Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vendor in Pip 24.1.2 #6253

Merged
merged 17 commits into from
Sep 25, 2024
Merged

Vendor in Pip 24.1.2 #6253

merged 17 commits into from
Sep 25, 2024

Conversation

matteius
Copy link
Member

@matteius matteius commented Sep 23, 2024
edited
Loading

It will take more work to get to pip 24.2, but I had done a bunch of the patch work in that branch that allows vendoring in 24.1.2 which brings a lot of improvements with it, so it would be worth bumping this version in a release until the issues I encountered vendoring 24.2 can be sorted.

The checklist

  • Associated issue
  • A news fragment in the news/ directory to describe this fix with the extension .bugfix.rst, .feature.rst, .behavior.rst, .doc.rst. .vendor.rst. or .trivial.rst (this will appear in the release changelog). Use semantic line breaks and name the file after the issue number or the PR #.

@matteius matteius marked this pull request as ready for review September 23, 2024 14:39
@matteius matteius requested a review from oz123 September 23, 2024 14:39
@matteius matteius mentioned this pull request Sep 23, 2024
Closed
2 tasks
oz123
oz123 approved these changes Sep 25, 2024
View reviewed changes
Copy link
Contributor

@oz123 oz123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As mentioned in our slack there was no need to include pyparsing and I'm glad to see you addressed it.

@oz123 oz123 merged commit 6e562cb into main Sep 25, 2024
22 checks passed
@oz123 oz123 deleted the pip-24.1.2 branch September 25, 2024 18:50
achim-k pushed a commit to foxglove/ws-protocol that referenced this pull request Sep 30, 2024
@dependabot
Bump pipenv from 2024.0.3 to 2024.1.0 (#835)
0a9dd06 
Bumps [pipenv](https://github.com/pypa/pipenv) from 2024.0.3 to
2024.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pipenv/releases">pipenv's
releases</a>.</em></p>
<blockquote>
<h2>Release v2024.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Vendor in Pip 24.1.2 by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6253">pypa/pipenv#6253</a></li>
<li>Preserve uncleaned VCS URL in the lock file. by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6257">pypa/pipenv#6257</a></li>
<li>Make this code path more safe to prevent stack trace/regression. by
<a href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6261">pypa/pipenv#6261</a></li>
<li>Update get-pipenv.py by <a
href="https://github.com/oz123"><code>@​oz123</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6260">pypa/pipenv#6260</a></li>
<li>Fix new vcs test on Windows by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6262">pypa/pipenv#6262</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/pipenv/compare/v2024.0.3...v2024.1.0">https://github.com/pypa/pipenv/compare/v2024.0.3...v2024.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pipenv/blob/main/CHANGELOG.md">pipenv's
changelog</a>.</em></p>
<blockquote>
<h1>2024.1.0 (2024-09-29)</h1>
