`320` Remove PyPI as default ``register`` package index.
* :feature:`319` Support Metadata 2.1 (:pep:`566`), including Markdown
for ``description`` fields.
* :support:`318` `Update PyPI URLs
<https://packaging.python.org/guides/migrating-to-pypi-org/>`_.

1.10.0

* :bug:`315 major` Degrade gracefully when keyring is unavailable
* :feature:`304` Reorganize & improve user & developer documentation.
* :feature:`46` Link to changelog from ``README``
* :feature:`295` Add doc building instructions
* :feature:`296` Add architecture overview to docs
* :feature:`303` Revise docs predicting future of ``twine``
* :bug:`298 major` Fix syntax highlighting in ``README``
* :bug:`299 major` Fix changelog formatting
* :bug:`200 major` Remove obsolete registration guidance
* :bug:`286 major` Fix Travis CI and test configuration
* :feature:`257` Declare support for Python 3.6
* :bug:`297 major` Fix Read the Docs, tox, Travis configuration
* :bug:`268 major` Print progress to ``stdout``, not ``stderr``
* :bug:`265 major` Fix ``--repository[-url]`` help text
* :feature:`256` Improve progressbar

1.9.1

* :bug:`-` Blacklist known bad versions of Requests. See also :bug:`253`

1.9.0

* :support:`-` Twine will now resolve passwords using the
`keyring <https://pypi.org/project/keyring/>`_ if available.
Module can be required with the ``keyring`` extra.
* :support:`-` Twine will use ``hashlib.blake2b`` on Python 3.6+
instead of using pyblake2 for Blake2 hashes 256 bit hashes.
* :support:`-` Twine sends less information about the user's system in
the User-Agent string. See also :bug:`229`
* :support:`-` Fix ``--skip-existing`` when used to upload a package
for the first time.  See also :bug:`220`
* :support:`-` Fix precedence of ``--repository-url`` over
``--repository``. See also :bug:`206`

Links

• PyPI: https://pypi.org/project/twine
• Changelog: https://pyup.io/changelogs/twine/
• Docs: https://twine.readthedocs.io/

Update wheel from 0.29.0 to 0.34.2.

Changelog

0.34.2

- Fixed installation of ``wheel`` from sdist on environments without Unicode
file name support

0.34.1

- Fixed installation of ``wheel`` from sdist which was broken due to a chicken
and egg problem with PEP 517 and setuptools_scm

0.34.0

- Dropped Python 3.4 support
- Added automatic platform tag detection for macOS binary wheels
(PR by Grzegorz Bokota)
- Added the ``--compression=`` option to the ``bdist_wheel`` command
- Fixed PyPy tag generation to work with the updated semantics (328)
- Updated project packaging and testing configuration for :pep:`517`
- Moved the contents of setup.py to setup.cfg
- Fixed duplicate RECORD file when using ``wheel pack`` on Windows
- Fixed bdist_wheel failing at cleanup on Windows with a read-only source tree
- Fixed ``wheel pack`` not respecting the existing build tag in ``WHEEL``
- Switched the project to use the "src" layout
- Switched to setuptools_scm_ for versioning

.. _setuptools_scm: https://github.com/pypa/setuptools_scm/

0.33.6

- Fixed regression from 0.33.5 that broke building binary wheels against the
limited ABI
- Fixed egg2wheel compatibility with the future release of Python 3.10
(PR by Anthony Sottile)

0.33.5

- Don't add the ``m`` ABI flag to wheel names on Python 3.8 (PR by rdb)
- Updated ``MANIFEST.in`` to include many previously omitted files in the sdist

0.33.4

- Reverted PR 289 (adding directory entries to the wheel file) due to
incompatibility with ``distlib.wheel``

0.33.3

- Fixed wheel build failures on some systems due to all attributes being
preserved (PR by Matt Wozniski)

0.33.2

- Fixed empty directories missing from the wheel (PR by Jason R. Coombs)

0.33.1

- Fixed the ``--build-number`` option for ``wheel pack`` not being applied

0.33.0

- Added the ``--build-number`` option to the ``wheel pack`` command
- Fixed bad shebangs sneaking into wheels
- Fixed documentation issue with ``wheel pack`` erroneously being called
``wheel repack``
- Fixed filenames with "bad" characters (like commas) not being quoted in
``RECORD`` (PR by Paul Moore)
- Sort requirements extras to ensure deterministic builds
(PR by PoncinMatthieu)
- Forced ``inplace = False`` when building a C extension for the wheel

