Skip to content

Commit

Permalink
ci: bump pip from 24.0 to 24.1 in /.github/workflows (#21)
Browse files Browse the repository at this point in the history 
Bumps [pip](https:/pypa/pip) from 24.0 to 24.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https:/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>24.1 (2024-06-20)</h1>
<h2>Vendored Libraries</h2>
<ul>
<li>Upgrade truststore to 0.9.1.</li>
</ul>
<h1>24.1b2 (2024-06-12)</h1>
<h2>Features</h2>
<ul>
<li>Report informative messages about invalid requirements.
(<code>[#12713](pypa/pip#12713)
&lt;https:/pypa/pip/issues/12713&gt;</code>_)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Eagerly import the self version check logic to avoid crashes while
upgrading or downgrading pip at the same time.
(<code>[#12675](pypa/pip#12675)
&lt;https:/pypa/pip/issues/12675&gt;</code>_)</li>
<li>Accommodate for mismatches between different sources of truth for
extra names, for packages generated by <code>setuptools</code>.
(<code>[#12688](pypa/pip#12688)
&lt;https:/pypa/pip/issues/12688&gt;</code>_)</li>
<li>Accommodate for development versions of CPython ending in
<code>+</code> in the version string.
(<code>[#12691](pypa/pip#12691)
&lt;https:/pypa/pip/issues/12691&gt;</code>_)</li>
</ul>
<h2>Vendored Libraries</h2>
<ul>
<li>
<p>Upgrade packaging to 24.1</p>
</li>
<li>
<p>Upgrade requests to 2.32.0</p>
</li>
<li>
<p>Remove vendored colorama</p>
</li>
<li>
<p>Remove vendored six</p>
</li>
<li>
<p>Remove vendored webencodings</p>
</li>
<li>
<p>Remove vendored charset_normalizer</p>
<p><code>requests</code> provides optional character detection support
on some APIs when processing ambiguous bytes. This isn't relevant for
pip to function and we're able to remove it due to recent upstream
changes.</p>
</li>
</ul>
<h1>24.1b1 (2024-05-06)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>
<p>Drop support for EOL Python 3.7.
(<code>[#11934](pypa/pip#11934)
&lt;https:/pypa/pip/issues/11934&gt;</code>_)</p>
</li>
<li>
<p>Remove support for legacy versions and dependency specifiers.</p>
<p>Packages with non standard-compliant versions or dependency
specifiers are now ignored by the resolver.
Already installed packages with non standard-compliant versions or
dependency specifiers
must be uninstalled before upgrading them.
(<code>[#12063](pypa/pip#12063)
&lt;https:/pypa/pip/issues/12063&gt;</code>_)</p>
</li>
</ul>
<p>Features</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https:/pypa/pip/commit/bc877e602b5a41c19c0cfb38ee19218fa98eab1a"><code>bc877e6</code></a>
Bump for release</li>
<li><a
href="https:/pypa/pip/commit/075a3dddf1566feb77f51027df4e94110d8ec9ff"><code>075a3dd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12774">#12774</a> from
uranusjr/disable-313-uri-test</li>
<li><a
href="https:/pypa/pip/commit/205af8ed88b171fd8fc8a9ba2c75b827a7affe40"><code>205af8e</code></a>
Upgrade truststore to 0.9.1 (<a
href="https://redirect.github.com/pypa/pip/issues/12707">#12707</a>)</li>
<li><a
href="https:/pypa/pip/commit/87f874fca97b507d89538f35f4653032a553e063"><code>87f874f</code></a>
Skip until 3.13.0b3 instead</li>
<li><a
href="https:/pypa/pip/commit/596be042ea934b65d99b95e984e6cd574fa6b7dd"><code>596be04</code></a>
Mark failing tests on Windows + Py3.13 as xfail</li>
<li><a
href="https:/pypa/pip/commit/d94806f9592f03cc092079f4517039ea6c1b2e0e"><code>d94806f</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12764">#12764</a> from
pradyunsg/pause-prepare-release-for-news-edits</li>
<li><a
href="https:/pypa/pip/commit/71b168879e75796b61f524bfcedc99b1de72f58b"><code>71b1688</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12763">#12763</a> from
pradyunsg/release/24.1.beta2</li>
<li><a
href="https:/pypa/pip/commit/b2fdf3b18518decbff855f3de23e3eb14a8e0a12"><code>b2fdf3b</code></a>
Pause in <code>prepare-release</code> for updating the NEWS file</li>
<li><a
href="https:/pypa/pip/commit/17c938adec74cdacf4339b7475625e195f36ca62"><code>17c938a</code></a>
Bump for development</li>
<li><a
href="https:/pypa/pip/commit/ece225529b648918743d5c3f59da91822e32ea3a"><code>ece2255</code></a>
Bump for release</li>
<li>Additional commits viewable in <a
href="https:/pypa/pip/compare/24.0...24.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.0&new-version=24.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] authored Jun 21, 2024
1 parent 3e894cb commit afcdcf7
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/constraints.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
pip==24.0
pip==24.1
poetry==1.8.3
poetry-dynamic-versioning==1.4.0

0 comments on commit afcdcf7

Please sign in to comment.