Update pipenv requirement from ~=2023.12.1 to ~=2024.0.0

[dependabot[bot]]

Updates the requirements on pipenv to permit the latest version.

Release notes

Sourced from pipenv's releases.

Release v2024.0.0

What's Changed

• Update CONTRIBUTING.md by @​PzaThief in pypa/pipenv#6084
• Check for name attribute in source parameter. by @​jralls in pypa/pipenv#6114
• Smarter uninstall by @​matteius in pypa/pipenv#6029
• Use fancy mode for pwsh on *nix (draft) by @​samcarswell in pypa/pipenv#6108
• Vendor in Pip 24.0 by @​matteius in pypa/pipenv#6117
• Update index.md by @​mierzejk in pypa/pipenv#6129
• Spring 2024 vendoring by @​matteius in pypa/pipenv#6118
• Add nested vcs dependency subdirectory when locking to Pipfile.lock (Fix #6120) by @​AlexandreArpin in pypa/pipenv#6136
• pipenv upgrade invoke -d by @​matteius in pypa/pipenv#6138
• Bump plette take 2 by @​oz123 in pypa/pipenv#6134
• Convert off pkg resources by @​matteius in pypa/pipenv#6139
• Fix the issue(#6126): add lockfile_path presence in pipenv check command by @​nitintecg in pypa/pipenv#6135
• debugging weird CI failures by @​matteius in pypa/pipenv#6143
• apply ruff fixes by @​matteius in pypa/pipenv#6145
• docs update for scripts section and other small changes by @​sss-ng in pypa/pipenv#6152
• Add --from-pipfile subcommand to pipenv requirements by @​sanspareilsmyn in pypa/pipenv#6156
• Bump jinja2 from 3.1.3 to 3.1.4 by @​dependabot in pypa/pipenv#6150
• Bump requests from 2.31.0 to 2.32.0 by @​dependabot in pypa/pipenv#6157
• Fix windows CI for 3.8 and the outdated command that was refactored to remove pkg_resources. by @​matteius in pypa/pipenv#6146
• pipenv 2024 install (behavioral refactor) by @​matteius in pypa/pipenv#6098
• Supply the extra pip args in the resolver. by @​matteius in pypa/pipenv#6006
• Handle unsupported python versioning on Pipfile by @​sanspareilsmyn in pypa/pipenv#6164
• Remove secho from pipenv.utils.shell by @​aidencullo in pypa/pipenv#6170

New Contributors

• @​PzaThief made their first contribution in pypa/pipenv#6084
• @​jralls made their first contribution in pypa/pipenv#6114
• @​samcarswell made their first contribution in pypa/pipenv#6108
• @​mierzejk made their first contribution in pypa/pipenv#6129
• @​AlexandreArpin made their first contribution in pypa/pipenv#6136
• @​nitintecg made their first contribution in pypa/pipenv#6135
• @​sss-ng made their first contribution in pypa/pipenv#6152
• @​sanspareilsmyn made their first contribution in pypa/pipenv#6156
• @​aidencullo made their first contribution in pypa/pipenv#6170

Full Changelog: https://github.com/pypa/pipenv/compare/v2023.12.1...v2024.0.0

Changelog

Sourced from pipenv's changelog.

2024.0.0 (2024-06-06)

Pipenv 2024.0.0 (2024-06-06)

Features & Improvements

• Supply any --extra-pip-args also in the resolver steps. [#6006](https://github.com/pypa/pipenv/issues/6006) <https://github.com/pypa/pipenv/issues/6006>_
• The uninstall command now does the inverse of upgrade which means it no longer invokes a full lock cycle which was problematic for projects with many dependencies. [#6029](https://github.com/pypa/pipenv/issues/6029) <https://github.com/pypa/pipenv/issues/6029>_
• The pipenv requirements subcommand now supports the --from-pipfile flag. When this flag is used, the requirements file will only include the packages explicitly listed in the Pipfile, excluding any sub-packages. [#6156](https://github.com/pypa/pipenv/issues/6156) <https://github.com/pypa/pipenv/issues/6156>_

Behavior Changes

• pipenv==3000.0.0 denotes the first major release of our semver strategy. As much requested, the install no longer does a complete lock operation. Instead install follows the same code path as pipenv update (which is upgrade + sync). This is what most new users expect the behavior to be; it is a behavioral change, a necessary one to make the tool more usable. Remember that complete lock resolution can be invoked with pipenv lock just as before. [#6098](https://github.com/pypa/pipenv/issues/6098) <https://github.com/pypa/pipenv/issues/6098>_

Bug Fixes

• Fix a bug that passes pipenv check command if Pipfile.lock not exist [#6126](https://github.com/pypa/pipenv/issues/6126) <https://github.com/pypa/pipenv/issues/6126>_
• Fix a bug that vcs subdependencies were locked without their subdirectory fragment if they had one [#6136](https://github.com/pypa/pipenv/issues/6136) <https://github.com/pypa/pipenv/issues/6136>_
• pipenv converts off pkg_resources API usages. This necessitated also vendoring in:
  • latest pipdeptree==2.18.1 which also converted off pkg_resources
  • importlib-metadata==7.1.0 to continue supporting python 3.8 and 3.9
  • packaging==24.0 since the packaging we were utilizing in pip's vendor was insufficient for this conversion. [#6139](https://github.com/pypa/pipenv/issues/6139) <https://github.com/pypa/pipenv/issues/6139>
• Pipenv only supports absolute python version. If the user specifies a Python version with inequality signs like >=3.12, `_

Vendored Libraries

• Vendor in pip==24.0 [#6117](https://github.com/pypa/pipenv/issues/6117) <https://github.com/pypa/pipenv/issues/6117>_
• Spring 2024 Vendoring includes:
  • click-didyoumean==0.3.1
  • expect==4.9.0
  • pipdeptree==2.16.2
  • python-dotenv==1.0.1
  • ruamel.yaml==0.18.6
  • shellingham==1.5.4
  • tomlkit==0.12.4 [#6118](https://github.com/pypa/pipenv/issues/6118) <https://github.com/pypa/pipenv/issues/6118>_

2023.12.1 (2024-02-04)

Pipenv 2023.12.1 (2024-02-04)

... (truncated)

Commits

• 0618fab Prepare actually for 2024.0.0 release after peer feedback.
• fd76351 Release v2024.0.0
• 878d7c4 Bumped version to 2024.0.0.
• a84ecd3 Release v3000.0.0
• 0cee88e Bumped version to 3000.0.0.
• 2c04a63 Remove secho from pipenv.utils.shell
• 6abb08c Merge pull request #6164 from sanspareilsmyn/handle-unspecified-python-version
• 66eef03 Supply the extra pip args in the resolver. (#6006)
• 0979912 pipenv 3000 install (behavioral refactor) (#6098)
• a1fe8d7 Apply feedbacks
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #551.