search

Madoshakalaka / pipenv-setup

sync pipfile/lockfile to setup.py or check dependency and versioning conflicts
MIT License
110 stars 30 forks source link

Bump requirementslib from 1.6.6 to 2.0.3 #135

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps requirementslib from 1.6.6 to 2.0.3.

Release notes

Sourced from requirementslib's releases.

Release 2.0.3

No release notes provided.

Release 2.0.2

What's Changed

Full Changelog: https://github.com/sarugaku/requirementslib/compare/2.0.1...2.0.2

Release 2.0.1

What's Changed

Full Changelog: https://github.com/sarugaku/requirementslib/compare/2.0.0...2.0.1

Release 2.0.0

No release notes provided.

Release 1.6.9

No release notes provided.

Release 1.6.8

What's Changed

Full Changelog: https://github.com/sarugaku/requirementslib/compare/1.6.7...1.6.8

Release 1.6.7

No release notes provided.

Changelog

Sourced from requirementslib's changelog.

Requirementslib 2.0.3 (2022-09-24)

Bug Fixes

  • Fix non-deterministic markers by removing lru_cache usage from markers.py. [#344](https://github.com/sarugaku/requirementslib/issues/344) <https://github.com/sarugaku/requirementslib/issues/344>_

Requirementslib 2.0.2 (2022-09-14)

Bug Fixes

  • Rely on packaging and pkg_resources internal to pip. [#343](https://github.com/sarugaku/requirementslib/issues/343) <https://github.com/sarugaku/requirementslib/issues/343>_

Requirementslib 2.0.1 (2022-08-29)

Bug Fixes

  • Fix bug with local file installs that are not marked editable = "true" getting an unexpected #egg fragment. [#342](https://github.com/sarugaku/requirementslib/issues/342) <https://github.com/sarugaku/requirementslib/issues/342>_

Requirementslib 2.0.0 (2022-08-24)

Features

  • requirementslib has converted off of pip-shims project which had grown into a complicated interface to using pip. It was problematic because pip-shims could never foresee and accommodate future looking changes to internal interfaces of pip. Also, pip-shims slowed down this library and required downstream tools such as pipenv to continue vendoring it despite having already dropped usages. Due to the impact of this change, it requires a major version increase of requirementslib to 2.0.0 To utilize version 2.0.0 of requirementslib, ensure you have pip>=22.2 as this has not been fully tested to support earlier versions of pip Breakage of the internal pip interface usage is possible with earlier versions. Additionally, the interface on NamedRequierment renamed class method get_dependencies to dependencies and get_abstract_dependencies to abstract_dependencies in order to match interface with Line class and avoid naming collision with the utility methods they call. [#334](https://github.com/sarugaku/requirementslib/issues/334) <https://github.com/sarugaku/requirementslib/issues/334>_

Bug Fixes

  • requirementslib adjusted code paths to prevent import of setuptools that causes issues when upgrading setuptools. [#339](https://github.com/sarugaku/requirementslib/issues/339) <https://github.com/sarugaku/requirementslib/issues/339>_

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov-commenter commented 2 years ago

Codecov Report

Base: 93.66% // Head: 93.66% // No change to project coverage :thumbsup:

Coverage data is based on head (12e8f89) compared to base (109056e). Patch has no changes to coverable lines.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #135 +/- ## ======================================= Coverage 93.66% 93.66% ======================================= Files 10 10 Lines 774 774 ======================================= Hits 725 725 Misses 49 49 ``` Help us with your feedback. Take ten seconds to tell us [how you rate us](https://about.codecov.io/nps?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Matt). Have a feature suggestion? [Share it here.](https://app.codecov.io/gh/feedback/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Matt)

:umbrella: View full report at Codecov.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.

dependabot[bot] commented 2 years ago

Superseded by #137.