Bump pipenv from 2018.10.13 to 2018.11.26

[dependabot-preview]

⚠️ Dependabot is rebasing this PR ⚠️

If you make any changes to it yourself then they will take precedence over the rebase.

---

Bumps pipenv from 2018.10.13 to 2018.11.26.

Release notes

Sourced from pipenv's releases.

2018.11.26 (2018-11-26)

Bug Fixes

• Environment variables are expanded correctly before running scripts
  on POSIX. #3178
• Pipenv will no longer disable user-mode installation when the
  --system flag is passed in. #3222
• Fixed an issue with attempting to render unicode output in
  non-unicode locales. #3223
• Fixed a bug which could cause failures to occur when parsing python
  entries from global pyenv version files. #3224
• Fixed an issue which prevented the parsing of named extras sections
  from certain setup.py files. #3230
• Correctly detect the virtualenv location inside an activated
  virtualenv. #3231
• Fixed a bug which caused spinner frames to be written to stdout
  during locking operations which could cause redirection pipes to
  fail. #3239
• Fixed a bug that editable pacakges can't be uninstalled
  correctly. #3240
• Corrected an issue with installation timeouts which caused
  dependency resolution to fail for longer duration resolution
  steps. #3244
• Adding normal pep 508 compatible markers is now fully functional
  when using VCS dependencies. #3249
• Updated requirementslib and pythonfinder for multiple
  bugfixes. #3254
• Pipenv will now ignore hashes when installing with
  --skip-lock. #3255
• Fixed an issue where pipenv could crash when multiple pipenv
  processes attempted to create the same directory. #3257
• Fixed an issue which sometimes prevented successful creation of
  project pipfiles. #3260
• pipenv install will now unset the PYTHONHOME environment
  variable when not combined with --system. #3261
• Pipenv will ensure that warnings do not interfere with the
  resolution process by suppressing warnings' usage of standard output
  and writing to standard error instead. #3273
• Fixed an issue which prevented variables from the environment, such
  as PIPENV_DEV or PIPENV_SYSTEM, from being parsed and
  implemented correctly. #3278
• Clear pythonfinder cache after Python
  install. #3287
• Fixed a race condition in hash resolution for dependencies for
  certain dependencies with missing cache entries or fresh Pipenv
  installs. #3289
• Pipenv will now respect top-level pins over VCS dependency

... (truncated)

Changelog

Sourced from pipenv's changelog.

2018.11.26 (2018-11-26)

Bug Fixes

• Environment variables are expanded correctly before running scripts on POSIX. #3178 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3178>_
• Pipenv will no longer disable user-mode installation when the --system flag is passed in. #3222 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3222>_
• Fixed an issue with attempting to render unicode output in non-unicode locales. #3223 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3223>_
• Fixed a bug which could cause failures to occur when parsing python entries from global pyenv version files. #3224 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3224>_
• Fixed an issue which prevented the parsing of named extras sections from certain setup.py files. #3230 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3230>_
• Correctly detect the virtualenv location inside an activated virtualenv. #3231 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3231>_
• Fixed a bug which caused spinner frames to be written to stdout during locking operations which could cause redirection pipes to fail. #3239 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3239>_
• Fixed a bug that editable pacakges can't be uninstalled correctly. #3240 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3240>_
• Corrected an issue with installation timeouts which caused dependency resolution to fail for longer duration resolution steps. #3244 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3244>_
• Adding normal pep 508 compatible markers is now fully functional when using VCS dependencies. #3249 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3249>_
• Updated requirementslib and pythonfinder for multiple bugfixes. #3254 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3254>_
• Pipenv will now ignore hashes when installing with --skip-lock. #3255 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3255>_
• Fixed an issue where pipenv could crash when multiple pipenv processes attempted to create the same directory. #3257 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3257>_
• Fixed an issue which sometimes prevented successful creation of project pipfiles. #3260 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3260>_
• pipenv install will now unset the PYTHONHOME environment variable when not combined with --system. #3261 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3261>_
• Pipenv will ensure that warnings do not interfere with the resolution process by suppressing warnings' usage of standard output and writing to standard error instead. #3273 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3273>_
• Fixed an issue which prevented variables from the environment, such as PIPENV_DEV or PIPENV_SYSTEM, from being parsed and implemented correctly. #3278 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3278>_
• Clear pythonfinder cache after Python install. #3287 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3287>_
• Fixed a race condition in hash resolution for dependencies for certain dependencies with missing cache entries or fresh Pipenv installs. #3289 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3289>_
• Pipenv will now respect top-level pins over VCS dependency locks. #3296 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3296>_

Vendored Libraries

• Update vendored dependencies to resolve resolution output parsing and python finding:
  • pythonfinder 1.1.9 -> 1.1.10
  • requirementslib 1.3.1 -> 1.3.3
  • vistir 0.2.3 -> 0.2.5 #3280 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3280>_

2018.11.14 (2018-11-14)

Features & Improvements

• Improved exceptions and error handling on failures. #1977 <https://github-redirect.dependabot.com/pypa/pipenv/issues/1977>_
• Added persistent settings for all CLI flags via PIPENV_{FLAG_NAME} environment variables by enabling auto_envvar_prefix=PIPENV in click (implements PEEP-0002). #2200 <https://github-redirect.dependabot.com/pypa/pipenv/issues/2200>_
• Added improved messaging about available but skipped updates due to dependency conflicts when running pipenv update --outdated. #2411 <https://github-redirect.dependabot.com/pypa/pipenv/issues/2411>_
• Added environment variable PIPENV_PYUP_API_KEY to add ability
  to override the bundled pyup.io API key. #2825 <https://github-redirect.dependabot.com/pypa/pipenv/issues/2825>_
• Added additional output to pipenv update --outdated to indicate that the operation succeded and all packages were already up to date. #2828 <https://github-redirect.dependabot.com/pypa/pipenv/issues/2828>_
• Updated crayons patch to enable colors on native powershell but swap native blue for magenta. #3020 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3020>_
• Added support for --bare to pipenv clean, and fixed pipenv sync --bare to actually reduce output. #3041 <https://github-redirect.dependabot.com/pypa/pipenv/issues/3041>_

... (truncated)

Commits

• 742ae1b Release v2018.11.26
• 5402384 Fix pipenv sync error msg
• e433b0e Update lockfile
• 93f82c4 Fix accidentally-shortened installation timeouts
• bd51de4 Merge pull request #3297 from pypa/bugfix/3296
• 6b4a9a5 Fix dependencies
• 9e0d6bc Update release scripts, fix packaging scripts
• 4e44229 Merge branch 'master' into bugfix/3296
• 1ed7ae9 Fix vcs locking, prefer pipfile entries once locked
• 2ed0384 Merge pull request #3295 from pypa/bugfix/3278
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

[coveralls]

Coverage remained the same at 100.0% when pulling 6260c19 on dependabot/pip/pipenv-2018.11.26 into ecb2b11 on master.

[coveralls]

Coverage remained the same at 100.0% when pulling 771f6cf on dependabot/pip/pipenv-2018.11.26 into abebe69 on master.

[jrbenny35]

@dependabot-bot rebase?