heroku / heroku-buildpack-python

Heroku's buildpack for Python applications.
https://www.heroku.com/python
MIT License
2 stars 3 forks source link

Bump pipenv from 2023.7.23 to 2023.10.20 in /requirements #1498

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps pipenv from 2023.7.23 to 2023.10.20.

Release notes

Sourced from pipenv's releases.

Release v2023.10.20

What's Changed

New Contributors

Full Changelog: https://github.com/pypa/pipenv/compare/v2023.10.3...v2023.10.20

Release v2023.10.3

What's Changed

New Contributors

Full Changelog: https://github.com/pypa/pipenv/compare/v2023.9.8...v2023.10.3

Release v2023.9.8

What's Changed

Full Changelog: https://github.com/pypa/pipenv/compare/v2023.9.7...v2023.9.8

... (truncated)

Changelog

Sourced from pipenv's changelog.

2023.10.20 (2023-10-20)

Features & Improvements

  • Add quiet option to pipenv shell, hiding "Launching subshell in virtual environment..." [#5966](https://github.com/pypa/pipenv/issues/5966) <https://github.com/pypa/pipenv/issues/5966>_
  • Vendor in pip==23.3 which includes updates to certifi, urllib3, and adds truststore among other improvements. [#5979](https://github.com/pypa/pipenv/issues/5979) <https://github.com/pypa/pipenv/issues/5979>_

Behavior Changes

  • Change --py to use print preventing insertion of newline characters [#5969](https://github.com/pypa/pipenv/issues/5969) <https://github.com/pypa/pipenv/issues/5969>_

Vendored Libraries

  • Drop pep517 - as it is no longer used. [#5970](https://github.com/pypa/pipenv/issues/5970) <https://github.com/pypa/pipenv/issues/5970>_

Removals and Deprecations

  • Drop support for Python 3.7 [#5879](https://github.com/pypa/pipenv/issues/5879) <https://github.com/pypa/pipenv/issues/5879>_

2023.10.3 (2023-10-03)

Bug Fixes

  • Eveb better handling of vcs branch references that contain special characters. [#5934](https://github.com/pypa/pipenv/issues/5934) <https://github.com/pypa/pipenv/issues/5934>_
  • Bump certifi from 2023.5.7 to 2023.7.22 in /examples to address a security vulnerability [#5941](https://github.com/pypa/pipenv/issues/5941) <https://github.com/pypa/pipenv/issues/5941>_

2023.9.8 (2023-09-08)

Bug Fixes

  • ignore_compatibility was supposed to default to False (except for hash collection) [#5926](https://github.com/pypa/pipenv/issues/5926) <https://github.com/pypa/pipenv/issues/5926>_

2023.9.7 (2023-09-07)

Features & Improvements

... (truncated)

Commits
  • fd4147b Release v2023.10.20
  • 4e628db Remove double headers
  • 8fd6dfc Merge pull request #5965 from daveschaefer/sort-category-alphabetical
  • 1ed9cfc Merge pull request #5982 from pypa/dependabot/pip/docs/urllib3-1.26.18
  • 8e73a7f Merge pull request #5971 from notEvil/i5969
  • 2abff55 Merge pull request #5981 from pypa/dependabot/pip/examples/urllib3-2.0.7
  • 04f0106 Merge pull request #5879 from deronnax/mdupuy/drop-python-3.7
  • 4b8ec50 Added news fragment
  • 0f5ad49 add news fragments
  • 4e3a77d Revert "even more cleaning"
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
edmorley commented 1 year ago

Superseded by #1500.

dependabot[bot] commented 1 year ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.