Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve UX and Performance of Install step #12712

Open
1 task done
notatallshaw opened this issue May 19, 2024 · 17 comments
Open
1 task done

Improve UX and Performance of Install step #12712

notatallshaw opened this issue May 19, 2024 · 17 comments
Assignees
Labels
type: performance Commands take too long to run UX User experience related

Comments

@notatallshaw
Copy link
Member

notatallshaw commented May 19, 2024

What's the problem this feature will solve?

At the moment when the final install step starts pip gives no output what it is doing, in some real world cases (e.g. large pytorch installations or airflow installs) this steps can take over 30 seconds on fast machines, so minutes on slow machines. The user is left wondering if anything is happening.

Describe the solution you'd like

I would like to see the following improvements:

  1. Log a message that pip is starting to install packages
  2. Present a progress bar that tracks the number of packages installed out of the total packages to be installed
  3. Improve any obvious performance bottlenecks (see follow up post with profile)
  4. Run installs in parallel (made seperate issue Install packages in parallel #12742)

Alternative Solutions

I think at a bare minimum there should be a log message that lets the user know what's happening.

Additional context

uv runs installs in parallel, and following their issue tracker it does not appear to be problematic, to do this a cli option to control the maximum number would need to be added, the same as how there is a PR for parallel downloads to do this.

Code of Conduct

@notatallshaw notatallshaw added S: needs triage Issues/PRs that need to be triaged type: feature request Request for a new feature labels May 19, 2024
@notatallshaw
Copy link
Member Author

notatallshaw commented May 19, 2024

This scenario is artifically constructed to best profile the installer code by removing the need to download, build sdists, or resolve:

  1. python3.12 -m venv .venv
  2. source .venv/bin/activate
  3. <install latest/dev pip>
  4. wget https://raw.githubusercontent.com/apache/airflow/constraints-2.9.1/constraints-3.12.txt
  5. python -m pip download -d downloads -r constraints-3.12.txt
  6. cd downloads
  7. for file in $(ls *.tar.gz); do pip wheel --no-deps "$file" && mv "$file" "$file".built ; done
  8. for file in $(ls *.zip); do pip wheel --no-deps "$file" && mv "$file" "$file".built ; done
  9. cd -
  10. python -m pip install --only-binary=:all: --no-index --ignore-installed --no-deps --find-links file://${PWD}/downloads -r constraints-3.12.txt

I ran with and without --dry-run to see the timing difference:
Dry Run: 32s
Regular Install: 144s

I profiled with and without --dry-run to see the profile difference:

Dry Run Profile

airflow-no-deps-dry-run-install

Regular Install Profile

airflow-no-deps-install

There are some clear hotspots here, I will take a look when I have time if there are some easy ways to reduce those hotspots if no one else does.

@ichard26 ichard26 added type: performance Commands take too long to run and removed type: feature request Request for a new feature S: needs triage Issues/PRs that need to be triaged labels May 19, 2024
@ichard26
Copy link
Member

The get_dist_name() hot spot should be vastly improved by #12656 FWIW. I scheduled the PR for 24.2 as it feels a bit risky to ship in 24.1 final. Please say something if anyone feels differently.

@pfmoore
Copy link
Member

pfmoore commented May 19, 2024

I see no issues with the UI proposal, but I'd want parallel installs to be a separate feature. I can imagine pathological cases where things could break when installing in parallel, and while the experience of uv is encouraging (as is the fact that normal cases are clearly safe) my instinct is that every pathological case is being exercised by some user of pip, somewhere. So we should isolate the risk here by making it a separate feature.

@ichard26 ichard26 added the UX User experience related label May 19, 2024
@notatallshaw
Copy link
Member Author

notatallshaw commented May 19, 2024

The get_dist_name() hot spot should be vastly improved by #12656 FWIW. I scheduled the PR for 24.2 as it feels a bit risky to ship in 24.1 final. Please say something if anyone feels differently.

Great, I'll reprofile with this PR. I personally wasn't imagining any of these ideas would land for 24.1.

I'd want parallel installs to be a separate feature

Agree, I'll make a seperate issue for that.

Honestly, the others I feel like I could make PRs that safely improve pip, I'm unsure about parralel installs, I think it would at a minimum carefully need to look at what current multiple installs tests there are and potentially expanding them to have a good matrix of different possibilities.

@notatallshaw
Copy link
Member Author

notatallshaw commented Jun 2, 2024

Log a message that pip is starting to install packages

Btw, I was looking at this recently because I noticed pip does tell you it's installing packages. The specific scenario I was seeing was the following:

  1. You install a large number of packages
  2. You then install a large number of semi-overlapping packages

On step two this produces the following behavior:

  1. Packages are resolved and pip tells you what packages it is going to install
  2. Pip then quickly uninstalls old packages, filling up the screen
  3. There is a long wait with no update on the screen while pip is installing
  4. Pip then lists all packages it installed

The real world situaiton this happens is installing large machine learning packages, particularly because you install a bunch of packages from the pytorch index, and then install a bunch of packages from pypi.

I think there are a couple of possible solutions:

  1. Re-order or add additional messages, e.g. move or add and "install" message after the uninstalls have completed
  2. Add progress bars to both uninstalling packages and installing packages, so it's clear pip is doing things

I will take a look at PRs when I have a chance.

@ichard26
Copy link
Member

ichard26 commented Jun 6, 2024

Caching the result of utils.compatibility_tags.get_supported() in the resolver factory should be another easy win1 (~3% or 4s in the example above)

return self._wheel_cache.get_cache_entry(
link=link,
package_name=name,
supported_tags=get_supported(),
)

I'll submit a PR when I get the chance.

Footnotes

  1. I strongly suspect that get_supported() is only "slow" (as in, 1-5ms) on Linux due to the large amount of supported tags per system.

@ichard26
Copy link
Member

ichard26 commented Jul 16, 2024

While taking a look at #12601, I was curious to how easy it would be to add an installation progress bar. The progress bar was pretty trivial to add by extending the pre-existing progress logic... However, it did not play nicely with the logging stack, so any intervening logs would break the progress bar. To fix this, I had to redo how rich was initialized in the logging stack which took a bit 🙂

Anyway, here's a demo:

Screencast.from.2024-07-15.22-31-35.webm

What do you think @notatallshaw?

  • I'll note that your mental model for how pip installs packages is wrong. The uninstalls occur "on-demand" right before its replacement package is about to be installed (i.e. the uninstalls/installs are interwoven), so an uninstallation progress bar doesn't really make sense.
  • I also chose to include the package currently being installed in the progress bar. Yes, in most situations, the per-package installation time is so low that most packages are never shown to the user (like in the demo), but there are exceptions. If we're installing some massive package, it'd be nice to let the user know we're stuck on $package. I don't feel strongly about this though so I'm fine dropping it.
  • I chose to hide the progress bar after the installation step since the "successfully installed ..." printout is going to be emitted anyway.
  • The progress bar does feel a bit choppy. This is intentional. I set the progress bar refresh rate to 5 times per second to minimize the added overhead. I don't want a fancy progress bar to add a ton of overhead, haha.1

Footnotes

  1. Ideally, the presentation logic would simply disable the progress bar outright when writing to a non-TTY, but that's a future thing to think about.

@ichard26
Copy link
Member

ichard26 commented Jul 16, 2024

Hmm, it would definitely look less rough if I left-justified the package name. Here's another demo, but the package name is justified to the longest name length seen so far (as doing it properly feels like going against the API contract of pips' progress bars).

Screencast.from.2024-07-15.23-06-07.webm

It does kinda look weird. Perhaps after the bar?

Screencast.from.2024-07-15.23-11-40.webm

I think this looks the best out of all of them :)

@notatallshaw
Copy link
Member Author

I'll note that your mental model for how pip installs packages is wrong. The uninstalls occur "on-demand" right before its replacement package is about to be installed (i.e. the uninstalls/installs are interwoven), so an uninstallation progress bar doesn't really make sense.

Ah, I see, my confusion is that is how pip's current logging displays what is happening. It logs all uninstalls, and then logs what packages it has installed, sometimes there can be a significant time between the last uninstall message and the install message, giving this impression.

I also chose to include the package currently being installed in the progress bar. Yes, in most situations, the per-package installation time is so low that most packages are never shown to the user (like in the demo), but there are exceptions. If we're installing some massive package, it'd be nice to let the user know we're stuck on $package. I don't feel strongly about this though so I'm fine dropping it.

I agree, if you want to try large packages installation where individual packages will be noticable you can do: pip install torch torchvision torchaudio

I think this looks the best out of all of them :)

Yes, I think anything left of the progress bar should be fixed width, and ideally not updating at all. At least in left to right English having the left hand side update feels like I need to keep rereading the whole line, but the right hand side updating just feels like I need to look at the right hand side to check updates.

