pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also https://github.com/pypa/setuptools/issues/1684.
It is recommended that you:
Remove ‘pytest-runner’ from your ‘setup_requires’, preferably removing the setup_requires option.
Remove ‘pytest’ and any other testing requirements from ‘tests_require’, preferably removing the setup_requires option.
Select a tool to bootstrap and then run tests such as tox
I don't think dropping this would radically change the package, or how tests are run. It's just a matter of carefully removing it and everything created for it.
From https://pypi.org/project/pytest-runner/:
I don't think dropping this would radically change the package, or how tests are run. It's just a matter of carefully removing it and everything created for it.