./devel/py-pip, Installs Python packages as an easy_install replacement

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 19.3.1, Package name: py37-pip-19.3.1, Maintainer: pkgsrc-users

pip is a replacement for easy_install. It uses mostly the same
techniques for finding packages, so packages that were made
easy_installable should be pip-installable as well.

pip is meant to improve on easy_install. Some of the improvements:
* All packages are downloaded before installation.
Partially-completed installation doesn't occur as a result.
* Care is taken to present useful output on the console.
* The reasons for actions are kept track of. For instance, if
a package is being installed, pip keeps track of why that package
was required.
* Error messages should be useful.
* The code is relatively concise and cohesive, making it easier
to use programmatically.
* Packages don't have to be installed as egg archives, they can
be installed flat (while keeping the egg metadata).
* Native support for other version control systems (Git, Mercurial
and Bazaar)
* Uninstallation of packages.
* Simple to define fixed sets of requirements and reliably
reproduce a set of packages.


Required to run:
[devel/py-setuptools] [lang/python37]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: ddf74fc8e3ba7f35757257bd5b24dbbb998ca29d
RMD160: e2aee78bd544b49da6f8e8af6be1ea7c0248c6f4
Filesize: 1360.946 KB

Version history: (Expand)


CVS history: (Expand)


   2019-10-19 08:38:56 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-pip: updated to 19.3.1

19.3.1:

Features
- Document Python 3.8 support.

Bug Fixes
- Fix bug that prevented installation of PEP 517 packages without ``setup.py``.
   2019-10-15 19:16:54 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-pip: updated to 19.3

19.3:
Deprecations and Removals
- Remove undocumented support for un-prefixed URL requirements pointing
  to SVN repositories. Users relying on this can get the original behavior
  by prefixing their URL with svn+ (which is backwards-compatible).
- Remove the deprecated --venv option from pip config.

Features
- Print a better error message when --no-binary or --only-binary is given
  an argument starting with -.
- Make pip show warn about packages not found.
- Support including a port number in --trusted-host for both HTTP and HTTPS.
- Redact single-part login credentials from URLs in log messages.
- Implement manylinux2014 platform tag support.  manylinux2014 is the successor
  to manylinux2010.  It allows carefully compiled binary wheels to be installed
  on compatible Linux platforms.  The manylinux2014 platform tag definition can
  be found in PEP599 <https://www.python.org/dev/peps/pep-0599/>_.

Bug Fixes
- Abort installation if any archive contains a file which would be placed
  outside the extraction location.
- pip's CLI completion code no longer prints a Traceback if it is interrupted.
- Correct inconsistency related to the hg+file scheme.
- Fix rmtree_errorhandler to skip non-existing directories.
- Ignore errors copying socket files for local source installs (in Python 3).
- Fix requirement line parser to correctly handle PEP 440 requirements with a URL
  pointing to an archive file.
- The pip-wheel-metadata directory does not need to persist between invocations \ 
of pip, use a temporary directory instead of the current setup.py directory.
- Fix --trusted-host processing under HTTPS to trust any port number used
  with the host.
- Switch to new distlib wheel script template. This should be functionally
  equivalent for end users.
- Skip copying .tox and .nox directories to temporary build directories
- Fix handling of tokens (single part credentials) in URLs.
- Fix a regression that caused ~ expansion not to occur in --find-links
  paths.
- Fix bypassed pip upgrade warning on Windows.
- Fix 'm' flag erroneously being appended to ABI tag in Python 3.8 on platforms \ 
that do not provide SOABI
- Hide security-sensitive strings like passwords in log messages related to
  version control system (aka VCS) command invocations.
- Correctly uninstall symlinks that were installed in a virtualenv,
  by tools such as flit install --symlink.
- Don't fail installation using pip.exe on Windows when pip wouldn't be upgraded.
- Use canonical distribution names when computing Required-By in pip show.
- Don't use hardlinks for locking selfcheck state file.
- Ignore "require_virtualenv" in pip config
- Fix pip freeze not showing correct entry for mercurial packages that use \ 
subdirectories.
- Fix a crash when sys.stdin is set to None, such as on AWS Lambda.

Vendored Libraries
- Upgrade certifi to 2019.9.11
- Add contextlib2 0.6.0 as a vendored dependency.
- Remove Lockfile as a vendored dependency.
- Upgrade msgpack to 0.6.2
- Upgrade packaging to 19.2
- Upgrade pep517 to 0.7.0
- Upgrade pyparsing to 2.4.2
- Upgrade pytoml to 0.1.21
- Upgrade setuptools to 41.4.0
- Upgrade urllib3 to 1.25.6

Improved Documentation
- Document caveats for UNC paths in uninstall and add .pth unit tests.
- Add architectural overview documentation.
- Document that --ignore-installed is dangerous.
   2019-08-26 09:35:07 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-pip: updated to 19.2.3

19.2.3:
Bug Fixes
- Fix 'm' flag erroneously being appended to ABI tag in Python 3.8 on platforms \ 
that do not provide SOABI
   2019-08-12 09:06:36 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-pip: updated to 19.2.2

19.2.2:

Bug Fixes
- Fix handling of tokens (single part credentials) in URLs.
- Fix a regression that caused ~ expansion not to occur in --find-links
   2019-08-03 13:23:09 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-pip: updated to 19.2.1

19.2.1:

Bug Fixes
- Fix a NoneType AttributeError when evaluating hashes and no hashes
  are provided.

19.2:

Deprecations and Removals
- Drop support for EOL Python 3.4.
- Improve deprecation messages to include the version in which the functionality \ 
will be removed.

Features
- Credentials will now be loaded using keyring when installed.
- Fully support using --trusted-host inside requirements files.
- Update timestamps in pip's --log file to include milliseconds.
- Respect whether a file has been marked as "yanked" from a simple \ 
repository
  (see PEP 592 <https://www.python.org/dev/peps/pep-0592/>__ for details).
- When choosing candidates to install, prefer candidates with a hash matching
  one of the user-provided hashes.
- Improve the error message when METADATA or PKG-INFO is None when
  accessing metadata.
- Add a new command pip debug that can display e.g. the list of compatible
  tags for the current Python.
- Display hint on installing with --pre when search results include pre-release \ 
versions.
- Report to Warehouse that pip is running under CI if the PIP_IS_CI environment \ 
variable is set.
- Allow --python-version to be passed as a dotted version string (e.g.
  3.7 or 3.7.3).
- Log the final filename and SHA256 of a .whl file when done building a
  wheel.
- Include the wheel's tags in the log message explanation when a candidate
  wheel link is found incompatible.
- Add a --path argument to pip freeze to support --target
  installations.
- Add a --path argument to pip list to support --target
  installations.

Bug Fixes
- Set sys.argv[0] to the underlying setup.py when invoking setup.py
  via the setuptools shim so setuptools doesn't think the path is -c.
- Update pip download to respect the given --python-version when checking
  "Requires-Python".
- Respect --global-option and --install-option when installing from
  a version control url (e.g. git).
- Make the "ascii" progress bar really be "ascii" and not \ 
Unicode.
- Fail elegantly when trying to set an incorrectly formatted key in config.
- Prevent DistutilsOptionError when prefix is indicated in the global \ 
environment and --target is used.
- Fix pip install to respect --ignore-requires-python when evaluating
  links.
- Fix a debug log message when freezing an editable, non-version controlled
  requirement.
- Extend to Subversion 1.8+ the behavior of calling Subversion in
  interactive mode when pip is run interactively.
- Prevent pip install <url> from permitting directory traversal if e.g.
  a malicious server sends a Content-Disposition header with a filename
  containing ../ or ..\\.
- Hide passwords in output when using --find-links.
- Include more details in the log message if pip freeze can't generate a
  requirement string for a particular distribution.
- Add the line number and file location to the error message when reading an
  invalid requirements file in certain situations.
- Prefer os.confstr to ctypes when extracting glibc version info.
- Improve error message printed when an invalid editable requirement is provided.
- Improve error message formatting when a command errors out in a subprocess.

Vendored Libraries
- Upgrade certifi to 2019.6.16
- Upgrade distlib to 0.2.9.post0
- Upgrade msgpack to 0.6.1
- Upgrade requests to 2.22.0
- Upgrade urllib3 to 1.25.3
- Patch vendored html5lib, to prefer using collections.abc where possible.

Improved Documentation
- Document how Python 2.7 support will be maintained.
- Upgrade Sphinx version used to build documentation.
- Fix generation of subcommand manpages.
- Mention that pip can install from git refs.
- Replace a failing example of pip installs with extras with a working one.
   2019-05-07 07:17:20 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-pip: updated to 19.1.1

19.1.1:

Features
- Restore pyproject.toml handling to how it was with pip 19.0.3 to prevent
  the need to add --no-use-pep517 when installing in editable mode.

Bug Fixes
- Fix a regression that caused @ to be quoted in pypiserver links.
  This interfered with parsing the revision string from VCS urls.
   2019-04-24 10:28:33 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-pip: updated to 19.1

19.1:

Features
- Configuration files may now also be stored under sys.prefix
- Avoid creating an unnecessary local clone of a Bazaar branch when exporting.
- Include in pip's User-Agent string whether it looks like pip is running
  under CI.
- A custom (JSON-encoded) string can now be added to pip's User-Agent
  using the PIP_USER_AGENT_USER_DATA environment variable.
- For consistency, passing --no-cache-dir no longer affects whether wheels
  will be built.  In this case, a temporary directory is used.
- Command arguments in subprocess log messages are now quoted using
  shlex.quote().
- Prefix warning and error messages in log output with WARNING and ERROR.
- Using --build-options in a PEP 517 build now fails with an error,
  rather than silently ignoring the option.
- Error out with an informative message if one tries to install a
  pyproject.toml-style (PEP 517) source tree using --editable mode.
- When downloading a package, the ETA and average speed now only update once per \ 
second for better legibility.

Bug Fixes
- The stdout and stderr from VCS commands run by pip as subprocesses (e.g.
  git, hg, etc.) no longer pollute pip's stdout.
- Fix handling of requests exceptions when dependencies are debundled.
- Make pip's self version check avoid recommending upgrades to prereleases if \ 
the currently-installed version is stable.
- Fixed crash when installing a requirement from a URL that comes from a \ 
dependency without a URL.
- Improve handling of file URIs: correctly handle file://localhost/... and don't \ 
try to use UNC paths on Unix.
- Fix utils.encoding.auto_decode() LookupError with invalid encodings.
  utils.encoding.auto_decode() was broken when decoding Big Endian BOM
  byte-strings on Little Endian or vice versa.
- Fix incorrect URL quoting of IPv6 addresses.
- Redact the password from the extra index URL when using pip -v.
- The spinner no longer displays a completion message after subprocess calls
  not needing a spinner. It also no longer incorrectly reports an error after
  certain subprocess calls to Git that succeeded.
- Fix the handling of editable mode during installs when pyproject.toml is
  present but PEP 517 doesn't require the source tree to be treated as
  pyproject.toml-style.
- Fix NameError when handling an invalid requirement.

Vendored Libraries
- Updated certifi to 2019.3.9
- Updated distro to 1.4.0
- Update progress to 1.5
- Updated pyparsing to 2.4.0
- Updated pkg_resources to 41.0.1 (via setuptools)

Improved Documentation
- Make dashes render correctly when displaying long options like
  --find-links in the text.
   2019-02-21 09:32:21 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-pip: updated to 19.0.3

19.0.3:
Bug Fixes
- Fix an IndexError crash when a legacy build of a wheel fails.
- Fix a regression introduced in 19.0.2 where the filename in a RECORD file
  of an installed file would not be updated when installing a wheel.