Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update pip to 20.2.2 #465

Closed
wants to merge 1 commit into from
Closed

Conversation

pyup-bot
Copy link
Collaborator

This PR updates pip from 20.0.2 to 20.2.2.

Changelog

20.2.2

===================

Bug Fixes
---------

- Only attempt to use the keyring once and if it fails, don't try again.
This prevents spamming users with several keyring unlock prompts when they
cannot unlock or don't want to do so. (`8090 <https://github.com/pypa/pip/issues/8090>`_)
- Fix regression that distributions in system site-packages are not correctly
found when a virtual environment is configured with ``system-site-packages``
on. (`8695 <https://github.com/pypa/pip/issues/8695>`_)
- Disable caching for range requests, which causes corrupted wheels
when pip tries to obtain metadata using the feature ``fast-deps``. (`8701 <https://github.com/pypa/pip/issues/8701>`_, `8716 <https://github.com/pypa/pip/issues/8716>`_)
- Always use UTF-8 to read ``pyvenv.cfg`` to match the built-in ``venv``. (`8717 <https://github.com/pypa/pip/issues/8717>`_)
- 2020 Resolver: Correctly handle marker evaluation in constraints and exclude
them if their markers do not match the current environment. (`8724 <https://github.com/pypa/pip/issues/8724>`_)

20.2.1

===================

Features
--------

- Ignore require-virtualenv in ``pip list`` (`8603 <https://github.com/pypa/pip/issues/8603>`_)

Bug Fixes
---------

- Correctly find already-installed distributions with dot (``.``) in the name
and uninstall them when needed. (`8645 <https://github.com/pypa/pip/issues/8645>`_)
- Trace a better error message on installation failure due to invalid ``.data``
files in wheels. (`8654 <https://github.com/pypa/pip/issues/8654>`_)
- Fix SVN version detection for alternative SVN distributions. (`8665 <https://github.com/pypa/pip/issues/8665>`_)
- New resolver: Correctly include the base package when specified with extras
in ``--no-deps`` mode. (`8677 <https://github.com/pypa/pip/issues/8677>`_)
- Use UTF-8 to handle ZIP archive entries on Python 2 according to PEP 427, so
non-ASCII paths can be resolved as expected. (`8684 <https://github.com/pypa/pip/issues/8684>`_)

Improved Documentation
----------------------

- Add details on old resolver deprecation and removal to migration documentation. (`8371 <https://github.com/pypa/pip/issues/8371>`_)
- Fix feature flag name in docs. (`8660 <https://github.com/pypa/pip/issues/8660>`_)

20.2

=================

Deprecations and Removals
-------------------------

- Deprecate setup.py-based builds that do not generate an ``.egg-info`` directory. (`6998 <https://github.com/pypa/pip/issues/6998>`_, `8617 <https://github.com/pypa/pip/issues/8617>`_)
- Disallow passing install-location-related arguments in ``--install-options``. (`7309 <https://github.com/pypa/pip/issues/7309>`_)
- Add deprecation warning for invalid requirements format "base>=1.0[extra]" (`8288 <https://github.com/pypa/pip/issues/8288>`_)
- Deprecate legacy setup.py install when building a wheel failed for source
distributions without pyproject.toml (`8368 <https://github.com/pypa/pip/issues/8368>`_)
- Deprecate -b/--build/--build-dir/--build-directory. Its current behaviour is confusing
and breaks in case different versions of the same distribution need to be built during
the resolution process. Using the TMPDIR/TEMP/TMP environment variable, possibly
combined with --no-clean covers known use cases. (`8372 <https://github.com/pypa/pip/issues/8372>`_)
- Remove undocumented and deprecated option ``--always-unzip`` (`8408 <https://github.com/pypa/pip/issues/8408>`_)

Features
--------

- Log debugging information about pip, in ``pip install --verbose``. (`3166 <https://github.com/pypa/pip/issues/3166>`_)
- Refine error messages to avoid showing Python tracebacks when an HTTP error occurs. (`5380 <https://github.com/pypa/pip/issues/5380>`_)
- Install wheel files directly instead of extracting them to a temp directory. (`6030 <https://github.com/pypa/pip/issues/6030>`_)
- Add a beta version of pip's next-generation dependency resolver.