Once you have a PR I'm happy to throw some difficult scenarios against it.

mergify bot pushed a commit to aws/jsii that referenced this issue Jul 29, 2024
…k/test/generated-code (#4584)

Bumps [pip](https://github.com/pypa/pip) from 24.1.2 to 24.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>24.2 (2024-07-28)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Deprecate <code>pip install --editable</code> falling back to <code>setup.py develop</code>
when using a setuptools version that does not support :pep:<code>660</code>
(setuptools v63 and older). (<code>[#11457](pypa/pip#11457) &lt;https://github.com/pypa/pip/issues/11457&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Check unsupported packages for the current platform. (<code>[#11054](pypa/pip#11054) &lt;https://github.com/pypa/pip/issues/11054&gt;</code>_)</p>
</li>
<li>
<p>Use system certificates <em>and</em> certifi certificates to verify HTTPS connections on Python 3.10+.
Python 3.9 and earlier only use certifi.</p>
<p>To revert to previous behaviour, pass the flag <code>--use-deprecated=legacy-certs</code>. (<code>[#11647](pypa/pip#11647) &lt;https://github.com/pypa/pip/issues/11647&gt;</code>_)</p>
</li>
<li>
<p>Improve discovery performance of installed packages when the <code>importlib.metadata</code>
backend is used to load distribution metadata (used by default under Python 3.11+). (<code>[#12656](pypa/pip#12656) &lt;https://github.com/pypa/pip/issues/12656&gt;</code>_)</p>
</li>
<li>
<p>Improve performance when the same requirement string appears many times during
resolution, by consistently caching the parsed requirement string. (<code>[#12663](pypa/pip#12663) &lt;https://github.com/pypa/pip/issues/12663&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement of finding applicable package candidates by not
repeatedly calculating their versions (<code>[#12664](pypa/pip#12664) &lt;https://github.com/pypa/pip/issues/12664&gt;</code>_)</p>
</li>
<li>
<p>Disable pip's self version check when invoking a pip subprocess to install
PEP 517 build requirements. (<code>[#12683](pypa/pip#12683) &lt;https://github.com/pypa/pip/issues/12683&gt;</code>_)</p>
</li>
<li>
<p>Improve dependency resolution performance by caching platform compatibility
tags during wheel cache lookup. (<code>[#12712](pypa/pip#12712) &lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p><code>wheel</code> is no longer explicitly listed as a build dependency of <code>pip</code>.
<code>setuptools</code> injects this dependency in the <code>get_requires_for_build_wheel()</code>
hook and no longer needs it on newer versions. (<code>[#12728](pypa/pip#12728) &lt;https://github.com/pypa/pip/issues/12728&gt;</code>_)</p>
</li>
<li>
<p>Ignore <code>--require-virtualenv</code> for <code>pip check</code> and <code>pip freeze</code> (<code>[#12842](pypa/pip#12842) &lt;https://github.com/pypa/pip/issues/12842&gt;</code>_)</p>
</li>
<li>
<p>Improve package download and install performance.</p>
<p>Increase chunk sizes when downloading (256 kB, up from 10 kB) and reading files (1 MB, up from 8 kB).
This reduces the frequency of updates to pip's progress bar. (<code>[#12810](pypa/pip#12810) &lt;https://github.com/pypa/pip/issues/12810&gt;</code>_)</p>
</li>
<li>
<p>Improve pip install performance.</p>
<p>Files are now extracted in 1MB blocks, or in one block matching the file size for
smaller files. A decompressor is no longer instantiated when extracting 0 bytes files,
it is not necessary because there is no data to decompress. (<code>[#12803](pypa/pip#12803) &lt;https://github.com/pypa/pip/issues/12803&gt;</code>_)</p>
</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Set <code>no_color</code> to global <code>rich.Console</code> instance. (<code>[#11045](pypa/pip#11045) &lt;https://github.com/pypa/pip/issues/11045&gt;</code>_)</li>
<li>Fix resolution to respect <code>--python-version</code> when checking <code>Requires-Python</code>. (<code>[#12216](pypa/pip#12216) &lt;https://github.com/pypa/pip/issues/12216&gt;</code>_)</li>
<li>Perform hash comparisons in a case-insensitive manner. (<code>[#12680](pypa/pip#12680) &lt;https://github.com/pypa/pip/issues/12680&gt;</code>_)</li>
<li>Avoid <code>dlopen</code> failure for glibc detection in musl builds (<code>[#12716](pypa/pip#12716) &lt;https://github.com/pypa/pip/issues/12716&gt;</code>_)</li>
<li>Avoid keyring logging crashes when pip is run in verbose mode. (<code>[#12751](pypa/pip#12751) &lt;https://github.com/pypa/pip/issues/12751&gt;</code>_)</li>
</ul>

</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/97146c7f4cd85551f3dc261830a57f304e43c181"><code>97146c7</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/ef81b2eafd390fb56f62930dcd74f6e4580093e0"><code>ef81b2e</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/350a0570a88b6c0d13c68f81ac08dc64f954cadf"><code>350a057</code></a> Bump the github-actions group with 2 updates (<a href="https://redirect.github.com/pypa/pip/issues/12876">#12876</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/184390f4f2cde0316801eb701f49dda4f7a9a6ac"><code>184390f</code></a> Update dependabot.yml to bump group updates (<a href="https://redirect.github.com/pypa/pip/issues/12572">#12572</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/48917f1c0375496058d677f652a90de6bee4dc8c"><code>48917f1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12875">#12875</a> from hellozee/fix-unit-test</li>
<li><a href="https://github.com/pypa/pip/commit/dd85c28464dbfc9b3a53c885a41c209e4700ad2d"><code>dd85c28</code></a> Fix invalid origin test to check all the logged messages</li>
<li><a href="https://github.com/pypa/pip/commit/203780b5d167c4d01c55df7adc91d5ad1a0563aa"><code>203780b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12865">#12865</a> from pradyunsg/better-exception-handling-around-sel...</li>
<li><a href="https://github.com/pypa/pip/commit/e50314134886d5eb5b650b3ce95abaafcb6dce10"><code>e503141</code></a> Properly mock <code>_self_version_check_logic</code></li>
<li><a href="https://github.com/pypa/pip/commit/3518d3293445ad43eedba116b6182185c03abda3"><code>3518d32</code></a> Rework how <code>--debug</code> is handled in <code>main</code></li>
<li><a href="https://github.com/pypa/pip/commit/be21d82e4362c00aab451ef1cf212d9a62f8e58e"><code>be21d82</code></a> Move exception suppression to cover more of self-version-check logic</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.1.2...24.2">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.1.2&new-version=24.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
mergify bot pushed a commit to aws/jsii that referenced this issue Jul 29, 2024
…s/@jsii/python-runtime (#4588)

