Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ci: bump pip from 24.2 to 24.3.1 in /.github/workflows (#48)
Bumps [pip](https://github.com/pypa/pip) from 24.2 to 24.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>24.3.1 (2024-10-27)</h1> <h2>Bug Fixes</h2> <ul> <li>Allow multiple nested inclusions of the same requirements file again. (<code>[#13046](pypa/pip#13046) <https://github.com/pypa/pip/issues/13046></code>_)</li> </ul> <h1>24.3 (2024-10-27)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Deprecate wheel filenames that are not compliant with :pep:<code>440</code>. (<code>[#12918](pypa/pip#12918) <https://github.com/pypa/pip/issues/12918></code>_)</li> </ul> <h2>Features</h2> <ul> <li>Detect recursively referencing requirements files and help users identify the source. (<code>[#12653](pypa/pip#12653) <https://github.com/pypa/pip/issues/12653></code>_)</li> <li>Support for :pep:<code>730</code> iOS wheels. (<code>[#12961](pypa/pip#12961) <https://github.com/pypa/pip/issues/12961></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Display a better error message when an already installed package has an invalid requirement. (<code>[#12953](pypa/pip#12953) <https://github.com/pypa/pip/issues/12953></code>_)</li> <li>Ignore <code>PIP_TARGET</code> and <code>pip.conf</code> <code>global.target</code> when preparing a build environment. (<code>[#8438](pypa/pip#8438) <https://github.com/pypa/pip/issues/8438></code>_)</li> <li>Restore support for macOS 10.12 and older (via truststore). (<code>[#12901](pypa/pip#12901) <https://github.com/pypa/pip/issues/12901></code>_)</li> <li>Allow installing pip in editable mode in a virtual environment on Windows. (<code>[#12666](pypa/pip#12666) <https://github.com/pypa/pip/issues/12666></code>_)</li> </ul> <h2>Vendored Libraries</h2> <ul> <li>Upgrade certifi to 2024.8.30</li> <li>Upgrade distlib to 0.3.9</li> <li>Upgrade truststore to 0.10.0</li> <li>Upgrade urllib3 to 1.26.20</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/05293b6b55eca86490b7c2944bcc558a56064f0d"><code>05293b6</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/6a5db8b107bb0063c69dc5ccd39dbfef14ca7a32"><code>6a5db8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13047">#13047</a> from sbidoul/fix-13046</li> <li><a href="https://github.com/pypa/pip/commit/7be54ced1cca2c850e79e8fbe9ec2b76947b2b6f"><code>7be54ce</code></a> Don't fail when the same req file is included more than once</li> <li><a href="https://github.com/pypa/pip/commit/4f6aeb17ed540e181b9ad1dea8d7b5389effd21b"><code>4f6aeb1</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13044">#13044</a> from sbidoul/release/24.3</li> <li><a href="https://github.com/pypa/pip/commit/e1b1d51fe8d0f4b84b77206173ceb656caa2edeb"><code>e1b1d51</code></a> Bump for development</li> <li><a href="https://github.com/pypa/pip/commit/cdba22f49b425fe4a57a8daf992fd6335c8010a1"><code>cdba22f</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/27f8374e8dd49141bd2397c0e8e8093cf3676ff7"><code>27f8374</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/c79d01953357913f421f192f51ffa9bab0a75ba0"><code>c79d019</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13033">#13033</a> from sbidoul/vendoring-24.3-sbi</li> <li><a href="https://github.com/pypa/pip/commit/3ca89215a96f9b05619fc52bb778c19f26b84a9f"><code>3ca8921</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13041">#13041</a> from sethmlarson/truststore-0.10.0</li> <li><a href="https://github.com/pypa/pip/commit/0cc7375ff0a42ddfa19f23f42cb96d6d7c06d29b"><code>0cc7375</code></a> Upgrade vendored truststore to 0.10.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/24.2...24.3.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.2&new-version=24.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information