Move pip's new resolver into beta, remove the
``--unstable-feature=resolver`` flag, and enable the
``--use-feature=2020-resolver`` flag. The new resolver is
significantly stricter and more consistent when it receives
incompatible instructions, and reduces support for certain kinds of
:ref:`Constraints Files`, so some workarounds and workflows may
break. More details about how to test and migrate, and how to report
issues, at :ref:`Resolver changes 2020` . Maintainers are preparing to

20.2b1

===================

Bug Fixes
---------

- Correctly treat wheels containing non-ASCII file contents so they can be
installed on Windows. (`5712 <https://github.com/pypa/pip/issues/5712>`_)
- Prompt the user for password if the keyring backend doesn't return one (`7998 <https://github.com/pypa/pip/issues/7998>`_)

Improved Documentation
----------------------

- Add GitHub issue template for reporting when the dependency resolver fails (`8207 <https://github.com/pypa/pip/issues/8207>`_)

20.1.1

===================

Deprecations and Removals
-------------------------

- Revert building of local directories in place, restoring the pre-20.1
behaviour of copying to a temporary directory. (`7555 <https://github.com/pypa/pip/issues/7555>`_)
- Drop parallelization from ``pip list --outdated``. (`8167 <https://github.com/pypa/pip/issues/8167>`_)

Bug Fixes
---------

- Fix metadata permission issues when umask has the executable bit set. (`8164 <https://github.com/pypa/pip/issues/8164>`_)
- Avoid unnecessary message about the wheel package not being installed
when a wheel would not have been built. Additionally, clarify the message. (`8178 <https://github.com/pypa/pip/issues/8178>`_)

20.1

=================

Process
-------

- Document that pip 21.0 will drop support for Python 2.7.

Features
--------

- Add ``pip cache dir`` to show the cache directory. (`7350 <https://github.com/pypa/pip/issues/7350>`_)

Bug Fixes
---------

- Abort pip cache commands early when cache is disabled. (`8124 <https://github.com/pypa/pip/issues/8124>`_)
- Correctly set permissions on metadata files during wheel installation,
to permit non-privileged users to read from system site-packages. (`8139 <https://github.com/pypa/pip/issues/8139>`_)

20.1b1

===================

Deprecations and Removals
-------------------------

- Remove emails from AUTHORS.txt to prevent usage for spamming, and only populate names in AUTHORS.txt at time of release (`5979 <https://github.com/pypa/pip/issues/5979>`_)
- Remove deprecated ``--skip-requirements-regex`` option. (`7297 <https://github.com/pypa/pip/issues/7297>`_)
- Building of local directories is now done in place, instead of a temporary
location containing a copy of the directory tree. (`7555 <https://github.com/pypa/pip/issues/7555>`_)
- Remove unused ``tests/scripts/test_all_pip.py`` test script and the ``tests/scripts`` folder. (`7680 <https://github.com/pypa/pip/issues/7680>`_)

Features
--------

- pip now implements PEP 610, so ``pip freeze`` has better fidelity
in presence of distributions installed from Direct URL requirements. (`609 <https://github.com/pypa/pip/issues/609>`_)
- Add ``pip cache`` command for inspecting/managing pip's wheel cache. (`6391 <https://github.com/pypa/pip/issues/6391>`_)
- Raise error if ``--user`` and ``--target`` are used together in ``pip install`` (`7249 <https://github.com/pypa/pip/issues/7249>`_)
- Significantly improve performance when ``--find-links`` points to a very large HTML page. (`7729 <https://github.com/pypa/pip/issues/7729>`_)
- Indicate when wheel building is skipped, due to lack of the ``wheel`` package. (`7768 <https://github.com/pypa/pip/issues/7768>`_)
- Change default behaviour to always cache responses from trusted-host source. (`7847 <https://github.com/pypa/pip/issues/7847>`_)
- An alpha version of a new resolver is available via ``--unstable-feature=resolver``. (`988 <https://github.com/pypa/pip/issues/988>`_)

