Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-pip for openSUSE:Factory checked in at 2026-02-16 13:40:49 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-pip (Old) and /work/SRC/openSUSE:Factory/.python-pip.new.1977 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-pip" Mon Feb 16 13:40:49 2026 rev:72 rq:1331110 version:26.0.1 Changes: -------- --- /work/SRC/openSUSE:Factory/python-pip/python-pip.changes 2025-08-14 11:36:23.652259753 +0200 +++ /work/SRC/openSUSE:Factory/.python-pip.new.1977/python-pip.changes 2026-02-16 13:40:53.976569919 +0100 @@ -1,0 +2,119 @@ +Thu Feb 5 06:51:28 UTC 2026 - Daniel Garcia <[email protected]> + +- Update to 26.0.1: + * Fix --pre not being respected from the command line when a + requirement file includes an option e.g. -extra-index-url. + (#13788) + +------------------------------------------------------------------- +Tue Feb 3 09:10:32 UTC 2026 - Daniel Garcia <[email protected]> + +- Add %{?pythons_for_pypi} macro, to be used in Leap 16.x for short + term interpreter. +- Drop upstreamed patch flit-core.patch + +- Update to 26.0 (bsc#1257599, CVE-2026-1703): + # Deprecations and Removals + - Remove support for non-bare project names in egg fragments. + Affected users should use the Direct URL requirement syntax. + (#13157) + # Features + - Display pip’s command-line help in colour, if possible. (#12134) + - Support installing dependencies declared with inline script + metadata (PEP 723) with --requirements-from-script. (#12891) + - Add --all-releases and --only-final options to control pre-release + and final release selection during package installation. (#13221) + - Add --uploaded-prior-to option to only consider packages uploaded + prior to a given datetime when the upload-time field is available + from a remote index. (#13625) + - Add --use-feature inprocess-build-deps to request that build + dependencies are installed within the same pip install process. + This new mechanism is faster, supports --no-clean and + --no-cache-dir reliably, and supports prompting for + authentication. + - Enabling this feature will also enable --use-feature + build-constraints. This feature will become the default in a + future pip version. (#9081) + - pip cache purge and pip cache remove now clean up empty + directories and legacy files left by older pip versions. (#9058) + # Bug Fixes + - Fix selecting pre-release versions when only pre-releases match. + For example, package>1.0 with versions 1.0, 2.0rc1 now installs + 2.0rc1 instead of failing. (#13746) + - Revisions in version control URLs now must be percent-encoded. For + example, use git+https://example.com/repo.git@issue%231 to specify + the branch issue#1. If you previously used a branch name + containing a % character in a version control URL, you now need to + replace it with %25 to ensure correct percent-encoding. (#13407) + - Preserve original casing when a path is displayed. (#6823) + - Fix bash completion when the $IFS variable has been modified from + its default. (#13555) + - Precompute Python requirements on each candidate, reducing time of + long resolutions. (#13656) + - Skip redundant work converting version objects to strings when + using the importlib.metadata backend. (#13660) + - Fix pip index versions to honor only-binary/no-binary options. + (#13682) + - Fix fallthrough logic for options, allowing overriding global + options with defaults from user config. (#13703) + - Use a path-segment prefix comparison, not char-by-char. (#13777) + +- 25.3: + # Deprecations and Removals + - Remove support for the legacy setup.py develop editable method in + setuptools editable installs; setuptools >= 64 is now required. + (#11457) + - Remove the deprecated --global-option and --build-option. + --config-setting is now the only way to pass options to the build + backend. (#11859) + - Deprecate the PIP_CONSTRAINT environment variable for specifying + build constraints. + - Use the --build-constraint option or the PIP_BUILD_CONSTRAINT + environment variable instead. When build constraints are used, + PIP_CONSTRAINT no longer affects isolated build environments. To + enable this behavior without specifying any build constraints, use + --use-feature=build-constraint. (#13534) + - Remove support for non-standard legacy wheel filenames. (#13581) + - Remove support for the deprecated setup.py bdist_wheel mechanism. + Consequently, --use-pep517 is now always on, and --no-use-pep517 + has been removed. (#6334) + # Features + - When PEP 658 metadata is available, full distribution files are no + longer downloaded when using pip lock or pip install --dry-run. + (#12603) + - Add support for installing an editable requirement written as a + Direct URL (PackageName @ URL). (#13495) + - Add support for build constraints via the --build-constraint + option. This allows constraining the versions of packages used + during the build process (e.g., setuptools) without affecting the + final installation. (#13534) + - On ResolutionImpossible errors, include a note about causes with + no candidates. (#13588) + - Building pip itself from source now uses flit-core instead of + setuptools. This does not affect how pip installs or builds + packages you use. (#13473) + # Bug Fixes + - Handle malformed Version metadata entries and show a sensible + error message instead of crashing. (#13443) + - Permit spaces between a filepath and extras in an install + requirement. (#13523) + - Ensure the self-check files in the cache have the same permissions + as the rest of the cache. (#13528) + - Avoid concurrency issues and improve performance when caching + locally built wheels, especially when the temporary build + directory is on a different filesystem than the cache. The wheel + directory passed to the build backend is now a temporary + subdirectory inside the cache directory. (#13540) + - Include relevant user-supplied constraints in logs when reporting + dependency conflicts. (#13545) + - Fix a regression in configuration parsing that was turning a + single value into a list and thus leading to a validation error. + (#13548) + - For Python versions that do not support PEP 706, pip will now + raise an installation error for a source distribution when it + includes a symlink that points outside the source distribution + archive. (#13550) + - Prevent --user installs if site.ENABLE_USER_SITE is set to False. + (#8794) + +------------------------------------------------------------------- Old: ---- flit-core.patch pip-25.2-gh.tar.gz New: ---- pip-26.0.1-gh.tar.gz ----------(Old B)---------- Old: term interpreter. - Drop upstreamed patch flit-core.patch ----------(Old E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-pip.spec ++++++ --- /var/tmp/diff_new_pack.pWIM2S/_old 2026-02-16 13:40:55.940650872 +0100 +++ /var/tmp/diff_new_pack.pWIM2S/_new 2026-02-16 13:40:55.944651037 +0100 @@ -1,7 +1,7 @@ # # spec file for package python-pip # -# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2026 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -31,9 +31,10 @@ %endif # in order to avoid rewriting for subpackage generator %define mypython python +%{?pythons_for_pypi} %{?sle15_python_module_pythons} Name: python-pip%{psuffix} -Version: 25.2 +Version: 26.0.1 Release: 0 Summary: A Python package management system License: MIT @@ -44,9 +45,6 @@ Patch0: pip-shipped-requests-cabundle.patch # PATCH-FIX-OPENSUSE: deal missing ca-certificates as "ssl not available" Patch1: disable-ssl-context-in-buildenv.patch -# PATCH-FIX-UPSTREAM https://github.com/pypa/pip/pull/13473 Use flit-core to build pip distributions -# setuptools was unable to handle the new license expression for some reason -Patch2: flit-core.patch BuildRequires: %{python_module base >= 3.9} BuildRequires: %{python_module flit-core >= 3.11} # The rpm python-wheel build is bootstrap friendly since 0.42 ++++++ disable-ssl-context-in-buildenv.patch ++++++ --- /var/tmp/diff_new_pack.pWIM2S/_old 2026-02-16 13:40:56.064655983 +0100 +++ /var/tmp/diff_new_pack.pWIM2S/_new 2026-02-16 13:40:56.084656808 +0100 @@ -1,21 +1,8 @@ -Index: pip-24.2/src/pip/_vendor/requests/adapters.py +Index: pip-26.0/src/pip/_internal/cli/index_command.py =================================================================== ---- pip-24.2.orig/src/pip/_vendor/requests/adapters.py -+++ pip-24.2/src/pip/_vendor/requests/adapters.py -@@ -81,7 +81,7 @@ try: - _preloaded_ssl_context.load_verify_locations( - extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH) - ) --except ImportError: -+except (ImportError, FileNotFoundError, ssl.SSLError): - # Bypass default SSLContext creation when Python - # interpreter isn't built with the ssl module. - _preloaded_ssl_context = None -Index: pip-24.2/src/pip/_internal/cli/index_command.py -=================================================================== ---- pip-24.2.orig/src/pip/_internal/cli/index_command.py -+++ pip-24.2/src/pip/_internal/cli/index_command.py -@@ -43,7 +43,11 @@ def _create_truststore_ssl_context() -> +--- pip-26.0.orig/src/pip/_internal/cli/index_command.py ++++ pip-26.0/src/pip/_internal/cli/index_command.py +@@ -49,7 +49,11 @@ def _create_truststore_ssl_context() -> return None ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT) ++++++ pip-25.2-gh.tar.gz -> pip-26.0.1-gh.tar.gz ++++++ /work/SRC/openSUSE:Factory/python-pip/pip-25.2-gh.tar.gz /work/SRC/openSUSE:Factory/.python-pip.new.1977/pip-26.0.1-gh.tar.gz differ: char 13, line 1 ++++++ pip-shipped-requests-cabundle.patch ++++++ --- /var/tmp/diff_new_pack.pWIM2S/_old 2026-02-16 13:40:56.172660435 +0100 +++ /var/tmp/diff_new_pack.pWIM2S/_new 2026-02-16 13:40:56.192661260 +0100 @@ -3,10 +3,10 @@ tests/unit/test_options.py | 5 + 2 files changed, 13 insertions(+), 97 deletions(-) -Index: pip-25.2/src/pip/_vendor/certifi/core.py +Index: pip-26.0/src/pip/_vendor/certifi/core.py =================================================================== ---- pip-25.2.orig/src/pip/_vendor/certifi/core.py -+++ pip-25.2/src/pip/_vendor/certifi/core.py +--- pip-26.0.orig/src/pip/_vendor/certifi/core.py ++++ pip-26.0/src/pip/_vendor/certifi/core.py @@ -3,81 +3,14 @@ certifi.py ~~~~~~~~~~ @@ -97,10 +97,10 @@ - return read_text("pip._vendor.certifi", "cacert.pem", encoding="ascii") +def contents() -> str: + return read_text(encoding="ascii") -Index: pip-25.2/tests/unit/test_options.py +Index: pip-26.0/tests/unit/test_options.py =================================================================== ---- pip-25.2.orig/tests/unit/test_options.py -+++ pip-25.2/tests/unit/test_options.py +--- pip-26.0.orig/tests/unit/test_options.py ++++ pip-26.0/tests/unit/test_options.py @@ -1,6 +1,7 @@ from __future__ import annotations @@ -109,15 +109,15 @@ from collections.abc import Iterator from contextlib import contextmanager from optparse import Values -@@ -13,6 +14,7 @@ import pip._internal.configuration - from pip._internal.cli.main import main +@@ -15,6 +16,7 @@ from pip._internal.cli.main import main from pip._internal.commands import create_command from pip._internal.commands.configuration import ConfigurationCommand + from pip._internal.exceptions import CommandError, PipError +from pip._vendor.certifi import where - from pip._internal.exceptions import PipError from tests.lib.options_helpers import AddFakeCommandMixin -@@ -621,6 +623,9 @@ class TestOptionsConfigFiles: + +@@ -537,6 +539,9 @@ class TestOptionsConfigFiles: else: assert expect == cmd._determine_file(options, need_value=False)
