Skip to content

Add support for Android tags #13303

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 21, 2025
Merged

Add support for Android tags #13303

merged 2 commits into from
Apr 21, 2025

Conversation

mhsmith
Copy link
Contributor

@mhsmith mhsmith commented Mar 26, 2025
edited
Loading

As discussed in the linked issue, this PR depends on an update to packaging. I've tested it locally by copying the changes from pypa/packaging#880, but it'll have to remain in draft state until the packaging PR has been merged and vendored into pip.

@mhsmith mhsmith mentioned this pull request Mar 26, 2025
Closed
1 task
@ichard26 ichard26 added this to the 25.2 milestone Apr 1, 2025
@ichard26
Copy link
Member

ichard26 commented Apr 1, 2025

I'll note that pip 25.1 is slated for release on April 19/20 so if you'd like to have Android support land in the next release, this needs to be ready to merge soon. If that's important, then I'd suggest flagging this to the packaging maintainers, otherwise we'll get this in for 25.2.

@mhsmith
Copy link
Contributor Author

mhsmith commented Apr 2, 2025

Thanks, I'll do that to try and get it in for 25.1.

@pfmoore
Copy link
Member

pfmoore commented Apr 2, 2025

Start with the packaging PR. Unless packaging can merge that and produce a new release within 7-10 days, we're not going to be able to take this PR no matter what state it's in.

@mhsmith mhsmith mentioned this pull request Apr 16, 2025
Closed
@pfmoore
Copy link
Member

pfmoore commented Apr 19, 2025

OK, the packaging PR is complete and merged. You have only a few days if you want this to be in 25.1 (the release was pushed back to 26/27 April, but I would like this merged by midweek at the latest if it's to go into 25.1).

@mhsmith mhsmith marked this pull request as ready for review April 20, 2025 11:30
@mhsmith
Copy link
Contributor Author

mhsmith commented Apr 20, 2025

@pfmoore OK, I think this is ready to merge now.

@pfmoore
Copy link
Member

pfmoore commented Apr 20, 2025

@ichard26 you've commented on the original issue here - do you have any concerns before we merge this?

In particular, do we need documentation (either now, or as a follow-up PR after 25.1) to cover the level of pip's support for Android (i.e., the code supports it, but the maintainers are clueless 🙂)?

@ichard26
Copy link
Member

I'm gonna say that since we merged iOS support without any supporting documentation changes, this is fine to merge as-is. Is the intention to make pip an official way to install and manage packages on an Android device or simply make it easier to integrate with the existing Python on Android toolchain? iOS was merged on the understanding of the latter.

FWIW, I believe that we're already covered by our platform compatibility statement:

The current version of pip works on:

  • Windows, Linux and macOS.
  • CPython 3.9, 3.10, 3.11, 3.12, 3.13, and latest PyPy3.

pip is tested to work on the latest patch version of the Python interpreter, for each of the minor versions listed above. Previous patch versions are supported on a best effort approach.

Other operating systems and Python versions are not supported by pip’s maintainers.

Users who are on unsupported platforms should be aware that if they hit issues, they may have to resolve them for themselves. If they received pip from a source which provides support for their platform, they should request pip support from that source.

https://pip.pypa.io/en/latest/installation/#compatibility

ichard26
ichard26 approved these changes Apr 20, 2025
View reviewed changes
Copy link
Member

@ichard26 ichard26 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved on the understanding that any improvements or bug-fixes need to come from an external contributor. User support requests should also be redirected to the appropriate forum (which would be...?) The pip core team has no capacity to independently maintain Android support.

@mhsmith
Copy link
Contributor Author

mhsmith commented Apr 21, 2025

Is the intention to make pip an official way to install and manage packages on an Android device or simply make it easier to integrate with the existing Python on Android toolchain?

As on iOS, pip would be used by app building tools like Briefcase, and hopefully in the future Kivy's Buildozer. It would also be used by cibuildwheel to make environments for testing wheels.

Unlike iOS, there's also the possibility of running pip directly on an Android device via Termux.

In all of these cases, the appropriate support forum would be the larger project within which pip is used.

@ichard26
Copy link
Member

ichard26 commented Apr 21, 2025
edited
Loading

My main concern is that we'll have users try to use pip on Termux or some other Android platform and we won't know where to point them when they file issues on our tracker. Would Termux be the right forum to redirect them to? It's easy for the cases where it's being used in a larger toolchain/ecosystem, but I'm not sure if Termux would want to provide support for all of the packages they make available.

I'm sorry if I'm missing something obvious, but I have really do have zero knowledge of Python on Android.

@ichard26 ichard26 merged commit be3818a into pypa:main Apr 21, 2025
29 checks passed
@ichard26
Copy link
Member

Thank you for contributing this by the way!

@mhsmith
Copy link
Contributor Author

mhsmith commented Apr 22, 2025

Termux's own packaging system is based on dpkg and apt, and they currently provide a python-pip package at version 25.0.1. It looks like this doesn't yet support installing any architecture-specific wheels. They provide a few popular packages in dpkg form, and everything else has to be compiled from sdists on the device, which is obviously slow.

When they pick up the next version of pip that includes this PR, they will gain the ability to install Android wheels from PyPI as they become available. Any Android-specific issues that come from that will likely be connected to the way that Termux builds and installs Python itself, so Termux would still be the appropriate project to deal with it.

Thanks for the review, and sorry for leaving this so close to the release deadline.

@pfmoore
Copy link
Member

pfmoore commented Apr 22, 2025

I think we'll just have to see what happens. I'm personally perfectly OK with saying that people using pip via termux will need to ask the termux project for help, or if that doesn't work, diagnose and supply any necessary fix themselves. If users aren't happy with that, the only realistic alternative we have is to drop support for Android, and I don't think anyone wants that.

The most likely issue I can see is "pip won't install X", which will probably be because X or one of its dependencies doesn't provide Android wheels. I don't know what the general level of technical expertise of Termux users is like, but we don't actually provide that sort of "inexperienced end user helpdesk" support on any platform.

If (worst case scenario) there's a major bug with Android support, and no-one steps up to offer a fix, we can consider then whether supporting Andriod is viable. But I hope we won't need to do that.

github-merge-queue bot pushed a commit to MeltanoLabs/target-csv that referenced this pull request Apr 28, 2025
@dependabot
ci: bump pip from 25.0.1 to 25.1 in /.github/workflows in the ci group (
b814dd5 
#193)

Bumps the ci group in /.github/workflows with 1 update:
[pip](https://github.com/pypa/pip).

Updates `pip` from 25.0.1 to 25.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-merge-queue bot pushed a commit to MeltanoLabs/tap-pulumi-cloud that referenced this pull request Apr 28, 2025
@dependabot
ci: bump pip from 25.0.1 to 25.1 in /.github/workflows in the ci group (
15e7ecd 
#248)

Bumps the ci group in /.github/workflows with 1 update:
[pip](https://github.com/pypa/pip).

Updates `pip` from 25.0.1 to 25.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-merge-queue bot pushed a commit to google/scaaml that referenced this pull request Apr 28, 2025
@dependabot
Bump the dependabot group with 4 updates (#375)
61332fa 
Bumps the dependabot group with 4 updates:
[setuptools](https://github.com/pypa/setuptools),
[certifi](https://github.com/certifi/python-certifi),
[pip](https://github.com/pypa/pip) and
[importlib-metadata](https://github.com/python/importlib_metadata).

Updates `setuptools` from 79.0.0 to 80.0.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/setuptools/blob/main/NEWS.rst">setuptools's
changelog</a>.</em></p>
<blockquote>
<h1>v80.0.0</h1>
<h2>Bugfixes</h2>
<ul>
<li>Update test to honor new behavior in importlib_metadata 8.7. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4961">#4961</a>)</li>
</ul>
<h2>Deprecations and Removals</h2>
<ul>
<li>Removed support for the easy_install command including the sandbox
module. (<a
href="https://redirect.github.com/pypa/setuptools/issues/2908">#2908</a>)</li>
<li>Develop command no longer uses easy_install, but instead defers
execution to pip (which then will re-invoke Setuptools via PEP 517 to
build the editable wheel). Most of the options to develop are dropped.
This is the final warning before the command is dropped completely in a
few months. Use-cases relying on 'setup.py develop' should pin to older
Setuptools version or migrate to modern build tooling. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4955">#4955</a>)</li>
</ul>
<h1>v79.0.1</h1>
<h2>Bugfixes</h2>
<ul>
<li>Merge with pypa/distutils@24bd3179b including fix for <a
href="https://redirect.github.com/pypa/distutils/issues/355">pypa/distutils#355</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/setuptools/commit/aeea79266d82f99dbe556126b90b64215a663a2c"><code>aeea792</code></a>
Bump version: 79.0.1 → 80.0.0</li>
<li><a
href="https://github.com/pypa/setuptools/commit/2c874e78f4240963f74debcaadcccb97cb302ded"><code>2c874e7</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/4962">#4962</a>
from pypa/bugfix/4961-validated-eps</li>
<li><a
href="https://github.com/pypa/setuptools/commit/82c588aedd8142e7615031358e2d2640213a351d"><code>82c588a</code></a>
Update test to honor new behavior in importlib_metadata 8.7</li>
<li><a
href="https://github.com/pypa/setuptools/commit/ef4cd2960d75f2d49f40f5495347523be62d20e5"><code>ef4cd29</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/2908">#2908</a>
from pypa/debt/remove-easy-install</li>
<li><a
href="https://github.com/pypa/setuptools/commit/85bbad4945d874a2444e4531c74c5074cdeca010"><code>85bbad4</code></a>
Merge branch 'main' into debt/remove-easy-install</li>
<li><a
href="https://github.com/pypa/setuptools/commit/9653305c35a143b8d1bad2c190f918887dd1e6d5"><code>9653305</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/4955">#4955</a>
from pypa/debt/develop-uses-pip</li>
<li><a
href="https://github.com/pypa/setuptools/commit/da119e7e996b00b6e26f79995bec55684a3fabbe"><code>da119e7</code></a>
Set a due date 6 months in advance.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/a7603da5d3c709f6f01c8df8031ba7a7ae7959a0"><code>a7603da</code></a>
Rename news fragment to reference the pull request for better precise
locality.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/018a20cb130e9357f39c176b59c83738a09d7daa"><code>018a20c</code></a>
Restore a few of the options to develop.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/a5f02fe88d46e963bc470a60a9f8613d7f889d49"><code>a5f02fe</code></a>
Remove another test relying on setup.py develop.</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/setuptools/compare/v79.0.0...v80.0.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `certifi` from 2025.1.31 to 2025.4.26
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/certifi/python-certifi/commit/275c9eb55733a464589c15fb4566fddd4598e5b2"><code>275c9eb</code></a>
2025.04.26 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/347">#347</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/37883310b51e56570919cdc2d44becc1c6940559"><code>3788331</code></a>
Bump actions/setup-python from 5.4.0 to 5.5.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/346">#346</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/9d1f1b782000baedf57026de5b79e193bcb7ef7b"><code>9d1f1b7</code></a>
Bump actions/download-artifact from 4.1.9 to 4.2.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/344">#344</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/96b97a5afe26bc1adef98cb0bfe68e34948a73b6"><code>96b97a5</code></a>
Bump actions/upload-artifact from 4.6.1 to 4.6.2 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/343">#343</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/c054ed3ac3d3505efc929b71cfd87a257bbdb6b3"><code>c054ed3</code></a>
Bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/342">#342</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/44547fc77121b12bb276b44b3b2b49cfcbeac06f"><code>44547fc</code></a>
Bump actions/download-artifact from 4.1.8 to 4.1.9 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/341">#341</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/5ea51247afecf1bf4ebfa8f2db3082e89a8bfaed"><code>5ea5124</code></a>
Bump actions/upload-artifact from 4.6.0 to 4.6.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/340">#340</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/2f142b7ae0b2d13fee4ba4b9fbd73a9cd5069060"><code>2f142b7</code></a>
Bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/339">#339</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/80d2ebdc77d2d005f408f789fe2fb1fe5f4e0265"><code>80d2ebd</code></a>
Bump actions/setup-python from 5.3.0 to 5.4.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/337">#337</a>)</li>
<li>See full diff in <a
href="https://github.com/certifi/python-certifi/compare/2025.01.31...2025.04.26">compare
view</a></li>
</ul>
</details>
<br />

