Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 2CB9C84F6A for ; Sun, 15 Oct 2023 19:37:45 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id e725u9XbX2PZ for ; Sun, 15 Oct 2023 19:37:44 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 07FD084F0D for ; Sun, 15 Oct 2023 19:37:44 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id EDDB6FADC; Sun, 15 Oct 2023 19:37:43 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_169739866328370" MIME-Version: 1.0 Date: Sun, 15 Oct 2023 19:37:43 +0000 From: "Adam Ciarcinski" Subject: CVS commit: pkgsrc/devel/py-pip To: pkgsrc-changes@NetBSD.org Approved: commit_and_comment Reply-To: adam@netbsd.org X-Mailer: log_accum Message-Id: <20231015193743.EDDB6FADC@cvs.NetBSD.org> This is a multi-part message in MIME format. --_----------=_169739866328370 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: adam Date: Sun Oct 15 19:37:43 UTC 2023 Modified Files: pkgsrc/devel/py-pip: Makefile PLIST distinfo pkgsrc/devel/py-pip/patches: patch-src_pip___internal_req_req__install.py Log Message: py-pip: updated to 23.3 23.3 (2023-10-15) ================= Process ------- - Added reference to `vulnerability reporting guidelines `_ to pip's security policy. Deprecations and Removals ------------------------- - Drop a fallback to using SecureTransport on macOS. It was useful when pip detected OpenSSL older than 1.0.1, but the current pip does not support any Python version supporting such old OpenSSL versions. Features -------- - Improve extras resolution for multiple constraints on same base package. - Improve use of datastructures to make candidate selection 1.6x faster - Allow ``pip install --dry-run`` to use platform and ABI overriding options similar to ``--target``. - Add ``is_yanked`` boolean entry to the installation report (``--report``) to indicate whether the requirement was yanked from the index, but was still selected by pip conform to PEP 592. Bug Fixes --------- - Ignore errors in temporary directory cleanup (show a warning instead). - Normalize extras according to :pep:`685` from package metadata in the resolver for comparison. This ensures extras are correctly compared and merged as long as the package providing the extra(s) is built with values normalized according to the standard. Note, however, that this *does not* solve cases where the package itself contains unnormalized extra values in the metadata. - Prevent downloading sdists twice when PEP 658 metadata is present. - Include all requested extras in the install report (``--report``). - Removed uses of ``datetime.datetime.utcnow`` from non-vendored code. - Consistently report whether a dependency comes from an extra. - Fix completion script for zsh - Fix improper handling of the new onexc argument of ``shutil.rmtree()`` in Python 3.12. - Filter out yanked links from the available versions error message: "(from versions: 1.0, 2.0, 3.0)" will not contain yanked versions conform PEP 592. The yanked versions (if any) will be mentioned in a separate error message. - Fix crash when the git version number contains something else than digits and dots. - Use ``-r=...`` instead of ``-r ...