Updates the requirements on [pip](https://github.com/pypa/pip) to permit the latest version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>24.2 (2024-07-28)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Deprecate <code>pip install --editable</code> falling back to <code>setup.py develop</code>
when using a setuptools version that does not support :pep:<code>660</code>
(setuptools v63 and older). (<code>[#11457](pypa/pip#11457) &lt;https://github.com/pypa/pip/issues/11457&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Check unsupported packages for the current platform. (<code>[#11054](pypa/pip#11054) &lt;https://github.com/pypa/pip/issues/11054&gt;</code>_)</p>
</li>
<li>
<p>Use system certificates <em>and</em> certifi certificates to verify HTTPS connections on Python 3.10+.
Python 3.9 and earlier only use certifi.</p>
<p>To revert to previous behaviour, pass the flag <code>--use-deprecated=legacy-certs</code>. (<code>[#11647](pypa/pip#11647) &lt;https://github.com/pypa/pip/issues/11647&gt;</code>_)</p>
</li>
<li>
<p>Improve discovery performance of installed packages when the <code>importlib.metadata</code>
backend is used to load distribution metadata (used by default under Python 3.11+). (<code>[#12656](pypa/pip#12656) &lt;https://github.com/pypa/pip/issues/12656&gt;</code>_)</p>
</li>
<li>
<p>Improve performance when the same requirement string appears many times during
resolution, by consistently caching the parsed requirement string. (<code>[#12663](pypa/pip#12663) &lt;https://github.com/pypa/pip/issues/12663&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement of finding applicable package candidates by not
repeatedly calculating their versions (<code>[#12664](pypa/pip#12664) &lt;https://github.com/pypa/pip/issues/12664&gt;</code>_)</p>
</li>
<li>
<p>Disable pip's self version check when invoking a pip subprocess to install
PEP 517 build requirements. (<code>[#12683](pypa/pip#12683) &lt;https://github.com/pypa/pip/issues/12683&gt;</code>_)</p>
</li>
<li>
<p>Improve dependency resolution performance by caching platform compatibility
tags during wheel cache lookup. (<code>[#12712](pypa/pip#12712) &lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p><code>wheel</code> is no longer explicitly listed as a build dependency of <code>pip</code>.
<code>setuptools</code> injects this dependency in the <code>get_requires_for_build_wheel()</code>
hook and no longer needs it on newer versions. (<code>[#12728](pypa/pip#12728) &lt;https://github.com/pypa/pip/issues/12728&gt;</code>_)</p>
</li>
<li>
<p>Ignore <code>--require-virtualenv</code> for <code>pip check</code> and <code>pip freeze</code> (<code>[#12842](pypa/pip#12842) &lt;https://github.com/pypa/pip/issues/12842&gt;</code>_)</p>
</li>
<li>
<p>Improve package download and install performance.</p>
<p>Increase chunk sizes when downloading (256 kB, up from 10 kB) and reading files (1 MB, up from 8 kB).
This reduces the frequency of updates to pip's progress bar. (<code>[#12810](pypa/pip#12810) &lt;https://github.com/pypa/pip/issues/12810&gt;</code>_)</p>
</li>
<li>
<p>Improve pip install performance.</p>
<p>Files are now extracted in 1MB blocks, or in one block matching the file size for
smaller files. A decompressor is no longer instantiated when extracting 0 bytes files,
it is not necessary because there is no data to decompress. (<code>[#12803](pypa/pip#12803) &lt;https://github.com/pypa/pip/issues/12803&gt;</code>_)</p>
</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Set <code>no_color</code> to global <code>rich.Console</code> instance. (<code>[#11045](pypa/pip#11045) &lt;https://github.com/pypa/pip/issues/11045&gt;</code>_)</li>
<li>Fix resolution to respect <code>--python-version</code> when checking <code>Requires-Python</code>. (<code>[#12216](pypa/pip#12216) &lt;https://github.com/pypa/pip/issues/12216&gt;</code>_)</li>
<li>Perform hash comparisons in a case-insensitive manner. (<code>[#12680](pypa/pip#12680) &lt;https://github.com/pypa/pip/issues/12680&gt;</code>_)</li>
<li>Avoid <code>dlopen</code> failure for glibc detection in musl builds (<code>[#12716](pypa/pip#12716) &lt;https://github.com/pypa/pip/issues/12716&gt;</code>_)</li>
<li>Avoid keyring logging crashes when pip is run in verbose mode. (<code>[#12751](pypa/pip#12751) &lt;https://github.com/pypa/pip/issues/12751&gt;</code>_)</li>
</ul>

</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/97146c7f4cd85551f3dc261830a57f304e43c181"><code>97146c7</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/ef81b2eafd390fb56f62930dcd74f6e4580093e0"><code>ef81b2e</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/350a0570a88b6c0d13c68f81ac08dc64f954cadf"><code>350a057</code></a> Bump the github-actions group with 2 updates (<a href="https://redirect.github.com/pypa/pip/issues/12876">#12876</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/184390f4f2cde0316801eb701f49dda4f7a9a6ac"><code>184390f</code></a> Update dependabot.yml to bump group updates (<a href="https://redirect.github.com/pypa/pip/issues/12572">#12572</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/48917f1c0375496058d677f652a90de6bee4dc8c"><code>48917f1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12875">#12875</a> from hellozee/fix-unit-test</li>
<li><a href="https://github.com/pypa/pip/commit/dd85c28464dbfc9b3a53c885a41c209e4700ad2d"><code>dd85c28</code></a> Fix invalid origin test to check all the logged messages</li>
<li><a href="https://github.com/pypa/pip/commit/203780b5d167c4d01c55df7adc91d5ad1a0563aa"><code>203780b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12865">#12865</a> from pradyunsg/better-exception-handling-around-sel...</li>
<li><a href="https://github.com/pypa/pip/commit/e50314134886d5eb5b650b3ce95abaafcb6dce10"><code>e503141</code></a> Properly mock <code>_self_version_check_logic</code></li>
<li><a href="https://github.com/pypa/pip/commit/3518d3293445ad43eedba116b6182185c03abda3"><code>3518d32</code></a> Rework how <code>--debug</code> is handled in <code>main</code></li>
<li><a href="https://github.com/pypa/pip/commit/be21d82e4362c00aab451ef1cf212d9a62f8e58e"><code>be21d82</code></a> Move exception suppression to cover more of self-version-check logic</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.1...24.2">compare view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
inmantaci pushed a commit to inmanta/inmanta-core that referenced this issue Jul 29, 2024
Bumps [pip](https://github.com/pypa/pip) from 24.1.2 to 24.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>24.2 (2024-07-28)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Deprecate <code>pip install --editable</code> falling back to <code>setup.py develop</code>
when using a setuptools version that does not support :pep:<code>660</code>
(setuptools v63 and older). (<code>[#11457](pypa/pip#11457) &lt;https://github.com/pypa/pip/issues/11457&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Check unsupported packages for the current platform. (<code>[#11054](pypa/pip#11054) &lt;https://github.com/pypa/pip/issues/11054&gt;</code>_)</p>
</li>
<li>
<p>Use system certificates <em>and</em> certifi certificates to verify HTTPS connections on Python 3.10+.
Python 3.9 and earlier only use certifi.</p>
<p>To revert to previous behaviour, pass the flag <code>--use-deprecated=legacy-certs</code>. (<code>[#11647](pypa/pip#11647) &lt;https://github.com/pypa/pip/issues/11647&gt;</code>_)</p>
</li>
<li>
<p>Improve discovery performance of installed packages when the <code>importlib.metadata</code>
backend is used to load distribution metadata (used by default under Python 3.11+). (<code>[#12656](pypa/pip#12656) &lt;https://github.com/pypa/pip/issues/12656&gt;</code>_)</p>
</li>
<li>
<p>Improve performance when the same requirement string appears many times during
resolution, by consistently caching the parsed requirement string. (<code>[#12663](pypa/pip#12663) &lt;https://github.com/pypa/pip/issues/12663&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement of finding applicable package candidates by not
repeatedly calculating their versions (<code>[#12664](pypa/pip#12664) &lt;https://github.com/pypa/pip/issues/12664&gt;</code>_)</p>
</li>
<li>
<p>Disable pip's self version check when invoking a pip subprocess to install
PEP 517 build requirements. (<code>[#12683](pypa/pip#12683) &lt;https://github.com/pypa/pip/issues/12683&gt;</code>_)</p>
</li>
<li>
<p>Improve dependency resolution performance by caching platform compatibility
tags during wheel cache lookup. (<code>[#12712](pypa/pip#12712) &lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p><code>wheel</code> is no longer explicitly listed as a build dependency of <code>pip</code>.
<code>setuptools</code> injects this dependency in the <code>get_requires_for_build_wheel()</code>
hook and no longer needs it on newer versions. (<code>[#12728](pypa/pip#12728) &lt;https://github.com/pypa/pip/issues/12728&gt;</code>_)</p>
</li>
<li>
<p>Ignore <code>--require-virtualenv</code> for <code>pip check</code> and <code>pip freeze</code> (<code>[#12842](pypa/pip#12842) &lt;https://github.com/pypa/pip/issues/12842&gt;</code>_)</p>
</li>
<li>
<p>Improve package download and install performance.</p>
<p>Increase chunk sizes when downloading (256 kB, up from 10 kB) and reading files (1 MB, up from 8 kB).
This reduces the frequency of updates to pip's progress bar. (<code>[#12810](pypa/pip#12810) &lt;https://github.com/pypa/pip/issues/12810&gt;</code>_)</p>
</li>
<li>
<p>Improve pip install performance.</p>
<p>Files are now extracted in 1MB blocks, or in one block matching the file size for
smaller files. A decompressor is no longer instantiated when extracting 0 bytes files,
it is not necessary because there is no data to decompress. (<code>[#12803](pypa/pip#12803) &lt;https://github.com/pypa/pip/issues/12803&gt;</code>_)</p>
</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Set <code>no_color</code> to global <code>rich.Console</code> instance. (<code>[#11045](pypa/pip#11045) &lt;https://github.com/pypa/pip/issues/11045&gt;</code>_)</li>
<li>Fix resolution to respect <code>--python-version</code> when checking <code>Requires-Python</code>. (<code>[#12216](pypa/pip#12216) &lt;https://github.com/pypa/pip/issues/12216&gt;</code>_)</li>
<li>Perform hash comparisons in a case-insensitive manner. (<code>[#12680](pypa/pip#12680) &lt;https://github.com/pypa/pip/issues/12680&gt;</code>_)</li>
<li>Avoid <code>dlopen</code> failure for glibc detection in musl builds (<code>[#12716](pypa/pip#12716) &lt;https://github.com/pypa/pip/issues/12716&gt;</code>_)</li>
<li>Avoid keyring logging crashes when pip is run in verbose mode. (<code>[#12751](pypa/pip#12751) &lt;https://github.com/pypa/pip/issues/12751&gt;</code>_)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/97146c7f4cd85551f3dc261830a57f304e43c181"><code>97146c7</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/ef81b2eafd390fb56f62930dcd74f6e4580093e0"><code>ef81b2e</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/350a0570a88b6c0d13c68f81ac08dc64f954cadf"><code>350a057</code></a> Bump the github-actions group with 2 updates (<a href="https://redirect.github.com/pypa/pip/issues/12876">#12876</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/184390f4f2cde0316801eb701f49dda4f7a9a6ac"><code>184390f</code></a> Update dependabot.yml to bump group updates (<a href="https://redirect.github.com/pypa/pip/issues/12572">#12572</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/48917f1c0375496058d677f652a90de6bee4dc8c"><code>48917f1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12875">#12875</a> from hellozee/fix-unit-test</li>
<li><a href="https://github.com/pypa/pip/commit/dd85c28464dbfc9b3a53c885a41c209e4700ad2d"><code>dd85c28</code></a> Fix invalid origin test to check all the logged messages</li>
<li><a href="https://github.com/pypa/pip/commit/203780b5d167c4d01c55df7adc91d5ad1a0563aa"><code>203780b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12865">#12865</a> from pradyunsg/better-exception-handling-around-sel...</li>
<li><a href="https://github.com/pypa/pip/commit/e50314134886d5eb5b650b3ce95abaafcb6dce10"><code>e503141</code></a> Properly mock <code>_self_version_check_logic</code></li>
