Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-pip for openSUSE:Factory
checked in at 2023-11-22 18:54:20
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-pip (Old)
and /work/SRC/openSUSE:Factory/.python-pip.new.25432 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-pip"
Wed Nov 22 18:54:20 2023 rev:62 rq:1127960 version:23.3.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-pip/python-pip.changes 2023-08-30
10:21:34.406482585 +0200
+++ /work/SRC/openSUSE:Factory/.python-pip.new.25432/python-pip.changes
2023-11-22 18:54:33.287457601 +0100
@@ -1,0 +2,71 @@
+Tue Nov 21 10:38:00 UTC 2023 - Matej Cepl <mc...@cepl.eu>
+
+- Update to 23.3.1:
+ - Bug Fixes
+ - Handle a timezone indicator of Z when parsing dates in the
+ self check. (#12338)
+ - Fix bug where installing the same package at the same time
+ with multiple pip processes could fail. (#12361)
+- Update to 23.3:
+ - Process
+ - Added reference to vulnerability reporting guidelines to
+ pip's security policy.
+ - Features
+ - Improve extras resolution for multiple constraints on same
+ base package. (#11924)
+ - Improve use of datastructures to make candidate selection
+ 1.6x faster. (#12204)
+ - Allow pip install --dry-run to use platform and ABI
+ overriding options. (#12215)
+ - Add is_yanked boolean entry to the installation report
+ (--report) to indicate whether the requirement was yanked
+ from the index, but was still selected by pip conform to
+ PEP 592. (#12224)
+ - Bug Fixes
+ - Ignore errors in temporary directory cleanup (show a
+ warning instead). (#11394)
+ - Normalize extras according to PEP 685 from package metadata
+ in the resolver for comparison. This ensures extras are
+ correctly compared and merged as long as the package
+ providing the extra(s) is built with values normalized
+ according to the standard. Note, however, that this
+ does not solve cases where the package itself contains
+ unnormalized extra values in the metadata. (#11649)
+ - Prevent downloading sdists twice when PEP 658 metadata is
+ present. (#11847)
+ - Include all requested extras in the install report
+ (--report). (#11924)
+ - Removed uses of datetime.datetime.utcnow from non-vendored
+ code. (#12005)
+ - Consistently report whether a dependency comes from an
+ extra. (#12095)
+ - Fix completion script for zsh (#12166)
+ - Fix improper handling of the new onexc argument of
+ shutil.rmtree() in Python 3.12. (#12187)
+ - Filter out yanked links from the available versions
+ error message: "(from versions: 1.0, 2.0, 3.0)" will
+ not contain yanked versions conform PEP 592. The yanked
+ versions (if any) will be mentioned in a separate error
+ message. (#12225)
+ - Fix crash when the git version number contains something
+ else than digits and dots. (#12280)
+ - Use -r=... instead of -r ... to specify references with
+ Mercurial. (#12306, CVE-2023-5752, bsc#1217353)
+ - Redact password from URLs in some additional
+ places. (#12350)
+ - pip uses less memory when caching large packages. As a
+ result, there is a new on-disk cache format stored in a new
+ directory ($PIP_CACHE_DIR/http-v2). (#2984)
+ - Vendored Libraries
+ - Upgrade certifi to 2023.7.22
+ - Add truststore 0.8.0
+ - Upgrade urllib3 to 1.26.17
+ - Improved Documentation
+ - Document that pip search support has been removed from PyPI
+ (#12059)
+ - Clarify --prefer-binary in CLI and docs (#12122)
+ - Document that using OS-provided Python can cause pip's test
+ suite to report false failures. (#12334)
+- Adjust pip-shipped-requests-cabundle.patch.
+
+-------------------------------------------------------------------
Old:
----
pip-23.2.1-gh.tar.gz
New:
----
pip-23.3.1-gh.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-pip.spec ++++++
--- /var/tmp/diff_new_pack.X1V6PT/_old 2023-11-22 18:54:34.075486522 +0100
+++ /var/tmp/diff_new_pack.X1V6PT/_new 2023-11-22 18:54:34.079486668 +0100
@@ -40,11 +40,11 @@
%endif
%{?sle15_python_module_pythons}
Name: python-pip%{psuffix}
-Version: 23.2.1
+Version: 23.3.1
Release: 0
Summary: A Python package management system
License: MIT
-URL: http://www.pip-installer.org
+URL: https://pip.pypa.io
# The PyPI archive lacks the tests
Source:
https://github.com/pypa/pip/archive/%{version}.tar.gz#/pip-%{version}-gh.tar.gz
# PATCH-FIX-OPENSUSE pip-shipped-requests-cabundle.patch -- adapted patch from
python-certifi package
++++++ pip-23.2.1-gh.tar.gz -> pip-23.3.1-gh.tar.gz ++++++
/work/SRC/openSUSE:Factory/python-pip/pip-23.2.1-gh.tar.gz
/work/SRC/openSUSE:Factory/.python-pip.new.25432/pip-23.3.1-gh.tar.gz differ:
char 15, line 1
++++++ pip-shipped-requests-cabundle.patch ++++++
--- /var/tmp/diff_new_pack.X1V6PT/_old 2023-11-22 18:54:34.131488577 +0100
+++ /var/tmp/diff_new_pack.X1V6PT/_new 2023-11-22 18:54:34.135488724 +0100
@@ -1,12 +1,10 @@
---
- src/pip/_vendor/certifi/core.py | 70
++++------------------------------------
- tests/unit/test_options.py | 5 ++
- 2 files changed, 13 insertions(+), 62 deletions(-)
+ src/pip/_vendor/certifi/core.py | 105
+++-------------------------------------
+ tests/unit/test_options.py | 5 +
+ 2 files changed, 13 insertions(+), 97 deletions(-)
-Index: pip-22.3.1/src/pip/_vendor/certifi/core.py
-===================================================================
---- pip-22.3.1.orig/src/pip/_vendor/certifi/core.py
-+++ pip-22.3.1/src/pip/_vendor/certifi/core.py
+--- a/src/pip/_vendor/certifi/core.py
++++ b/src/pip/_vendor/certifi/core.py
@@ -3,106 +3,17 @@ certifi.py
~~~~~~~~~~
@@ -122,10 +120,8 @@
- return read_text("pip._vendor.certifi", "cacert.pem",
encoding="ascii")
+def contents() -> str:
+ return read_text(encoding="ascii")
-Index: pip-22.3.1/tests/unit/test_options.py
-===================================================================
---- pip-22.3.1.orig/tests/unit/test_options.py
-+++ pip-22.3.1/tests/unit/test_options.py
+--- a/tests/unit/test_options.py
++++ b/tests/unit/test_options.py
@@ -1,4 +1,5 @@
import os
+import os.path
@@ -140,7 +136,7 @@
from tests.lib.options_helpers import AddFakeCommandMixin
-@@ -619,6 +621,9 @@ class TestOptionsConfigFiles:
+@@ -618,6 +620,9 @@ class TestOptionsConfigFiles:
else:
assert expect == cmd._determine_file(options, need_value=False)
