feat(deps): bump pip from 19.3.1 to 20.0

[dependabot-preview[bot]]

Bumps pip from 19.3.1 to 20.0.

Changelog

Sourced from pip's changelog.

20.0 (2020-01-21)

Process

• Switch to a dedicated CLI tool for vendoring dependencies.

Deprecations and Removals

• Remove wheel tag calculation from pip and use packaging.tags. This should provide more tags ordered better than in prior releases. (#6908)
• Deprecate setup.py-based builds that do not generate an .egg-info directory. (#6998)
• The pip>=20 wheel cache is not retro-compatible with previous versions. Until pip 21.0, pip will continue to take advantage of existing legacy cache entries. (#7296)
• Deprecate undocumented --skip-requirements-regex option. (#7297)
• Deprecate passing install-location-related options via --install-option. (#7309)
• Use literal "abi3" for wheel tag on CPython 3.x, to align with PEP 384 which only defines it for this platform. (#7327)
• Remove interpreter-specific major version tag e.g. cp3-none-any from consideration. This behavior was not documented strictly, and this tag in particular is not useful. Anyone with a use case can create an issue with pypa/packaging. (#7355)
• Wheel processing no longer permits wheels containing more than one top-level .dist-info directory. (#7487)
• Support for the git+git@ form of VCS requirement is being deprecated and will be removed in pip 21.0. Switch to git+https:// or git+ssh://. git+git:// also works but its use is discouraged as it is insecure. (#7543)

Features

• Default to doing a user install (as if --user was passed) when the main site-packages directory is not writeable and user site-packages are enabled. (#1668)
• Warn if a path in PATH starts with tilde during pip install. (#6414)
• Cache wheels built from Git requirements that are considered immutable, because they point to a commit hash. (#6640)
• Add option --no-python-version-warning to silence warnings related to deprecation of Python versions. (#6673)
• Cache wheels that pip wheel built locally, matching what pip install does. This particularly helps performance in workflows where pip wheel is used for building before installing. Users desiring the original behavior can use pip wheel --no-cache-dir. (#6852)
• Display CA information in pip debug. (#7146)
• Show only the filename (instead of full URL), when downloading from PyPI. (#7225)
• Suggest a more robust command to upgrade pip itself to avoid confusion when the current pip command is not available as pip. (#7376)
• Define all old pip console script entrypoints to prevent import issues in stale wrapper scripts. (#7498)
• The build step of pip wheel now builds all wheels to a cache first, then copies them to the wheel directory all at once. Before, it built them to a temporary direcory and moved them to the wheel directory one by one. (#7517)
• Expand ~ prefix to user directory in path options, configs, and environment variables. Values that may be either URL or path are not currently supported, to avoid ambiguity:
  • --find-links
  • --constraint, -c
  • --requirement, -r
  • --editable, -e (#980)

Bug Fixes

• Correctly handle system site-packages, in virtual environments created with venv (PEP 405). (#5702, #7155)
• Fix case sensitive comparison of pip freeze when used with -r option. (#5716)
• Enforce PEP 508 requirement format in pyproject.toml build-system.requires. (#6410)
• Make ensure_dir() also ignore ENOTEMPTY as seen on Windows. (#6426)
• Fix building packages which specify backend-path in pyproject.toml. (#6599)
• Do not attempt to run setup.py clean after a pep517 build error, since a setup.py may not exist in that case. (#6642)
• Fix passwords being visible in the index-url in "Downloading <url>" message. (#6783)

... (truncated)

Commits

• 8ad871a Bump for release
• 6a41ea3 Update AUTHORS.txt
• bd02564 Vendoring Updates for Jan 2020 (#7618)
• 7b2f0aa Upgrade pkg_resources (via setuptools) to 44.0.0
• 1176591 Add the required NEWS fragments
• 947fceb Upgrade six to 1.14.0
• 501e00c Upgrade urllib3 to 1.25.7
• 022f0e2 Upgrade certifi to 2019.11.28
• 7770dc2 Upgrade pyparsing to 2.4.6
• 9bce54e Upgrade ipaddress to 1.0.23
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

If all status checks pass Dependabot will automatically merge this pull request.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in the `.dependabot/config.yml` file in this repo: - Update frequency - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)

[dependabot-preview[bot]]

One of your CI runs failed on this pull request, so Dependabot won't merge it.

• ci (3.6, 0.12.17)
• ci (3.5, 0.12.17)
• ci (3.8, 0.12.17)
• ci (3.7, 0.12.17)
• ci (3.6, 0.12.17)
• ci (3.5, 0.12.17)

Dependabot will still automatically merge this pull request if you amend it and your tests pass.

[dependabot-preview[bot]]

Superseded by #16.