Drop support for EOL Python 3.4. ([#6685](https://github.com/pypa/pip/issues/6685) <https://github.com/pypa/pip/issues/6685>_)
Improve deprecation messages to include the version in which the functionality will be removed. ([#6549](https://github.com/pypa/pip/issues/6549) <https://github.com/pypa/pip/issues/6549>_)
Features
Credentials will now be loaded using keyring when installed. ([#5948](https://github.com/pypa/pip/issues/5948) <https://github.com/pypa/pip/issues/5948>_)
Fully support using --trusted-host inside requirements files. ([#3799](https://github.com/pypa/pip/issues/3799) <https://github.com/pypa/pip/issues/3799>_)
Update timestamps in pip's --log file to include milliseconds. ([#6587](https://github.com/pypa/pip/issues/6587) <https://github.com/pypa/pip/issues/6587>_)
Respect whether a file has been marked as "yanked" from a simple repository
(see PEP 592 <https://www.python.org/dev/peps/pep-0592/>__ for details). ([#6633](https://github.com/pypa/pip/issues/6633) <https://github.com/pypa/pip/issues/6633>_)
When choosing candidates to install, prefer candidates with a hash matching
one of the user-provided hashes. ([#5874](https://github.com/pypa/pip/issues/5874) <https://github.com/pypa/pip/issues/5874>_)
Improve the error message when METADATA or PKG-INFO is None when
accessing metadata. ([#5082](https://github.com/pypa/pip/issues/5082) <https://github.com/pypa/pip/issues/5082>_)
Add a new command pip debug that can display e.g. the list of compatible
tags for the current Python. ([#6638](https://github.com/pypa/pip/issues/6638) <https://github.com/pypa/pip/issues/6638>_)
Display hint on installing with --pre when search results include pre-release versions. ([#5169](https://github.com/pypa/pip/issues/5169) <https://github.com/pypa/pip/issues/5169>_)
Report to Warehouse that pip is running under CI if the PIP_IS_CI environment variable is set. ([#5499](https://github.com/pypa/pip/issues/5499) <https://github.com/pypa/pip/issues/5499>_)
Allow --python-version to be passed as a dotted version string (e.g.
3.7 or 3.7.3). ([#6585](https://github.com/pypa/pip/issues/6585) <https://github.com/pypa/pip/issues/6585>_)
Log the final filename and SHA256 of a .whl file when done building a
wheel. ([#5908](https://github.com/pypa/pip/issues/5908) <https://github.com/pypa/pip/issues/5908>_)
Include the wheel's tags in the log message explanation when a candidate
wheel link is found incompatible. ([#6121](https://github.com/pypa/pip/issues/6121) <https://github.com/pypa/pip/issues/6121>_)
Add a --path argument to pip freeze to support --target
installations. ([#6404](https://github.com/pypa/pip/issues/6404) <https://github.com/pypa/pip/issues/6404>_)
Add a --path argument to pip list to support --target
installations. ([#6551](https://github.com/pypa/pip/issues/6551) <https://github.com/pypa/pip/issues/6551>_)
Bug Fixes
Set sys.argv[0] to the underlying setup.py when invoking setup.py
via the setuptools shim so setuptools doesn't think the path is -c. ([#1890](https://github.com/pypa/pip/issues/1890) <https://github.com/pypa/pip/issues/1890>_)
Update pip download to respect the given --python-version when checking
"Requires-Python". ([#5369](https://github.com/pypa/pip/issues/5369) <https://github.com/pypa/pip/issues/5369>_)
Respect --global-option and --install-option when installing from
a version control url (e.g. git). ([#5518](https://github.com/pypa/pip/issues/5518) <https://github.com/pypa/pip/issues/5518>_)
Make the "ascii" progress bar really be "ascii" and not Unicode. ([#5671](https://github.com/pypa/pip/issues/5671) <https://github.com/pypa/pip/issues/5671>_)
Fail elegantly when trying to set an incorrectly formatted key in config. ([#5963](https://github.com/pypa/pip/issues/5963) <https://github.com/pypa/pip/issues/5963>_)
Prevent DistutilsOptionError when prefix is indicated in the global environment and --target is used. ([#6008](https://github.com/pypa/pip/issues/6008) <https://github.com/pypa/pip/issues/6008>_)
Fix pip install to respect --ignore-requires-python when evaluating
links. ([#6371](https://github.com/pypa/pip/issues/6371) <https://github.com/pypa/pip/issues/6371>_)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/vvoelz/biceps/network/alerts).
Bumps pip from 19.0.3 to 19.2.
Changelog
Sourced from pip's changelog.
... (truncated)
Commits
0e64295
Generate NEWS0df416d
Bump version for release5f0aa2a
Generate AUTHORS.txt8582f7e
Reduce dependency on ctypes when discovering glibc version. (#6678)e308497
Merge pull request #6743 from chrahunt/maint/remove-path-copytree9281a7a
Remove copytree from tests.lib.path.Path.0d28601
Remove copy from tests.lib.path.Path. (#6746)c275e9d
Drop a useless import in favor of explicitness3732e79
Remove normpath from tests.lib.path.Path.358e690
Remove move from tests.lib.path.Path.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/vvoelz/biceps/network/alerts).