Bug Fixes
---------

- Correctly freeze a VCS editable package when it is nested inside another VCS repository. (`3988 <https://github.com/pypa/pip/issues/3988>`_)
- Correctly handle ``%2F`` in URL parameters to avoid accidentally unescape them
into ``/``. (`6446 <https://github.com/pypa/pip/issues/6446>`_)
- Reject VCS URLs with an empty revision. (`7402 <https://github.com/pypa/pip/issues/7402>`_)
- Warn when an invalid URL is passed with ``--index-url`` (`7430 <https://github.com/pypa/pip/issues/7430>`_)
- Use better mechanism for handling temporary files, when recording metadata
about installed files (RECORD) and the installer (INSTALLER). (`7699 <https://github.com/pypa/pip/issues/7699>`_)
- Correctly detect global site-packages availability of virtual environments
created by PyPA’s virtualenv>=20.0. (`7718 <https://github.com/pypa/pip/issues/7718>`_)
- Remove current directory from ``sys.path`` when invoked as ``python -m pip <command>`` (`7731 <https://github.com/pypa/pip/issues/7731>`_)
- Stop failing uninstallation, when trying to remove non-existent files. (`7856 <https://github.com/pypa/pip/issues/7856>`_)
- Prevent an infinite recursion with ``pip wheel`` when ``$TMPDIR`` is within the source directory. (`7872 <https://github.com/pypa/pip/issues/7872>`_)
- Significantly speedup ``pip list --outdated`` by parallelizing index interaction. (`7962 <https://github.com/pypa/pip/issues/7962>`_)
- Improve Windows compatibility when detecting writability in folder. (`8013 <https://github.com/pypa/pip/issues/8013>`_)

Vendored Libraries
------------------

- Update semi-supported debundling script to reflect that appdirs is vendored.
- Add ResolveLib as a vendored dependency.
- Upgrade certifi to 2020.04.05.1
- Upgrade contextlib2 to 0.6.0.post1
- Upgrade distro to 1.5.0.
- Upgrade idna to 2.9.
- Upgrade msgpack to 1.0.0.
- Upgrade packaging to 20.3.
- Upgrade pep517 to 0.8.2.
- Upgrade pyparsing to 2.4.7.
- Remove pytoml as a vendored dependency.
- Upgrade requests to 2.23.0.
- Add toml as a vendored dependency.
- Upgrade urllib3 to 1.25.8.

Improved Documentation
----------------------

- Emphasize that VCS URLs using git, git+git and git+http are insecure due to
lack of authentication and encryption (`1983 <https://github.com/pypa/pip/issues/1983>`_)
- Clarify the usage of --no-binary command. (`3191 <https://github.com/pypa/pip/issues/3191>`_)
- Clarify the usage of freeze command in the example of Using pip in your program (`7008 <https://github.com/pypa/pip/issues/7008>`_)
- Add a "Copyright" page. (`7767 <https://github.com/pypa/pip/issues/7767>`_)
- Added example of defining multiple values for options which support them (`7803 <https://github.com/pypa/pip/issues/7803>`_)
Links

@pyup-bot pyup-bot mentioned this pull request Aug 11, 2020
@coveralls
Copy link

Coverage Status

Coverage remained the same at 42.065% when pulling 318ed85 on pyup-update-pip-20.0.2-to-20.2.2 into 10a4d82 on master.

@pyup-bot
Copy link
Collaborator Author

pyup-bot commented Sep 8, 2020

Closing this in favor of #476

@pyup-bot pyup-bot closed this Sep 8, 2020
@ronin13 ronin13 deleted the pyup-update-pip-20.0.2-to-20.2.2 branch September 8, 2020 22:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants