-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pip mistakenly reports recursion error even when there is no recursion #13046
Comments
Same here ... breaks all our CI runs - as we do update pip, but don't pin pip in ci so far ... |
Likely due to #12877 |
Hi all, if you are getting this error right now then I reccomend pinning your pip to Trying to create an MRE I found something interesting: a.txt:
And then b.txt:
And run c.txt:
And run |
I suspect the logic in #12877 is wrong, as I don't think it considers you can receive many requirements files and they can reference each other as a DAG. I think to fix it you need to build a Directed Graph and show there are no cycles, I suspect that's not a minor code change. Perhaps just better to revert? |
@notatallshaw Should be sufficient to remove files from the "parsed" list once they are parsed completely. The current implementation keeps the file in the list even once it's not being parsed any more. |
Tentative fix in #13047. @d3dave @xmatthias it would be great if you could test it. |
@notatallshaw thanks for the MRE ! |
@sbidoul seems to work in my test (installed via |
Ok, thanks! I'll cut a 24.3.1 tonight. |
Reste à 24.2 tant que pypa/pip#13046 n'est pas corrigé.
Reste à 24.2 tant que pypa/pip#13046 n'est pas corrigé.
Thanks @sbidoul for a quick fix and release! |
Bumps the dependabot group with 3 updates in the / directory: [pip](https://github.com/pypa/pip), [setuptools](https://github.com/pypa/setuptools) and [tensorflow](https://github.com/tensorflow/tensorflow). Updates `pip` from 24.2 to 24.3.1 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>24.3.1 (2024-10-27)</h1> <h2>Bug Fixes</h2> <ul> <li>Allow multiple nested inclusions of the same requirements file again. (<code>[#13046](pypa/pip#13046) <https://github.com/pypa/pip/issues/13046></code>_)</li> </ul> <h1>24.3 (2024-10-27)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate wheel filenames that are not compliant with :pep:<code>440</code>. (<code>[#12918](pypa/pip#12918) <https://github.com/pypa/pip/issues/12918></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Detect recursively referencing requirements files and help users identify the source. (<code>[#12653](pypa/pip#12653) <https://github.com/pypa/pip/issues/12653></code>_)</li> <li>Support for :pep:<code>730</code> iOS wheels. (<code>[#12961](pypa/pip#12961) <https://github.com/pypa/pip/issues/12961></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Display a better error message when an already installed package has an invalid requirement. (<code>[#12953](pypa/pip#12953) <https://github.com/pypa/pip/issues/12953></code>_)</li> <li>Ignore <code>PIP_TARGET</code> and <code>pip.conf</code> <code>global.target</code> when preparing a build environment. (<code>[#8438](pypa/pip#8438) <https://github.com/pypa/pip/issues/8438></code>_)</li> <li>Restore support for macOS 10.12 and older (via truststore). (<code>[#12901](pypa/pip#12901) <https://github.com/pypa/pip/issues/12901></code>_)</li> <li>Allow installing pip in editable mode in a virtual environment on Windows. (<code>[#12666](pypa/pip#12666) <https://github.com/pypa/pip/issues/12666></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2024.8.30</li> <li>Upgrade distlib to 0.3.9</li> <li>Upgrade truststore to 0.10.0</li> <li>Upgrade urllib3 to 1.26.20</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/05293b6b55eca86490b7c2944bcc558a56064f0d"><code>05293b6</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/6a5db8b107bb0063c69dc5ccd39dbfef14ca7a32"><code>6a5db8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13047">#13047</a> from sbidoul/fix-13046</li> <li><a href="https://github.com/pypa/pip/commit/7be54ced1cca2c850e79e8fbe9ec2b76947b2b6f"><code>7be54ce</code></a> Don't fail when the same req file is included more than once</li> <li><a href="https://github.com/pypa/pip/commit/4f6aeb17ed540e181b9ad1dea8d7b5389effd21b"><code>4f6aeb1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13044">#13044</a> from sbidoul/release/24.3</li> <li><a href="https://github.com/pypa/pip/commit/e1b1d51fe8d0f4b84b77206173ceb656caa2edeb"><code>e1b1d51</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/cdba22f49b425fe4a57a8daf992fd6335c8010a1"><code>cdba22f</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/27f8374e8dd49141bd2397c0e8e8093cf3676ff7"><code>27f8374</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/c79d01953357913f421f192f51ffa9bab0a75ba0"><code>c79d019</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13033">#13033</a> from sbidoul/vendoring-24.3-sbi</li> <li><a href="https://github.com/pypa/pip/commit/3ca89215a96f9b05619fc52bb778c19f26b84a9f"><code>3ca8921</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13041">#13041</a> from sethmlarson/truststore-0.10.0</li> <li><a href="https://github.com/pypa/pip/commit/0cc7375ff0a42ddfa19f23f42cb96d6d7c06d29b"><code>0cc7375</code></a> Upgrade vendored truststore to 0.10.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.2...24.3.1">compare view</a></li> </ul> </details> <br /> Updates `setuptools` from 75.1.0 to 75.2.0 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/setuptools/blob/main/NEWS.rst">setuptools's changelog</a>.</em></p> <blockquote> <h1>v75.2.0</h1> <h2>Features</h2> <ul> <li>Made errors when parsing <code>Distribution</code> data more explicit about the expected type (<code>tuple[str, ...] | list[str]</code>) -- by :user:<code>Avasam</code> (<a href="https://redirect.github.com/pypa/setuptools/issues/4578">#4578</a>)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Fix a <code>TypeError</code> when a <code>Distribution</code>'s old included attribute was a <code>tuple</code> -- by :user:<code>Avasam</code> (<a href="https://redirect.github.com/pypa/setuptools/issues/4578">#4578</a>)</li> <li>Add workaround for <code>bdist_wheel --dist-info-dir</code> errors when customisation does not inherit from setuptools. (<a href="https://redirect.github.com/pypa/setuptools/issues/4684">#4684</a>)</li> </ul> <h1>v75.1.1</h1> <h2>Bugfixes</h2> <ul> <li>Re-use pre-existing <code>.dist-info</code> dir when creating wheels via the build backend APIs (PEP 517) and the <code>metadata_directory</code> argument is passed -- by :user:<code>pelson</code>. (<a href="https://redirect.github.com/pypa/setuptools/issues/1825">#1825</a>)</li> <li>Changed <code>egg_info</code> command to avoid adding an empty <code>.egg-info</code> directory while iterating over entry-points. This avoids triggering integration problems with <code>importlib.metadata</code>/<code>importlib_metadata</code> (reference: <a href="https://redirect.github.com/pypa/pyproject-hooks/issues/206">pypa/pyproject-hooks#206</a>). (<a href="https://redirect.github.com/pypa/setuptools/issues/4680">#4680</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/setuptools/commit/61a5a03fbf8acc59e6e12144011aa06b85162bda"><code>61a5a03</code></a> Bump version: 75.1.1 → 75.2.0</li> <li><a href="https://github.com/pypa/setuptools/commit/8ad3ea7509e7f0168f86fbf191ae4e9f13229210"><code>8ad3ea7</code></a> Workaround for <code>bdist_wheel.dist_info_dir</code> problems (<a href="https://redirect.github.com/pypa/setuptools/issues/4684">#4684</a>)</li> <li><a href="https://github.com/pypa/setuptools/commit/9af08776190841f022136be4192dfeeafd65406d"><code>9af0877</code></a> Type sequence checks in setuptools/dist.py (<a href="https://redirect.github.com/pypa/setuptools/issues/4578">#4578</a>)</li> <li><a href="https://github.com/pypa/setuptools/commit/0534fde847e0bd0c2214d6821c042c0eb5c0ffc3"><code>0534fde</code></a> Add news fragment</li> <li><a