`` to specify references with Mercurial. - Redact password from URLs in some additional places. - pip uses less memory when caching large packages. As a result, there is a new on-disk cache format stored in a new directory ($PIP_CACHE_DIR/http-v2). Vendored Libraries ------------------ - Upgrade certifi to 2023.7.22 - Add truststore 0.8.0 - Upgrade urllib3 to 1.26.17 Improved Documentation ---------------------- - Document that ``pip search`` support has been removed from PyPI - Clarify --prefer-binary in CLI and docs - Document that using OS-provided Python can cause pip's test suite to report false failures. To generate a diff of this commit: cvs rdiff -u -r1.67 -r1.68 pkgsrc/devel/py-pip/Makefile cvs rdiff -u -r1.39 -r1.40 pkgsrc/devel/py-pip/PLIST cvs rdiff -u -r1.57 -r1.58 pkgsrc/devel/py-pip/distinfo cvs rdiff -u -r1.1 -r1.2 \ pkgsrc/devel/py-pip/patches/patch-src_pip___internal_req_req__install.py Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_169739866328370 Content-Disposition: inline Content-Length: 6487 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/devel/py-pip/Makefile diff -u pkgsrc/devel/py-pip/Makefile:1.67 pkgsrc/devel/py-pip/Makefile:1.68 --- pkgsrc/devel/py-pip/Makefile:1.67 Mon Jul 24 18:39:00 2023 +++ pkgsrc/devel/py-pip/Makefile Sun Oct 15 19:37:43 2023 @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.67 2023/07/24 18:39:00 adam Exp $ +# $NetBSD: Makefile,v 1.68 2023/10/15 19:37:43 adam Exp $ -DISTNAME= pip-23.2.1 +DISTNAME= pip-23.3 PKGNAME= ${PYPKGPREFIX}-${DISTNAME} CATEGORIES= devel python MASTER_SITES= ${MASTER_SITE_PYPI:=p/pip/} Index: pkgsrc/devel/py-pip/PLIST diff -u pkgsrc/devel/py-pip/PLIST:1.39 pkgsrc/devel/py-pip/PLIST:1.40 --- pkgsrc/devel/py-pip/PLIST:1.39 Tue Jul 18 06:18:10 2023 +++ pkgsrc/devel/py-pip/PLIST Sun Oct 15 19:37:43 2023 @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.39 2023/07/18 06:18:10 adam Exp $ +@comment $NetBSD: PLIST,v 1.40 2023/10/15 19:37:43 adam Exp $ bin/pip${PYVERSSUFFIX} ${PYSITELIB}/${EGG_INFODIR}/PKG-INFO ${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt @@ -402,9 +402,6 @@ ${PYSITELIB}/pip/_internal/utils/glibc.p ${PYSITELIB}/pip/_internal/utils/hashes.py ${PYSITELIB}/pip/_internal/utils/hashes.pyc ${PYSITELIB}/pip/_internal/utils/hashes.pyo -${PYSITELIB}/pip/_internal/utils/inject_securetransport.py -${PYSITELIB}/pip/_internal/utils/inject_securetransport.pyc -${PYSITELIB}/pip/_internal/utils/inject_securetransport.pyo ${PYSITELIB}/pip/_internal/utils/logging.py ${PYSITELIB}/pip/_internal/utils/logging.pyc ${PYSITELIB}/pip/_internal/utils/logging.pyo @@ -483,9 +480,6 @@ ${PYSITELIB}/pip/_vendor/cachecontrol/ca ${PYSITELIB}/pip/_vendor/cachecontrol/caches/redis_cache.py ${PYSITELIB}/pip/_vendor/cachecontrol/caches/redis_cache.pyc ${PYSITELIB}/pip/_vendor/cachecontrol/caches/redis_cache.pyo -${PYSITELIB}/pip/_vendor/cachecontrol/compat.py -${PYSITELIB}/pip/_vendor/cachecontrol/compat.pyc -${PYSITELIB}/pip/_vendor/cachecontrol/compat.pyo ${PYSITELIB}/pip/_vendor/cachecontrol/controller.py ${PYSITELIB}/pip/_vendor/cachecontrol/controller.pyc ${PYSITELIB}/pip/_vendor/cachecontrol/controller.pyo @@ -1351,6 +1345,24 @@ ${PYSITELIB}/pip/_vendor/tomli/_re.pyo ${PYSITELIB}/pip/_vendor/tomli/_types.py ${PYSITELIB}/pip/_vendor/tomli/_types.pyc ${PYSITELIB}/pip/_vendor/tomli/_types.pyo +${PYSITELIB}/pip/_vendor/truststore/__init__.py +${PYSITELIB}/pip/_vendor/truststore/__init__.pyc +${PYSITELIB}/pip/_vendor/truststore/__init__.pyo +${PYSITELIB}/pip/_vendor/truststore/_api.py +${PYSITELIB}/pip/_vendor/truststore/_api.pyc +${PYSITELIB}/pip/_vendor/truststore/_api.pyo +${PYSITELIB}/pip/_vendor/truststore/_macos.py +${PYSITELIB}/pip/_vendor/truststore/_macos.pyc +${PYSITELIB}/pip/_vendor/truststore/_macos.pyo +${PYSITELIB}/pip/_vendor/truststore/_openssl.py +${PYSITELIB}/pip/_vendor/truststore/_openssl.pyc +${PYSITELIB}/pip/_vendor/truststore/_openssl.pyo +${PYSITELIB}/pip/_vendor/truststore/_ssl_constants.py +${PYSITELIB}/pip/_vendor/truststore/_ssl_constants.pyc +${PYSITELIB}/pip/_vendor/truststore/_ssl_constants.pyo +${PYSITELIB}/pip/_vendor/truststore/_windows.py +${PYSITELIB}/pip/_vendor/truststore/_windows.pyc +${PYSITELIB}/pip/_vendor/truststore/_windows.pyo ${PYSITELIB}/pip/_vendor/typing_extensions.py ${PYSITELIB}/pip/_vendor/typing_extensions.pyc ${PYSITELIB}/pip/_vendor/typing_extensions.pyo Index: pkgsrc/devel/py-pip/distinfo diff -u pkgsrc/devel/py-pip/distinfo:1.57 pkgsrc/devel/py-pip/distinfo:1.58 --- pkgsrc/devel/py-pip/distinfo:1.57 Mon Jul 24 18:39:00 2023 +++ pkgsrc/devel/py-pip/distinfo Sun Oct 15 19:37:43 2023 @@ -1,10 +1,10 @@ -$NetBSD: distinfo,v 1.57 2023/07/24 18:39:00 adam Exp $ +$NetBSD: distinfo,v 1.58 2023/10/15 19:37:43 adam Exp $ -BLAKE2s (pip-23.2.1.tar.gz) = f94f6745b27bf08483855388f4963c1a653cfb30f6d45ec3ab78ad9ad354d598 -SHA512 (pip-23.2.1.tar.gz) = 6545d597d11d599d96828471cc4353c19a3a7fb44ca39e331b34b947ff440b8cb7450c119cc78202059a5bb5a2295df558281978596094c17af22da5889b4f3a -Size (pip-23.2.1.tar.gz) = 2109449 bytes +BLAKE2s (pip-23.3.tar.gz) = 0aa42e79de105fe1d10f90cb8ab5eb6e8f21129537b8e787c88a16b80d6ae432 +SHA512 (pip-23.3.tar.gz) = 8ddadca835f2776b8b1742bcf30d1c0a20d5a0b3506eecf9c7701415bce61e1de96411a11e5e04e6b5ff2a8cbcb827932a3df0bdf6b232ab524e14262ac392e6 +Size (pip-23.3.tar.gz) = 2131482 bytes SHA1 (patch-src_pip___internal_build__env.py) = 19c6feb4b56cbdb70f9150c452dac73ca3949911 SHA1 (patch-src_pip___internal_commands_install.py) = 2f78c5af7c677d052a2275488dcda2f7b86c6e51 SHA1 (patch-src_pip___internal_operations_install_wheel.py) = 0f590d2a11a2373f50abbc9377044f728625b13d SHA1 (patch-src_pip___internal_req_____init____.py) = ea65543752173516df5f73bbd530328bd274a683 -SHA1 (patch-src_pip___internal_req_req__install.py) = 2bce1b51a71688c368167910e16dd4fe33013922 +SHA1 (patch-src_pip___internal_req_req__install.py) = 507788b55afc7cbbd3d0568491f540b48b7bd952 Index: pkgsrc/devel/py-pip/patches/patch-src_pip___internal_req_req__install.py diff -u pkgsrc/devel/py-pip/patches/patch-src_pip___internal_req_req__install.py:1.1 pkgsrc/devel/py-pip/patches/patch-src_pip___internal_req_req__install.py:1.2 --- pkgsrc/devel/py-pip/patches/patch-src_pip___internal_req_req__install.py:1.1 Wed Jun 14 11:30:54 2023 +++ pkgsrc/devel/py-pip/patches/patch-src_pip___internal_req_req__install.py Sun Oct 15 19:37:43 2023 @@ -1,12 +1,12 @@ -$NetBSD: patch-src_pip___internal_req_req__install.py,v 1.1 2023/06/14 11:30:54 riastradh Exp $ +$NetBSD: patch-src_pip___internal_req_req__install.py,v 1.2 2023/10/15 19:37:43 adam Exp $ Allow pip install --executable=/path to set path in script #! lines. https://github.com/pypa/pip/issues/12087 https://github.com/pypa/pip/pull/12088 ---- src/pip/_internal/req/req_install.py.orig 2023-04-26 09:23:01.000000000 +0000 +--- src/pip/_internal/req/req_install.py.orig 2023-10-15 16:17:57.000000000 +0000 +++ src/pip/_internal/req/req_install.py -@@ -766,6 +766,7 @@ class InstallRequirement: +@@ -812,6 +812,7 @@ class InstallRequirement: root: Optional[str] = None, home: Optional[str] = None, prefix: Optional[str] = None, @@ -14,8 +14,8 @@ https://github.com/pypa/pip/pull/12088 warn_script_location: bool = True, use_user_site: bool = False, pycompile: bool = True, -@@ -801,6 +802,7 @@ class InstallRequirement: - self.name, +@@ -848,6 +849,7 @@ class InstallRequirement: + self.req.name, self.local_file_path, scheme=scheme, + executable=executable, --_----------=_169739866328370--