#379: In PathDistribution._name_from_stem, avoid including
parts of the extension in the result.
#381: In PathDistribution._normalized_name, ensure names
loaded from the stem of the filename are also normalized, ensuring
duplicate entry points by packages varying only by non-normalized
name are hidden.
v4.11.3
#372: Removed cast of path items in FastPath, not needed.
v4.11.2
#369: Fixed bug where EntryPoint.extras was returning
match objects and not the extras strings.
v4.11.1
#367: In Distribution.requires for egg-info, if requires.txt
is empty, return an empty list.
v4.11.0
bpo-46246: Added __slots__ to EntryPoints.
v4.10.2
#365 and bpo-46546: Avoid leaking method_name in
DeprecatedList.
v4.10.1
v2.1.3
#361: Avoid potential REDoS in EntryPoint.pattern.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps importlib-metadata from 1.7.0 to 4.11.4.
Changelog
Sourced from importlib-metadata's changelog.
... (truncated)
Commits
afdb973
Merge pull request #382 from python/feature/unique-distributions-functionda98092
Add test for _unique.a3ad5f7
Extract '_unique' for identifying unique distributions.2df8b5a
Consolidate logic for generating minimal metadata.9c80e09
Use build_files for rendering fixtures in test_main.1d840cb
Reference the main PR where the change occurred.2ee86fc
Merge pull request #381 from python/bugfix/entry-points-unique-normalized21bacb9
Update changelog.45b8841
fixPathDistribution._normalized_name
implementation6eb6f71
Add test expanding expectation on unique packages to include normalization. R...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)