pipenv install and pipenv sync will no longer attempt to install satisfied dependencies during installation. #3057, #3506
Added support for resolution of direct-url dependencies in setup.py files to respect PEP-508 style URL dependencies. #3148
Added full support for resolution of all dependency types including direct URLs, zip archives, tarballs, etc.
Improved error handling and formatting.
Introduced improved cross platform stream wrappers for better stdout and stderr consistency. #3298
For consistency with other commands and the --dev option description, pipenv lock --requirements --dev now emits both default and development dependencies. The new --dev-only option requests the previous behaviour (e.g. to generate a dev-requirements.txt file). #3316
Pipenv will now successfully recursively lock VCS sub-dependencies. #3328
Added support for --verbose output to pipenv run. #3348
Pipenv will now discover and resolve the intrinsic dependencies of all VCS dependencies, whether they are editable or not, to prevent resolution conflicts. #3368
Added a new environment variable, PIPENV_RESOLVE_VCS, to toggle dependency resolution off for non-editable VCS, file, and URL based dependencies. #3577
Added the ability for Windows users to enable emojis by setting PIPENV_HIDE_EMOJIS=0. #3595
Allow overriding PIPENV_INSTALL_TIMEOUT environment variable (in seconds). #3652
Allow overriding PIP_EXISTS_ACTION evironment variable (value is passed to pip install). Possible values here: https://pip.pypa.io/en/stable/reference/pip/#exists-action-option Useful when you need to PIP\_EXISTS\_ACTION=i (ignore existing packages) - great for CI environments, where you need really fast setup. #3738
Pipenv will no longer forcibly override PIP_NO_DEPS on all vcs and file dependencies as resolution happens on these in a pre-lock step. #3763
Improved verbose logging output during pipenv lock will now stream output to the console while maintaining a spinner. #3810
Added support for automatic python installs via asdf and associated PIPENV_DONT_USE_ASDF environment variable. #4018
Pyenv/asdf can now be used whether or not they are available on PATH. Setting PYENV_ROOT/ASDF_DIR in a .env file allows Pipenv to install an interpreter without any shell customizations, so long as pyenv/asdf is installed. #4245
Added --key command line parameter for including personal PyUp.io API tokens when running pipenv check. #4257
Behavior Changes
Make conservative checks of known exceptions when subprocess returns output, so user won't see the whole traceback - just the error. #2553
Do not touch Pipfile early and rely on it so that one can do pipenv sync without a Pipfile. #3386
Re-enable --help option for pipenv run command. #3844
Make sure pipenv lock -r --pypi-mirror {MIRROR_URL} will respect the pypi-mirror in requirements output. #4199
Bug Fixes
Raise PipenvUsageError when [[source]] does not contain url field. #2373
Fixed a bug which caused editable package resolution to sometimes fail with an unhelpful setuptools-related error message. #2722
Fixed an issue which caused errors due to reliance on the system utilities which and where which may not always exist on some
systems.
Fixed a bug which caused periodic failures in python discovery when executables named python were not present on the target $PATH. #2783
Dependency resolution now writes hashes for local and remote files to the lockfile. #3053
Fixed a bug which prevented pipenv graph from correctly showing all dependencies when running from within pipenv shell. #3071
Fixed resolution of direct-url dependencies in setup.py files to respect PEP-508 style URL dependencies. #3148
Fixed a bug which caused failures in warning reporting when running pipenv inside a virtualenv under some circumstances.
Fixed a bug with package discovery when running pipenv clean. #3298
Quote command arguments with carets (^) on Windows to work around unintended shell escapes. #3307
pipenv install and pipenv sync will no longer attempt to install satisfied dependencies during installation. #3057, #3506
Added support for resolution of direct-url dependencies in setup.py files to respect PEP-508 style URL dependencies. #3148
Added full support for resolution of all dependency types including direct URLs, zip archives, tarballs, etc.
Improved error handling and formatting.
Introduced improved cross platform stream wrappers for better stdout and stderr consistency. #3298
For consistency with other commands and the --dev option description, pipenv lock --requirements --dev now emits both default and development dependencies. The new --dev-only option requests the previous behaviour (e.g. to generate a dev-requirements.txt file). #3316
Pipenv will now successfully recursively lock VCS sub-dependencies. #3328
Added support for --verbose output to pipenv run. #3348
Pipenv will now discover and resolve the intrinsic dependencies of all VCS dependencies, whether they are editable or not, to prevent resolution conflicts. #3368
Added a new environment variable, PIPENV_RESOLVE_VCS, to toggle dependency resolution off for non-editable VCS, file, and URL based dependencies. #3577
Added the ability for Windows users to enable emojis by setting PIPENV_HIDE_EMOJIS=0. #3595
Allow overriding PIPENV_INSTALL_TIMEOUT environment variable (in seconds). #3652
Allow overriding PIP_EXISTS_ACTION evironment variable (value is passed to pip install). Possible values here: https://pip.pypa.io/en/stable/reference/pip/#exists-action-option Useful when you need to PIP_EXISTS_ACTION=i (ignore existing packages) - great for CI environments, where you need really fast setup. #3738
Pipenv will no longer forcibly override PIP_NO_DEPS on all vcs and file dependencies as resolution happens on these in a pre-lock step. #3763
Improved verbose logging output during pipenv lock will now stream output to the console while maintaining a spinner. #3810
Added support for automatic python installs via asdf and associated PIPENV_DONT_USE_ASDF environment variable. #4018
Pyenv/asdf can now be used whether or not they are available on PATH. Setting PYENV_ROOT/ASDF_DIR in a Pipenv's .env allows Pipenv to install an interpreter without any shell customizations, so long as pyenv/asdf is installed. #4245
Added --key command line parameter for including personal PyUp.io API tokens when running pipenv check. #4257
Behavior Changes
Make conservative checks of known exceptions when subprocess returns output, so user won't see the whole traceback - just the error. #2553
Do not touch Pipfile early and rely on it so that one can do pipenv sync without a Pipfile. #3386
Re-enable --help option for pipenv run command. #3844
Make sure pipenv lock -r --pypi-mirror {MIRROR_URL} will respect the pypi-mirror in requirements output. #4199
Bug Fixes
Raise PipenvUsageError when [[source]] does not contain url field. #2373
Fixed a bug which caused editable package resolution to sometimes fail with an unhelpful setuptools-related error message. #2722
Fixed an issue which caused errors due to reliance on the system utilities which and where which may not always exist on some systems.
Fixed a bug which caused periodic failures in python discovery when executables named python were not present on the target $PATH. #2783
Dependency resolution now writes hashes for local and remote files to the lockfile. #3053
Fixed a bug which prevented pipenv graph from correctly showing all dependencies when running from within pipenv shell. #3071
Fixed resolution of direct-url dependencies in setup.py files to respect PEP-508 style URL dependencies. #3148
Fixed a bug which caused failures in warning reporting when running pipenv inside a virtualenv under some circumstances.
Fixed a bug with package discovery when running pipenv clean. #3298
Quote command arguments with carets (^) on Windows to work around unintended shell escapes. #3307
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Bumps pipenv from 2018.11.26 to 2020.5.28.
Release notes
Sourced from pipenv's releases.
Changelog
Sourced from pipenv's changelog.
Commits
472618c
Release v2020.5.28ed30845
Update gitignore and release task3bbdb74
Fix whitespace06f5d7f
Merge pull request #4267 from torsava/import-vendored-attrs4567514
Merge branch 'master' into import-vendored-attrsdf664f2
Add patch to update attrs import paths and add news entry.3acad96
Fix piptools patch typo41042cf
Make sure to import the vendored attrsdf0eabf
Bumped version.96df756
Release v2020.4.1b2Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)