<li><a href="https://github.com/pypa/pip/commit/3518d3293445ad43eedba116b6182185c03abda3"><code>3518d32</code></a> Rework how <code>--debug</code> is handled in <code>main</code></li>
<li><a href="https://github.com/pypa/pip/commit/be21d82e4362c00aab451ef1cf212d9a62f8e58e"><code>be21d82</code></a> Move exception suppression to cover more of self-version-check logic</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.1.2...24.2">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.1.2&new-version=24.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
inmantaci pushed a commit to inmanta/inmanta-core that referenced this issue Jul 29, 2024
Bumps [pip](https://github.com/pypa/pip) from 24.1.2 to 24.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>24.2 (2024-07-28)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Deprecate <code>pip install --editable</code> falling back to <code>setup.py develop</code>
when using a setuptools version that does not support :pep:<code>660</code>
(setuptools v63 and older). (<code>[#11457](pypa/pip#11457) &lt;https://github.com/pypa/pip/issues/11457&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Check unsupported packages for the current platform. (<code>[#11054](pypa/pip#11054) &lt;https://github.com/pypa/pip/issues/11054&gt;</code>_)</p>
</li>
<li>
<p>Use system certificates <em>and</em> certifi certificates to verify HTTPS connections on Python 3.10+.
Python 3.9 and earlier only use certifi.</p>
<p>To revert to previous behaviour, pass the flag <code>--use-deprecated=legacy-certs</code>. (<code>[#11647](pypa/pip#11647) &lt;https://github.com/pypa/pip/issues/11647&gt;</code>_)</p>
</li>
<li>
<p>Improve discovery performance of installed packages when the <code>importlib.metadata</code>
backend is used to load distribution metadata (used by default under Python 3.11+). (<code>[#12656](pypa/pip#12656) &lt;https://github.com/pypa/pip/issues/12656&gt;</code>_)</p>
</li>
<li>
<p>Improve performance when the same requirement string appears many times during
resolution, by consistently caching the parsed requirement string. (<code>[#12663](pypa/pip#12663) &lt;https://github.com/pypa/pip/issues/12663&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement of finding applicable package candidates by not
repeatedly calculating their versions (<code>[#12664](pypa/pip#12664) &lt;https://github.com/pypa/pip/issues/12664&gt;</code>_)</p>
</li>
<li>
<p>Disable pip's self version check when invoking a pip subprocess to install
PEP 517 build requirements. (<code>[#12683](pypa/pip#12683) &lt;https://github.com/pypa/pip/issues/12683&gt;</code>_)</p>
</li>
<li>
<p>Improve dependency resolution performance by caching platform compatibility
tags during wheel cache lookup. (<code>[#12712](pypa/pip#12712) &lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p><code>wheel</code> is no longer explicitly listed as a build dependency of <code>pip</code>.
<code>setuptools</code> injects this dependency in the <code>get_requires_for_build_wheel()</code>
hook and no longer needs it on newer versions. (<code>[#12728](pypa/pip#12728) &lt;https://github.com/pypa/pip/issues/12728&gt;</code>_)</p>
</li>
<li>
<p>Ignore <code>--require-virtualenv</code> for <code>pip check</code> and <code>pip freeze</code> (<code>[#12842](pypa/pip#12842) &lt;https://github.com/pypa/pip/issues/12842&gt;</code>_)</p>
</li>
<li>
<p>Improve package download and install performance.</p>
<p>Increase chunk sizes when downloading (256 kB, up from 10 kB) and reading files (1 MB, up from 8 kB).
This reduces the frequency of updates to pip's progress bar. (<code>[#12810](pypa/pip#12810) &lt;https://github.com/pypa/pip/issues/12810&gt;</code>_)</p>
</li>
<li>
<p>Improve pip install performance.</p>
<p>Files are now extracted in 1MB blocks, or in one block matching the file size for
smaller files. A decompressor is no longer instantiated when extracting 0 bytes files,
it is not necessary because there is no data to decompress. (<code>[#12803](pypa/pip#12803) &lt;https://github.com/pypa/pip/issues/12803&gt;</code>_)</p>
</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Set <code>no_color</code> to global <code>rich.Console</code> instance. (<code>[#11045](pypa/pip#11045) &lt;https://github.com/pypa/pip/issues/11045&gt;</code>_)</li>
<li>Fix resolution to respect <code>--python-version</code> when checking <code>Requires-Python</code>. (<code>[#12216](pypa/pip#12216) &lt;https://github.com/pypa/pip/issues/12216&gt;</code>_)</li>
<li>Perform hash comparisons in a case-insensitive manner. (<code>[#12680](pypa/pip#12680) &lt;https://github.com/pypa/pip/issues/12680&gt;</code>_)</li>
<li>Avoid <code>dlopen</code> failure for glibc detection in musl builds (<code>[#12716](pypa/pip#12716) &lt;https://github.com/pypa/pip/issues/12716&gt;</code>_)</li>
<li>Avoid keyring logging crashes when pip is run in verbose mode. (<code>[#12751](pypa/pip#12751) &lt;https://github.com/pypa/pip/issues/12751&gt;</code>_)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/97146c7f4cd85551f3dc261830a57f304e43c181"><code>97146c7</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/ef81b2eafd390fb56f62930dcd74f6e4580093e0"><code>ef81b2e</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/350a0570a88b6c0d13c68f81ac08dc64f954cadf"><code>350a057</code></a> Bump the github-actions group with 2 updates (<a href="https://redirect.github.com/pypa/pip/issues/12876">#12876</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/184390f4f2cde0316801eb701f49dda4f7a9a6ac"><code>184390f</code></a> Update dependabot.yml to bump group updates (<a href="https://redirect.github.com/pypa/pip/issues/12572">#12572</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/48917f1c0375496058d677f652a90de6bee4dc8c"><code>48917f1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12875">#12875</a> from hellozee/fix-unit-test</li>
<li><a href="https://github.com/pypa/pip/commit/dd85c28464dbfc9b3a53c885a41c209e4700ad2d"><code>dd85c28</code></a> Fix invalid origin test to check all the logged messages</li>
<li><a href="https://github.com/pypa/pip/commit/203780b5d167c4d01c55df7adc91d5ad1a0563aa"><code>203780b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12865">#12865</a> from pradyunsg/better-exception-handling-around-sel...</li>
<li><a href="https://github.com/pypa/pip/commit/e50314134886d5eb5b650b3ce95abaafcb6dce10"><code>e503141</code></a> Properly mock <code>_self_version_check_logic</code></li>
<li><a href="https://github.com/pypa/pip/commit/3518d3293445ad43eedba116b6182185c03abda3"><code>3518d32</code></a> Rework how <code>--debug</code> is handled in <code>main</code></li>
<li><a href="https://github.com/pypa/pip/commit/be21d82e4362c00aab451ef1cf212d9a62f8e58e"><code>be21d82</code></a> Move exception suppression to cover more of self-version-check logic</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.1.2...24.2">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.1.2&new-version=24.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
@notatallshaw
Copy link
Member Author

Okay, since I opened this issue there's been a lot of improvement to install performance of a lot of wheels, here is my synthetic test:

  1. python3.12 -m venv .venv
  2. source .venv/bin/activate
  3. <install latest/dev pip>
  4. wget https://raw.githubusercontent.com/apache/airflow/constraints-2.9.1/constraints-3.12.txt
  5. python -m pip wheel -w wheels -r constraints-3.12.txt
  6. time python -m pip install --only-binary=:all: --no-index --ignore-installed --no-deps --find-links file://${PWD}/wheels -r constraints-3.12.txt

On pip 24.1.2:

real 2m23.338s
user 2m8.488s
sys 0m12.523s

On pip main (effectively 24.2 right now):

real 1m23.565s
user 1m11.482s
sys 0m9.681s

Here is the new call graph:

airflow-dry-install-main

In this synthetic example ~50% of them time is now spent on O(n2+) issues in resolution and ~50% of the time is spent doing wheel specific stuff. It feels like both have algorithmic or caching opportunities. When I get a chance I will take a look.

