-
-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Commit ad5d139
authored
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
Bump pip from 25.0.1 to 25.1 (#10804)
Bumps [pip](https://github.com/pypa/pip) from 25.0.1 to 25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
<https://github.com/pypa/pip/issues/12989></code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
<https://github.com/pypa/pip/issues/13010></code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
<https://github.com/pypa/pip/issues/13303></code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
<https://github.com/pypa/pip/issues/13318></code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
<https://github.com/pypa/pip/issues/13319></code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking "pip config debug" in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
<https://github.com/pypa/pip/issues/12649></code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
<https://github.com/pypa/pip/issues/12710></code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
<https://github.com/pypa/pip/issues/12712></code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
<https://github.com/pypa/pip/issues/12873></code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
<https://github.com/pypa/pip/issues/12963></code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
<https://github.com/pypa/pip/issues/12991></code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> "Well-known Project URLs in
Metadata" normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
<https://github.com/pypa/pip/issues/13135></code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
<https://github.com/pypa/pip/issues/13188></code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
<https://github.com/pypa/pip/issues/13194></code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
<https://github.com/pypa/pip/issues/13213></code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
<https://github.com/pypa/pip/issues/13253></code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
<https://github.com/pypa/pip/issues/13273></code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
<https://github.com/pypa/pip/issues/13282></code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
<https://github.com/pypa/pip/issues/13290></code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
<https://github.com/pypa/pip/issues/13299></code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
<https://github.com/pypa/pip/issues/5210></code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>1 parent f35bc39 commit ad5d139Copy full SHA for ad5d139
2 files changed
+2
-2
lines changedrequirements/constraints.txt
Copy file name to clipboardExpand all lines: requirements/constraints.txt+1-1
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
297 | 297 | | |
298 | 298 | | |
299 | 299 | | |
300 | | - | |
| 300 | + | |
301 | 301 | | |
302 | 302 | | |
303 | 303 | | |
| |||
+1-1
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
288 | 288 | | |
289 | 289 | | |
290 | 290 | | |
291 | | - | |
| 291 | + | |
292 | 292 | | |
293 | 293 | | |
294 | 294 | | |
| |||
0 commit comments