Skip to content

Commit 98eb065

Browse files
dependabot[bot]inmantaci
dependabot[bot]
authored and
inmantaci
committed
Bump pip from 23.0 to 23.0.1 (PR #5597)
Bumps [pip](https://github.com/pypa/pip) from 23.0 to 23.0.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>23.0.1 (2023-02-17)</h1> <h2>Features</h2> <ul> <li>Ignore PIP_REQUIRE_VIRTUALENV for <code>pip index</code> (<code>[#11671](pypa/pip#11671) &lt;https://github.com/pypa/pip/issues/11671&gt;</code>_)</li> <li>Implement <code>--break-system-packages</code> to permit installing packages into <code>EXTERNALLY-MANAGED</code> Python installations. (<code>[#11780](pypa/pip#11780) &lt;https://github.com/pypa/pip/issues/11780&gt;</code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Improve handling of isolated build environments on platforms that customize the Python's installation schemes, such as Debian and Homebrew. (<code>[#11740](pypa/pip#11740) &lt;https://github.com/pypa/pip/issues/11740&gt;</code>_)</li> <li>Do not crash in presence of misformatted hash field in <code>direct_url.json</code>. (<code>[#11773](pypa/pip#11773) &lt;https://github.com/pypa/pip/issues/11773&gt;</code>_)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/3817aef07f4c8a0cb1c43bb9a73f1bb624fc263b"><code>3817aef</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/9a0d9301c24dc5268ce2640096c301ff7190dd8d"><code>9a0d930</code></a> Reconcile computation of isolated build environment paths (<a href="https://github-redirect.dependabot.com/pypa/pip/issues/11740">#11740</a>)</li> <li><a href="https://github.com/pypa/pip/commit/e6deb9b87c18cdd27a9ba27cb7e0670ffb81d45e"><code>e6deb9b</code></a> Implement <code>--break-system-packages</code> for EXTERNALLY-MANAGED installations (<a href="https://github-redirect.dependabot.com/pypa/pip/issues/11">#11</a>...</li> <li><a href="https://github.com/pypa/pip/commit/864fd7764b97ffac8c08946caccc2286bee36ed1"><code>864fd77</code></a> Ignore PIP_REQUIRE_VIRTUALENV for <code>pip index</code> (<a href="https://github-redirect.dependabot.com/pypa/pip/issues/11671">#11671</a>)</li> <li><a href="https://github.com/pypa/pip/commit/0138bd54c6d346fc2b14e0a9554a1b636fe17001"><code>0138bd5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/pip/issues/11779">#11779</a> from sbidoul/fix-direct_url-invalid-hash-sbi</li> <li>See full diff in <a href="https://github.com/pypa/pip/compare/23.0...23.0.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=23.0&new-version=23.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
1 parent 298ac31 commit 98eb065

File tree

2 files changed

+7
-1
lines changed

2 files changed

+7
-1
lines changed

changelogs/unreleased/5597-dependabot.yml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
change-type: patch
2+
description: Bump pip from 23.0 to 23.0.1
3+
destination-branches:
4+
- master
5+
- iso6
6+
sections: {}

requirements.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ jinja2==3.1.2
1313
more-itertools==9.0.0
1414
netifaces==0.11.0
1515
packaging==23.0
16-
pip==23.0
16+
pip==23.0.1
1717
ply==3.11
1818
pydantic==1.10.5
1919
pyformance==0.4

0 commit comments

Comments
 (0)