href="https://github.com/pypa/setuptools/commit/50b732a4006f3b84315d4473f7c203e4fe13aed9"><code>50b732a</code></a> Check for more specific error message</li> <li><a href="https://github.com/pypa/setuptools/commit/a663287c9c5f0bfc5e05addfb3a15fea7fc716c3"><code>a663287</code></a> Add pragma for edge-case code path</li> <li><a href="https://github.com/pypa/setuptools/commit/96be735ca2e77b7db876133dfda0b4df3ced4ac0"><code>96be735</code></a> Workaround for bdist_wheel.dist_info_dir problems</li> <li><a href="https://github.com/pypa/setuptools/commit/000a413e2af9c271166cebe6909ad664907887f1"><code>000a413</code></a> Deprecate public access to setuptools.dist.sequence</li> <li><a href="https://github.com/pypa/setuptools/commit/00995c1e3d45393931ffb2e326e503819bee1728"><code>00995c1</code></a> Use variable msg instead of tmpl in setuptools/dist</li> <li><a href="https://github.com/pypa/setuptools/commit/d457d0e87889aefe2093cd79ab4d1ee35d3101e7"><code>d457d0e</code></a> Type sequence checks in setuptools/dist.py</li> <li>Additional commits viewable in <a href="https://github.com/pypa/setuptools/compare/v75.1.0...v75.2.0">compare view</a></li> </ul> </details> <br /> Updates `tensorflow` from 2.17.0 to 2.18.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tensorflow/tensorflow/releases">tensorflow's releases</a>.</em></p> <blockquote> <h2>TensorFlow 2.18.0</h2> <h1>Release 2.18.0</h1> <h2>TensorFlow</h2> <h3>Breaking Changes</h3> <ul> <li> <p><code>tf.lite</code></p> <ul> <li>C API: <ul> <li>An optional, fourth parameter was added <code>TfLiteOperatorCreate</code> as a step forward towards a cleaner API for <code>TfLiteOperator</code>. Function <code>TfLiteOperatorCreate</code> was added recently, in TensorFlow Lite version 2.17.0, released on 7/11/2024, and we do not expect there will be much code using this function yet. Any code breakages can be easily resolved by passing nullptr as the new, 4th parameter.</li> </ul> </li> </ul> </li> <li> <p>TensorRT support is disabled in CUDA builds for code health improvement.</p> </li> <li> <p>Hermetic CUDA support is added.</p> <p>Hermetic CUDA uses a specific downloadable version of CUDA instead of the user’s locally installed CUDA. Bazel will download CUDA, CUDNN and NCCL distributions, and then use CUDA libraries and tools as dependencies in various Bazel targets. This enables more reproducible builds for Google ML projects and supported CUDA versions.</p> </li> </ul> <h3>Known Caveats</h3> <h3>Major Features and Improvements</h3> <ul> <li>TensorFlow now supports and is compiled with NumPy 2.0 by default. Please see the <a href="https://numpy.org/doc/stable/release/2.0.0-notes.html">NumPy 2 release notes</a> and the <a href="https://numpy.org/devdocs/numpy_2_0_migration_guide.html#numpy-2-migration-guide">NumPy 2 migration guide</a>. <ul> <li>Note that NumPy's type promotion rules have been changed(See <a href="https://numpy.org/neps/nep-0050-scalar-promotion.html#nep50">NEP 50</a>for details). This may change the precision at which computations happen, leading either to type errors or to numerical changes to results.</li> <li>Tensorflow will continue to support NumPy 1.26 until 2025, aligning with community standard deprecation timeline <a href="https://scientific-python.org/specs/spec-0000/">here</a>.</li> </ul> </li> <li><code>tf.lite</code>: <ul> <li>The LiteRT <a href="https://github.com/google-ai-edge/LiteRT">repo</a> is live (see <a href="https://developers.googleblog.com/en/tensorflow-lite-is-now-litert/">announcement</a>), which means that in the coming months there will be changes to the development experience for TFLite. The TF Lite Runtime source will be moved later this year, and sometime after that we will start accepting contributions through that repo.</li> </ul> </li> <li>SignatureRunner is now supported for models with no signatures.</li> </ul> <h3>Bug Fixes and Other Changes</h3> <ul> <li> <p><code>tf.data</code></p> <ul> <li>Add optional <code>synchronous</code> argument to <code>map</code>, to specify that the <code>map</code> should run synchronously, as opposed to be parallelizable when <code>options.experimental_optimization.map_parallelization=True</code>. This saves memory compared to setting <code>num_parallel_calls=1</code>.</li> <li>Add optional <code>use_unbounded_threadpool</code> argument to <code>map</code>, to specify that the <code>map</code> should use an unbounded threadpool instead of the default pool that is based on the number of cores on the machine. This can improve throughput for map functions which perform IO or otherwise release the CPU.</li> <li>Add <a href="https://www.tensorflow.org/api_docs/python/tf/data/experimental/get_model_proto"><code>tf.data.experimental.get_model_proto</code></a> to allow users to peek into the analytical model inside of a dataset iterator.</li> </ul> </li> <li> <p><code>tf.lite</code></p> <ul> <li><code>Dequantize</code> op supports <code>TensorType_INT4</code>. <ul> <li>This change includes per-channel dequantization.</li> </ul> </li> <li>Add support for <code>stablehlo.composite</code>.</li> <li><code>EmbeddingLookup</code> op supports per-channel quantization and <code>TensorType_INT4</code> values.</li> <li><code>FullyConnected</code> op supports <code>TensorType_INT16</code> activation and <code>TensorType_Int4</code> weight per-channel quantization.</li> </ul> </li> <li> <p><code>tf.tensor_scatter_update</code>, <code>tf.tensor_scatter_add</code> and of other reduce types.</p> <ul> <li>Support <code>bad_indices_policy</code>.</li> </ul> </li> </ul> <h2>Thanks to our Contributors</h2> <p>This release contains contributions from many people at Google, as well as:</p> <p>Akhil Goel, akhilgoe, Alexander Pivovarov, Amir Samani, Andrew Goodbody, Andrey Portnoy, Anthony Platanios, bernardoArcari, Brett Taylor, buptzyb, Chao, Christian Clauss, Cocoa, Daniil Kutz, Darya Parygina, dependabot[bot], Dimitris Vardoulakis, Dragan Mladjenovic, Elfie Guo, eukub, Faijul Amin, flyingcat, Frédéric Bastien, ganyu.08, Georg Stefan Schmid, Grigory Reznikov, Harsha H S, Harshit Monish, Heiner, Ilia Sergachev, Jan, Jane Liu, Jaroslav Sevcik, Kaixi Hou, Kanvi Khanna, Kristof Maar, Kristóf Maár, LakshmiKalaKadali, Lbertho-Gpsw, lingzhi98, MarcoFalke, Masahiro Hiramori, Mmakevic-Amd, mraunak, Nobuo Tsukamoto, Notheisz57, Olli Lupton, Pearu Peterson, pemeliya, Peyara Nando, Philipp Hack, Phuong Nguyen, Pol Dellaiera, Rahul Batra, Ruturaj Vaidya, sachinmuradi, Sergey Kozub, Shanbin Ke, Sheng Yang, shengyu, Shraiysh, Shu Wang, Surya, sushreebarsa, Swatheesh-Mcw, syzygial, Tai Ly, terryysun, tilakrayal, Tj Xu, Trevor Morris, Tzung-Han Juang, wenchenvincent, wondertx, Xuefei Jiang, Ye Huang, Yimei Sun, Yunlong Liu, Zahid Iqbal, Zhan Lu, Zoranjovanovic-Ns, Zuri Obozuwa</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md">tensorflow's changelog</a>.</em></p> <blockquote> <h1>Release 2.18.0</h1> <h2>TensorFlow</h2> <h3>Breaking Changes</h3> <ul> <li> <p><code>tf.lite</code></p> <ul> <li>C API: <ul> <li>An optional, fourth parameter was added <code>TfLiteOperatorCreate</code> as a step forward towards a cleaner API for <code>TfLiteOperator</code>. Function <code>TfLiteOperatorCreate</code> was added recently, in TensorFlow Lite version 2.17.0, released on 7/11/2024, and we do not expect there will be much code using this function yet. Any code breakages can be easily resolved by passing nullptr as the new, 4th parameter.</li> </ul> </li> </ul> </li> <li> <p>TensorRT support is disabled in CUDA builds for code health improvement.</p> </li> <li> <p>TensorFlow now supports and is compiled with NumPy 2.0 by default. Please see the <a href="https://numpy.org/doc/stable/release/2.0.0-notes.html">NumPy 2 release notes</a> and the <a href="https://numpy.org/devdocs/numpy_2_0_migration_guide.html#numpy-2-migration-guide">NumPy 2 migration guide</a>.</p> <ul> <li>Note that NumPy's type promotion rules have been changed(See <a href="https://numpy.org/neps/nep-0050-scalar-promotion.html#nep50">NEP 50</a>for details). This may change the precision at which computations happen, leading either to type errors or to numerical changes to results.</li> <li>Tensorflow will continue to support NumPy 1.26 until 2025, aligning with community standard deprecation timeline <a href="https://scientific-python.org/specs/spec-0000/">here</a>.</li> </ul> </li> <li> <p>Hermetic CUDA support is added.</p> <p>Hermetic CUDA uses a specific downloadable version of CUDA instead of the user’s locally installed CUDA. Bazel will download CUDA, CUDNN and NCCL distributions, and then use CUDA libraries and tools as dependencies in various Bazel targets. This enables more reproducible builds for Google ML projects and supported CUDA versions.</p> </li> <li> <p>Remove the <code>EnumNamesXNNPackFlags</code> function in <code>tensorflow/lite/acceleration/configuration/configuration_generated.h</code>.</p> <p>This change is a bug fix in the automatically generated code. This change is automatically generated by the new flatbuffer generator. The flatbuffers library is updated to 24.3.25 in <a href="https://github.com/tensorflow/tensorflow/commit/c17d64df85a83c1bd0fd7dcc0b1230812b0d3d48">https://github.com/tensorflow/tensorflow/commit/c17d64df85a83c1bd0fd7dcc0b1230812b0d3d48</a>. The new flatbuffers library includes the following change <a href="https://redirect.github.com/google/flatbuffers/pull/7813">google/flatbuffers#7813</a> which fixed a underlying flatbuffer code generator bug.</p> </li> </ul> <h3>Known Caveats</h3> <h3>Major Features and Improvements</h3> <ul> <li><code>tf.lite</code>: <ul> <li>The LiteRT <a href="https://github.com/google-ai-edge/LiteRT">repo</a> is live (see <a href="https://developers.googleblog.com/en/tensorflow-lite-is-now-litert/">announcement</a>), which means that in the coming months there will be changes to the development experience for TFLite. The TF Lite Runtime source will be moved later this year, and sometime after that we will start accepting contributions through that repo.</li> <li>SignatureRunner is now supported for models with no signatures.</li> </ul> </li> </ul> <h3>Bug Fixes and Other Changes</h3> <ul> <li> <p><code>tf.data</code></p> <ul> <li>Add optional <code>synchronous</code> argument to <code>map</code>, to specify that the <code>map</code> should run synchronously, as opposed to be parallelizable when <code>options.experimental_optimization.map_parallelization=True</code>. This saves memory compared to setting <code>num_parallel_calls=1</code>.</li> <li>Add optional <code>use_unbounded_threadpool</code> argument to <code>map</code>, to specify that the <code>map</code> should use an unbounded threadpool instead of the default pool that is based on the number of cores on the machine. This can improve throughput for map functions which perform IO or otherwise release the CPU.</li> <li>Add <a href="https://www.tensorflow.org/api_docs/python/tf/data/experimental/get_model_proto"><code>tf.data.experimental.get_model_proto</code></a> to allow users to peek into the analytical model inside of a dataset iterator.</li> </ul> </li> <li> <p><code>tf.lite</code></p> <ul> <li><code>Dequantize</code> op supports <code>TensorType_INT4</code>. <ul> <li>This change includes per-channel dequantization.</li> </ul> </li> <li>Add support for <code>stablehlo.composite</code>.</li> <li><code>EmbeddingLookup</code> op supports per-channel quantization and <code>TensorType_INT4</code> values.</li> <li><code>FullyConnected</code> op supports <code>TensorType_INT16</code> activation and <code>TensorType_Int4</code> weight per-channel quantization.</li> <li>Enable per-tensor quantization support in dynamic range quantization of <code>TRANSPOSE_CONV</code> layer. Fixes TFLite converter <a href="https://redirect.github.com/tensorflow/tensorflow/issues/76624">bug</a>.</li> </ul> </li> <li> <p><code>tf.tensor_scatter_update</code>, <code>tf.tensor_scatter_add</code> and of other reduce types.</p> <ul> <li>Support <code>bad_indices_policy</code>.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tensorflow/tensorflow/commit/6550e4bd80223cdb8be6c3afd1f81e86a4d433c3"><code>6550e4b</code></a> Merge pull request <a href="https://redirect.github.com/tensorflow/tensorflow/issues/78464">#78464</a> from tensorflow/rtg0795-patch-1</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/7e0c244a13a8e2968dce2600960291d5ca056ee1"><code>7e0c244</code></a> Merge pull request <a href="https://redirect.github.com/tensorflow/tensorflow/issues/78463">#78463</a> from tensorflow-jenkins/version-numbers-2.18.0-21101</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/35624d2777a87fd9c335ab6e08b3f2447b233fcf"><code>35624d2</code></a> Update RELEASE.md to move TFLite SignatureRunner to the right section</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/8d2c5e150e45747385193ee5ee3ed39f704e0bca"><code>8d2c5e1</code></a> Update version numbers to 2.18.0</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/d5f4a3f5ddc60df66d732cdba0c3ad1e51b7a339"><code>d5f4a3f</code></a> Merge pull request <a href="https://redirect.github.com/tensorflow/tensorflow/issues/77589">#77589</a> from tensorflow-jenkins/version-numbers-2.18.0rc2-1...</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/7cbcbf33bb370fa5bdf423c9c6b1b6422ed20a6d"><code>7cbcbf3</code></a> Update version numbers to 2.18.0-rc2</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/84c9398c492f13618dc147f45c20e95ecfc3defe"><code>84c9398</code></a> Merge pull request <a href="https://redirect.github.com/tensorflow/tensorflow/issues/77576">#77576</a> from tensorflow/r2.18-be4f646ec43</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/8fca5e7a885e502545086f2d5fa4e458c7fd63d0"><code>8fca5e7</code></a> PR <a href="https://redirect.github.com/tensorflow/tensorflow/issues/17430">#17430</a>: [ROCm] Use unique_ptr for TupleHandle in pjrt_se_client</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/2c3c798c33a5fbb8b63b7785716702aff222f2c4"><code>2c3c798</code></a> Merge pull request <a href="https://redirect.github.com/tensorflow/tensorflow/issues/77025">#77025</a> from tensorflow-jenkins/version-numbers-2.18.0rc1-2...</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/10693a47de32350865f04d4ad422b036552702f9"><code>10693a4</code></a> Update version numbers to 2.18.0-rc1</li> <li>Additional commits viewable in <a href="https://github.com/tensorflow/tensorflow/compare/v2.17.0...v2.18.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pip](https://github.com/pypa/pip) from 24.2 to 24.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>24.3.1 (2024-10-27)</h1> <h2>Bug Fixes</h2> <ul> <li>Allow multiple nested inclusions of the same requirements file again. (<code>[#13046](pypa/pip#13046) <https://github.com/pypa/pip/issues/13046></code>_)</li> </ul> <h1>24.3 (2024-10-27)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate wheel filenames that are not compliant with :pep:<code>440</code>. (<code>[#12918](pypa/pip#12918) <https://github.com/pypa/pip/issues/12918></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Detect recursively referencing requirements files and help users identify the source. (<code>[#12653](pypa/pip#12653) <https://github.com/pypa/pip/issues/12653></code>_)</li> <li>Support for :pep:<code>730</code> iOS wheels. (<code>[#12961](pypa/pip#12961) <https://github.com/pypa/pip/issues/12961></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Display a better error message when an already installed package has an invalid requirement. (<code>[#12953](pypa/pip#12953) <https://github.com/pypa/pip/issues/12953></code>_)</li> <li>Ignore <code>PIP_TARGET</code> and <code>pip.conf</code> <code>global.target</code> when preparing a build environment. (<code>[#8438](pypa/pip#8438) <https://github.com/pypa/pip/issues/8438></code>_)</li> <li>Restore support for macOS 10.12 and older (via truststore). (<code>[#12901](pypa/pip#12901) <https://github.com/pypa/pip/issues/12901></code>_)</li> <li>Allow installing pip in editable mode in a virtual environment on Windows. (<code>[#12666](pypa/pip#12666) <https://github.com/pypa/pip/issues/12666></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2024.8.30</li> <li>Upgrade distlib to 0.3.9</li> <li>Upgrade truststore to 0.10.0</li> <li>Upgrade urllib3 to 1.26.20</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/05293b6b55eca86490b7c2944bcc558a56064f0d"><code>05293b6</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/6a5db8b107bb0063c69dc5ccd39dbfef14ca7a32"><code>6a5db8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13047">#13047</a> from sbidoul/fix-13046</li> <li><a href="https://github.com/pypa/pip/commit/7be54ced1cca2c850e79e8fbe9ec2b76947b2b6f"><code>7be54ce</code></a> Don't fail when the same req file is included more than once</li> <li><a href="https://github.com/pypa/pip/commit/4f6aeb17ed540e181b9ad1dea8d7b5389effd21b"><code>4f6aeb1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13044">#13044</a> from sbidoul/release/24.3</li> <li><a href="https://github.com/pypa/pip/commit/e1b1d51fe8d0f4b84b77206173ceb656caa2edeb"><code>e1b1d51</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/cdba22f49b425fe4a57a8daf992fd6335c8010a1"><code>cdba22f</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/27f8374e8dd49141bd2397c0e8e8093cf3676ff7"><code>27f8374</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/c79d01953357913f421f192f51ffa9bab0a75ba0"><code>c79d019</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13033">#13033</a> from sbidoul/vendoring-24.3-sbi</li> <li><a href="https://github.com/pypa/pip/commit/3ca89215a96f9b05619fc52bb778c19f26b84a9f"><code>3ca8921</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13041">#13041</a> from sethmlarson/truststore-0.10.0</li> <li><a href="https://github.com/pypa/pip/commit/0cc7375ff0a42ddfa19f23f42cb96d6d7c06d29b"><code>0cc7375</code></a> Upgrade vendored truststore to 0.10.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.2...24.3.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.2&new-version=24.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pip](https://github.com/pypa/pip) from 24.2 to 24.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>24.3.1 (2024-10-27)</h1> <h2>Bug Fixes</h2> <ul> <li>Allow multiple nested inclusions of the same requirements file again. (<code>[#13046](pypa/pip#13046) <https://github.com/pypa/pip/issues/13046></code>_)</li> </ul> <h1>24.3 (2024-10-27)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate wheel filenames that are not compliant with :pep:<code>440</code>. (<code>[#12918](pypa/pip#12918) <https://github.com/pypa/pip/issues/12918></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Detect recursively referencing requirements files and help users identify the source. (<code>[#12653](pypa/pip#12653) <https://github.com/pypa/pip/issues/12653></code>_)</li> <li>Support for :pep:<code>730</code> iOS wheels. (<code>[#12961](pypa/pip#12961) <https://github.com/pypa/pip/issues/12961></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Display a better error message when an already installed package has an invalid requirement. (<code>[#12953](pypa/pip#12953) <https://github.com/pypa/pip/issues/12953></code>_)</li> <li>Ignore <code>PIP_TARGET</code> and <code>pip.conf</code> <code>global.target</code> when preparing a build environment. (<code>[#8438](pypa/pip#8438) <https://github.com/pypa/pip/issues/8438></code>_)</li> <li>Restore support for macOS 10.12 and older (via truststore). (<code>[#12901](pypa/pip#12901) <https://github.com/pypa/pip/issues/12901></code>_)</li> <li>Allow installing pip in editable mode in a virtual environment on Windows. (<code>[#12666](pypa/pip#12666) <https://github.com/pypa/pip/issues/12666></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2024.8.30</li> <li>Upgrade distlib to 0.3.9</li> <li>Upgrade truststore to 0.10.0</li> <li>Upgrade urllib3 to 1.26.20</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/05293b6b55eca86490b7c2944bcc558a56064f0d"><code>05293b6</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/6a5db8b107bb0063c69dc5ccd39dbfef14ca7a32"><code>6a5db8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13047">#13047</a> from sbidoul/fix-13046</li> <li><a href="https://github.com/pypa/pip/commit/7be54ced1cca2c850e79e8fbe9ec2b76947b2b6f"><code>7be54ce</code></a> Don't fail when the same req file is included more than once</li> <li><a href="https://github.com/pypa/pip/commit/4f6aeb17ed540e181b9ad1dea8d7b5389effd21b"><code>4f6aeb1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13044">#13044</a> from sbidoul/release/24.3</li> <li><a href="https://github.com/pypa/pip/commit/e1b1d51fe8d0f4b84b77206173ceb656caa2edeb"><code>e1b1d51</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/cdba22f49b425fe4a57a8daf992fd6335c8010a1"><code>cdba22f</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/27f8374e8dd49141bd2397c0e8e8093cf3676ff7"><code>27f8374</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/c79d01953357913f421f192f51ffa9bab0a75ba0"><code>c79d019</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13033">#13033</a> from sbidoul/vendoring-24.3-sbi</li> <li><a href="https://github.com/pypa/pip/commit/3ca89215a96f9b05619fc52bb778c19f26b84a9f"><code>3ca8921</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13041">#13041</a> from sethmlarson/truststore-0.10.0</li> <li><a href="https://github.com/pypa/pip/commit/0cc7375ff0a42ddfa19f23f42cb96d6d7c06d29b"><code>0cc7375</code></a> Upgrade vendored truststore to 0.10.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.2...24.3.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.2&new-version=24.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…k/test/generated-code (#4682) Bumps [pip](https://github.com/pypa/pip) from 24.2 to 24.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>24.3.1 (2024-10-27)</h1> <h2>Bug Fixes</h2> <ul> <li>Allow multiple nested inclusions of the same requirements file again. (<code>[#13046](pypa/pip#13046) <https://github.com/pypa/pip/issues/13046></code>_)</li> </ul> <h1>24.3 (2024-10-27)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate wheel filenames that are not compliant with :pep:<code>440</code>. (<code>[#12918](pypa/pip#12918) <https://github.com/pypa/pip/issues/12918></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Detect recursively referencing requirements files and help users identify the source. (<code>[#12653](pypa/pip#12653) <https://github.com/pypa/pip/issues/12653></code>_)</li> <li>Support for :pep:<code>730</code> iOS wheels. (<code>[#12961](pypa/pip#12961) <https://github.com/pypa/pip/issues/12961></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Display a better error message when an already installed package has an invalid requirement. (<code>[#12953](pypa/pip#12953) <https://github.com/pypa/pip/issues/12953></code>_)</li> <li>Ignore <code>PIP_TARGET</code> and <code>pip.conf</code> <code>global.target</code> when preparing a build environment. (<code>[#8438](pypa/pip#8438) <https://github.com/pypa/pip/issues/8438></code>_)</li> <li>Restore support for macOS 10.12 and older (via truststore). (<code>[#12901](pypa/pip#12901) <https://github.com/pypa/pip/issues/12901></code>_)</li> <li>Allow installing pip in editable mode in a virtual environment on Windows. (<code>[#12666](pypa/pip#12666) <https://github.com/pypa/pip/issues/12666></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2024.8.30</li> <li>Upgrade distlib to 0.3.9</li> <li>Upgrade truststore to 0.10.0</li> <li>Upgrade urllib3 to 1.26.20</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/05293b6b55eca86490b7c2944bcc558a56064f0d"><code>05293b6</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/6a5db8b107bb0063c69dc5ccd39dbfef14ca7a32"><code>6a5db8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13047">#13047</a> from sbidoul/fix-13046</li> <li><a href="https://github.com/pypa/pip/commit/7be54ced1cca2c850e79e8fbe9ec2b76947b2b6f"><code>7be54ce</code></a> Don't fail when the same req file is included more than once</li> <li><a href="https://github.com/pypa/pip/commit/4f6aeb17ed540e181b9ad1dea8d7b5389effd21b"><code>4f6aeb1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13044">#13044</a> from sbidoul/release/24.3</li> <li><a href="https://github.com/pypa/pip/commit/e1b1d51fe8d0f4b84b77206173ceb656caa2edeb"><code>e1b1d51</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/cdba22f49b425fe4a57a8daf992fd6335c8010a1"><code>cdba22f</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/27f8374e8dd49141bd2397c0e8e8093cf3676ff7"><code>27f8374</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/c79d01953357913f421f192f51ffa9bab0a75ba0"><code>c79d019</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13033">#13033</a> from sbidoul/vendoring-24.3-sbi</li> <li><a href="https://github.com/pypa/pip/commit/3ca89215a96f9b05619fc52bb778c19f26b84a9f"><code>3ca8921</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13041">#13041</a> from sethmlarson/truststore-0.10.0</li> <li><a href="https://github.com/pypa/pip/commit/0cc7375ff0a42ddfa19f23f42cb96d6d7c06d29b"><code>0cc7375</code></a> Upgrade vendored truststore to 0.10.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.2...24.3.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.2&new-version=24.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
…s/@jsii/python-runtime (#4684) Updates the requirements on [pip](https://github.com/pypa/pip) to permit the latest version. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>24.3.1 (2024-10-27)</h1> <h2>Bug Fixes</h2> <ul> <li>Allow multiple nested inclusions of the same requirements file again. (<code>[#13046](pypa/pip#13046) <https://github.com/pypa/pip/issues/13046></code>_)</li> </ul> <h1>24.3 (2024-10-27)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate wheel filenames that are not compliant with :pep:<code>440</code>. (<code>[#12918](pypa/pip#12918) <https://github.com/pypa/pip/issues/12918></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Detect recursively referencing requirements files and help users identify the source. (<code>[#12653](pypa/pip#12653) <https://github.com/pypa/pip/issues/12653></code>_)</li> <li>Support for :pep:<code>730</code> iOS wheels. (<code>[#12961](pypa/pip#12961) <https://github.com/pypa/pip/issues/12961></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Display a better error message when an already installed package has an invalid requirement. (<code>[#12953](pypa/pip#12953) <https://github.com/pypa/pip/issues/12953></code>_)</li> <li>Ignore <code>PIP_TARGET</code> and <code>pip.conf</code> <code>global.target</code> when preparing a build environment. (<code>[#8438](pypa/pip#8438) <https://github.com/pypa/pip/issues/8438></code>_)</li> <li>Restore support for macOS 10.12 and older (via truststore). (<code>[#12901](pypa/pip#12901) <https://github.com/pypa/pip/issues/12901></code>_)</li> <li>Allow installing pip in editable mode in a virtual environment on Windows. (<code>[#12666](pypa/pip#12666) <https://github.com/pypa/pip/issues/12666></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2024.8.30</li> <li>Upgrade distlib to 0.3.9</li> <li>Upgrade truststore to 0.10.0</li> <li>Upgrade urllib3 to 1.26.20</li> </ul> <h1>24.2 (2024-07-28)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate <code>pip install --editable</code> falling back to <code>setup.py develop</code> when using a setuptools version that does not support :pep:<code>660</code> (setuptools v63 and older). (<code>[#11457](pypa/pip#11457) <https://github.com/pypa/pip/issues/11457></code>_)</li> </ul> <p>Features</p> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/05293b6b55eca86490b7c2944bcc558a56064f0d"><code>05293b6</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/6a5db8b107bb0063c69dc5ccd39dbfef14ca7a32"><code>6a5db8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13047">#13047</a> from sbidoul/fix-13046</li> <li><a href="https://github.com/pypa/pip/commit/7be54ced1cca2c850e79e8fbe9ec2b76947b2b6f"><code>7be54ce</code></a> Don't fail when the same req file is included more than once</li> <li><a href="https://github.com/pypa/pip/commit/4f6aeb17ed540e181b9ad1dea8d7b5389effd21b"><code>4f6aeb1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13044">#13044</a> from sbidoul/release/24.3</li> <li><a href="https://github.com/pypa/pip/commit/e1b1d51fe8d0f4b84b77206173ceb656caa2edeb"><code>e1b1d51</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/cdba22f49b425fe4a57a8daf992fd6335c8010a1"><code>cdba22f</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/27f8374e8dd49141bd2397c0e8e8093cf3676ff7"><code>27f8374</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/c79d01953357913f421f192f51ffa9bab0a75ba0"><code>c79d019</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13033">#13033</a> from sbidoul/vendoring-24.3-sbi</li> <li><a href="https://github.com/pypa/pip/commit/3ca89215a96f9b05619fc52bb778c19f26b84a9f"><code>3ca8921</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13041">#13041</a> from sethmlarson/truststore-0.10.0</li> <li><a href="https://github.com/pypa/pip/commit/0cc7375ff0a42ddfa19f23f42cb96d6d7c06d29b"><code>0cc7375</code></a> Upgrade vendored truststore to 0.10.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.2...24.3.1">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [pip](https://github.com/pypa/pip) from 24.2 to 24.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>24.3.1 (2024-10-27)</h1> <h2>Bug Fixes</h2> <ul> <li>Allow multiple nested inclusions of the same requirements file again. (<code>[#13046](pypa/pip#13046) <https://github.com/pypa/pip/issues/13046></code>_)</li> </ul> <h1>24.3 (2024-10-27)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate wheel filenames that are not compliant with :pep:<code>440</code>. (<code>[#12918](pypa/pip#12918) <https://github.com/pypa/pip/issues/12918></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Detect recursively referencing requirements files and help users identify the source. (<code>[#12653](pypa/pip#12653) <https://github.com/pypa/pip/issues/12653></code>_)</li> <li>Support for :pep:<code>730</code> iOS wheels. (<code>[#12961](pypa/pip#12961) <https://github.com/pypa/pip/issues/12961></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Display a better error message when an already installed package has an invalid requirement. (<code>[#12953](pypa/pip#12953) <https://github.com/pypa/pip/issues/12953></code>_)</li> <li>Ignore <code>PIP_TARGET</code> and <code>pip.conf</code> <code>global.target</code> when preparing a build environment. (<code>[#8438](pypa/pip#8438) <https://github.com/pypa/pip/issues/8438></code>_)</li> <li>Restore support for macOS 10.12 and older (via truststore). (<code>[#12901](pypa/pip#12901) <https://github.com/pypa/pip/issues/12901></code>_)</li> <li>Allow installing pip in editable mode in a virtual environment on Windows. (<code>[#12666](pypa/pip#12666) <https://github.com/pypa/pip/issues/12666></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2024.8.30</li> <li>Upgrade distlib to 0.3.9</li> <li>Upgrade truststore to 0.10.0</li> <li>Upgrade urllib3 to 1.26.20</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/05293b6b55eca86490b7c2944bcc558a56064f0d"><code>05293b6</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/6a5db8b107bb0063c69dc5ccd39dbfef14ca7a32"><code>6a5db8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13047">#13047</a> from sbidoul/fix-13046</li> <li><a href="https://github.com/pypa/pip/commit/7be54ced1cca2c850e79e8fbe9ec2b76947b2b6f"><code>7be54ce</code></a> Don't fail when the same req file is included more than once</li> <li><a href="https://github.com/pypa/pip/commit/4f6aeb17ed540e181b9ad1dea8d7b5389effd21b"><code>4f6aeb1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13044">#13044</a> from sbidoul/release/24.3</li> <li><a href="https://github.com/pypa/pip/commit/e1b1d51fe8d0f4b84b77206173ceb656caa2edeb"><code>e1b1d51</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/cdba22f49b425fe4a57a8daf992fd6335c8010a1"><code>cdba22f</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/27f8374e8dd49141bd2397c0e8e8093cf3676ff7"><code>27f8374</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/c79d01953357913f421f192f51ffa9bab0a75ba0"><code>c79d019</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13033">#13033</a> from sbidoul/vendoring-24.3-sbi</li> <li><a href="https://github.com/pypa/pip/commit/3ca89215a96f9b05619fc52bb778c19f26b84a9f"><code>3ca8921</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13041">#13041</a> from sethmlarson/truststore-0.10.0</li> <li><a href="https://github.com/pypa/pip/commit/0cc7375ff0a42ddfa19f23f42cb96d6d7c06d29b"><code>0cc7375</code></a> Upgrade vendored truststore to 0.10.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.2...24.3.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.2&new-version=24.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [pip](https://github.com/pypa/pip) from 24.2 to 24.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>24.3.1 (2024-10-27)</h1> <h2>Bug Fixes</h2> <ul> <li>Allow multiple nested inclusions of the same requirements file again. (<code>[#13046](pypa/pip#13046) <https://github.com/pypa/pip/issues/13046></code>_)</li> </ul> <h1>24.3 (2024-10-27)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate wheel filenames that are not compliant with :pep:<code>440</code>. (<code>[#12918](pypa/pip#12918) <https://github.com/pypa/pip/issues/12918></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Detect recursively referencing requirements files and help users identify the source. (<code>[#12653](pypa/pip#12653) <https://github.com/pypa/pip/issues/12653></code>_)</li> <li>Support for :pep:<code>730</code> iOS wheels. (<code>[#12961](pypa/pip#12961) <https://github.com/pypa/pip/issues/12961></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Display a better error message when an already installed package has an invalid requirement. (<code>[#12953](pypa/pip#12953) <https://github.com/pypa/pip/issues/12953></code>_)</li> <li>Ignore <code>PIP_TARGET</code> and <code>pip.conf</code> <code>global.target</code> when preparing a build environment. (<code>[#8438](pypa/pip#8438) <https://github.com/pypa/pip/issues/8438></code>_)</li> <li>Restore support for macOS 10.12 and older (via truststore). (<code>[#12901](pypa/pip#12901) <https://github.com/pypa/pip/issues/12901></code>_)</li> <li>Allow installing pip in editable mode in a virtual environment on Windows. (<code>[#12666](pypa/pip#12666) <https://github.com/pypa/pip/issues/12666></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2024.8.30</li> <li>Upgrade distlib to 0.3.9</li> <li>Upgrade truststore to 0.10.0</li> <li>Upgrade urllib3 to 1.26.20</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/05293b6b55eca86490b7c2944bcc558a56064f0d"><code>05293b6</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/6a5db8b107bb0063c69dc5ccd39dbfef14ca7a32"><code>6a5db8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13047">#13047</a> from sbidoul/fix-13046</li> <li><a href="https://github.com/pypa/pip/commit/7be54ced1cca2c850e79e8fbe9ec2b76947b2b6f"><code>7be54ce</code></a> Don't fail when the same req file is included more than once</li> <li><a href="https://github.com/pypa/pip/commit/4f6aeb17ed540e181b9ad1dea8d7b5389effd21b"><code>4f6aeb1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13044">#13044</a> from sbidoul/release/24.3</li> <li><a href="https://github.com/pypa/pip/commit/e1b1d51fe8d0f4b84b77206173ceb656caa2edeb"><code>e1b1d51</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/cdba22f49b425fe4a57a8daf992fd6335c8010a1"><code>cdba22f</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/27f8374e8dd49141bd2397c0e8e8093cf3676ff7"><code>27f8374</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/c79d01953357913f421f192f51ffa9bab0a75ba0"><code>c79d019</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13033">#13033</a> from sbidoul/vendoring-24.3-sbi</li> <li><a href="https://github.com/pypa/pip/commit/3ca89215a96f9b05619fc52bb778c19f26b84a9f"><code>3ca8921</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13041">#13041</a> from sethmlarson/truststore-0.10.0</li> <li><a href="https://github.com/pypa/pip/commit/0cc7375ff0a42ddfa19f23f42cb96d6d7c06d29b"><code>0cc7375</code></a> Upgrade vendored truststore to 0.10.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.2...24.3.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.2&new-version=24.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [pip](https://github.com/pypa/pip) from 24.2 to 24.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>24.3.1 (2024-10-27)</h1> <h2>Bug Fixes</h2> <ul> <li>Allow multiple nested inclusions of the same requirements file again. (<code>[#13046](pypa/pip#13046) <https://github.com/pypa/pip/issues/13046></code>_)</li> </ul> <h1>24.3 (2024-10-27)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate wheel filenames that are not compliant with :pep:<code>440</code>. (<code>[#12918](pypa/pip#12918) <https://github.com/pypa/pip/issues/12918></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Detect recursively referencing requirements files and help users identify the source. (<code>[#12653](pypa/pip#12653) <https://github.com/pypa/pip/issues/12653></code>_)</li> <li>Support for :pep:<code>730</code> iOS wheels. (<code>[#12961](pypa/pip#12961) <https://github.com/pypa/pip/issues/12961></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Display a better error message when an already installed package has an invalid requirement. (<code>[#12953](pypa/pip#12953) <https://github.com/pypa/pip/issues/12953></code>_)</li> <li>Ignore <code>PIP_TARGET</code> and <code>pip.conf</code> <code>global.target</code> when preparing a build environment. (<code>[#8438](pypa/pip#8438) <https://github.com/pypa/pip/issues/8438></code>_)</li> <li>Restore support for macOS 10.12 and older (via truststore). (<code>[#12901](pypa/pip#12901) <https://github.com/pypa/pip/issues/12901></code>_)</li> <li>Allow installing pip in editable mode in a virtual environment on Windows. (<code>[#12666](pypa/pip#12666) <https://github.com/pypa/pip/issues/12666></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2024.8.30</li> <li>Upgrade distlib to 0.3.9</li> <li>Upgrade truststore to 0.10.0</li> <li>Upgrade urllib3 to 1.26.20</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/05293b6b55eca86490b7c2944bcc558a56064f0d"><code>05293b6</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/6a5db8b107bb0063c69dc5ccd39dbfef14ca7a32"><code>6a5db8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13047">#13047</a> from sbidoul/fix-13046</li> <li><a href="https://github.com/pypa/pip/commit/7be54ced1cca2c850e79e8fbe9ec2b76947b2b6f"><code>7be54ce</code></a> Don't fail when the same req file is included more than once</li> <li><a href="https://github.com/pypa/pip/commit/4f6aeb17ed540e181b9ad1dea8d7b5389effd21b"><code>4f6aeb1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13044">#13044</a> from sbidoul/release/24.3</li> <li><a href="https://github.com/pypa/pip/commit/e1b1d51fe8d0f4b84b77206173ceb656caa2edeb"><code>e1b1d51</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/cdba22f49b425fe4a57a8daf992fd6335c8010a1"><code>cdba22f</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/27f8374e8dd49141bd2397c0e8e8093cf3676ff7"><code>27f8374</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/c79d01953357913f421f192f51ffa9bab0a75ba0"><code>c79d019</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13033">#13033</a> from sbidoul/vendoring-24.3-sbi</li> <li><a href="https://github.com/pypa/pip/commit/3ca89215a96f9b05619fc52bb778c19f26b84a9f"><code>3ca8921</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13041">#13041</a> from sethmlarson/truststore-0.10.0</li> <li><a href="https://github.com/pypa/pip/commit/0cc7375ff0a42ddfa19f23f42cb96d6d7c06d29b"><code>0cc7375</code></a> Upgrade vendored truststore to 0.10.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.2...24.3.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.2&new-version=24.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
Bumps the ci group in /.github/workflows with 2 updates: [pip](https://github.com/pypa/pip) and [hatch](https://github.com/pypa/hatch). Updates `pip` from 24.2 to 24.3.1 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>24.3.1 (2024-10-27)</h1> <h2>Bug Fixes</h2> <ul> <li>Allow multiple nested inclusions of the same requirements file again. (<code>[#13046](pypa/pip#13046) <https://github.com/pypa/pip/issues/13046></code>_)</li> </ul> <h1>24.3 (2024-10-27)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate wheel filenames that are not compliant with :pep:<code>440</code>. (<code>[#12918](pypa/pip#12918) <https://github.com/pypa/pip/issues/12918></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Detect recursively referencing requirements files and help users identify the source. (<code>[#12653](pypa/pip#12653) <https://github.com/pypa/pip/issues/12653></code>_)</li> <li>Support for :pep:<code>730</code> iOS wheels. (<code>[#12961](pypa/pip#12961) <https://github.com/pypa/pip/issues/12961></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Display a better error message when an already installed package has an invalid requirement. (<code>[#12953](pypa/pip#12953) <https://github.com/pypa/pip/issues/12953></code>_)</li> <li>Ignore <code>PIP_TARGET</code> and <code>pip.conf</code> <code>global.target</code> when preparing a build environment. (<code>[#8438](pypa/pip#8438) <https://github.com/pypa/pip/issues/8438></code>_)</li> <li>Restore support for macOS 10.12 and older (via truststore). (<code>[#12901](pypa/pip#12901) <https://github.com/pypa/pip/issues/12901></code>_)</li> <li>Allow installing pip in editable mode in a virtual environment on Windows. (<code>[#12666](pypa/pip#12666) <https://github.com/pypa/pip/issues/12666></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2024.8.30</li> <li>Upgrade distlib to 0.3.9</li> <li>Upgrade truststore to 0.10.0</li> <li>Upgrade urllib3 to 1.26.20</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/05293b6b55eca86490b7c2944bcc558a56064f0d"><code>05293b6</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/6a5db8b107bb0063c69dc5ccd39dbfef14ca7a32"><code>6a5db8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13047">#13047</a> from sbidoul/fix-13046</li> <li><a href="https://github.com/pypa/pip/commit/7be54ced1cca2c850e79e8fbe9ec2b76947b2b6f"><code>7be54ce</code></a> Don't fail when the same req file is included more than once</li> <li><a href="https://github.com/pypa/pip/commit/4f6aeb17ed540e181b9ad1dea8d7b5389effd21b"><code>4f6aeb1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13044">#13044</a> from sbidoul/release/24.3</li> <li><a href="https://github.com/pypa/pip/commit/e1b1d51fe8d0f4b84b77206173ceb656caa2edeb"><code>e1b1d51</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/cdba22f49b425fe4a57a8daf992fd6335c8010a1"><code>cdba22f</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/27f8374e8dd49141bd2397c0e8e8093cf3676ff7"><code>27f8374</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/c79d01953357913f421f192f51ffa9bab0a75ba0"><code>c79d019</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13033">#13033</a> from sbidoul/vendoring-24.3-sbi</li> <li><a href="https://github.com/pypa/pip/commit/3ca89215a96f9b05619fc52bb778c19f26b84a9f"><code>3ca8921</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13041">#13041</a> from sethmlarson/truststore-0.10.0</li> <li><a href="https://github.com/pypa/pip/commit/0cc7375ff0a42ddfa19f23f42cb96d6d7c06d29b"><code>0cc7375</code></a> Upgrade vendored truststore to 0.10.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.2...24.3.1">compare view</a></li> </ul> </details> <br /> Updates `hatch` from 1.12.0 to 1.13.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pypa/hatch/releases">hatch's releases</a>.</em></p> <blockquote> <h2>Hatchling v1.13.0</h2> <p><em><strong>Added:</strong></em></p> <ul> <li>Update the set of known trove classifiers to version 2023.2.8</li> </ul> <h2>Hatch v1.13.0</h2> <p><em><strong>Added:</strong></em></p> <ul> <li>Support managing Python 3.13 distributions</li> </ul> <h2>Hatchling v1.12.2</h2> <p><em><strong>Fixed:</strong></em></p> <ul> <li>Add <code>macos-max-compat</code> option to the <code>wheel</code> target that is enabled by default to support the latest version 22.0 of the <code>packaging</code> library</li> </ul> <h2>Hatchling v1.12.1</h2> <p><em><strong>Fixed:</strong></em></p> <ul> <li>Fix minor regression in the PEP 517/660 function signatures that was discovered by Fedora</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/hatch/commit/4e3c515bb15fd5533ced963c70308e2a271905d9"><code>4e3c515</code></a> release Hatch v1.13.0</li> <li><a href="https://github.com/pypa/hatch/commit/204c0cdc30990c0b5a983f5705967867e727982e"><code>204c0cd</code></a> Support managing Python 3.13 distributions (<a href="https://redirect.github.com/pypa/hatch/issues/1753">#1753</a>)</li> <li>See full diff in <a href="https://github.com/pypa/hatch/compare/hatch-v1.12.0...hatch-v1.13.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pip](https://github.com/pypa/pip) from 24.2 to 24.