Updates `pip` from 25.0.1 to 25.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `importlib-metadata` from 8.6.1 to 8.7.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python/importlib_metadata/blob/main/NEWS.rst">importlib-metadata's
changelog</a>.</em></p>
<blockquote>
<h1>v8.7.0</h1>
<h2>Features</h2>
<ul>
<li><code>.metadata()</code> (and <code>Distribution.metadata</code>)
can now return <code>None</code> if the metadata directory exists but
not metadata file is present. (<a
href="https://redirect.github.com/python/importlib_metadata/issues/493">#493</a>)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>Raise consistent ValueError for invalid EntryPoint.value (<a
href="https://redirect.github.com/python/importlib_metadata/issues/518">#518</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/python/importlib_metadata/commit/708dff4f1ab89bdd126e3e8c56098d04282c5809"><code>708dff4</code></a>
Finalize</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/b3065f03cc3395f46ed575e612e213f92a064879"><code>b3065f0</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_metadata/issues/519">#519</a>
from python/bugfix/493-metadata-missing</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/e4351c226765f53a40316fa6aab50488aee8a90f"><code>e4351c2</code></a>
Add a new test capturing the new expectation.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/5a657051f7386de6f0560c200d78e941be2c8058"><code>5a65705</code></a>
Refactor the casting into a wrapper for brevity and to document its
purpose.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/0830c39b8a23e48024365120c0e97a6f7c36c5ec"><code>0830c39</code></a>
Add news fragment.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/22bb567692d8e7bd216f864a9d8dee1272ee8674"><code>22bb567</code></a>
Fix type errors where metadata could be None.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/57f31d77e18fef11dfadfd44775f253971c36920"><code>57f31d7</code></a>
Allow metadata to return None when there is no metadata present.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/b9c4be4253250ad604610db66204e5fa70fa2455"><code>b9c4be4</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_metadata/issues/518">#518</a>
from python/bugfix/488-bad-ep-value</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/9f8af013635833cf3ac348413c9ac63b37caa3dd"><code>9f8af01</code></a>
Prefer a cached property, as the property is likely to be retrieved at
least ...</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/f179e28888b2c6caf12baaf5449ff1cd82513dfe"><code>f179e28</code></a>
Also raise ValueError on construction if the value is invalid.</li>
<li>Additional commits viewable in <a
href="https://github.com/python/importlib_metadata/compare/v8.6.1...v8.7.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-actions bot pushed a commit to aio-libs/aiohttp that referenced this pull request Apr 28, 2025
@dependabot
Bump pip from 25.0.1 to 25.1 (#10799)
299fc52 
Bumps [pip](https://github.com/pypa/pip) from 25.0.1 to 25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-actions bot pushed a commit to aio-libs/aiohttp that referenced this pull request Apr 28, 2025
@dependabot
Bump pip from 25.0.1 to 25.1 (#10804)
ad5d139 
Bumps [pip](https://github.com/pypa/pip) from 25.0.1 to 25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
mergify bot pushed a commit to aws/jsii that referenced this pull request Apr 28, 2025
@dependabot
chore(deps-dev): Bump pip from 25.0.1 to 25.1 in /packages/jsii-pacma…
939ed4e 
…k/test/generated-code (#4819)

Bumps [pip](https://github.com/pypa/pip) from 25.0.1 to 25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8. (<code>[#12989](pypa/pip#12989) &lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend cannot be used anymore. (<code>[#13010](pypa/pip#13010) &lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage. (<code>[#13303](pypa/pip#13303) &lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code> library is used to
inspect and discover installed packages. This warning should only be visible to
users who set an undocumented environment variable to disable the default
<code>importlib.metadata</code> backend. (<code>[#13318](pypa/pip#13318) &lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To silence the warning,
and future-proof their setup, users should enable <code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control. (<code>[#13319](pypa/pip#13319) &lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an InvalidProxyURL error. (<code>[#12649](pypa/pip#12649) &lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging. (<code>[#12710](pypa/pip#12710) &lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation. (<code>[#12712](pypa/pip#12712) &lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large number
of dependencies by increasing the requirement string cache size. (<code>[#12873](pypa/pip#12873) &lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from :pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form <code>group</code> or
<code>path:group</code>, where the default path is <code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code> file. (<code>[#12963](pypa/pip#12963) &lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the <code>--resume-retries</code> flag. (<code>[#12991](pypa/pip#12991) &lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing <code>Home-Page</code> field
in <code>pip show</code>. (<code>[#13135](pypa/pip#13135) &lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index versions</code> command. (<code>[#13188](pypa/pip#13188) &lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index versions</code> (<code>[#13194](pypa/pip#13194) &lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command, implementing :pep:<code>751</code>. (<code>[#13213](pypa/pip#13213) &lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution. (<code>[#13253](pypa/pip#13253) &lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency resolution. (<code>[#13273](pypa/pip#13273) &lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs. (<code>[#13282](pypa/pip#13282) &lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when <code>setup.py</code> is being invoked directly. (<code>[#13290](pypa/pip#13290) &lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels. (<code>[#13299](pypa/pip#13299) &lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if set. (<code>[#5210](pypa/pip#5210) &lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode during</p>
</li>
</ul>

</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a> Add a news file for the pip lock command</li>
<li><a href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from sbidoul</li>
<li><a href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a> Remove LRU cache from methods [ruff rule cached-instance-method] (<a href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a> Clarify what the removal of the pkg_ressources backend implies</li>
<li><a href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a> Rename find_linked to find_legacy_editables</li>
<li><a href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a> Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
mergify bot pushed a commit to aws/jsii that referenced this pull request Apr 28, 2025
@dependabot
chore(deps): Update pip requirement from ~=25.0 to ~=25.1 in /package…
a616890 
…s/@jsii/python-runtime (#4820)

Updates the requirements on [pip](https://github.com/pypa/pip) to permit the latest version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8. (<code>[#12989](pypa/pip#12989) &lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend cannot be used anymore. (<code>[#13010](pypa/pip#13010) &lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage. (<code>[#13303](pypa/pip#13303) &lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code> library is used to
inspect and discover installed packages. This warning should only be visible to
users who set an undocumented environment variable to disable the default
<code>importlib.metadata</code> backend. (<code>[#13318](pypa/pip#13318) &lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To silence the warning,
and future-proof their setup, users should enable <code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control. (<code>[#13319](pypa/pip#13319) &lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an InvalidProxyURL error. (<code>[#12649](pypa/pip#12649) &lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging. (<code>[#12710](pypa/pip#12710) &lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation. (<code>[#12712](pypa/pip#12712) &lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large number
of dependencies by increasing the requirement string cache size. (<code>[#12873](pypa/pip#12873) &lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from :pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form <code>group</code> or
<code>path:group</code>, where the default path is <code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code> file. (<code>[#12963](pypa/pip#12963) &lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the <code>--resume-retries</code> flag. (<code>[#12991](pypa/pip#12991) &lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing <code>Home-Page</code> field
in <code>pip show</code>. (<code>[#13135](pypa/pip#13135) &lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index versions</code> command. (<code>[#13188](pypa/pip#13188) &lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index versions</code> (<code>[#13194](pypa/pip#13194) &lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command, implementing :pep:<code>751</code>. (<code>[#13213](pypa/pip#13213) &lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution. (<code>[#13253](pypa/pip#13253) &lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency resolution. (<code>[#13273](pypa/pip#13273) &lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs. (<code>[#13282](pypa/pip#13282) &lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when <code>setup.py</code> is being invoked directly. (<code>[#13290](pypa/pip#13290) &lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels. (<code>[#13299](pypa/pip#13299) &lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if set. (<code>[#5210](pypa/pip#5210) &lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode during</p>
</li>
</ul>