@notatallshaw
Copy link
Member Author

notatallshaw commented Aug 3, 2024

In my synthetic test I notice ~30% of the time is spent on compile_file. I notice that the standard library compile_dir will create a process pool when it can to speed things up, I wonder if it makes sense to use compile_dir on each root package directory installed, and then verify the pyc files are created as expected?

@notatallshaw
Copy link
Member Author

FYI, I beleive most other installers "optimize" this step by not compiling by default.

kai687 pushed a commit to kai687/sphinxawesome-theme that referenced this issue Aug 5, 2024
Bumps [pip](https://github.com/pypa/pip) from 24.1.2 to 24.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>24.2 (2024-07-28)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Deprecate <code>pip install --editable</code> falling back to
<code>setup.py develop</code>
when using a setuptools version that does not support
:pep:<code>660</code>
(setuptools v63 and older).
(<code>[#11457](pypa/pip#11457)
&lt;https://github.com/pypa/pip/issues/11457&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Check unsupported packages for the current platform.
(<code>[#11054](pypa/pip#11054)
&lt;https://github.com/pypa/pip/issues/11054&gt;</code>_)</p>
</li>
<li>
<p>Use system certificates <em>and</em> certifi certificates to verify
HTTPS connections on Python 3.10+.
Python 3.9 and earlier only use certifi.</p>
<p>To revert to previous behaviour, pass the flag
<code>--use-deprecated=legacy-certs</code>.
(<code>[#11647](pypa/pip#11647)
&lt;https://github.com/pypa/pip/issues/11647&gt;</code>_)</p>
</li>
<li>
<p>Improve discovery performance of installed packages when the
<code>importlib.metadata</code>
backend is used to load distribution metadata (used by default under
Python 3.11+). (<code>[#12656](pypa/pip#12656)
&lt;https://github.com/pypa/pip/issues/12656&gt;</code>_)</p>
</li>
<li>
<p>Improve performance when the same requirement string appears many
times during
resolution, by consistently caching the parsed requirement string.
(<code>[#12663](pypa/pip#12663)
&lt;https://github.com/pypa/pip/issues/12663&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement of finding applicable package
candidates by not
repeatedly calculating their versions
(<code>[#12664](pypa/pip#12664)
&lt;https://github.com/pypa/pip/issues/12664&gt;</code>_)</p>
</li>
<li>
<p>Disable pip's self version check when invoking a pip subprocess to
install
PEP 517 build requirements.
(<code>[#12683](pypa/pip#12683)
&lt;https://github.com/pypa/pip/issues/12683&gt;</code>_)</p>
</li>
<li>
<p>Improve dependency resolution performance by caching platform
compatibility
tags during wheel cache lookup.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p><code>wheel</code> is no longer explicitly listed as a build
dependency of <code>pip</code>.
<code>setuptools</code> injects this dependency in the
<code>get_requires_for_build_wheel()</code>
hook and no longer needs it on newer versions.
(<code>[#12728](pypa/pip#12728)
&lt;https://github.com/pypa/pip/issues/12728&gt;</code>_)</p>
</li>
<li>
<p>Ignore <code>--require-virtualenv</code> for <code>pip check</code>
and <code>pip freeze</code>
(<code>[#12842](pypa/pip#12842)
&lt;https://github.com/pypa/pip/issues/12842&gt;</code>_)</p>
</li>
<li>
<p>Improve package download and install performance.</p>
<p>Increase chunk sizes when downloading (256 kB, up from 10 kB) and
reading files (1 MB, up from 8 kB).
This reduces the frequency of updates to pip's progress bar.
(<code>[#12810](pypa/pip#12810)
&lt;https://github.com/pypa/pip/issues/12810&gt;</code>_)</p>
</li>
<li>
<p>Improve pip install performance.</p>
<p>Files are now extracted in 1MB blocks, or in one block matching the
file size for
smaller files. A decompressor is no longer instantiated when extracting
0 bytes files,
it is not necessary because there is no data to decompress.
(<code>[#12803](pypa/pip#12803)
&lt;https://github.com/pypa/pip/issues/12803&gt;</code>_)</p>
</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Set <code>no_color</code> to global <code>rich.Console</code>
instance. (<code>[#11045](pypa/pip#11045)
&lt;https://github.com/pypa/pip/issues/11045&gt;</code>_)</li>
<li>Fix resolution to respect <code>--python-version</code> when
checking <code>Requires-Python</code>.
(<code>[#12216](pypa/pip#12216)
&lt;https://github.com/pypa/pip/issues/12216&gt;</code>_)</li>
<li>Perform hash comparisons in a case-insensitive manner.
(<code>[#12680](pypa/pip#12680)
&lt;https://github.com/pypa/pip/issues/12680&gt;</code>_)</li>
<li>Avoid <code>dlopen</code> failure for glibc detection in musl builds
(<code>[#12716](pypa/pip#12716)
&lt;https://github.com/pypa/pip/issues/12716&gt;</code>_)</li>
<li>Avoid keyring logging crashes when pip is run in verbose mode.
(<code>[#12751](pypa/pip#12751)
&lt;https://github.com/pypa/pip/issues/12751&gt;</code>_)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/97146c7f4cd85551f3dc261830a57f304e43c181"><code>97146c7</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/ef81b2eafd390fb56f62930dcd74f6e4580093e0"><code>ef81b2e</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/350a0570a88b6c0d13c68f81ac08dc64f954cadf"><code>350a057</code></a>
Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/pypa/pip/issues/12876">#12876</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/184390f4f2cde0316801eb701f49dda4f7a9a6ac"><code>184390f</code></a>
Update dependabot.yml to bump group updates (<a
href="https://redirect.github.com/pypa/pip/issues/12572">#12572</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/48917f1c0375496058d677f652a90de6bee4dc8c"><code>48917f1</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12875">#12875</a> from
hellozee/fix-unit-test</li>
<li><a
href="https://github.com/pypa/pip/commit/dd85c28464dbfc9b3a53c885a41c209e4700ad2d"><code>dd85c28</code></a>
Fix invalid origin test to check all the logged messages</li>
<li><a
href="https://github.com/pypa/pip/commit/203780b5d167c4d01c55df7adc91d5ad1a0563aa"><code>203780b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12865">#12865</a> from
pradyunsg/better-exception-handling-around-sel...</li>
<li><a
href="https://github.com/pypa/pip/commit/e50314134886d5eb5b650b3ce95abaafcb6dce10"><code>e503141</code></a>
Properly mock <code>_self_version_check_logic</code></li>
<li><a
href="https://github.com/pypa/pip/commit/3518d3293445ad43eedba116b6182185c03abda3"><code>3518d32</code></a>
Rework how <code>--debug</code> is handled in <code>main</code></li>
<li><a
href="https://github.com/pypa/pip/commit/be21d82e4362c00aab451ef1cf212d9a62f8e58e"><code>be21d82</code></a>
Move exception suppression to cover more of self-version-check
logic</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/24.1.2...24.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.1.2&new-version=24.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
kai687 pushed a commit to kai687/sphinxawesome-theme that referenced this issue Aug 13, 2024
Bumps [pip](https://github.com/pypa/pip) from 24.1.2 to 24.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>24.2 (2024-07-28)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Deprecate <code>pip install --editable</code> falling back to
<code>setup.py develop</code>
when using a setuptools version that does not support
:pep:<code>660</code>
(setuptools v63 and older).
(<code>[#11457](pypa/pip#11457)
&lt;https://github.com/pypa/pip/issues/11457&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Check unsupported packages for the current platform.
(<code>[#11054](pypa/pip#11054)
&lt;https://github.com/pypa/pip/issues/11054&gt;</code>_)</p>
</li>
<li>
<p>Use system certificates <em>and</em> certifi certificates to verify
HTTPS connections on Python 3.10+.
Python 3.9 and earlier only use certifi.</p>
<p>To revert to previous behaviour, pass the flag
<code>--use-deprecated=legacy-certs</code>.
(<code>[#11647](pypa/pip#11647)
&lt;https://github.com/pypa/pip/issues/11647&gt;</code>_)</p>
</li>
<li>
<p>Improve discovery performance of installed packages when the
<code>importlib.metadata</code>
backend is used to load distribution metadata (used by default under
Python 3.11+). (<code>[#12656](pypa/pip#12656)
&lt;https://github.com/pypa/pip/issues/12656&gt;</code>_)</p>
</li>
<li>
<p>Improve performance when the same requirement string appears many
times during
resolution, by consistently caching the parsed requirement string.
(<code>[#12663](pypa/pip#12663)
&lt;https://github.com/pypa/pip/issues/12663&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement of finding applicable package
candidates by not
repeatedly calculating their versions
(<code>[#12664](pypa/pip#12664)
&lt;https://github.com/pypa/pip/issues/12664&gt;</code>_)</p>
</li>
<li>
<p>Disable pip's self version check when invoking a pip subprocess to
install
PEP 517 build requirements.
(<code>[#12683](pypa/pip#12683)
&lt;https://github.com/pypa/pip/issues/12683&gt;</code>_)</p>
</li>
<li>
<p>Improve dependency resolution performance by caching platform
compatibility
tags during wheel cache lookup.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p><code>wheel</code> is no longer explicitly listed as a build
dependency of <code>pip</code>.
<code>setuptools</code> injects this dependency in the
<code>get_requires_for_build_wheel()</code>
hook and no longer needs it on newer versions.
(<code>[#12728](pypa/pip#12728)
&lt;https://github.com/pypa/pip/issues/12728&gt;</code>_)</p>
</li>
<li>
<p>Ignore <code>--require-virtualenv</code> for <code>pip check</code>
and <code>pip freeze</code>
(<code>[#12842](pypa/pip#12842)
&lt;https://github.com/pypa/pip/issues/12842&gt;</code>_)</p>
</li>
<li>
<p>Improve package download and install performance.</p>
<p>Increase chunk sizes when downloading (256 kB, up from 10 kB) and
reading files (1 MB, up from 8 kB).