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>24.3.1 (2024-10-27)</h1> <h2>Bug Fixes</h2> <ul> <li>Allow multiple nested inclusions of the same requirements file again. (<code>[#13046](pypa/pip#13046) <https://github.com/pypa/pip/issues/13046></code>_)</li> </ul> <h1>24.3 (2024-10-27)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate wheel filenames that are not compliant with :pep:<code>440</code>. (<code>[#12918](pypa/pip#12918) <https://github.com/pypa/pip/issues/12918></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Detect recursively referencing requirements files and help users identify the source. (<code>[#12653](pypa/pip#12653) <https://github.com/pypa/pip/issues/12653></code>_)</li> <li>Support for :pep:<code>730</code> iOS wheels. (<code>[#12961](pypa/pip#12961) <https://github.com/pypa/pip/issues/12961></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Display a better error message when an already installed package has an invalid requirement. (<code>[#12953](pypa/pip#12953) <https://github.com/pypa/pip/issues/12953></code>_)</li> <li>Ignore <code>PIP_TARGET</code> and <code>pip.conf</code> <code>global.target</code> when preparing a build environment. (<code>[#8438](pypa/pip#8438) <https://github.com/pypa/pip/issues/8438></code>_)</li> <li>Restore support for macOS 10.12 and older (via truststore). (<code>[#12901](pypa/pip#12901) <https://github.com/pypa/pip/issues/12901></code>_)</li> <li>Allow installing pip in editable mode in a virtual environment on Windows. (<code>[#12666](pypa/pip#12666) <https://github.com/pypa/pip/issues/12666></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2024.8.30</li> <li>Upgrade distlib to 0.3.9</li> <li>Upgrade truststore to 0.10.0</li> <li>Upgrade urllib3 to 1.26.20</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/05293b6b55eca86490b7c2944bcc558a56064f0d"><code>05293b6</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/6a5db8b107bb0063c69dc5ccd39dbfef14ca7a32"><code>6a5db8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13047">#13047</a> from sbidoul/fix-13046</li> <li><a href="https://github.com/pypa/pip/commit/7be54ced1cca2c850e79e8fbe9ec2b76947b2b6f"><code>7be54ce</code></a> Don't fail when the same req file is included more than once</li> <li><a href="https://github.com/pypa/pip/commit/4f6aeb17ed540e181b9ad1dea8d7b5389effd21b"><code>4f6aeb1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13044">#13044</a> from sbidoul/release/24.3</li> <li><a href="https://github.com/pypa/pip/commit/e1b1d51fe8d0f4b84b77206173ceb656caa2edeb"><code>e1b1d51</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/cdba22f49b425fe4a57a8daf992fd6335c8010a1"><code>cdba22f</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/27f8374e8dd49141bd2397c0e8e8093cf3676ff7"><code>27f8374</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/c79d01953357913f421f192f51ffa9bab0a75ba0"><code>c79d019</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13033">#13033</a> from sbidoul/vendoring-24.3-sbi</li> <li><a href="https://github.com/pypa/pip/commit/3ca89215a96f9b05619fc52bb778c19f26b84a9f"><code>3ca8921</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13041">#13041</a> from sethmlarson/truststore-0.10.0</li> <li><a href="https://github.com/pypa/pip/commit/0cc7375ff0a42ddfa19f23f42cb96d6d7c06d29b"><code>0cc7375</code></a> Upgrade vendored truststore to 0.10.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.2...24.3.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.2&new-version=24.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pip](https://github.com/pypa/pip) from 24.2.0 to 24.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>24.3.1 (2024-10-27)</h1> <h2>Bug Fixes</h2> <ul> <li>Allow multiple nested inclusions of the same requirements file again. (<code>[#13046](pypa/pip#13046) <https://github.com/pypa/pip/issues/13046></code>_)</li> </ul> <h1>24.3 (2024-10-27)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate wheel filenames that are not compliant with :pep:<code>440</code>. (<code>[#12918](pypa/pip#12918) <https://github.com/pypa/pip/issues/12918></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Detect recursively referencing requirements files and help users identify the source. (<code>[#12653](pypa/pip#12653) <https://github.com/pypa/pip/issues/12653></code>_)</li> <li>Support for :pep:<code>730</code> iOS wheels. (<code>[#12961](pypa/pip#12961) <https://github.com/pypa/pip/issues/12961></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Display a better error message when an already installed package has an invalid requirement. (<code>[#12953](pypa/pip#12953) <https://github.com/pypa/pip/issues/12953></code>_)</li> <li>Ignore <code>PIP_TARGET</code> and <code>pip.conf</code> <code>global.target</code> when preparing a build environment. (<code>[#8438](pypa/pip#8438) <https://github.com/pypa/pip/issues/8438></code>_)</li> <li>Restore support for macOS 10.12 and older (via truststore). (<code>[#12901](pypa/pip#12901) <https://github.com/pypa/pip/issues/12901></code>_)</li> <li>Allow installing pip in editable mode in a virtual environment on Windows. (<code>[#12666](pypa/pip#12666) <https://github.com/pypa/pip/issues/12666></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2024.8.30</li> <li>Upgrade distlib to 0.3.9</li> <li>Upgrade truststore to 0.10.0</li> <li>Upgrade urllib3 to 1.26.20</li> </ul> <h1>24.2 (2024-07-28)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate <code>pip install --editable</code> falling back to <code>setup.py develop</code> when using a setuptools version that does not support :pep:<code>660</code> (setuptools v63 and older). (<code>[#11457](pypa/pip#11457) <https://github.com/pypa/pip/issues/11457></code>_)</li> </ul> <p>Features</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/05293b6b55eca86490b7c2944bcc558a56064f0d"><code>05293b6</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/6a5db8b107bb0063c69dc5ccd39dbfef14ca7a32"><code>6a5db8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13047">#13047</a> from sbidoul/fix-13046</li> <li><a href="https://github.com/pypa/pip/commit/7be54ced1cca2c850e79e8fbe9ec2b76947b2b6f"><code>7be54ce</code></a> Don't fail when the same req file is included more than once</li> <li><a href="https://github.com/pypa/pip/commit/4f6aeb17ed540e181b9ad1dea8d7b5389effd21b"><code>4f6aeb1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13044">#13044</a> from sbidoul/release/24.3</li> <li><a href="https://github.com/pypa/pip/commit/e1b1d51fe8d0f4b84b77206173ceb656caa2edeb"><code>e1b1d51</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/cdba22f49b425fe4a57a8daf992fd6335c8010a1"><code>cdba22f</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/27f8374e8dd49141bd2397c0e8e8093cf3676ff7"><code>27f8374</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/c79d01953357913f421f192f51ffa9bab0a75ba0"><code>c79d019</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13033">#13033</a> from sbidoul/vendoring-24.3-sbi</li> <li><a href="https://github.com/pypa/pip/commit/3ca89215a96f9b05619fc52bb778c19f26b84a9f"><code>3ca8921</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13041">#13041</a> from sethmlarson/truststore-0.10.0</li> <li><a href="https://github.com/pypa/pip/commit/0cc7375ff0a42ddfa19f23f42cb96d6d7c06d29b"><code>0cc7375</code></a> Upgrade vendored truststore to 0.10.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.2...24.3.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.2.0&new-version=24.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) Dependabot will merge this PR once CI passes on it, as requested by @Zeitsperre. [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Description
I have three requirements files, as follows:
When attempting to
pip install -r lint-requirements.txt
, pip complains:ERROR: .../requirements.txt recursively references itself in .../test-requirements.txt and again in .../lint-requirements.txt
even though there is no recursive reference here. This used to work fine prior to pip 24.3.
Expected behavior
pip should not report an error and instead should proceed with installation as usual.
pip version
24.3
Python version
3.9
OS
Linux
How to Reproduce
pip install -r lint-requirements.txt
Output
Code of Conduct
The text was updated successfully, but these errors were encountered: