Skip to content

Commit

Permalink
Bump pip from 21.0 to 22.3.1 in /.github/workflows (#4)
Browse files Browse the repository at this point in the history
Bumps [pip](https://github.com/pypa/pip) from 21.0 to 22.3.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>22.3.1 (2022-11-05)</h1>
<h2>Bug Fixes</h2>
<ul>
<li>Fix entry point generation of <code>pip.X</code>,
<code>pipX.Y</code>, and <code>easy_install-X.Y</code>
to correctly account for multi-digit Python version segments (e.g. the
&quot;11&quot;
part of 3.11). (<code>[#11547](pypa/pip#11547)
&lt;https://github.com/pypa/pip/issues/11547&gt;</code>_)</li>
</ul>
<h1>22.3 (2022-10-15)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Deprecate <code>--install-options</code> which forces pip to use the
deprecated <code>install</code>
command of <code>setuptools</code>.
(<code>[#11358](pypa/pip#11358)
&lt;https://github.com/pypa/pip/issues/11358&gt;</code>_)</li>
<li>Deprecate installation with 'setup.py install' when no-binary is
enabled for
source distributions without 'pyproject.toml'.
(<code>[#11452](pypa/pip#11452)
&lt;https://github.com/pypa/pip/issues/11452&gt;</code>_)</li>
<li>Deprecate ```--no-binary`` disabling the wheel cache.
(<code>[#11454](pypa/pip#11454)
&lt;https://github.com/pypa/pip/issues/11454&gt;</code>_)</li>
<li>Remove <code>--use-feature=2020-resolver</code> opt-in flag. This
was supposed to be removed in 21.0, but missed during that release
cycle. (<code>[#11493](pypa/pip#11493)
&lt;https://github.com/pypa/pip/issues/11493&gt;</code>_)</li>
<li>Deprecate installation with 'setup.py install' when the 'wheel'
package is absent for
source distributions without 'pyproject.toml'.
(<code>[#8559](pypa/pip#8559)
&lt;https://github.com/pypa/pip/issues/8559&gt;</code>_)</li>
<li>Remove the ability to use <code>pip list --outdated</code> in
combination with <code>--format=freeze</code>.
(<code>[#9789](pypa/pip#9789)
&lt;https://github.com/pypa/pip/issues/9789&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>Use <code>shell=True</code> for opening the editor with <code>pip
config edit</code>.
(<code>[#10716](pypa/pip#10716)
&lt;https://github.com/pypa/pip/issues/10716&gt;</code>_)</li>
<li>Use the <code>data-dist-info-metadata</code> attribute from
:pep:<code>658</code> to resolve distribution metadata without
downloading the dist yet.
(<code>[#11111](pypa/pip#11111)
&lt;https://github.com/pypa/pip/issues/11111&gt;</code>_)</li>
<li>Add an option to run the test suite with pip built as a zipapp.
(<code>[#11250](pypa/pip#11250)
&lt;https://github.com/pypa/pip/issues/11250&gt;</code>_)</li>
<li>Add a <code>--python</code> option to allow pip to manage Python
environments other
than the one pip is installed in.
(<code>[#11320](pypa/pip#11320)
&lt;https://github.com/pypa/pip/issues/11320&gt;</code>_)</li>
<li>Document the new (experimental) zipapp distribution of pip.
(<code>[#11459](pypa/pip#11459)
&lt;https://github.com/pypa/pip/issues/11459&gt;</code>_)</li>
<li>Use the much faster 'bzr co --lightweight' to obtain a copy of a
Bazaar tree. (<code>[#5444](pypa/pip#5444)
&lt;https://github.com/pypa/pip/issues/5444&gt;</code>_)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Fix <code>--no-index</code> when <code>--index-url</code> or
<code>--extra-index-url</code> is specified
inside a requirements file.
(<code>[#11276](pypa/pip#11276)
&lt;https://github.com/pypa/pip/issues/11276&gt;</code>_)</li>
<li>Ensure that the candidate <code>pip</code> executable exists, when
checking for a new version of pip.
(<code>[#11309](pypa/pip#11309)
&lt;https://github.com/pypa/pip/issues/11309&gt;</code>_)</li>
<li>Ignore distributions with invalid <code>Name</code> in metadata
instead of crashing, when
using the <code>importlib.metadata</code> backend.
(<code>[#11352](pypa/pip#11352)
&lt;https://github.com/pypa/pip/issues/11352&gt;</code>_)</li>
<li>Raise RequirementsFileParseError when parsing malformed requirements
options that can't be sucessfully parsed by shlex.
(<code>[#11491](pypa/pip#11491)
&lt;https://github.com/pypa/pip/issues/11491&gt;</code>_)</li>
<li>Fix build environment isolation on some system Pythons.
(<code>[#6264](pypa/pip#6264)
&lt;https://github.com/pypa/pip/issues/6264&gt;</code>_)</li>
</ul>
<p>Vendored Libraries</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/1463081f10de6bfad81afe0d68272e7c3bedbadf"><code>1463081</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/22fd64ac0b68782acb308e2484b553a2ecadff78"><code>22fd64a</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/pypa/pip/issues/11547">#11547</a>
from uranusjr/entry-point-python-version-replacemen...</li>
<li><a
href="https://github.com/pypa/pip/commit/0a76da3a94130fad58b086e331c3d3e1b02a89eb"><code>0a76da3</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/25638287f8b8bd571a10c4f5ae1b7f4eae454dcc"><code>2563828</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/e86f27fe4ee3fe45fc0fcd2372f71d39d1d013c1"><code>e86f27f</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/pypa/pip/issues/11493">#11493</a>
from pradyunsg/remove-2020-resolver-opt-in</li>
<li><a
href="https://github.com/pypa/pip/commit/1fcc3ce4b531ac6bc80c1d102d4ef9610074e195"><code>1fcc3ce</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/pypa/pip/issues/11514">#11514</a>
from pradyunsg/certifi-update</li>
<li><a
href="https://github.com/pypa/pip/commit/65c23fa99d19af8ebd375e7129213794dce4b4b2"><code>65c23fa</code></a>
Unnormalise the certifi version</li>
<li><a
href="https://github.com/pypa/pip/commit/739158cc80f138dbed9e426f3408811acef2d993"><code>739158c</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/pypa/pip/issues/11516">#11516</a>
from pradyunsg/check-manifest</li>
<li><a
href="https://github.com/pypa/pip/commit/4e48bbc31cf34b1b4ccd100a787d1204ddb8866b"><code>4e48bbc</code></a>
Move check-manifest to a CI check</li>
<li><a
href="https://github.com/pypa/pip/commit/1b7e5ef34f926f33fa7932239229220dd65eb7a6"><code>1b7e5ef</code></a>
Upgrade certifi to 2022.9.24</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/21.0...22.3.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=21.0&new-version=22.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
  • Loading branch information
clementprevot committed Nov 16, 2022
2 parents be363ed + c8c5740 commit 22fa681
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/constraints.txt
@@ -1,4 +1,4 @@
pip==21.0
pip==22.3.1
pre-commit==2.9.3
black==20.8b1
flake8==5.0.4
Expand Down

0 comments on commit 22fa681

Please sign in to comment.