Skip to content
This repository has been archived by the owner on Mar 15, 2022. It is now read-only.

Bump pip from 19.1.1 to 19.2 in /docker/build_scripts #20

Closed

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jun 9, 2021

Bumps pip from 19.1.1 to 19.2.

Changelog

Sourced from pip's changelog.

19.2 (2019-07-22)

Deprecations and Removals

  • Drop support for EOL Python 3.4. ([#6685](https://github.com/pypa/pip/issues/6685) <https://github.com/pypa/pip/issues/6685>_)
  • Improve deprecation messages to include the version in which the functionality will be removed. ([#6549](https://github.com/pypa/pip/issues/6549) <https://github.com/pypa/pip/issues/6549>_)

Features

  • Credentials will now be loaded using keyring when installed. ([#5948](https://github.com/pypa/pip/issues/5948) <https://github.com/pypa/pip/issues/5948>_)
  • Fully support using --trusted-host inside requirements files. ([#3799](https://github.com/pypa/pip/issues/3799) <https://github.com/pypa/pip/issues/3799>_)
  • Update timestamps in pip's --log file to include milliseconds. ([#6587](https://github.com/pypa/pip/issues/6587) <https://github.com/pypa/pip/issues/6587>_)
  • Respect whether a file has been marked as "yanked" from a simple repository (see PEP 592 <https://www.python.org/dev/peps/pep-0592/>__ for details). ([#6633](https://github.com/pypa/pip/issues/6633) <https://github.com/pypa/pip/issues/6633>_)
  • When choosing candidates to install, prefer candidates with a hash matching one of the user-provided hashes. ([#5874](https://github.com/pypa/pip/issues/5874) <https://github.com/pypa/pip/issues/5874>_)
  • Improve the error message when METADATA or PKG-INFO is None when accessing metadata. ([#5082](https://github.com/pypa/pip/issues/5082) <https://github.com/pypa/pip/issues/5082>_)
  • Add a new command pip debug that can display e.g. the list of compatible tags for the current Python. ([#6638](https://github.com/pypa/pip/issues/6638) <https://github.com/pypa/pip/issues/6638>_)
  • Display hint on installing with --pre when search results include pre-release versions. ([#5169](https://github.com/pypa/pip/issues/5169) <https://github.com/pypa/pip/issues/5169>_)
  • Report to Warehouse that pip is running under CI if the PIP_IS_CI environment variable is set. ([#5499](https://github.com/pypa/pip/issues/5499) <https://github.com/pypa/pip/issues/5499>_)
  • Allow --python-version to be passed as a dotted version string (e.g. 3.7 or 3.7.3). ([#6585](https://github.com/pypa/pip/issues/6585) <https://github.com/pypa/pip/issues/6585>_)
  • Log the final filename and SHA256 of a .whl file when done building a wheel. ([#5908](https://github.com/pypa/pip/issues/5908) <https://github.com/pypa/pip/issues/5908>_)
  • Include the wheel's tags in the log message explanation when a candidate wheel link is found incompatible. ([#6121](https://github.com/pypa/pip/issues/6121) <https://github.com/pypa/pip/issues/6121>_)
  • Add a --path argument to pip freeze to support --target installations. ([#6404](https://github.com/pypa/pip/issues/6404) <https://github.com/pypa/pip/issues/6404>_)
  • Add a --path argument to pip list to support --target installations. ([#6551](https://github.com/pypa/pip/issues/6551) <https://github.com/pypa/pip/issues/6551>_)

Bug Fixes

  • Set sys.argv[0] to the underlying setup.py when invoking setup.py via the setuptools shim so setuptools doesn't think the path is -c. ([#1890](https://github.com/pypa/pip/issues/1890) <https://github.com/pypa/pip/issues/1890>_)
  • Update pip download to respect the given --python-version when checking "Requires-Python". ([#5369](https://github.com/pypa/pip/issues/5369) <https://github.com/pypa/pip/issues/5369>_)
  • Respect --global-option and --install-option when installing from a version control url (e.g. git). ([#5518](https://github.com/pypa/pip/issues/5518) <https://github.com/pypa/pip/issues/5518>_)
  • Make the "ascii" progress bar really be "ascii" and not Unicode. ([#5671](https://github.com/pypa/pip/issues/5671) <https://github.com/pypa/pip/issues/5671>_)
  • Fail elegantly when trying to set an incorrectly formatted key in config. ([#5963](https://github.com/pypa/pip/issues/5963) <https://github.com/pypa/pip/issues/5963>_)
  • Prevent DistutilsOptionError when prefix is indicated in the global environment and --target is used. ([#6008](https://github.com/pypa/pip/issues/6008) <https://github.com/pypa/pip/issues/6008>_)
  • Fix pip install to respect --ignore-requires-python when evaluating links. ([#6371](https://github.com/pypa/pip/issues/6371) <https://github.com/pypa/pip/issues/6371>_)

... (truncated)

Commits
  • 0e64295 Generate NEWS
  • 0df416d Bump version for release
  • 5f0aa2a Generate AUTHORS.txt
  • 8582f7e Reduce dependency on ctypes when discovering glibc version. (#6678)
  • e308497 Merge pull request #6743 from chrahunt/maint/remove-path-copytree
  • 9281a7a Remove copytree from tests.lib.path.Path.
  • 0d28601 Remove copy from tests.lib.path.Path. (#6746)
  • c275e9d Drop a useless import in favor of explicitness
  • 3732e79 Remove normpath from tests.lib.path.Path.
  • 358e690 Remove move from tests.lib.path.Path.
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [pip](https://github.com/pypa/pip) from 19.1.1 to 19.2.
- [Release notes](https://github.com/pypa/pip/releases)
- [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst)
- [Commits](pypa/pip@19.1.1...19.2)

---
updated-dependencies:
- dependency-name: pip
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 9, 2021
pip==20.0.2 \
--hash=sha256:4ae14a42d8adba3205ebeb38aa68cfc0b6c346e1ae2e699a0b3bad4da19cef5c \
--hash=sha256:7db0c8ea4c7ea51c8049640e8e6e7fde949de672bfa4949920675563a5a6967f
pip==19.2 \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this does not look correct

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Nov 15, 2021

Superseded by #22.

@dependabot dependabot bot closed this Nov 15, 2021
@dependabot dependabot bot deleted the dependabot/pip/docker/build_scripts/pip-19.2 branch November 15, 2021 17:48
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant