Always refuse installing or building projects that have no pyproject.toml nor
setup.py. ([#10531](https://github.com/pypa/pip/issues/10531) <https://github.com/pypa/pip/issues/10531>_)
Tweak running-as-root detection, to check os.getuid if it exists, on Unix-y and non-Linux/non-MacOS machines. ([#10565](https://github.com/pypa/pip/issues/10565) <https://github.com/pypa/pip/issues/10565>_)
When installing projects with a pyproject.toml in editable mode, and the build
backend does not support :pep:660, prepare metadata using
prepare_metadata_for_build_wheel instead of setup.py egg_info. Also, refuse
installing projects that only have a setup.cfg and no setup.py nor
pyproject.toml. These restore the pre-21.3 behaviour. ([#10573](https://github.com/pypa/pip/issues/10573) <https://github.com/pypa/pip/issues/10573>_)
Restore compatibility of where configuration files are loaded from on MacOS (back to Library/Application Support/pip, instead of Preferences/pip). ([#10585](https://github.com/pypa/pip/issues/10585) <https://github.com/pypa/pip/issues/10585>_)
Vendored Libraries
Upgrade pep517 to 0.12.0
21.3 (2021-10-11)
Deprecations and Removals
Improve deprecation warning regarding the copying of source trees when installing from a local directory. ([#10128](https://github.com/pypa/pip/issues/10128) <https://github.com/pypa/pip/issues/10128>_)
Suppress location mismatch warnings when pip is invoked from a Python source
tree, so ensurepip does not emit warnings on CPython make install. ([#10270](https://github.com/pypa/pip/issues/10270) <https://github.com/pypa/pip/issues/10270>_)
On Python 3.10 or later, the installation scheme backend has been changed to use
sysconfig. This is to anticipate the deprecation of distutils in Python
3.10, and its scheduled removal in 3.12. For compatibility considerations, pip
installations running on Python 3.9 or lower will continue to use distutils. ([#10358](https://github.com/pypa/pip/issues/10358) <https://github.com/pypa/pip/issues/10358>_)
Remove the --build-dir option and aliases, one last time. ([#10485](https://github.com/pypa/pip/issues/10485) <https://github.com/pypa/pip/issues/10485>_)
In-tree builds are now the default. --use-feature=in-tree-build is now
ignored. --use-deprecated=out-of-tree-build may be used temporarily to ease
the transition. ([#10495](https://github.com/pypa/pip/issues/10495) <https://github.com/pypa/pip/issues/10495>_)
Un-deprecate source distribution re-installation behaviour. ([#8711](https://github.com/pypa/pip/issues/8711) <https://github.com/pypa/pip/issues/8711>_)
Features
Replace vendored appdirs with platformdirs. ([#10202](https://github.com/pypa/pip/issues/10202) <https://github.com/pypa/pip/issues/10202>_)
Support PEP 610 <https://www.python.org/dev/peps/pep-0610/>_ to detect
editable installs in pip freeze and pip list. The pip list column output
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps pip from 21.2.4 to 21.3.1.
Changelog
Sourced from pip's changelog.
... (truncated)
Commits
f9914f3
Bump for releasef9f2db2
Update AUTHORS.txtf2d776b
Merge pull request #10607 from pradyunsg/fix-docs-builds4a4b613
Merge PR #10577 from sbidoul/fix-pep660-metadata-preparation-fallbackf4d67ba
Merge pull request #10592 from pradyunsg/update-ewdurbin-name37aef10
Merge pull request #10536 from pradyunsg/docs/fix-wordin457564c
Merge pull request #10585 from pradyunsg/fix-config-paths8c1f333
Merge pull request #10580 from pradyunsg/better-towncrier-templatecc559ed
Merge pull request #10583 from pradyunsg/fix-vendoring0c2574b
Merge pull request #10566 from n1000/dont_warn_on_bsdDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)