Bump pip from 20.0.2 to 20.1

[dependabot-preview]

Bumps pip from 20.0.2 to 20.1.

Changelog

Sourced from pip's changelog.

20.1 (2020-04-28)

Process

• Document that pip 21.0 will drop support for Python 2.7.

Features

• Add pip cache dir to show the cache directory. (#7350)

Bug Fixes

• Abort pip cache commands early when cache is disabled. (#8124)
• Correctly set permissions on metadata files during wheel installation, to permit non-privileged users to read from system site-packages. (#8139)

20.1b1 (2020-04-21)

Deprecations and Removals

• Remove emails from AUTHORS.txt to prevent usage for spamming, and only populate names in AUTHORS.txt at time of release (#5979)
• Remove deprecated --skip-requirements-regex option. (#7297)
• Building of local directories is now done in place, instead of a temporary location containing a copy of the directory tree. (#7555)
• Remove unused tests/scripts/test_all_pip.py test script and the tests/scripts folder. (#7680)

Features

• pip now implements PEP 610, so pip freeze has better fidelity in presence of distributions installed from Direct URL requirements. (#609)
• Add pip cache command for inspecting/managing pip's wheel cache. (#6391)
• Raise error if --user and --target are used together in pip install (#7249)
• Significantly improve performance when --find-links points to a very large HTML page. (#7729)
• Indicate when wheel building is skipped, due to lack of the wheel package. (#7768)
• Change default behaviour to always cache responses from trusted-host source. (#7847)
• An alpha version of a new resolver is available via --unstable-feature=resolver. (#988)

Bug Fixes

• Correctly freeze a VCS editable package when it is nested inside another VCS repository. (#3988)
• Correctly handle %2F in URL parameters to avoid accidentally unescape them into /. (#6446)
• Reject VCS URLs with an empty revision. (#7402)
• Warn when an invalid URL is passed with --index-url (#7430)
• Use better mechanism for handling temporary files, when recording metadata about installed files (RECORD) and the installer (INSTALLER). (#7699)
• Correctly detect global site-packages availability of virtual environments created by PyPA’s virtualenv>=20.0. (#7718)

... (truncated)

Commits

• 5ce941c Bump for release
• 7090f80 Update AUTHORS.txt
• 371d6f5 Merge pull request #8157 from pradyunsg/cache/ignore-require-venv
• a12fc7c Ignore require-virtualenv in pip cache
• 22bd8ad Merge pull request #8095 from hugovk/pip-cache-dir2
• c4c2870 Merge pull request #8144 from uranusjr/wheel-install-permissions
• 2245fce Make the permission logic more generic
• 6b640d1 Add test for 'pip cache dir 123' with too many arguments
• 45f762e Merge pull request #7780 from AndydeCleyre/bugfix/7728
• a24fbd9 Wording on news fragment
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[coveralls]

Coverage remained the same at 42.065% when pulling 7d7d8ae on dependabot/pip/pip-20.1 into 10a4d82 on master.

[dependabot-preview]

Superseded by #419.