0.32.3

- Fixed compatibility with Python 2.7.0 – 2.7.3
- Fixed handling of direct URL requirements with markers (PR by Benoit Pierre)

0.32.2

- Fixed build number appearing in the ``.dist-info`` directory name
- Made wheel file name parsing more permissive
- Fixed wrong Python tag in wheels converted from eggs
(PR by John T. Wodder II)

0.32.1

- Fixed ``AttributeError: 'Requirement' object has no attribute 'url'`` on
setuptools/pkg_resources versions older than 18.8 (PR by Benoit Pierre)
- Fixed ``AttributeError: 'module' object has no attribute
'algorithms_available'`` on Python < 2.7.9 (PR by Benoit Pierre)
- Fixed permissions on the generated ``.dist-info/RECORD`` file

0.32.0

- Removed wheel signing and verifying features
- Removed the "wheel install" and "wheel installscripts" commands
- Added the ``wheel pack`` command
- Allowed multiple license files to be specified using the ``license_files``
option
- Deprecated the ``license_file`` option
- Eliminated duplicate lines from generated requirements in
``.dist-info/METADATA`` (thanks to Wim Glenn for the contribution)
- Fixed handling of direct URL specifiers in requirements
(PR by Benoit Pierre)
- Fixed canonicalization of extras (PR by Benoit Pierre)
- Warn when the deprecated ``[wheel]`` section is used in ``setup.cfg``
(PR by Jon Dufresne)

0.31.1

- Fixed arch as ``None`` when converting eggs to wheels

0.31.0

- Fixed displaying of errors on Python 3
- Fixed single digit versions in wheel files not being properly recognized
- Fixed wrong character encodings being used (instead of UTF-8) to read and
write ``RECORD`` (this sometimes crashed bdist_wheel too)
- Enabled Zip64 support in wheels by default
- Metadata-Version is now 2.1
- Dropped DESCRIPTION.rst and metadata.json from the list of generated files
- Dropped support for the non-standard, undocumented ``provides-extra`` and
``requires-dist`` keywords in setup.cfg metadata
- Deprecated all wheel signing and signature verification commands
- Removed the (already defunct) ``tool`` extras from setup.py

0.30.0

- Added py-limited-api {cp32|cp33|cp34|...} flag to produce cpNN.abi3.{arch}
tags on CPython 3.
- Documented the ``license_file`` metadata key
- Improved Python, abi tagging for ``wheel convert``. Thanks Ales Erjavec.
- Fixed ``>`` being prepended to lines starting with "From" in the long
description
- Added support for specifying a build number (as per PEP 427).
Thanks Ian Cordasco.
- Made the order of files in generated ZIP files deterministic.
Thanks Matthias Bach.
- Made the order of requirements in metadata deterministic. Thanks Chris Lamb.
- Fixed ``wheel install`` clobbering existing files
- Improved the error message when trying to verify an unsigned wheel file
- Removed support for Python 2.6, 3.2 and 3.3.

Links

• PyPI: https://pypi.org/project/wheel
• Changelog: https://pyup.io/changelogs/wheel/
• Repo: https://github.com/pypa/wheel

Update appdirs from 1.4.0 to 1.4.3.

Changelog

1.4.3

-------------
- [PR 76] Python 3.6 invalid escape sequence deprecation fixes
- Fix for Python 3.6 support

1.4.2

-------------
- [PR 84] Allow installing without setuptools
- [PR 86] Fix string delimiters in setup.py description
- Add Python 3.6 support

1.4.1

-------------
- [issue 38] Fix _winreg import on Windows Py3
- [issue 55] Make appname optional

Links

• PyPI: https://pypi.org/project/appdirs
• Changelog: https://pyup.io/changelogs/appdirs/
• Repo: http://github.com/ActiveState/appdirs

Update check-manifest from 0.35 to 0.41.

Changelog

0.41

-----------------

- Support `PEP 517`_, i.e. packages using pyproject.toml instead of a setup.py
(`105 <https://github.com/mgedmin/check-manifest/issues/105>`_).

