Skip to content

Commit

Permalink
Bump pip from 21.3.1 to 22.0.3 (PR #3761)
Browse files Browse the repository at this point in the history 
Bumps [pip](https://github.com/pypa/pip) from 21.3.1 to 22.0.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>22.0.3 (2022-02-03)</h1>
<h2>Features</h2>
<ul>
<li>Print the exception via <code>rich.traceback</code>, when running with <code>--debug</code>. (<code>[#10791](pypa/pip#10791) &lt;https://github.com/pypa/pip/issues/10791&gt;</code>_)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>
<p>Only calculate topological installation order, for packages that are going to be installed/upgraded.</p>
<p>This fixes an <code>AssertionError</code> that occured when determining installation order, for a very specific combination of upgrading-already-installed-package + change of dependencies + fetching some packages from a package index. This combination was especially common in Read the Docs' builds. (<code>[#10851](pypa/pip#10851) &lt;https://github.com/pypa/pip/issues/10851&gt;</code>_)</p>
</li>
<li>
<p>Use <code>html.parser</code> by default, instead of falling back to <code>html5lib</code> when <code>--use-deprecated=html5lib</code> is not passed. (<code>[#10869](pypa/pip#10869) &lt;https://github.com/pypa/pip/issues/10869&gt;</code>_)</p>
</li>
</ul>
<h2>Improved Documentation</h2>
<ul>
<li>Clarify that using per-requirement overrides disables the usage of wheels. (<code>[#9674](pypa/pip#9674) &lt;https://github.com/pypa/pip/issues/9674&gt;</code>_)</li>
</ul>
<h1>22.0.2 (2022-01-30)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Instead of failing on index pages that use non-compliant HTML 5, print a deprecation warning and fall back to <code>html5lib</code>-based parsing for now. This simplifies the migration for non-compliant index pages, by letting such indexes function with a warning. (<code>[#10847](pypa/pip#10847) &lt;https://github.com/pypa/pip/issues/10847&gt;</code>_)</li>
</ul>
<h1>22.0.1 (2022-01-30)</h1>
<h2>Bug Fixes</h2>
<ul>
<li>Accept lowercase <code>&lt;!doctype html&gt;</code> on index pages. (<code>[#10844](pypa/pip#10844) &lt;https://github.com/pypa/pip/issues/10844&gt;</code>_)</li>
<li>Properly handle links parsed by html5lib, when using <code>--use-deprecated=html5lib</code>. (<code>[#10846](pypa/pip#10846) &lt;https://github.com/pypa/pip/issues/10846&gt;</code>_)</li>
</ul>
<h1>22.0 (2022-01-29)</h1>
<h2>Process</h2>
<ul>
<li>Completely replace :pypi:<code>tox</code> in our development workflow, with :pypi:<code>nox</code>.</li>
</ul>
<p>Deprecations and Removals</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/44018de50cafba25445a225c1a1986d6312e1ef3"><code>44018de</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/65f096c432d60d5f0214793becd592e1c1c3b624"><code>65f096c</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/7d50964bcb1b25f9fe2c49fe447ab58aad2b4247"><code>7d50964</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/10876">#10876</a> from mbacchi/vcs_support_typo</li>
<li><a href="https://github.com/pypa/pip/commit/ff8dbb458a59905c5462d339a63536257aad497a"><code>ff8dbb4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/10867">#10867</a> from mauritsvanrees/maurits-topoligical-weights-req...</li>
<li><a href="https://github.com/pypa/pip/commit/b3f5cad73241e25a25ce7d50eb9175dbafcfd8db"><code>b3f5cad</code></a> Update news/10851.bugfix.rst</li>
<li><a href="https://github.com/pypa/pip/commit/cf4655f474cb8a04fa6b274ee0edaf774546a79b"><code>cf4655f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/10869">#10869</a> from pradyunsg/put-html5lib-behind-flag</li>
<li><a href="https://github.com/pypa/pip/commit/3608b42ef0ab39a2d50335356644f8f3464f651a"><code>3608b42</code></a> Fix minor typo in vcs support doc</li>
<li><a href="https://github.com/pypa/pip/commit/6c92a33b6e22f099edac8f4df594ffe6a18eb6e2"><code>6c92a33</code></a> Place the link as &quot;context&quot; instead of &quot;Link:&quot;</li>
<li><a href="https://github.com/pypa/pip/commit/7a3b0f1ae1cc59ae6566694e47887728a7976ab9"><code>7a3b0f1</code></a> 📰</li>
<li><a href="https://github.com/pypa/pip/commit/d7fed8fe9382c4f4442d7aa6216f41c8ed6f1ea3"><code>d7fed8f</code></a> Use rich.traceback with debug mode (<a href="https://github-redirect.dependabot.com/pypa/pip/issues/10832">#10832</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/21.3.1...22.0.3">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=21.3.1&new-version=22.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
  • Loading branch information
@dependabot @inmantaci
dependabot[bot] authored and inmantaci committed Feb 14, 2022
1 parent a5f5f6a commit a169e90
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 1 deletion.
6 changes: 6 additions & 0 deletions changelogs/unreleased/3761-dependabot.yml
View file
@@ -0,0 +1,6 @@
change-type: patch
description: Bump pip from 21.3.1 to 22.0.3
destination-branches:
- master
- iso5
sections: {}
2 changes: 1 addition & 1 deletion requirements.txt
View file
Expand Up @@ -12,7 +12,7 @@ jinja2==3.0.3
more-itertools==8.12.0
netifaces==0.11.0
packaging==21.3
pip==21.3.1
pip==22.0.3
ply==3.11
pydantic==1.9.0
pyformance==0.4
Expand Down

0 comments on commit a169e90

Please sign in to comment.