</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a> Add a news file for the pip lock command</li>
<li><a href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from sbidoul</li>
<li><a href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a> Remove LRU cache from methods [ruff rule cached-instance-method] (<a href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a> Clarify what the removal of the pkg_ressources backend implies</li>
<li><a href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a> Rename find_linked to find_legacy_editables</li>
<li><a href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a> Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/25.0...25.1">compare view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
github-merge-queue bot pushed a commit to MeltanoLabs/tap-postgres that referenced this pull request Apr 28, 2025
@dependabot
build(deps): Bump pip from 25.0.1 to 25.1 in /.github/workflows in th…
10d8f98 
…e ci group (#622)

Bumps the ci group in /.github/workflows with 1 update:
[pip](https://github.com/pypa/pip).

Updates `pip` from 25.0.1 to 25.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
inmantaci pushed a commit to inmanta/inmanta-core that referenced this pull request Apr 28, 2025
@dependabot @inmantaci
Bump pip from 25.0.1 to 25.1 (PR #8993)
2283c90 
Bumps [pip](https://github.com/pypa/pip) from 25.0.1 to 25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8. (<code>[#12989](pypa/pip#12989) &lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend cannot be used anymore. (<code>[#13010](pypa/pip#13010) &lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage. (<code>[#13303](pypa/pip#13303) &lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code> library is used to
inspect and discover installed packages. This warning should only be visible to
users who set an undocumented environment variable to disable the default
<code>importlib.metadata</code> backend. (<code>[#13318](pypa/pip#13318) &lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To silence the warning,
and future-proof their setup, users should enable <code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control. (<code>[#13319](pypa/pip#13319) &lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an InvalidProxyURL error. (<code>[#12649](pypa/pip#12649) &lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging. (<code>[#12710](pypa/pip#12710) &lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation. (<code>[#12712](pypa/pip#12712) &lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large number
of dependencies by increasing the requirement string cache size. (<code>[#12873](pypa/pip#12873) &lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from :pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form <code>group</code> or
<code>path:group</code>, where the default path is <code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code> file. (<code>[#12963](pypa/pip#12963) &lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the <code>--resume-retries</code> flag. (<code>[#12991](pypa/pip#12991) &lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing <code>Home-Page</code> field
in <code>pip show</code>. (<code>[#13135](pypa/pip#13135) &lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index versions</code> command. (<code>[#13188](pypa/pip#13188) &lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index versions</code> (<code>[#13194](pypa/pip#13194) &lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command, implementing :pep:<code>751</code>. (<code>[#13213](pypa/pip#13213) &lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution. (<code>[#13253](pypa/pip#13253) &lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency resolution. (<code>[#13273](pypa/pip#13273) &lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs. (<code>[#13282](pypa/pip#13282) &lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when <code>setup.py</code> is being invoked directly. (<code>[#13290](pypa/pip#13290) &lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels. (<code>[#13299](pypa/pip#13299) &lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if set. (<code>[#5210](pypa/pip#5210) &lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a> Add a news file for the pip lock command</li>
<li><a href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from sbidoul</li>
<li><a href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a> Remove LRU cache from methods [ruff rule cached-instance-method] (<a href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a> Clarify what the removal of the pkg_ressources backend implies</li>
<li><a href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a> Rename find_linked to find_legacy_editables</li>
<li><a href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a> Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
inmantaci pushed a commit to inmanta/inmanta-core that referenced this pull request Apr 28, 2025
@dependabot @inmantaci
Bump pip from 25.0.1 to 25.1 (PR #8995)
a3365ad 
Bumps [pip](https://github.com/pypa/pip) from 25.0.1 to 25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8. (<code>[#12989](pypa/pip#12989) &lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend cannot be used anymore. (<code>[#13010](pypa/pip#13010) &lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage. (<code>[#13303](pypa/pip#13303) &lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code> library is used to
inspect and discover installed packages. This warning should only be visible to
users who set an undocumented environment variable to disable the default
<code>importlib.metadata</code> backend. (<code>[#13318](pypa/pip#13318) &lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To silence the warning,
and future-proof their setup, users should enable <code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control. (<code>[#13319](pypa/pip#13319) &lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an InvalidProxyURL error. (<code>[#12649](pypa/pip#12649) &lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging. (<code>[#12710](pypa/pip#12710) &lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation. (<code>[#12712](pypa/pip#12712) &lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large number
of dependencies by increasing the requirement string cache size. (<code>[#12873](pypa/pip#12873) &lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from :pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form <code>group</code> or
<code>path:group</code>, where the default path is <code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code> file. (<code>[#12963](pypa/pip#12963) &lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the <code>--resume-retries</code> flag. (<code>[#12991](pypa/pip#12991) &lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing <code>Home-Page</code> field
in <code>pip show</code>. (<code>[#13135](pypa/pip#13135) &lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index versions</code> command. (<code>[#13188](pypa/pip#13188) &lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index versions</code> (<code>[#13194](pypa/pip#13194) &lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command, implementing :pep:<code>751</code>. (<code>[#13213](pypa/pip#13213) &lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution. (<code>[#13253](pypa/pip#13253) &lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency resolution. (<code>[#13273](pypa/pip#13273) &lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs. (<code>[#13282](pypa/pip#13282) &lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when <code>setup.py</code> is being invoked directly. (<code>[#13290](pypa/pip#13290) &lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels. (<code>[#13299](pypa/pip#13299) &lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if set. (<code>[#5210](pypa/pip#5210) &lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a> Add a news file for the pip lock command</li>
<li><a href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from sbidoul</li>
<li><a href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a> Remove LRU cache from methods [ruff rule cached-instance-method] (<a href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a> Clarify what the removal of the pkg_ressources backend implies</li>
<li><a href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a> Rename find_linked to find_legacy_editables</li>
<li><a href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a> Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
github-merge-queue bot pushed a commit to meltano/tap-smoke-test that referenced this pull request Apr 29, 2025
@dependabot
ci: bump pip from 25.0.1 to 25.1 in /.github/workflows in the ci group (
4f158d8 
#259)

Bumps the ci group in /.github/workflows with 1 update:
[pip](https://github.com/pypa/pip).

