Rely on packaging and pkg_resources internal to pip. [#343](https://github.com/sarugaku/requirementslib/issues/343) <https://github.com/sarugaku/requirementslib/issues/343>_
Requirementslib 2.0.1 (2022-08-29)
Bug Fixes
Fix bug with local file installs that are not marked editable = "true" getting an unexpected #egg fragment. [#342](https://github.com/sarugaku/requirementslib/issues/342) <https://github.com/sarugaku/requirementslib/issues/342>_
Requirementslib 2.0.0 (2022-08-24)
Features
requirementslib has converted off of pip-shims project which had grown into a complicated interface to using pip.
It was problematic because pip-shims could never foresee and accommodate future looking changes to internal interfaces of pip.
Also, pip-shims slowed down this library and required downstream tools such as pipenv to continue vendoring it despite having already dropped usages.
Due to the impact of this change, it requires a major version increase of requirementslib to 2.0.0
To utilize version 2.0.0 of requirementslib, ensure you have pip>=22.2 as this has not been fully tested to support earlier versions of pip
Breakage of the internal pip interface usage is possible with earlier versions.
Additionally, the interface on NamedRequierment renamed class method get_dependencies to dependencies and get_abstract_dependencies to abstract_dependencies in order to match interface with Line class and avoid naming collision with the utility methods they call. [#334](https://github.com/sarugaku/requirementslib/issues/334) <https://github.com/sarugaku/requirementslib/issues/334>_
Bug Fixes
requirementslib adjusted code paths to prevent import of setuptools that causes issues when upgrading setuptools. [#339](https://github.com/sarugaku/requirementslib/issues/339) <https://github.com/sarugaku/requirementslib/issues/339>_
Requirementslib 1.6.9 (2022-07-27)
Bug Fixes
Rewrite imports of pip_shims.shims to be from pip_shims import shims so that they can be rewritten by the vendoring scripts in pipenv. [#332](https://github.com/sarugaku/requirementslib/issues/332) <https://github.com/sarugaku/requirementslib/issues/332>_
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
2 years ago
Bumps requirementslib from 1.6.6 to 2.0.2.
Release notes
Sourced from requirementslib's releases.
Changelog
Sourced from requirementslib's changelog.
... (truncated)
Commits
51bfa46Release 2.0.20157a2fAdd news fragment.f450586Merge pull request #343 from sarugaku/safer_pkg_resources392f096resolve lint.83d824dCleanup some unused items.7d55c6fMake import manageable for pipenv.a8ba74dresolve lint.af71d43Remove dependency on pyparsing since we use the pip version.dfa720eFix last test.f3cc0ffCheck pt progress.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)