Bump pex from 2.17.0 to 2.21.0

[dependabot[bot]]

Bumps pex from 2.17.0 to 2.21.0.

Release notes

Sourced from pex's releases.

pex 2.21.0

---

2.21.0

This release adds support for --pip-version 24.3.

• Add support for --pip-version 24.3. (#2580)

---

file	sha256	size
pex	c06dd0da495639f429c007d9cf973197c9af034011e64a7e30de33634043b83d	4319117
pex-linux-aarch64	10fc338b9c1b06116579c281e1e34ff7f2b97a242252915cb7411868b6a80cfa	24064375
pex-linux-x86_64	fa1ab10963b727f88b06ed7b79e245bf6a5c8bc7dd3c922ae1a679ae91f9b78c	27710575
pex-macos-aarch64	c3c21abf63bf57a86e5cb70a5b73beab003b38935f948054fc41b4550fe189ec	21571231
pex-macos-x86_64	dcc348a2f0a2a7a3a2f7a752de30e6d35299f9c50e57685629e82285d011b381	22082231

pex 2.20.4

---

2.20.4

This release carries several bug fixes and a performance improvement for lock deletes.

Although there were no direct reports in the wild, @​iritkatriel noticed by inspection the Pex safe_mkdir utility function would mask any OSError besides EEXIST. This is now fixed.

It was observed by @​b-x that when PEX_ROOT was contained in a symlinked path, PEXes would fail to execute. The most likely case leading to this would be a symlinked HOME dir. This is now fixed.

This release also fixes a bug where --pip-log <path>, used multiple times in a row against the same file could lead to pex3 lock errors. Now the specified path is always truncated before use and a note has been added to the option --help that using the same --pip-log path in concurrent Pex runs is not supported.

In addition, pex3 lock {update,sync} is now optimized for the cases where all the required updates are deletes. In this case neither Pip nor the network are consulted leading to speed improvements proportional to the size of the resolve.

• Fix safe_mkdir swallowing non-EEXIST errors. (#2575)
• Fix PEX_ROOT handling for symlinked paths. (#2574)
• Fix --pip-log re-use. (#2570)
• Optimize pure delete lock updates. (#2568)

---

|file|sha256|size|

... (truncated)

Changelog

Sourced from pex's changelog.

2.21.0

This release adds support for --pip-version 24.3.

• Add support for --pip-version 24.3. (#2580)

2.20.4

This release carries several bug fixes and a performance improvement for lock deletes.

Although there were no direct reports in the wild, @​iritkatriel noticed by inspection the Pex safe_mkdir utility function would mask any OSError besides EEXIST. This is now fixed.

It was observed by @​b-x that when PEX_ROOT was contained in a symlinked path, PEXes would fail to execute. The most likely case leading to this would be a symlinked HOME dir. This is now fixed.

This release also fixes a bug where --pip-log <path>, used multiple times in a row against the same file could lead to pex3 lock errors. Now the specified path is always truncated before use and a note has been added to the option --help that using the same --pip-log path in concurrent Pex runs is not supported.

In addition, pex3 lock {update,sync} is now optimized for the cases where all the required updates are deletes. In this case neither Pip nor the network are consulted leading to speed improvements proportional to the size of the resolve.

• Fix safe_mkdir swallowing non-EEXIST errors. (#2575)
• Fix PEX_ROOT handling for symlinked paths. (#2574)
• Fix --pip-log re-use. (#2570)
• Optimize pure delete lock updates. (#2568)

2.20.3

This release fixes both PEX building and lock creation via pex3 lock {create,sync} to be reproducible in more cases. Previously, if a requirement only available in source form (an sdist, a local project or a VCS requirement) had a build that was not reproducible due to either file timestamps (where the SOURCE_DATE_EPOCH standard was respected) or random iteration order (e.g.: the setup.py used sets in certain in-opportune ways), Pex's outputs would mirror the problematic requirement's non-reproducibility. Now Pex plumbs a fixed SOURCE_DATE_EPOCH and PYTHONHASHSEED to all places sources are built.

• Plumb reproducible build env vars more thoroughly. (#2554)

... (truncated)

Commits

• f052ecb Add support for --pip-version 24.3. (#2580)
• d1d541e Fix --venv cached Python interpreter info. (#2579)
• 7dda519 Start tracking Python PI. (#2563)
• 39b5478 Attempt to make a few flaky tests more robust. (#2578)
• 068a47b Fix change log typos.
• 649a40a Add a test of pure lock deletes for complex deps. (#2576)
• a84476a Prepare the 2.20.4 release. (#2571)
• 943c3a7 Fix PEX_ROOT handling for symlinked paths. (#2574)
• def5f93 Fix --pip-log re-use. (#2570)
• 670878c Fix safe_mkdir swallowing non-EEXIST errors. (#2575)
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

| Dependency Name | Ignore Conditions | | --- | --- | | pex | [>= 2.20.a, < 2.21] |

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions[bot]]

Coverage Report

File	Stmts	Miss	Cover	Missing
src/dbt_bouncer
config_file_validator.py	95	2	98%	138, 144
runner.py	76	4	95%	131, 167–168, 226
utils.py	101	19	81%	42, 47, 136–154, 177
src/dbt_bouncer/artifact_parsers
parsers_common.py	48	1	98%	61
parsers_manifest.py	86	4	95%	176, 178, 186, 261
parsers_run_results.py	34	3	91%	67, 69, 72
src/dbt_bouncer/checks/manifest
check_models.py	199	1	99%	533
check_unit_tests.py	47	3	94%	102, 153, 205
src/dbt_bouncer/checks/run_results
check_run_results.py	19	2	89%	92–93
TOTAL	4003	39	99%

Tests	Skipped	Failures	Errors	Time
1	0 :zzz:	0 :x:	0 :fire:	8.441s :stopwatch:

[dependabot[bot]]

Looks like pex is up-to-date now, so this is no longer needed.