Updates `pip` from 25.0.1 to 25.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-merge-queue bot pushed a commit to MeltanoLabs/tap-circle-ci that referenced this pull request May 1, 2025
@dependabot
ci: bump pip from 25.0.1 to 25.1 in /.github/workflows in the ci group (
a396c08 
#238)

Bumps the ci group in /.github/workflows with 1 update:
[pip](https://github.com/pypa/pip).

Updates `pip` from 25.0.1 to 25.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 8, 2025
@pfmoore
Copy link
Member

pfmoore commented May 19, 2025

We're definitely starting to see issue reports from Android users, and they are frankly very difficult to do much about. So far, if I see "termux" mentioned, I'm telling the users to report to the termux project (and closing the issue). If I see Android mentioned, I'm saying "are you using termux? if so, please report to them" and leaving the issue open, which isn't much better.

@pypa pypa unlocked this conversation May 19, 2025
github-merge-queue bot pushed a commit to google/sedpack that referenced this pull request May 22, 2025
@dependabot @kralka
Bump the dependabot group across 1 directory with 7 updates (#168)
4396c10 
Bumps the dependabot group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [click](https://github.com/pallets/click) | `8.1.5` | `8.2.0` |
| [importlib-metadata](https://github.com/python/importlib_metadata) |
`8.6.1` | `8.7.0` |
| [pip](https://github.com/pypa/pip) | `25.0.1` | `25.1.1` |
| [setuptools](https://github.com/pypa/setuptools) | `79.0.0` | `80.7.1`
|
| [certifi](https://github.com/certifi/python-certifi) | `2025.1.31` |
`2025.4.26` |
| [pluggy](https://github.com/pytest-dev/pluggy) | `1.5.0` | `1.6.0` |
| [termcolor](https://github.com/termcolor/termcolor) | `3.0.1` |
`3.1.0` |


