[pip] Bump pipenv from 2023.12.1 to 2024.0.1

[dependabot]

Bumps pipenv from 2023.12.1 to 2024.0.1.

Release notes

Sourced from pipenv's releases.

Release v2024.0.1

What's Changed

• Update plette to version 2.1.0 by @​oz123 in pypa/pipenv#6174

Full Changelog: pypa/pipenv@v2024.0.0...v2024.0.1

Release v2024.0.0

What's Changed

• Update CONTRIBUTING.md by @​PzaThief in pypa/pipenv#6084
• Check for name attribute in source parameter. by @​jralls in pypa/pipenv#6114
• Smarter uninstall by @​matteius in pypa/pipenv#6029
• Use fancy mode for pwsh on *nix (draft) by @​samcarswell in pypa/pipenv#6108
• Vendor in Pip 24.0 by @​matteius in pypa/pipenv#6117
• Update index.md by @​mierzejk in pypa/pipenv#6129
• Spring 2024 vendoring by @​matteius in pypa/pipenv#6118
• Add nested vcs dependency subdirectory when locking to Pipfile.lock (Fix #6120) by @​AlexandreArpin in pypa/pipenv#6136
• pipenv upgrade invoke -d by @​matteius in pypa/pipenv#6138
• Bump plette take 2 by @​oz123 in pypa/pipenv#6134
• Convert off pkg resources by @​matteius in pypa/pipenv#6139
• Fix the issue(#6126): add lockfile_path presence in pipenv check command by @​nitintecg in pypa/pipenv#6135
• debugging weird CI failures by @​matteius in pypa/pipenv#6143
• apply ruff fixes by @​matteius in pypa/pipenv#6145
• docs update for scripts section and other small changes by @​sss-ng in pypa/pipenv#6152
• Add --from-pipfile subcommand to pipenv requirements by @​sanspareilsmyn in pypa/pipenv#6156
• Bump jinja2 from 3.1.3 to 3.1.4 by @​dependabot in pypa/pipenv#6150
• Bump requests from 2.31.0 to 2.32.0 by @​dependabot in pypa/pipenv#6157
• Fix windows CI for 3.8 and the outdated command that was refactored to remove pkg_resources. by @​matteius in pypa/pipenv#6146
• pipenv 2024 install (behavioral refactor) by @​matteius in pypa/pipenv#6098
• Supply the extra pip args in the resolver. by @​matteius in pypa/pipenv#6006
• Handle unsupported python versioning on Pipfile by @​sanspareilsmyn in pypa/pipenv#6164
• Remove secho from pipenv.utils.shell by @​aidencullo in pypa/pipenv#6170

New Contributors

• @​PzaThief made their first contribution in pypa/pipenv#6084
• @​jralls made their first contribution in pypa/pipenv#6114
• @​samcarswell made their first contribution in pypa/pipenv#6108
• @​mierzejk made their first contribution in pypa/pipenv#6129
• @​AlexandreArpin made their first contribution in pypa/pipenv#6136
• @​nitintecg made their first contribution in pypa/pipenv#6135
• @​sss-ng made their first contribution in pypa/pipenv#6152
• @​sanspareilsmyn made their first contribution in pypa/pipenv#6156
• @​aidencullo made their first contribution in pypa/pipenv#6170

Full Changelog: pypa/pipenv@v2023.12.1...v2024.0.0

Changelog

Sourced from pipenv's changelog.

2024.0.1 (2024-06-11)

Pipenv 2024.0.1 (2024-06-11)

No significant changes.

2024.0.0 (2024-06-06)

Pipenv 2024.0.0 (2024-06-06)

Features & Improvements

• Supply any --extra-pip-args also in the resolver steps. [#6006](https:/pypa/pipenv/issues/6006) <https:/pypa/pipenv/issues/6006>_
• The uninstall command now does the inverse of upgrade which means it no longer invokes a full lock cycle which was problematic for projects with many dependencies. [#6029](https:/pypa/pipenv/issues/6029) <https:/pypa/pipenv/issues/6029>_
• The pipenv requirements subcommand now supports the --from-pipfile flag. When this flag is used, the requirements file will only include the packages explicitly listed in the Pipfile, excluding any sub-packages. [#6156](https:/pypa/pipenv/issues/6156) <https:/pypa/pipenv/issues/6156>_

Behavior Changes

• pipenv==3000.0.0 denotes the first major release of our semver strategy. As much requested, the install no longer does a complete lock operation. Instead install follows the same code path as pipenv update (which is upgrade + sync). This is what most new users expect the behavior to be; it is a behavioral change, a necessary one to make the tool more usable. Remember that complete lock resolution can be invoked with pipenv lock just as before. [#6098](https:/pypa/pipenv/issues/6098) <https:/pypa/pipenv/issues/6098>_

Bug Fixes

• Fix a bug that passes pipenv check command if Pipfile.lock not exist [#6126](https:/pypa/pipenv/issues/6126) <https:/pypa/pipenv/issues/6126>_
• Fix a bug that vcs subdependencies were locked without their subdirectory fragment if they had one [#6136](https:/pypa/pipenv/issues/6136) <https:/pypa/pipenv/issues/6136>_
• pipenv converts off pkg_resources API usages. This necessitated also vendoring in:
  • latest pipdeptree==2.18.1 which also converted off pkg_resources
  • importlib-metadata==7.1.0 to continue supporting python 3.8 and 3.9
  • packaging==24.0 since the packaging we were utilizing in pip's vendor was insufficient for this conversion. [#6139](https:/pypa/pipenv/issues/6139) <https:/pypa/pipenv/issues/6139>
• Pipenv only supports absolute python version. If the user specifies a Python version with inequality signs like >=3.12, `_

Vendored Libraries

• Vendor in pip==24.0 [#6117](https:/pypa/pipenv/issues/6117) <https:/pypa/pipenv/issues/6117>_
• Spring 2024 Vendoring includes:
  • click-didyoumean==0.3.1
  • expect==4.9.0
  • pipdeptree==2.16.2
  • python-dotenv==1.0.1
  • ruamel.yaml==0.18.6

... (truncated)

Commits

• 7493d18 Release v2024.0.1
• cf9a336 Bumped version to 2024.0.1.
• 52f7b09 Update plette to version 2.1.0
• 0618fab Prepare actually for 2024.0.0 release after peer feedback.
• fd76351 Release v2024.0.0
• 878d7c4 Bumped version to 2024.0.0.
• a84ecd3 Release v3000.0.0
• 0cee88e Bumped version to 3000.0.0.
• 2c04a63 Remove secho from pipenv.utils.shell
• 6abb08c Merge pull request #6164 from sanspareilsmyn/handle-unspecified-python-version
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[changeset-bot]

⚠️ No Changeset found

Latest commit: fc183fd

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR