Skip to content

Commit

Permalink
ci: bump pip from 24.2 to 24.3.1 in /.github/workflows (#48)
Browse files Browse the repository at this point in the history
Bumps [pip](https://github.com/pypa/pip) from 24.2 to 24.3.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>24.3.1 (2024-10-27)</h1>
<h2>Bug Fixes</h2>
<ul>
<li>Allow multiple nested inclusions of the same requirements file
again. (<code>[#13046](pypa/pip#13046)
&lt;https://github.com/pypa/pip/issues/13046&gt;</code>_)</li>
</ul>
<h1>24.3 (2024-10-27)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Deprecate wheel filenames that are not compliant with
:pep:<code>440</code>.
(<code>[#12918](pypa/pip#12918)
&lt;https://github.com/pypa/pip/issues/12918&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>Detect recursively referencing requirements files and help users
identify
the source. (<code>[#12653](pypa/pip#12653)
&lt;https://github.com/pypa/pip/issues/12653&gt;</code>_)</li>
<li>Support for :pep:<code>730</code> iOS wheels.
(<code>[#12961](pypa/pip#12961)
&lt;https://github.com/pypa/pip/issues/12961&gt;</code>_)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Display a better error message when an already installed package has
an invalid requirement.
(<code>[#12953](pypa/pip#12953)
&lt;https://github.com/pypa/pip/issues/12953&gt;</code>_)</li>
<li>Ignore <code>PIP_TARGET</code> and <code>pip.conf</code>
<code>global.target</code> when preparing a build environment.
(<code>[#8438](pypa/pip#8438)
&lt;https://github.com/pypa/pip/issues/8438&gt;</code>_)</li>
<li>Restore support for macOS 10.12 and older (via truststore).
(<code>[#12901](pypa/pip#12901)
&lt;https://github.com/pypa/pip/issues/12901&gt;</code>_)</li>
<li>Allow installing pip in editable mode in a virtual environment on
Windows. (<code>[#12666](pypa/pip#12666)
&lt;https://github.com/pypa/pip/issues/12666&gt;</code>_)</li>
</ul>
<h2>Vendored Libraries</h2>
<ul>
<li>Upgrade certifi to 2024.8.30</li>
<li>Upgrade distlib to 0.3.9</li>
<li>Upgrade truststore to 0.10.0</li>
<li>Upgrade urllib3 to 1.26.20</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/05293b6b55eca86490b7c2944bcc558a56064f0d"><code>05293b6</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/6a5db8b107bb0063c69dc5ccd39dbfef14ca7a32"><code>6a5db8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13047">#13047</a> from
sbidoul/fix-13046</li>
<li><a
href="https://github.com/pypa/pip/commit/7be54ced1cca2c850e79e8fbe9ec2b76947b2b6f"><code>7be54ce</code></a>
Don't fail when the same req file is included more than once</li>
<li><a
href="https://github.com/pypa/pip/commit/4f6aeb17ed540e181b9ad1dea8d7b5389effd21b"><code>4f6aeb1</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13044">#13044</a> from
sbidoul/release/24.3</li>
<li><a
href="https://github.com/pypa/pip/commit/e1b1d51fe8d0f4b84b77206173ceb656caa2edeb"><code>e1b1d51</code></a>
Bump for development</li>
<li><a
href="https://github.com/pypa/pip/commit/cdba22f49b425fe4a57a8daf992fd6335c8010a1"><code>cdba22f</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/27f8374e8dd49141bd2397c0e8e8093cf3676ff7"><code>27f8374</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/c79d01953357913f421f192f51ffa9bab0a75ba0"><code>c79d019</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13033">#13033</a> from
sbidoul/vendoring-24.3-sbi</li>
<li><a
href="https://github.com/pypa/pip/commit/3ca89215a96f9b05619fc52bb778c19f26b84a9f"><code>3ca8921</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13041">#13041</a> from
sethmlarson/truststore-0.10.0</li>
<li><a
href="https://github.com/pypa/pip/commit/0cc7375ff0a42ddfa19f23f42cb96d6d7c06d29b"><code>0cc7375</code></a>
Upgrade vendored truststore to 0.10.0</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/24.2...24.3.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.2&new-version=24.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
dependabot[bot] authored Oct 29, 2024
1 parent 4266abe commit 1f8cb8a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/constraints.txt
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
pip==24.2
pip==24.3.1
poetry==1.8.4
poetry-dynamic-versioning==1.4.1

0 comments on commit 1f8cb8a

Please sign in to comment.