<h1>Pipenv 2024.1.0 (2024-09-29)</h1>
<h2>Features &amp; Improvements</h2>
<ul>
<li>Upgrade from <code>pip==24.0</code> to <code>pip==24.1.2</code>.
<code>[#6253](pypa/pipenv#6253)
&lt;https://github.com/pypa/pipenv/issues/6253&gt;</code>_</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Fixes regression in lock file generation that caused environment
variable references (e.g., ${GIT_PASSWORD}) in VCS URLs to be stripped
out. This restores the ability to use credential placeholders in version
control system URLs.
<code>[#6256](pypa/pipenv#6256)
&lt;https://github.com/pypa/pipenv/issues/6256&gt;</code>_</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pipenv/commit/2b9c78aff7a1120cb68c65d1777dd9001bf12ed2"><code>2b9c78a</code></a>
Release v2024.1.0</li>
<li><a
href="https://github.com/pypa/pipenv/commit/3a16980e93fcc6068bd3eb3674bfa8b64b78d64d"><code>3a16980</code></a>
Bumped version to 2024.1.0.</li>
<li><a
href="https://github.com/pypa/pipenv/commit/9d7dc56dede01c0cdde4a86dc37a49e7f35b5379"><code>9d7dc56</code></a>
don't try to bump to dev version during pypi publish.</li>
<li><a
href="https://github.com/pypa/pipenv/commit/89fd2656f81b73106ea3258dd15187611d69737f"><code>89fd265</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pipenv/issues/6262">#6262</a>
from pypa/fix-ci-vcs</li>
<li><a
href="https://github.com/pypa/pipenv/commit/2651f9943de577f48ce4d6f58cc91fd4c410dc8c"><code>2651f99</code></a>
Fix tests for windows and leave behavior for mac/linux</li>
<li><a
href="https://github.com/pypa/pipenv/commit/cbcd06c4f9d9834e80da01a0658d5385fd74bf69"><code>cbcd06c</code></a>
Fix test on windows</li>
<li><a
href="https://github.com/pypa/pipenv/commit/d9e6dfe80b3337141b0d82800a8e5981a3ee6c77"><code>d9e6dfe</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pipenv/issues/6260">#6260</a>
from pypa/fix-get-pipenv</li>
<li><a
href="https://github.com/pypa/pipenv/commit/7d2220071927b6aefed43081c0a9384d20e826e7"><code>7d22200</code></a>
ruff: ignore get-pipenv.py</li>
<li><a
href="https://github.com/pypa/pipenv/commit/e1866a9e263a1ba447fe5186255912d42e2a560b"><code>e1866a9</code></a>
Update get-pipenv.py</li>
<li><a
href="https://github.com/pypa/pipenv/commit/fa08ff5fc4141fd15ac8d6da84751f9a4c5344b4"><code>fa08ff5</code></a>
Make this code path more safe to prevent stack trace/regression.</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pipenv/compare/v2024.0.3...v2024.1.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pipenv&package-manager=pip&previous-version=2024.0.3&new-version=2024.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-merge-queue bot pushed a commit to NomicFoundation/slang that referenced this pull request Oct 1, 2024
@dependabot
[pip] Bump the non-major-dependencies group with 2 updates (#1111)
133f0ef 
Bumps the non-major-dependencies group with 2 updates:
[pipenv](https://github.com/pypa/pipenv) and
[mkdocs-material](https://github.com/squidfunk/mkdocs-material).