This reduces the frequency of updates to pip's progress bar.
(<code>[#12810](pypa/pip#12810)
&lt;https://github.com/pypa/pip/issues/12810&gt;</code>_)</p>
</li>
<li>
<p>Improve pip install performance.</p>
<p>Files are now extracted in 1MB blocks, or in one block matching the
file size for
smaller files. A decompressor is no longer instantiated when extracting
0 bytes files,
it is not necessary because there is no data to decompress.
(<code>[#12803](pypa/pip#12803)
&lt;https://github.com/pypa/pip/issues/12803&gt;</code>_)</p>
</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Set <code>no_color</code> to global <code>rich.Console</code>
instance. (<code>[#11045](pypa/pip#11045)
&lt;https://github.com/pypa/pip/issues/11045&gt;</code>_)</li>
<li>Fix resolution to respect <code>--python-version</code> when
checking <code>Requires-Python</code>.
(<code>[#12216](pypa/pip#12216)
&lt;https://github.com/pypa/pip/issues/12216&gt;</code>_)</li>
<li>Perform hash comparisons in a case-insensitive manner.
(<code>[#12680](pypa/pip#12680)
&lt;https://github.com/pypa/pip/issues/12680&gt;</code>_)</li>
<li>Avoid <code>dlopen</code> failure for glibc detection in musl builds
(<code>[#12716](pypa/pip#12716)
&lt;https://github.com/pypa/pip/issues/12716&gt;</code>_)</li>
<li>Avoid keyring logging crashes when pip is run in verbose mode.
(<code>[#12751](pypa/pip#12751)
&lt;https://github.com/pypa/pip/issues/12751&gt;</code>_)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/97146c7f4cd85551f3dc261830a57f304e43c181"><code>97146c7</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/ef81b2eafd390fb56f62930dcd74f6e4580093e0"><code>ef81b2e</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/350a0570a88b6c0d13c68f81ac08dc64f954cadf"><code>350a057</code></a>
Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/pypa/pip/issues/12876">#12876</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/184390f4f2cde0316801eb701f49dda4f7a9a6ac"><code>184390f</code></a>
Update dependabot.yml to bump group updates (<a
href="https://redirect.github.com/pypa/pip/issues/12572">#12572</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/48917f1c0375496058d677f652a90de6bee4dc8c"><code>48917f1</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12875">#12875</a> from
hellozee/fix-unit-test</li>
<li><a
href="https://github.com/pypa/pip/commit/dd85c28464dbfc9b3a53c885a41c209e4700ad2d"><code>dd85c28</code></a>
Fix invalid origin test to check all the logged messages</li>
<li><a
href="https://github.com/pypa/pip/commit/203780b5d167c4d01c55df7adc91d5ad1a0563aa"><code>203780b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12865">#12865</a> from
pradyunsg/better-exception-handling-around-sel...</li>
<li><a
href="https://github.com/pypa/pip/commit/e50314134886d5eb5b650b3ce95abaafcb6dce10"><code>e503141</code></a>
Properly mock <code>_self_version_check_logic</code></li>
<li><a
href="https://github.com/pypa/pip/commit/3518d3293445ad43eedba116b6182185c03abda3"><code>3518d32</code></a>
Rework how <code>--debug</code> is handled in <code>main</code></li>
<li><a
href="https://github.com/pypa/pip/commit/be21d82e4362c00aab451ef1cf212d9a62f8e58e"><code>be21d82</code></a>
Move exception suppression to cover more of self-version-check
logic</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/24.1.2...24.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.1.2&new-version=24.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-actions bot pushed a commit to aio-libs/aiohttp that referenced this issue Aug 21, 2024
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [pip](https://github.com/pypa/pip) from 23.2.1 to 24.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>24.2 (2024-07-28)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Deprecate <code>pip install --editable</code> falling back to
<code>setup.py develop</code>
when using a setuptools version that does not support
:pep:<code>660</code>
(setuptools v63 and older).
(<code>[#11457](pypa/pip#11457)
&lt;https://github.com/pypa/pip/issues/11457&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Check unsupported packages for the current platform.
(<code>[#11054](pypa/pip#11054)
&lt;https://github.com/pypa/pip/issues/11054&gt;</code>_)</p>
</li>
<li>
<p>Use system certificates <em>and</em> certifi certificates to verify
HTTPS connections on Python 3.10+.
Python 3.9 and earlier only use certifi.</p>
<p>To revert to previous behaviour, pass the flag
<code>--use-deprecated=legacy-certs</code>.
(<code>[#11647](pypa/pip#11647)
&lt;https://github.com/pypa/pip/issues/11647&gt;</code>_)</p>
</li>
<li>
<p>Improve discovery performance of installed packages when the
<code>importlib.metadata</code>
backend is used to load distribution metadata (used by default under
Python 3.11+). (<code>[#12656](pypa/pip#12656)
&lt;https://github.com/pypa/pip/issues/12656&gt;</code>_)</p>
</li>
<li>
<p>Improve performance when the same requirement string appears many
times during
resolution, by consistently caching the parsed requirement string.
(<code>[#12663](pypa/pip#12663)
&lt;https://github.com/pypa/pip/issues/12663&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement of finding applicable package
candidates by not
repeatedly calculating their versions
(<code>[#12664](pypa/pip#12664)
&lt;https://github.com/pypa/pip/issues/12664&gt;</code>_)</p>
</li>
<li>
<p>Disable pip's self version check when invoking a pip subprocess to
install
PEP 517 build requirements.
(<code>[#12683](pypa/pip#12683)
&lt;https://github.com/pypa/pip/issues/12683&gt;</code>_)</p>
</li>
<li>
<p>Improve dependency resolution performance by caching platform
compatibility
tags during wheel cache lookup.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p><code>wheel</code> is no longer explicitly listed as a build
dependency of <code>pip</code>.
<code>setuptools</code> injects this dependency in the
<code>get_requires_for_build_wheel()</code>
hook and no longer needs it on newer versions.
(<code>[#12728](pypa/pip#12728)
&lt;https://github.com/pypa/pip/issues/12728&gt;</code>_)</p>
</li>
<li>
<p>Ignore <code>--require-virtualenv</code> for <code>pip check</code>
and <code>pip freeze</code>
(<code>[#12842](pypa/pip#12842)
&lt;https://github.com/pypa/pip/issues/12842&gt;</code>_)</p>
</li>
<li>
<p>Improve package download and install performance.</p>
<p>Increase chunk sizes when downloading (256 kB, up from 10 kB) and
reading files (1 MB, up from 8 kB).
This reduces the frequency of updates to pip's progress bar.
(<code>[#12810](pypa/pip#12810)
&lt;https://github.com/pypa/pip/issues/12810&gt;</code>_)</p>
</li>
<li>
<p>Improve pip install performance.</p>
<p>Files are now extracted in 1MB blocks, or in one block matching the
file size for
smaller files. A decompressor is no longer instantiated when extracting
0 bytes files,
it is not necessary because there is no data to decompress.
(<code>[#12803](pypa/pip#12803)
&lt;https://github.com/pypa/pip/issues/12803&gt;</code>_)</p>
</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Set <code>no_color</code> to global <code>rich.Console</code>
instance. (<code>[#11045](pypa/pip#11045)
&lt;https://github.com/pypa/pip/issues/11045&gt;</code>_)</li>
<li>Fix resolution to respect <code>--python-version</code> when
checking <code>Requires-Python</code>.
(<code>[#12216](pypa/pip#12216)
&lt;https://github.com/pypa/pip/issues/12216&gt;</code>_)</li>
<li>Perform hash comparisons in a case-insensitive manner.
(<code>[#12680](pypa/pip#12680)
&lt;https://github.com/pypa/pip/issues/12680&gt;</code>_)</li>
<li>Avoid <code>dlopen</code> failure for glibc detection in musl builds
(<code>[#12716](pypa/pip#12716)
&lt;https://github.com/pypa/pip/issues/12716&gt;</code>_)</li>
<li>Avoid keyring logging crashes when pip is run in verbose mode.
(<code>[#12751](pypa/pip#12751)
&lt;https://github.com/pypa/pip/issues/12751&gt;</code>_)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/97146c7f4cd85551f3dc261830a57f304e43c181"><code>97146c7</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/ef81b2eafd390fb56f62930dcd74f6e4580093e0"><code>ef81b2e</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/350a0570a88b6c0d13c68f81ac08dc64f954cadf"><code>350a057</code></a>
Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/pypa/pip/issues/12876">#12876</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/184390f4f2cde0316801eb701f49dda4f7a9a6ac"><code>184390f</code></a>
Update dependabot.yml to bump group updates (<a
href="https://redirect.github.com/pypa/pip/issues/12572">#12572</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/48917f1c0375496058d677f652a90de6bee4dc8c"><code>48917f1</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12875">#12875</a> from
hellozee/fix-unit-test</li>
<li><a
href="https://github.com/pypa/pip/commit/dd85c28464dbfc9b3a53c885a41c209e4700ad2d"><code>dd85c28</code></a>
Fix invalid origin test to check all the logged messages</li>
<li><a
href="https://github.com/pypa/pip/commit/203780b5d167c4d01c55df7adc91d5ad1a0563aa"><code>203780b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12865">#12865</a> from
pradyunsg/better-exception-handling-around-sel...</li>
<li><a
href="https://github.com/pypa/pip/commit/e50314134886d5eb5b650b3ce95abaafcb6dce10"><code>e503141</code></a>
Properly mock <code>_self_version_check_logic</code></li>
<li><a
href="https://github.com/pypa/pip/commit/3518d3293445ad43eedba116b6182185c03abda3"><code>3518d32</code></a>
Rework how <code>--debug</code> is handled in <code>main</code></li>
<li><a
href="https://github.com/pypa/pip/commit/be21d82e4362c00aab451ef1cf212d9a62f8e58e"><code>be21d82</code></a>
Move exception suppression to cover more of self-version-check
logic</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/23.2.1...24.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=23.2.1&new-version=24.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@notatallshaw
Copy link
Member Author