Updates `click` from 8.1.5 to 8.2.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/click/releases">click's
releases</a>.</em></p>
<blockquote>
<h2>8.2.0</h2>
<p>This is the Click 8.2.0 feature release. A feature release may
include new features, remove previously deprecated code, add new
deprecation, or introduce potentially breaking changes.</p>
<p>We encourage everyone to upgrade. You can read more about our <a
href="https://palletsprojects.com/versions">Version Support Policy</a>
on our website.</p>
<p>PyPI: <a
href="https://pypi.org/project/click/8.2.0/">https://pypi.org/project/click/8.2.0/</a>
Changes: <a
href="https://click.palletsprojects.com/en/stable/changes/">https://click.palletsprojects.com/en/stable/changes/</a>
Milestone <a
href="https://github.com/pallets/click/milestone/15">https://github.com/pallets/click/milestone/15</a></p>
<ul>
<li>Drop support for Python 3.7, 3.8,and 3.9. <a
href="https://redirect.github.com/pallets/click/issues/2588">#2588</a>,
<a
href="https://redirect.github.com/pallets/click/issues/2893">#2893</a></li>
<li>Use modern packaging metadata with <code>pyproject.toml</code>
instead of <code>setup.cfg</code>. <a
href="https://redirect.github.com/pallets/click/issues/2438">#2438</a></li>
<li>Use <code>flit_core</code> instead of <code>setuptools</code> as
build backend. <a
href="https://redirect.github.com/pallets/click/issues/2543">#2543</a></li>
<li>Deprecate the <code>__version__</code> attribute. Use feature
detection, or
<code>importlib.metadata.version(&quot;click&quot;)</code>, instead. <a
href="https://redirect.github.com/pallets/click/issues/2598">#2598</a></li>
<li><code>BaseCommand</code> is deprecated. <code>Command</code> is the
base class for all commands. <a
href="https://redirect.github.com/pallets/click/issues/2589">#2589</a></li>
<li><code>MultiCommand</code> is deprecated. <code>Group</code> is the
base class for all group commands. <a
href="https://redirect.github.com/pallets/click/issues/2590">#2590</a></li>
<li>The current parser and related classes and methods, are deprecated.
<a
href="https://redirect.github.com/pallets/click/issues/2205">#2205</a>
<ul>
<li><code>OptionParser</code> and the <code>parser</code> module, which
is a modified copy of <code>optparse</code> in the standard
library.</li>
<li><code>Context.protected_args</code> is unneeded.
<code>Context.args</code> contains any remaining arguments while
parsing.</li>
<li><code>Parameter.add_to_parser</code> (on both <code>Argument</code>
and <code>Option</code>) is unneeded. Parsing works directly without
building a separate parser.</li>
<li><code>split_arg_string</code> is moved from <code>parser</code> to
<code>shell_completion</code>.</li>
</ul>
</li>
<li>Enable deferred evaluation of annotations with <code>from __future__
import annotations</code>. <a
href="https://redirect.github.com/pallets/click/issues/2270">#2270</a></li>
<li>When generating a command's name from a decorated function's name,
the suffixes <code>_command</code>, <code>_cmd</code>,
<code>_group</code>, and <code>_grp</code> are removed. <a
href="https://redirect.github.com/pallets/click/issues/2322">#2322</a></li>
<li>Show the <code>types.ParamType.name</code> for
<code>types.Choice</code> options within <code>--help</code> message if
<code>show_choices=False</code> is specified. <a
href="https://redirect.github.com/pallets/click/issues/2356">#2356</a></li>
<li>Do not display default values in prompts when
<code>Option.show_default</code> is <code>False</code>. <a
href="https://redirect.github.com/pallets/click/issues/2509">#2509</a></li>
<li>Add <code>get_help_extra</code> method on <code>Option</code> to
fetch the generated extra items used in <code>get_help_record</code> to
render help text. <a
href="https://redirect.github.com/pallets/click/issues/2516">#2516</a>
<a
href="https://redirect.github.com/pallets/click/issues/2517">#2517</a></li>
<li>Keep stdout and stderr streams independent in
<code>CliRunner</code>. Always collect stderr output and never raise an
exception. Add a new output stream to simulate what the user sees in its
terminal. Removes the <code>mix_stderr</code> parameter in
<code>CliRunner</code>. <a
href="https://redirect.github.com/pallets/click/issues/2522">#2522</a>
<a
href="https://redirect.github.com/pallets/click/issues/2523">#2523</a></li>
<li><code>Option.show_envvar</code> now also shows environment variable
in error messages. <a
href="https://redirect.github.com/pallets/click/issues/2695">#2695</a>
<a
href="https://redirect.github.com/pallets/click/issues/2696">#2696</a></li>
<li><code>Context.close</code> will be called on exit. This results in
all <code>Context.call_on_close</code> callbacks and context managers
added via <code>Context.with_resource</code> to be closed on exit as
well. <a
href="https://redirect.github.com/pallets/click/issues/2680">#2680</a></li>
<li>Add <code>ProgressBar(hidden: bool)</code> to allow hiding the
progressbar. <a
href="https://redirect.github.com/pallets/click/issues/2609">#2609</a></li>
<li>A <code>UserWarning</code> will be shown when multiple parameters
attempt to use the same name. <a
href="https://redirect.github.com/pallets/click/issues/2396">#2396</a></li>
<li>When using <code>Option.envvar</code> with
<code>Option.flag_value</code>, the <code>flag_value</code> will always
be used instead of the value of the environment variable. <a
href="https://redirect.github.com/pallets/click/issues/2746">#2746</a>
<a
href="https://redirect.github.com/pallets/click/issues/2788">#2788</a></li>
<li>Add <code>Choice.get_invalid_choice_message</code> method for
customizing the invalid choice message. <a
href="https://redirect.github.com/pallets/click/issues/2621">#2621</a>
<a
href="https://redirect.github.com/pallets/click/issues/2622">#2622</a></li>
<li>If help is shown because <code>no_args_is_help</code> is enabled
(defaults to <code>True</code> for groups, <code>False</code> for
commands), the exit code is 2 instead of 0. <a
href="https://redirect.github.com/pallets/click/issues/1489">#1489</a>
<a
href="https://redirect.github.com/pallets/click/issues/1489">#1489</a></li>
<li>Contexts created during shell completion are closed properly, fixing
a <code>ResourceWarning</code> when using <code>click.File</code>. <a
href="https://redirect.github.com/pallets/click/issues/2644">#2644</a>
<a
href="https://redirect.github.com/pallets/click/issues/2800">#2800</a>
<a
href="https://redirect.github.com/pallets/click/issues/2767">#2767</a></li>
<li><code>click.edit(filename)</code> now supports passing an iterable
of filenames in case the editor supports editing multiple files at once.
Its return type is now also typed: <code>AnyStr</code> if
<code>text</code> is passed, otherwise <code>None</code>. <a
href="https://redirect.github.com/pallets/click/issues/2067">#2067</a>
<a
href="https://redirect.github.com/pallets/click/issues/2068">#2068</a></li>
<li>Specialized typing of <code>progressbar(length=...)</code> as
<code>ProgressBar[int]</code>. <a
href="https://redirect.github.com/pallets/click/issues/2630">#2630</a></li>
<li>Improve <code>echo_via_pager</code> behaviour in face of errors. <a
href="https://redirect.github.com/pallets/click/issues/2674">#2674</a>
<ul>
<li>Terminate the pager in case a generator passed to
<code>echo_via_pager</code> raises an exception.</li>
<li>Ensure to always close the pipe to the pager process and wait for it
to terminate.</li>
<li><code>echo_via_pager</code> will not ignore
<code>KeyboardInterrupt</code> anymore. This allows the user to search