Updates `pipenv` from 2024.0.3 to 2024.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pipenv/releases">pipenv's
releases</a>.</em></p>
<blockquote>
<h2>Release v2024.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Vendor in Pip 24.1.2 by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6253">pypa/pipenv#6253</a></li>
<li>Preserve uncleaned VCS URL in the lock file. by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6257">pypa/pipenv#6257</a></li>
<li>Make this code path more safe to prevent stack trace/regression. by
<a href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6261">pypa/pipenv#6261</a></li>
<li>Update get-pipenv.py by <a
href="https://github.com/oz123"><code>@​oz123</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6260">pypa/pipenv#6260</a></li>
<li>Fix new vcs test on Windows by <a
href="https://github.com/matteius"><code>@​matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6262">pypa/pipenv#6262</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/pipenv/compare/v2024.0.3...v2024.1.0">https://github.com/pypa/pipenv/compare/v2024.0.3...v2024.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pipenv/blob/main/CHANGELOG.md">pipenv's
changelog</a>.</em></p>
<blockquote>
<h1>2024.1.0 (2024-09-29)</h1>
<h1>Pipenv 2024.1.0 (2024-09-29)</h1>
<h2>Features &amp; Improvements</h2>
<ul>
<li>Upgrade from <code>pip==24.0</code> to <code>pip==24.1.2</code>.
<code>[#6253](pypa/pipenv#6253)
&lt;https://github.com/pypa/pipenv/issues/6253&gt;</code>_</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Fixes regression in lock file generation that caused environment
variable references (e.g., ${GIT_PASSWORD}) in VCS URLs to be stripped
out. This restores the ability to use credential placeholders in version
control system URLs.
<code>[#6256](pypa/pipenv#6256)
&lt;https://github.com/pypa/pipenv/issues/6256&gt;</code>_</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pipenv/commit/2b9c78aff7a1120cb68c65d1777dd9001bf12ed2"><code>2b9c78a</code></a>
Release v2024.1.0</li>
<li><a
href="https://github.com/pypa/pipenv/commit/3a16980e93fcc6068bd3eb3674bfa8b64b78d64d"><code>3a16980</code></a>
Bumped version to 2024.1.0.</li>
<li><a
href="https://github.com/pypa/pipenv/commit/9d7dc56dede01c0cdde4a86dc37a49e7f35b5379"><code>9d7dc56</code></a>
don't try to bump to dev version during pypi publish.</li>
<li><a
href="https://github.com/pypa/pipenv/commit/89fd2656f81b73106ea3258dd15187611d69737f"><code>89fd265</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pipenv/issues/6262">#6262</a>
from pypa/fix-ci-vcs</li>
<li><a
href="https://github.com/pypa/pipenv/commit/2651f9943de577f48ce4d6f58cc91fd4c410dc8c"><code>2651f99</code></a>
Fix tests for windows and leave behavior for mac/linux</li>
<li><a
href="https://github.com/pypa/pipenv/commit/cbcd06c4f9d9834e80da01a0658d5385fd74bf69"><code>cbcd06c</code></a>
Fix test on windows</li>
<li><a
href="https://github.com/pypa/pipenv/commit/d9e6dfe80b3337141b0d82800a8e5981a3ee6c77"><code>d9e6dfe</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pipenv/issues/6260">#6260</a>
from pypa/fix-get-pipenv</li>
<li><a
href="https://github.com/pypa/pipenv/commit/7d2220071927b6aefed43081c0a9384d20e826e7"><code>7d22200</code></a>
ruff: ignore get-pipenv.py</li>
<li><a
href="https://github.com/pypa/pipenv/commit/e1866a9e263a1ba447fe5186255912d42e2a560b"><code>e1866a9</code></a>
Update get-pipenv.py</li>
<li><a
href="https://github.com/pypa/pipenv/commit/fa08ff5fc4141fd15ac8d6da84751f9a4c5344b4"><code>fa08ff5</code></a>
Make this code path more safe to prevent stack trace/regression.</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pipenv/compare/v2024.0.3...v2024.1.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `mkdocs-material` from 9.5.37 to 9.5.39
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/squidfunk/mkdocs-material/releases">mkdocs-material's
releases</a>.</em></p>
<blockquote>
<h2>mkdocs-material-9.5.39</h2>
<ul>
<li>Fixed <a
href="https://redirect.github.com/squidfunk/mkdocs-material/issues/7226">#7226</a>:
not staying on page when using mike's canonical versioning</li>
</ul>
<p>Thanks go to <a
href="https://github.com/ilyagr"><code>@​ilyagr</code></a> for their
contributions</p>
<h2>mkdocs-material-9.5.38</h2>
<ul>
