collectionslab / Omniscribe

9 stars 4 forks source link

Bump pip from 9.0.1 to 19.2 in /proofOfConcept #25

Closed dependabot[bot] closed 3 years ago

dependabot[bot] commented 3 years ago

Bumps pip from 9.0.1 to 19.2.

Changelog

Sourced from pip's changelog.

19.2 (2019-07-22)

Deprecations and Removals

  • Drop support for EOL Python 3.4. ([#6685](https://github.com/pypa/pip/issues/6685) <https://github.com/pypa/pip/issues/6685>_)
  • Improve deprecation messages to include the version in which the functionality will be removed. ([#6549](https://github.com/pypa/pip/issues/6549) <https://github.com/pypa/pip/issues/6549>_)

Features

  • Credentials will now be loaded using keyring when installed. ([#5948](https://github.com/pypa/pip/issues/5948) <https://github.com/pypa/pip/issues/5948>_)
  • Fully support using --trusted-host inside requirements files. ([#3799](https://github.com/pypa/pip/issues/3799) <https://github.com/pypa/pip/issues/3799>_)
  • Update timestamps in pip's --log file to include milliseconds. ([#6587](https://github.com/pypa/pip/issues/6587) <https://github.com/pypa/pip/issues/6587>_)
  • Respect whether a file has been marked as "yanked" from a simple repository (see PEP 592 <https://www.python.org/dev/peps/pep-0592/>__ for details). ([#6633](https://github.com/pypa/pip/issues/6633) <https://github.com/pypa/pip/issues/6633>_)
  • When choosing candidates to install, prefer candidates with a hash matching one of the user-provided hashes. ([#5874](https://github.com/pypa/pip/issues/5874) <https://github.com/pypa/pip/issues/5874>_)
  • Improve the error message when METADATA or PKG-INFO is None when accessing metadata. ([#5082](https://github.com/pypa/pip/issues/5082) <https://github.com/pypa/pip/issues/5082>_)
  • Add a new command pip debug that can display e.g. the list of compatible tags for the current Python. ([#6638](https://github.com/pypa/pip/issues/6638) <https://github.com/pypa/pip/issues/6638>_)
  • Display hint on installing with --pre when search results include pre-release versions. ([#5169](https://github.com/pypa/pip/issues/5169) <https://github.com/pypa/pip/issues/5169>_)
  • Report to Warehouse that pip is running under CI if the PIP_IS_CI environment variable is set. ([#5499](https://github.com/pypa/pip/issues/5499) <https://github.com/pypa/pip/issues/5499>_)
  • Allow --python-version to be passed as a dotted version string (e.g. 3.7 or 3.7.3). ([#6585](https://github.com/pypa/pip/issues/6585) <https://github.com/pypa/pip/issues/6585>_)
  • Log the final filename and SHA256 of a .whl file when done building a wheel. ([#5908](https://github.com/pypa/pip/issues/5908) <https://github.com/pypa/pip/issues/5908>_)
  • Include the wheel's tags in the log message explanation when a candidate wheel link is found incompatible. ([#6121](https://github.com/pypa/pip/issues/6121) <https://github.com/pypa/pip/issues/6121>_)
  • Add a --path argument to pip freeze to support --target installations. ([#6404](https://github.com/pypa/pip/issues/6404) <https://github.com/pypa/pip/issues/6404>_)
  • Add a --path argument to pip list to support --target installations. ([#6551](https://github.com/pypa/pip/issues/6551) <https://github.com/pypa/pip/issues/6551>_)

Bug Fixes

  • Set sys.argv[0] to the underlying setup.py when invoking setup.py via the setuptools shim so setuptools doesn't think the path is -c. ([#1890](https://github.com/pypa/pip/issues/1890) <https://github.com/pypa/pip/issues/1890>_)
  • Update pip download to respect the given --python-version when checking "Requires-Python". ([#5369](https://github.com/pypa/pip/issues/5369) <https://github.com/pypa/pip/issues/5369>_)
  • Respect --global-option and --install-option when installing from a version control url (e.g. git). ([#5518](https://github.com/pypa/pip/issues/5518) <https://github.com/pypa/pip/issues/5518>_)
  • Make the "ascii" progress bar really be "ascii" and not Unicode. ([#5671](https://github.com/pypa/pip/issues/5671) <https://github.com/pypa/pip/issues/5671>_)
  • Fail elegantly when trying to set an incorrectly formatted key in config. ([#5963](https://github.com/pypa/pip/issues/5963) <https://github.com/pypa/pip/issues/5963>_)
  • Prevent DistutilsOptionError when prefix is indicated in the global environment and --target is used. ([#6008](https://github.com/pypa/pip/issues/6008) <https://github.com/pypa/pip/issues/6008>_)
  • Fix pip install to respect --ignore-requires-python when evaluating links. ([#6371](https://github.com/pypa/pip/issues/6371) <https://github.com/pypa/pip/issues/6371>_)

... (truncated)

Commits
  • 0e64295 Generate NEWS
  • 0df416d Bump version for release
  • 5f0aa2a Generate AUTHORS.txt
  • 8582f7e Reduce dependency on ctypes when discovering glibc version. (#6678)
  • e308497 Merge pull request #6743 from chrahunt/maint/remove-path-copytree
  • 9281a7a Remove copytree from tests.lib.path.Path.
  • 0d28601 Remove copy from tests.lib.path.Path. (#6746)
  • c275e9d Drop a useless import in favor of explicitness
  • 3732e79 Remove normpath from tests.lib.path.Path.
  • 358e690 Remove move from tests.lib.path.Path.
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/collectionslab/Omniscribe/network/alerts).
dependabot[bot] commented 3 years ago

Superseded by #29.