As discussed (#12920) one helpful UX improvement would make it clear that Python is compiling byte code in pip's output when compiling is enabled, e.g. "Installing and Compiling".

github-actions bot pushed a commit to aio-libs/aiohttp that referenced this issue Aug 23, 2024
Bumps [pip](https://github.com/pypa/pip) from 23.2.1 to 24.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>24.2 (2024-07-28)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Deprecate <code>pip install --editable</code> falling back to
<code>setup.py develop</code>
when using a setuptools version that does not support
:pep:<code>660</code>
(setuptools v63 and older).
(<code>[#11457](pypa/pip#11457)
&lt;https://github.com/pypa/pip/issues/11457&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Check unsupported packages for the current platform.
(<code>[#11054](pypa/pip#11054)
&lt;https://github.com/pypa/pip/issues/11054&gt;</code>_)</p>
</li>
<li>
<p>Use system certificates <em>and</em> certifi certificates to verify
HTTPS connections on Python 3.10+.
Python 3.9 and earlier only use certifi.</p>
<p>To revert to previous behaviour, pass the flag
<code>--use-deprecated=legacy-certs</code>.
(<code>[#11647](pypa/pip#11647)
&lt;https://github.com/pypa/pip/issues/11647&gt;</code>_)</p>
</li>
<li>
<p>Improve discovery performance of installed packages when the
<code>importlib.metadata</code>
backend is used to load distribution metadata (used by default under
Python 3.11+). (<code>[#12656](pypa/pip#12656)
&lt;https://github.com/pypa/pip/issues/12656&gt;</code>_)</p>
</li>
<li>
<p>Improve performance when the same requirement string appears many
times during
resolution, by consistently caching the parsed requirement string.
(<code>[#12663](pypa/pip#12663)
&lt;https://github.com/pypa/pip/issues/12663&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement of finding applicable package
candidates by not
repeatedly calculating their versions
(<code>[#12664](pypa/pip#12664)
&lt;https://github.com/pypa/pip/issues/12664&gt;</code>_)</p>
</li>
<li>
<p>Disable pip's self version check when invoking a pip subprocess to
install
PEP 517 build requirements.
(<code>[#12683](pypa/pip#12683)
&lt;https://github.com/pypa/pip/issues/12683&gt;</code>_)</p>
</li>
<li>
<p>Improve dependency resolution performance by caching platform
compatibility
tags during wheel cache lookup.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p><code>wheel</code> is no longer explicitly listed as a build
dependency of <code>pip</code>.
<code>setuptools</code> injects this dependency in the
<code>get_requires_for_build_wheel()</code>
hook and no longer needs it on newer versions.
(<code>[#12728](pypa/pip#12728)
&lt;https://github.com/pypa/pip/issues/12728&gt;</code>_)</p>
</li>
<li>
<p>Ignore <code>--require-virtualenv</code> for <code>pip check</code>
and <code>pip freeze</code>
(<code>[#12842](pypa/pip#12842)
&lt;https://github.com/pypa/pip/issues/12842&gt;</code>_)</p>
</li>
<li>
<p>Improve package download and install performance.</p>
<p>Increase chunk sizes when downloading (256 kB, up from 10 kB) and
reading files (1 MB, up from 8 kB).
This reduces the frequency of updates to pip's progress bar.
(<code>[#12810](pypa/pip#12810)
&lt;https://github.com/pypa/pip/issues/12810&gt;</code>_)</p>
</li>
<li>
<p>Improve pip install performance.</p>
<p>Files are now extracted in 1MB blocks, or in one block matching the
file size for
smaller files. A decompressor is no longer instantiated when extracting
0 bytes files,
it is not necessary because there is no data to decompress.
(<code>[#12803](pypa/pip#12803)
&lt;https://github.com/pypa/pip/issues/12803&gt;</code>_)</p>
</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Set <code>no_color</code> to global <code>rich.Console</code>
instance. (<code>[#11045](pypa/pip#11045)
&lt;https://github.com/pypa/pip/issues/11045&gt;</code>_)</li>
<li>Fix resolution to respect <code>--python-version</code> when
checking <code>Requires-Python</code>.
(<code>[#12216](pypa/pip#12216)
&lt;https://github.com/pypa/pip/issues/12216&gt;</code>_)</li>
<li>Perform hash comparisons in a case-insensitive manner.
(<code>[#12680](pypa/pip#12680)
&lt;https://github.com/pypa/pip/issues/12680&gt;</code>_)</li>
<li>Avoid <code>dlopen</code> failure for glibc detection in musl builds
(<code>[#12716](pypa/pip#12716)
&lt;https://github.com/pypa/pip/issues/12716&gt;</code>_)</li>
<li>Avoid keyring logging crashes when pip is run in verbose mode.
(<code>[#12751](pypa/pip#12751)
&lt;https://github.com/pypa/pip/issues/12751&gt;</code>_)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/97146c7f4cd85551f3dc261830a57f304e43c181"><code>97146c7</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/ef81b2eafd390fb56f62930dcd74f6e4580093e0"><code>ef81b2e</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/350a0570a88b6c0d13c68f81ac08dc64f954cadf"><code>350a057</code></a>
Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/pypa/pip/issues/12876">#12876</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/184390f4f2cde0316801eb701f49dda4f7a9a6ac"><code>184390f</code></a>
Update dependabot.yml to bump group updates (<a
href="https://redirect.github.com/pypa/pip/issues/12572">#12572</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/48917f1c0375496058d677f652a90de6bee4dc8c"><code>48917f1</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12875">#12875</a> from
hellozee/fix-unit-test</li>
<li><a
href="https://github.com/pypa/pip/commit/dd85c28464dbfc9b3a53c885a41c209e4700ad2d"><code>dd85c28</code></a>
Fix invalid origin test to check all the logged messages</li>
<li><a
href="https://github.com/pypa/pip/commit/203780b5d167c4d01c55df7adc91d5ad1a0563aa"><code>203780b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12865">#12865</a> from
pradyunsg/better-exception-handling-around-sel...</li>
<li><a
href="https://github.com/pypa/pip/commit/e50314134886d5eb5b650b3ce95abaafcb6dce10"><code>e503141</code></a>
Properly mock <code>_self_version_check_logic</code></li>
<li><a
href="https://github.com/pypa/pip/commit/3518d3293445ad43eedba116b6182185c03abda3"><code>3518d32</code></a>
Rework how <code>--debug</code> is handled in <code>main</code></li>
<li><a
href="https://github.com/pypa/pip/commit/be21d82e4362c00aab451ef1cf212d9a62f8e58e"><code>be21d82</code></a>
Move exception suppression to cover more of self-version-check
logic</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/23.2.1...24.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=23.2.1&new-version=24.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
torbennehmer added a commit to torbennehmer/hacs-e3dc that referenced this issue Sep 3, 2024
Updates the requirements on [pip](https://github.com/pypa/pip) to permit
the latest version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>24.2 (2024-07-28)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Deprecate <code>pip install --editable</code> falling back to
<code>setup.py develop</code>
when using a setuptools version that does not support
:pep:<code>660</code>
(setuptools v63 and older).
(<code>[#11457](pypa/pip#11457)
&lt;https://github.com/pypa/pip/issues/11457&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Check unsupported packages for the current platform.
(<code>[#11054](pypa/pip#11054)
&lt;https://github.com/pypa/pip/issues/11054&gt;</code>_)</p>
</li>
<li>
<p>Use system certificates <em>and</em> certifi certificates to verify
HTTPS connections on Python 3.10+.
Python 3.9 and earlier only use certifi.</p>
<p>To revert to previous behaviour, pass the flag
<code>--use-deprecated=legacy-certs</code>.
(<code>[#11647](pypa/pip#11647)
&lt;https://github.com/pypa/pip/issues/11647&gt;</code>_)</p>
</li>
<li>
<p>Improve discovery performance of installed packages when the
<code>importlib.metadata</code>
backend is used to load distribution metadata (used by default under
Python 3.11+). (<code>[#12656](pypa/pip#12656)
&lt;https://github.com/pypa/pip/issues/12656&gt;</code>_)</p>
</li>
<li>
<p>Improve performance when the same requirement string appears many
times during
resolution, by consistently caching the parsed requirement string.
(<code>[#12663](pypa/pip#12663)
&lt;https://github.com/pypa/pip/issues/12663&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement of finding applicable package
candidates by not
repeatedly calculating their versions
(<code>[#12664](pypa/pip#12664)
&lt;https://github.com/pypa/pip/issues/12664&gt;</code>_)</p>
</li>
<li>
<p>Disable pip's self version check when invoking a pip subprocess to
install
PEP 517 build requirements.
(<code>[#12683](pypa/pip#12683)
&lt;https://github.com/pypa/pip/issues/12683&gt;</code>_)</p>
</li>
<li>
<p>Improve dependency resolution performance by caching platform
compatibility
tags during wheel cache lookup.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p><code>wheel</code> is no longer explicitly listed as a build
dependency of <code>pip</code>.
<code>setuptools</code> injects this dependency in the
<code>get_requires_for_build_wheel()</code>
hook and no longer needs it on newer versions.
(<code>[#12728](pypa/pip#12728)
&lt;https://github.com/pypa/pip/issues/12728&gt;</code>_)</p>
</li>
<li>
<p>Ignore <code>--require-virtualenv</code> for <code>pip check</code>
and <code>pip freeze</code>
(<code>[#12842](pypa/pip#12842)
&lt;https://github.com/pypa/pip/issues/12842&gt;</code>_)</p>
</li>
<li>
<p>Improve package download and install performance.</p>
<p>Increase chunk sizes when downloading (256 kB, up from 10 kB) and
reading files (1 MB, up from 8 kB).
This reduces the frequency of updates to pip's progress bar.
(<code>[#12810](pypa/pip#12810)
&lt;https://github.com/pypa/pip/issues/12810&gt;</code>_)</p>
</li>
<li>
<p>Improve pip install performance.</p>
<p>Files are now extracted in 1MB blocks, or in one block matching the
file size for
smaller files. A decompressor is no longer instantiated when extracting
0 bytes files,
it is not necessary because there is no data to decompress.
(<code>[#12803](pypa/pip#12803)
&lt;https://github.com/pypa/pip/issues/12803&gt;</code>_)</p>
</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Set <code>no_color</code> to global <code>rich.Console</code>
instance. (<code>[#11045](pypa/pip#11045)
&lt;https://github.com/pypa/pip/issues/11045&gt;</code>_)</li>
<li>Fix resolution to respect <code>--python-version</code> when
checking <code>Requires-Python</code>.
(<code>[#12216](pypa/pip#12216)
&lt;https://github.com/pypa/pip/issues/12216&gt;</code>_)</li>
<li>Perform hash comparisons in a case-insensitive manner.
(<code>[#12680](pypa/pip#12680)
&lt;https://github.com/pypa/pip/issues/12680&gt;</code>_)</li>
<li>Avoid <code>dlopen</code> failure for glibc detection in musl builds
(<code>[#12716](pypa/pip#12716)
&lt;https://github.com/pypa/pip/issues/12716&gt;</code>_)</li>
<li>Avoid keyring logging crashes when pip is run in verbose mode.
(<code>[#12751](pypa/pip#12751)
&lt;https://github.com/pypa/pip/issues/12751&gt;</code>_)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/97146c7f4cd85551f3dc261830a57f304e43c181"><code>97146c7</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/ef81b2eafd390fb56f62930dcd74f6e4580093e0"><code>ef81b2e</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/350a0570a88b6c0d13c68f81ac08dc64f954cadf"><code>350a057</code></a>
Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/pypa/pip/issues/12876">#12876</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/184390f4f2cde0316801eb701f49dda4f7a9a6ac"><code>184390f</code></a>
Update dependabot.yml to bump group updates (<a
href="https://redirect.github.com/pypa/pip/issues/12572">#12572</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/48917f1c0375496058d677f652a90de6bee4dc8c"><code>48917f1</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12875">#12875</a> from
hellozee/fix-unit-test</li>
<li><a
href="https://github.com/pypa/pip/commit/dd85c28464dbfc9b3a53c885a41c209e4700ad2d"><code>dd85c28</code></a>
Fix invalid origin test to check all the logged messages</li>
<li><a
href="https://github.com/pypa/pip/commit/203780b5d167c4d01c55df7adc91d5ad1a0563aa"><code>203780b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12865">#12865</a> from
pradyunsg/better-exception-handling-around-sel...</li>
<li><a
href="https://github.com/pypa/pip/commit/e50314134886d5eb5b650b3ce95abaafcb6dce10"><code>e503141</code></a>
Properly mock <code>_self_version_check_logic</code></li>
<li><a
href="https://github.com/pypa/pip/commit/3518d3293445ad43eedba116b6182185c03abda3"><code>3518d32</code></a>
Rework how <code>--debug</code> is handled in <code>main</code></li>
<li><a
href="https://github.com/pypa/pip/commit/be21d82e4362c00aab451ef1cf212d9a62f8e58e"><code>be21d82</code></a>
Move exception suppression to cover more of self-version-check
logic</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/24.1.1...24.2">compare
view</a></li>
</ul>
</details>
<br />


You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
@tyler-suard-parker
Copy link

Hmm, it would definitely look less rough if I left-justified the package name. Here's another demo, but the package name is justified to the longest name length seen so far (as doing it properly feels like going against the API contract of pips' progress bars).

Screencast.from.2024-07-15.23-06-07.webm
It does kinda look weird. Perhaps after the bar?

Screencast.from.2024-07-15.23-11-40.webm
I think this looks the best out of all of them :)

@ichard26 This looks pretty great. Did you ever create a PR? I would like to help if I can.

@ichard26 ichard26 self-assigned this Oct 13, 2024
@ichard26
Copy link
Member

ichard26 commented Nov 5, 2024

Nope. My free time is rather limited. I'll get around to it some point.

@tyler-suard-parker
Copy link

@ichard26 I would like to build a status bar for the installation step, because I want to be a part of such an important project, even in a small way. Before I start working though, would my changes get pushed? Is this needed?

@notatallshaw
Copy link
Member Author

@ichard26 I would like to build a status bar for the installation step, because I want to be a part of such an important project, even in a small way. Before I start working though, would my changes get pushed? Is this needed?

Pip is a volunteer project, so good quality PRs can be accepted from anyone. However someone from the pip maintainer team will need to review and approve it, and there is fairly limited resources to do that.

So, if you want to develop a high quality low complexity PR that forwards the aims of this issue I'm quite sure it would be appreciated, but please be patient at reviews capacity tends to be quite low, and pip is a critical open source project so there is a tendency to be conservative in acceptance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type: performance Commands take too long to run UX User experience related
Projects
None yet
Development

No branches or pull requests

4 participants