<li>Added Albanian translations</li>
</ul>
<p>Thanks go to <a
href="https://github.com/gerardkraja"><code>@​gerardkraja</code></a> for
their contributions</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG">mkdocs-material's
changelog</a>.</em></p>
<blockquote>
<p>mkdocs-material-9.5.39+insiders-4.53.14 (2024-09-29)</p>
<ul>
<li>Fixed <a
href="https://redirect.github.com/squidfunk/mkdocs-material/issues/7567">#7567</a>:
Empty headlines when using typeset plugin with anchorlinks</li>
</ul>
<p>mkdocs-material-9.5.39 (2024-09-29)</p>
<ul>
<li>Fixed <a
href="https://redirect.github.com/squidfunk/mkdocs-material/issues/7226">#7226</a>:
not staying on page when using mike's canonical versioning</li>
</ul>
<p>mkdocs-material-9.5.38 (2024-09-26)</p>
<ul>
<li>Added Albanian translations</li>
</ul>
<p>mkdocs-material-9.5.37 (2024-09-25)</p>
<ul>
<li>Added 4th and 5th level ordered list styles</li>
<li>Fixed <a
href="https://redirect.github.com/squidfunk/mkdocs-material/issues/7548">#7548</a>:
Tags have no spacing in search</li>
</ul>
<p>mkdocs-material-9.5.36 (2024-09-21)</p>
<ul>
<li>Fixed <a
href="https://redirect.github.com/squidfunk/mkdocs-material/issues/7544">#7544</a>:
Social cards incorrectly rendering HTML entities</li>
<li>Fixed <a
href="https://redirect.github.com/squidfunk/mkdocs-material/issues/7542">#7542</a>:
Improved support for setting custom list styles</li>
</ul>
<p>mkdocs-material-9.5.35 (2024-09-18)</p>
<ul>
<li>Fixed <a
href="https://redirect.github.com/squidfunk/mkdocs-material/issues/7498">#7498</a>:
Search not showing for Vietnamese language</li>
</ul>
<p>mkdocs-material-9.5.34+insiders-4.53.13 (2024-09-14)</p>
<ul>
<li>Fixed <a
href="https://redirect.github.com/squidfunk/mkdocs-material/issues/7520">#7520</a>:
Social plugin errors for generated files (MkDocs 1.6+)</li>
</ul>
<p>mkdocs-material-9.5.34 (2024-08-31)</p>
<ul>
<li>Updated Mermaid.js to version 11 (latest)</li>
</ul>
<p>mkdocs-material-9.5.33 (2024-08-23)</p>
<ul>
<li>Fixed <a
href="https://redirect.github.com/squidfunk/mkdocs-material/issues/7453">#7453</a>:
Incorrect position of tooltip when sorting table</li>
</ul>
<p>mkdocs-material-9.5.32 (2024-08-19)</p>
<ul>
<li>Fixed RXSS vulnerability via deep link in search results</li>
<li>Added support for fetching latest release from GitLab</li>
</ul>
<p>mkdocs-material-9.5.31+insiders-4.53.12 (2024-08-02)</p>
<ul>
<li>Fixed <a
href="https://redirect.github.com/squidfunk/mkdocs-material/issues/7410">#7410</a>:
Instant previews jump on content tabs with anchor links</li>
<li>Fixed <a
href="https://redirect.github.com/squidfunk/mkdocs-material/issues/7408">#7408</a>:
Instant previews jump on content tabs</li>
</ul>
<p>mkdocs-material-9.5.31 (2024-08-02)</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/squidfunk/mkdocs-material/commit/70db88f41449f6e801178457944ceb26279dd464"><code>70db88f</code></a>
Prepare 9.5.39 release</li>
<li><a
href="https://github.com/squidfunk/mkdocs-material/commit/187705e3b855ee86e3cea7e8499b1ce4222cd4aa"><code>187705e</code></a>
Updated dependencies</li>
<li><a
href="https://github.com/squidfunk/mkdocs-material/commit/56fdb282d027efc083237beec842733ad24ff51d"><code>56fdb28</code></a>
Adjusted code copy button documentation</li>
<li><a
href="https://github.com/squidfunk/mkdocs-material/commit/aeb9492c08fa12ada87e832d2c03c3984ce59fe0"><code>aeb9492</code></a>
Fixed stay no page functionality when using mike's canonical versioning
(<a
href="https://redirect.github.com/squidfunk/mkdocs-material/issues/7559">#7559</a>)</li>
<li><a
href="https://github.com/squidfunk/mkdocs-material/commit/50a15becc8b14698d145dce3efdfcbb25edda755"><code>50a15be</code></a>
Updated link to step-by-step guide on YouTube</li>
<li><a
href="https://github.com/squidfunk/mkdocs-material/commit/117250a46288841f2f359e5c85070a2d85d69b03"><code>117250a</code></a>
Prepare 9.5.38 release</li>
<li><a
href="https://github.com/squidfunk/mkdocs-material/commit/74ca2341ac7ab59b931926f74111d98fb73c67f3"><code>74ca234</code></a>
Added Albanian translations</li>
<li>See full diff in <a
href="https://github.com/squidfunk/mkdocs-material/compare/9.5.37...9.5.39">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@oz123 oz123 oz123 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@matteius @oz123