Resolve DeprecationWarnings when extracting twine metadata. ([#1115](https://github.com/pypa/twine/issues/1115) <https://github.com/pypa/twine/issues/1115>_)
Fix bug for Repository URLs with auth where the port was lost. When attempting
to prevent printing authentication credentials in URLs provided with username
and password, we did not properly handle the case where the URL also contains
a port (when reconstructing the URL). This is now handled and tested to
ensure no regressions. (#fix-repo-urls-with-auth-and-port <https://github.com/pypa/twine/issues/fix-repo-urls-with-auth-and-port>_)
Fix finding hardlink targets in tar files with an ignored top-level directory. ([#12781](https://github.com/pypa/pip/issues/12781) <https://github.com/pypa/pip/issues/12781>_)
24.1.1 (2024-06-26)
Bug Fixes
Actually use system trust stores when the truststore feature is enabled.
Vendored Libraries
Upgrade requests to 2.32.3
24.1 (2024-06-20)
Vendored Libraries
Upgrade truststore to 0.9.1.
24.1b2 (2024-06-12)
Features
Report informative messages about invalid requirements. ([#12713](https://github.com/pypa/pip/issues/12713) <https://github.com/pypa/pip/issues/12713>_)
Bug Fixes
Eagerly import the self version check logic to avoid crashes while upgrading or downgrading pip at the same time. ([#12675](https://github.com/pypa/pip/issues/12675) <https://github.com/pypa/pip/issues/12675>_)
Accommodate for mismatches between different sources of truth for extra names, for packages generated by setuptools. ([#12688](https://github.com/pypa/pip/issues/12688) <https://github.com/pypa/pip/issues/12688>_)
Accommodate for development versions of CPython ending in + in the version string. ([#12691](https://github.com/pypa/pip/issues/12691) <https://github.com/pypa/pip/issues/12691>_)
Support for loading distutils from the standard library is now deprecated, including use of SETUPTOOLS_USE_DISTUTILS=stdlib and importing distutils before importing setuptools. (#4137)
Bugfixes
pypa/distutils#268
v70.2.0
Features
Updated distutils including significant changes to support Cygwin and mingw compilers. (#4444)
Bugfixes
Fix distribution name normalisation (:pep:625) for valid versions that are
not canonical (e.g. 1.0-2). (#4434)
🌟 Add a Pyodide platform. Set with --platform pyodide or CIBW_PLATFORM: pyodide on Linux with a host Python 3.12 to build WebAssembly wheels. Not accepted on PyPI currently, but usable directly in a website using Pyodide, for live docs, etc. (#1456, #1859)
🌟 Add build[uv] backend, which will take a pre-existing uv install (or install cibuildwheel[uv]) and use uv for all environment setup and installs on Python 3.8+. This is significantly faster in most cases. (#1856)
✨ Add free-threaded macOS builds and update CPython to 3.13.0b2. (#1854)
🐛 Issue copying a wheel to a non-existent output dir fixed. (#1851, #1862)
🐛 Better determinism for the test environment seeding. (#1835)
See the release post for more info on new features!
🌟 Add Pyodide platform. Set with --platform pyodide or CIBW_PLATFORM: pyodide on Linux with a host Python 3.12 to build WebAssembly wheels. Not accepted on PyPI currently, but usable directly in a website using Pyodide, for live docs, etc. (#1456, #1859)
🌟 Add build[uv] backend, which will take a pre-existing uv install (or install cibuildwheel[uv]) and use uv for all environment setup and installs on Python 3.8+. This is significantly faster in most cases. (#1856)
✨ Add free-threaded macOS builds and update CPython to 3.13.0b2. (#1854)
🐛 Issue copying a wheel to a non-existent output dir fixed. (#1851, #1862)
🐛 Better determinism for the test environment seeding. (#1835)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the build-time-deps group with 4 updates in the /.github/workflows/requirements directory: twine, pip, setuptools and cibuildwheel.
Updates
twine
from 5.1.0 to 5.1.1Changelog
Sourced from twine's changelog.
Commits
e29791d
Prepare for v5.1.1 (#1114)f213ede
fix: Retrieve metadata correctly from importlib_metadata (#1115)6fbf880
Merge pull request #1112 from pypa/bug/11113eb9121
Remove extra line from changelog entry0191f0c
Preserve ports when munging repository URLsc588793
Merge pull request #1110 from DimitriPapadopoulos/principle1fdc197
Fix a couple typos13b07b6
Merge pull request #1109 from pypa/dependabot/github_actions/actions/checkout...a3e8373
build(deps): bump actions/checkout from 4.1.5 to 4.1.6Updates
pip
from 24.0 to 24.1.2Changelog
Sourced from pip's changelog.
... (truncated)
Commits
76e82a4
Bump for releasea56129c
Merge pull request #12787 from mgorny/no-isol-tests41772d8
Merge pull request #12799 from encukou/gh-12781-tar-hardlinka432c7f
Bump for releasea1ae982
Update AUTHORS.txt300ed75
Upgrade requests to 2.32.3 (#12784)5c389ec
Split up Windows tests relying on urlunparse behaviour (#12788)00c75c4
Merge pull request #12773 from matthewhughes934/fix-tests-unable-to-cleanup67e2a56
Merge pull request #12783 from pfmoore/rel_doc2a58c20a
Minor release is the quarter numberUpdates
setuptools
from 70.0.0 to 70.3.0Changelog
Sourced from setuptools's changelog.
... (truncated)
Commits
356e9a0
Bump version: 70.2.0 → 70.3.0822280b
Merge pull request #4463 from pypa/bugfix/distutils-34f9518efc4e64c1
Add news fragment.b01183c
Merge https://github.com/pypa/distutils into bugfix/distutils-34f9518efe221581
Merge pull request pypa/distutils#267 from msys2-contrib/customize_compiler_m...34f9518
Merge pull request #4410 from pypa/debt/4137-deprecate-distutils-stdlibbacd9c6
sysconfig: skip customize_compiler() with MSVC Python again4a3406b
CI: also set CC/CXX when pip installing with mingw+clange9f0be9
Merge pull request #4453 from pypa/drop-gitignore70cda3d
Use '.yml' for consistency.Updates
cibuildwheel
from 2.18.1 to 2.19.2Release notes
Sourced from cibuildwheel's releases.
Changelog
Sourced from cibuildwheel's changelog.
Commits
7e5a838
Bump version: v2.19.219e1b8a
chore: attestations (#1916)73581ae
[Bot] Update dependencies (#1917)f21ff5e
[pre-commit.ci] pre-commit autoupdate (#1914)973946b
fix: support --no-isolation with build[uv] (#1889)5ea40e6
[Bot] Update dependencies (#1913)6a36f64
feat: add macOS on GitLab (#1911)31de15b
chore: remove nosetests from tests and docs (#1898)3179fd2
[Bot] Update dependencies (#1900)184d4e1
fix(ci): CircleCI / Azure Pipelines / GitLab (#1899)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show