Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ci(deps-dev): Bump pip from 24.0 to 24.1 in /.github/workflows (#189)
Bumps [pip](https://github.com/pypa/pip) from 24.0 to 24.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>24.1 (2024-06-20)</h1> <h2>Vendored Libraries</h2> <ul> <li>Upgrade truststore to 0.9.1.</li> </ul> <h1>24.1b2 (2024-06-12)</h1> <h2>Features</h2> <ul> <li>Report informative messages about invalid requirements. (<code>[#12713](pypa/pip#12713) <https://github.com/pypa/pip/issues/12713></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Eagerly import the self version check logic to avoid crashes while upgrading or downgrading pip at the same time. (<code>[#12675](pypa/pip#12675) <https://github.com/pypa/pip/issues/12675></code>_)</li> <li>Accommodate for mismatches between different sources of truth for extra names, for packages generated by <code>setuptools</code>. (<code>[#12688](pypa/pip#12688) <https://github.com/pypa/pip/issues/12688></code>_)</li> <li>Accommodate for development versions of CPython ending in <code>+</code> in the version string. (<code>[#12691](pypa/pip#12691) <https://github.com/pypa/pip/issues/12691></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li> <p>Upgrade packaging to 24.1</p> </li> <li> <p>Upgrade requests to 2.32.0</p> </li> <li> <p>Remove vendored colorama</p> </li> <li> <p>Remove vendored six</p> </li> <li> <p>Remove vendored webencodings</p> </li> <li> <p>Remove vendored charset_normalizer</p> <p><code>requests</code> provides optional character detection support on some APIs when processing ambiguous bytes. This isn't relevant for pip to function and we're able to remove it due to recent upstream changes.</p> </li> </ul> <h1>24.1b1 (2024-05-06)</h1> <h2>Deprecations and Removals</h2> <ul> <li> <p>Drop support for EOL Python 3.7. (<code>[#11934](pypa/pip#11934) <https://github.com/pypa/pip/issues/11934></code>_)</p> </li> <li> <p>Remove support for legacy versions and dependency specifiers.</p> <p>Packages with non standard-compliant versions or dependency specifiers are now ignored by the resolver. Already installed packages with non standard-compliant versions or dependency specifiers must be uninstalled before upgrading them. (<code>[#12063](pypa/pip#12063) <https://github.com/pypa/pip/issues/12063></code>_)</p> </li> </ul> <p>Features</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/bc877e602b5a41c19c0cfb38ee19218fa98eab1a"><code>bc877e6</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/075a3dddf1566feb77f51027df4e94110d8ec9ff"><code>075a3dd</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12774">#12774</a> from uranusjr/disable-313-uri-test</li> <li><a href="https://github.com/pypa/pip/commit/205af8ed88b171fd8fc8a9ba2c75b827a7affe40"><code>205af8e</code></a> Upgrade truststore to 0.9.1 (<a href="https://redirect.github.com/pypa/pip/issues/12707">#12707</a>)</li> <li><a href="https://github.com/pypa/pip/commit/87f874fca97b507d89538f35f4653032a553e063"><code>87f874f</code></a> Skip until 3.13.0b3 instead</li> <li><a href="https://github.com/pypa/pip/commit/596be042ea934b65d99b95e984e6cd574fa6b7dd"><code>596be04</code></a> Mark failing tests on Windows + Py3.13 as xfail</li> <li><a href="https://github.com/pypa/pip/commit/d94806f9592f03cc092079f4517039ea6c1b2e0e"><code>d94806f</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12764">#12764</a> from pradyunsg/pause-prepare-release-for-news-edits</li> <li><a href="https://github.com/pypa/pip/commit/71b168879e75796b61f524bfcedc99b1de72f58b"><code>71b1688</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12763">#12763</a> from pradyunsg/release/24.1.beta2</li> <li><a href="https://github.com/pypa/pip/commit/b2fdf3b18518decbff855f3de23e3eb14a8e0a12"><code>b2fdf3b</code></a> Pause in <code>prepare-release</code> for updating the NEWS file</li> <li><a href="https://github.com/pypa/pip/commit/17c938adec74cdacf4339b7475625e195f36ca62"><code>17c938a</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/ece225529b648918743d5c3f59da91822e32ea3a"><code>ece2255</code></a> Bump for release</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.0...24.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.0&new-version=24.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information