.. _PEP 517: https://www.python.org/dev/peps/pep-0517/

- Ignore subcommand stderr unless the subcommand fails.  This avoids treating
warning messages as filenames.  (`110
<https://github.com/mgedmin/check-manifest/issues/110>`_.)

0.40

-----------------

- Add Python 3.8 support.

0.39

-----------------

- You can now use check-manifest as a `pre-commit <https://pre-commit.com>`_
hook (`100 <https://github.com/mgedmin/check-manifest/issues/100>`__).

0.38

-----------------

- Add Python 3.7 support.

- Drop Python 3.4 support.

- Added GitHub templates to default ignore patterns.

- Added reading check-manifest config out of ``tox.ini`` or ``pyproject.toml``.

0.37

-----------------

- Drop Python 3.3 support.

- Support packages using ``setuptools_scm``
(`68 <https://github.com/mgedmin/check-manifest/issues/68>`__).

Note that ``setuptools_scm`` usually makes MANIFEST.in files obsolete.
Having one is helpful only if you intend to build an sdist and then use that
sdist to perform further builds, instead of building from a source checkout.

0.36

-----------------

- Handle empty VCS repositories more gracefully
(`84 <https://github.com/mgedmin/check-manifest/issues/84>`__).

Links

• PyPI: https://pypi.org/project/check-manifest
• Changelog: https://pyup.io/changelogs/check-manifest/
• Repo: https://github.com/mgedmin/check-manifest

Update colorama from 0.3.7 to 0.4.3.

Changelog

0.4.1

* Fix issue 196: prevent exponential number of calls when calling 'init'
 multiple times. Reported by bbayles and fixed by Delgan.

0.4.0

* Fix issue 142: reset LIGHT_EX colors with RESET_ALL. Reported by Delgan
* Fix issue 147: ignore invalid "erase" ANSI codes. Reported by shin-
* Fix issues 163 and 164: fix stream wrapping under PyCharm. Contributed
 by veleek and Delgan.
* Thanks to jdufresne for various code cleanup and updates to documentation
 and project metadata.
 (pull requests 171, 172, 173, 174, 176, 177, 189, 190, 192)
* 186: added contextlib magic methods to ansitowin32.StreamWrapper.
 Contributed by hoefling.
* Fix issue 131: don't cache stdio handles, since they might be
 closed/changed by fd redirection. This fixes an issue with pytest.
 Contributed by segevfiner.
* 146, 157: Drop support for EOL Python 2.5, 2.6, 3.1, 3.2 and 3.3,
 and add 3.6. Thanks to hugovk.

0.3.9

* Revert fix for issue 103 which causes problems for dependent applications

0.3.8

* Fix issue 121: "invalid escape sequence" deprecation fixes on Python 3.6+
* Fix issue 110: fix "set console title" when working with unicode strings
* Fix issue 103: enable color when using "input" function on Python 3.5+
* Fix issue 95: enable color when stderr is a tty but stdout is not

Links

• PyPI: https://pypi.org/project/colorama
• Changelog: https://pyup.io/changelogs/colorama/
• Repo: https://github.com/tartley/colorama

Update coverage from 4.3.4 to 5.1.

Changelog

5.1

--------------------------

- The JSON report now includes counts of covered and missing branches. Thanks,
Salvatore Zagaria.

- On Python 3.8, try-finally-return reported wrong branch coverage with
decorated async functions (`issue 946`_).  This is now fixed. Thanks, Kjell
Braden.

- The :meth:`~coverage.Coverage.get_option` and
:meth:`~coverage.Coverage.set_option` methods can now manipulate the
``[paths]`` configuration setting.  Thanks to Bernát Gábor for the fix for
`issue 967`_.

.. _issue 946: https://github.com/nedbat/coveragepy/issues/946
.. _issue 967: https://github.com/nedbat/coveragepy/issues/967


.. _changes_504:

5.0.4

----------------------------

- If using the ``[run] relative_files`` setting, the XML report will use
relative files in the ``<source>`` elemen

[coveralls]

Coverage remained the same at 93.925% when pulling 6ee69fd on pyup/scheduled-update-2020-05-01 into f0b2f6b on master.

[pyup-bot]

Closing this in favor of #129