for future output of the generator when using less and then aborting the
program using ctrl-c.</li>
</ul>
</li>
<li><code>deprecated: bool | str</code> can now be used on options and
arguments. This previously was only available for <code>Command</code>.
The message can now also be customised by using a <code>str</code>
instead of a <code>bool</code>. <a
href="https://redirect.github.com/pallets/click/issues/2263">#2263</a>
<a
href="https://redirect.github.com/pallets/click/issues/2271">#2271</a>
<ul>
<li><code>Command.deprecated</code> formatting in <code>--help</code>
changed from <code>(Deprecated) help</code> to <code>help
(DEPRECATED)</code>.</li>
<li>Parameters cannot be required nor prompted or an error is
raised.</li>
<li>A warning will be printed when something deprecated is used.</li>
</ul>
</li>
<li>Add a <code>catch_exceptions</code> parameter to
<code>CliRunner</code>. If <code>catch_exceptions</code> is not passed
to <code>CliRunner.invoke</code>, the value from <code>CliRunner</code>
is used. <a
href="https://redirect.github.com/pallets/click/issues/2817">#2817</a>
<a
href="https://redirect.github.com/pallets/click/issues/2818">#2818</a></li>
<li><code>Option.flag_value</code> will no longer have a default value
set based on <code>Option.default</code> if <code>Option.is_flag</code>
is <code>False</code>. This results in <code>Option.default</code> not
needing to implement <code>__bool__</code>. <a
href="https://redirect.github.com/pallets/click/issues/2829">#2829</a></li>
<li>Incorrect <code>click.edit</code> typing has been corrected. <a
href="https://redirect.github.com/pallets/click/issues/2804">#2804</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/click/blob/main/CHANGES.rst">click's
changelog</a>.</em></p>
<blockquote>
<h2>Version 8.2.0</h2>
<p>Released 2025-05-10</p>
<ul>
<li>
<p>Drop support for Python 3.7, 3.8, and 3.9. :pr:<code>2588</code>
:pr:<code>2893</code></p>
</li>
<li>
<p>Use modern packaging metadata with <code>pyproject.toml</code>
instead of <code>setup.cfg</code>.
:pr:<code>2438</code></p>
</li>
<li>
<p>Use <code>flit_core</code> instead of <code>setuptools</code> as
build backend. :pr:<code>2543</code></p>
</li>
<li>
<p>Deprecate the <code>__version__</code> attribute. Use feature
detection, or
<code>importlib.metadata.version(&quot;click&quot;)</code>, instead.
:issue:<code>2598</code></p>
</li>
<li>
<p><code>BaseCommand</code> is deprecated. <code>Command</code> is the
base class for all
commands. :issue:<code>2589</code></p>
</li>
<li>
<p><code>MultiCommand</code> is deprecated. <code>Group</code> is the
base class for all group
commands. :issue:<code>2590</code></p>
</li>
<li>
<p>The current parser and related classes and methods, are deprecated.
:issue:<code>2205</code></p>
<ul>
<li><code>OptionParser</code> and the <code>parser</code> module, which
is a modified copy of
<code>optparse</code> in the standard library.</li>
<li><code>Context.protected_args</code> is unneeded.
<code>Context.args</code> contains any
remaining arguments while parsing.</li>
<li><code>Parameter.add_to_parser</code> (on both <code>Argument</code>
and <code>Option</code>) is
unneeded. Parsing works directly without building a separate
parser.</li>
<li><code>split_arg_string</code> is moved from <code>parser</code> to
<code>shell_completion</code>.</li>
</ul>
</li>
<li>
<p>Enable deferred evaluation of annotations with
<code>from __future__ import annotations</code>.
:pr:<code>2270</code></p>
</li>
<li>
<p>When generating a command's name from a decorated function's name,
the
suffixes <code>_command</code>, <code>_cmd</code>, <code>_group</code>,
and <code>_grp</code> are removed.
:issue:<code>2322</code></p>
</li>
<li>
<p>Show the <code>types.ParamType.name</code> for
<code>types.Choice</code> options within
<code>--help</code> message if <code>show_choices=False</code> is
specified.
:issue:<code>2356</code></p>
</li>
<li>
<p>Do not display default values in prompts when
<code>Option.show_default</code> is
<code>False</code>. :pr:<code>2509</code></p>
</li>
<li>
<p>Add <code>get_help_extra</code> method on <code>Option</code> to
fetch the generated extra
items used in <code>get_help_record</code> to render help text.
:issue:<code>2516</code>
:pr:<code>2517</code></p>
</li>
<li>
<p>Keep stdout and stderr streams independent in <code>CliRunner</code>.
Always
collect stderr output and never raise an exception. Add a new
output stream to simulate what the user sees in its terminal. Removes
the <code>mix_stderr</code> parameter in <code>CliRunner</code>.
:issue:<code>2522</code> :pr:<code>2523</code></p>
</li>
<li>
<p><code>Option.show_envvar</code> now also shows environment variable
in error messages.
:issue:<code>2695</code> :pr:<code>2696</code></p>
</li>
<li>
<p><code>Context.close</code> will be called on exit. This results in
all
<code>Context.call_on_close</code> callbacks and context managers added
via
<code>Context.with_resource</code> to be closed on exit as well.
:pr:<code>2680</code></p>
</li>
<li>
<p>Add <code>ProgressBar(hidden: bool)</code> to allow hiding the
progressbar. :issue:<code>2609</code></p>
</li>
<li>
<p>A <code>UserWarning</code> will be shown when multiple parameters
attempt to use the</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/click/commit/219206a18666624072fdbb803901e5eb7ce575a1"><code>219206a</code></a>
release version 8.2.0</li>
<li><a
href="https://github.com/pallets/click/commit/498f8826040fd6644d0f410c4d574df09c35d4b2"><code>498f882</code></a>
drop end of life python versions (<a
href="https://redirect.github.com/pallets/click/issues/2893">#2893</a>)</li>
<li><a
href="https://github.com/pallets/click/commit/ba770cbc96f522e9dab1bf54dc642dfa5b053956"><code>ba770cb</code></a>
drop end of life python versions</li>
<li><a
href="https://github.com/pallets/click/commit/f14b75063fb36b9208b13a920326926363616b39"><code>f14b750</code></a>
update dev dependencies</li>
<li><a
href="https://github.com/pallets/click/commit/9982faee85f2715a9cde03639f8c0382561c09ce"><code>9982fae</code></a>
Update CHANGES.rst</li>
<li><a
href="https://github.com/pallets/click/commit/7318f5f11bd59de62e4f7f73585d19300deb32b2"><code>7318f5f</code></a>
Update CHANGES.rst</li>
<li><a
href="https://github.com/pallets/click/commit/b7c0ab471c339488766d9413349947b2a7b21543"><code>b7c0ab4</code></a>
Merge <code>stable</code> into <code>main</code>; Release 8.2.0 (<a
href="https://redirect.github.com/pallets/click/issues/2873">#2873</a>)</li>
<li><a
href="https://github.com/pallets/click/commit/c9b96fe08de11f37d49e49f2de08a303bd0426ef"><code>c9b96fe</code></a>
Merge branch 'main' into main</li>
<li><a
href="https://github.com/pallets/click/commit/ab21233fc8f9e29d4194956d643af8bc180c7153"><code>ab21233</code></a>
Rewrite second half of options docs (<a
href="https://redirect.github.com/pallets/click/issues/2848">#2848</a>)</li>
<li><a
href="https://github.com/pallets/click/commit/8c89a1436232b08e0f09cf0583ac5bc83c0ca4da"><code>8c89a14</code></a>
Merge branch 'main' into options_docs_2</li>
<li>Additional commits viewable in <a
href="https://github.com/pallets/click/compare/8.1.5...8.2.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `importlib-metadata` from 8.6.1 to 8.7.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python/importlib_metadata/blob/main/NEWS.rst">importlib-metadata's
changelog</a>.</em></p>
<blockquote>
<h1>v8.7.0</h1>
<h2>Features</h2>
<ul>
<li><code>.metadata()</code> (and <code>Distribution.metadata</code>)
can now return <code>None</code> if the metadata directory exists but
not metadata file is present. (<a
href="https://redirect.github.com/python/importlib_metadata/issues/493">#493</a>)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>Raise consistent ValueError for invalid EntryPoint.value (<a
href="https://redirect.github.com/python/importlib_metadata/issues/518">#518</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/python/importlib_metadata/commit/708dff4f1ab89bdd126e3e8c56098d04282c5809"><code>708dff4</code></a>
Finalize</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/b3065f03cc3395f46ed575e612e213f92a064879"><code>b3065f0</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_metadata/issues/519">#519</a>
from python/bugfix/493-metadata-missing</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/e4351c226765f53a40316fa6aab50488aee8a90f"><code>e4351c2</code></a>
Add a new test capturing the new expectation.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/5a657051f7386de6f0560c200d78e941be2c8058"><code>5a65705</code></a>
Refactor the casting into a wrapper for brevity and to document its
purpose.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/0830c39b8a23e48024365120c0e97a6f7c36c5ec"><code>0830c39</code></a>
Add news fragment.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/22bb567692d8e7bd216f864a9d8dee1272ee8674"><code>22bb567</code></a>
Fix type errors where metadata could be None.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/57f31d77e18fef11dfadfd44775f253971c36920"><code>57f31d7</code></a>
Allow metadata to return None when there is no metadata present.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/b9c4be4253250ad604610db66204e5fa70fa2455"><code>b9c4be4</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_metadata/issues/518">#518</a>
from python/bugfix/488-bad-ep-value</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/9f8af013635833cf3ac348413c9ac63b37caa3dd"><code>9f8af01</code></a>
Prefer a cached property, as the property is likely to be retrieved at
least ...</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/f179e28888b2c6caf12baaf5449ff1cd82513dfe"><code>f179e28</code></a>
Also raise ValueError on construction if the value is invalid.</li>
<li>Additional commits viewable in <a
href="https://github.com/python/importlib_metadata/compare/v8.6.1...v8.7.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `pip` from 25.0.1 to 25.1.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1.1 (2025-05-02)</h1>
<h2>Bug Fixes</h2>
<ul>
<li>Fix <code>req.source_dir</code> AssertionError when using the legacy
resolver. (<code>[#13353](pypa/pip#13353)
&lt;https://github.com/pypa/pip/issues/13353&gt;</code>_)</li>
<li>Fix crash on Python 3.9.6 and lower when pip failed to compile a
Python module
during installation.
(<code>[#13364](pypa/pip#13364)
&lt;https://github.com/pypa/pip/issues/13364&gt;</code>_)</li>
<li>Names in dependency group includes are now normalized before lookup,
which
fixes incorrect <code>Dependency group '...' not found</code> errors.
(<code>[#13372](pypa/pip#13372)
&lt;https://github.com/pypa/pip/issues/13372&gt;</code>_)</li>
</ul>
<h2>Vendored Libraries</h2>
<ul>
<li>Fix issues with using tomllib from the stdlib if available, rather
than tomli</li>
<li>Upgrade dependency-groups to 1.3.1</li>
</ul>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</li>
<li>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</li>
<li>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</li>
<li>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</li>
<li>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/01857ef79f59a98db592bacb6e7b48f354528c80"><code>01857ef</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/08d8bb91e2c7734f98f828e28215aba15784012a"><code>08d8bb9</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13374">#13374</a> from
pfmoore/fixups</li>
<li><a
href="https://github.com/pypa/pip/commit/2bff84e495a3d31008088c168c5ab9bfa633a172"><code>2bff84e</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13363">#13363</a> from
sbidoul/fix-source_dir-assert</li>
<li><a
href="https://github.com/pypa/pip/commit/644e71d6e339035836dce0adbf59f881b334e186"><code>644e71d</code></a>
News file fixups</li>
<li><a
href="https://github.com/pypa/pip/commit/426856f496a8f84f1e36fded83b3d5e74968a786"><code>426856f</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13364">#13364</a> from
ichard26/bugfix/python39</li>
<li><a
href="https://github.com/pypa/pip/commit/b7e3aead483baf42ca00e29b9758338ad19c130b"><code>b7e3aea</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13356">#13356</a> from
eli-schwartz/tomllib</li>
<li><a
href="https://github.com/pypa/pip/commit/8c678fe85daaf11d8dd6a43b7835088513944655"><code>8c678fe</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13373">#13373</a> from
sirosen/update-vendored-dependency-groups</li>
<li><a
href="https://github.com/pypa/pip/commit/7d006399c0d0d38e55d56a6b0732e959bf75f796"><code>7d00639</code></a>
Update newsfiles for dependency-groups patch</li>
<li><a
href="https://github.com/pypa/pip/commit/6d28bbf065a292f67d3d66d8f47fba15a1a2d512"><code>6d28bbf</code></a>
Update version of <code>dependency-groups</code> to v1.3.1</li>
<li><a
href="https://github.com/pypa/pip/commit/94bd66d615d5f9036c53196f4f2acb7c71d5010c"><code>94bd66d</code></a>
Revert StreamWrapper removal to restore Python 3.9.{0,6} compat</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `setuptools` from 79.0.0 to 80.7.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/setuptools/blob/main/NEWS.rst">setuptools's
changelog</a>.</em></p>
<blockquote>
<h1>v80.7.1</h1>
<h2>Bugfixes</h2>
<ul>
<li>Only attempt to fetch eggs for unsatisfied requirements. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4998">#4998</a>)</li>
<li>In installer, when discovering egg dists, let metadata discovery
search each egg. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4998">#4998</a>)</li>
</ul>
<h1>v80.7.0</h1>
<h2>Features</h2>
<ul>
<li>Removed usage of pkg_resources from installer. Set an official
deadline on the installer deprecation to 2025-10-31. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4997">#4997</a>)</li>
</ul>
<h2>Misc</h2>
<ul>
<li><a
href="https://redirect.github.com/pypa/setuptools/issues/4996">#4996</a></li>
</ul>
<h1>v80.6.0</h1>
<h2>Features</h2>
<ul>
<li>Added a build dependency on coherent.licensed to inject the declared
license text at build time. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4981">#4981</a>)</li>
</ul>
<h2>Misc</h2>
<ul>
<li><a
href="https://redirect.github.com/pypa/setuptools/issues/4995">#4995</a></li>
</ul>
<h1>v80.5.0</h1>
<h2>Features</h2>
<ul>
<li>Replaced more references to pkg_resources with importlib
equivalents. (<a
href="https://redirect.github.com/pypa/setuptools/issues/3085">#3085</a>)</li>
</ul>
<p>Misc</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/setuptools/commit/12ca0186ba7d9bf387d65400bb05205d0bcf9e56"><code>12ca018</code></a>
Bump version: 80.7.0 → 80.7.1</li>
<li><a
href="https://github.com/pypa/setuptools/commit/31f8cac5faa7837e15a6716744034dff52ebcb8c"><code>31f8cac</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/4999">#4999</a>
from pypa/bugfix/4998-directory-not-empty</li>
<li><a
href="https://github.com/pypa/setuptools/commit/e6f9ee9411566b276e52e828016b9d27007228bc"><code>e6f9ee9</code></a>
In installer, when discovering egg dists, let metadata discovery search
each ...</li>
<li><a
href="https://github.com/pypa/setuptools/commit/76d2923db3e60261e7e9f26a37287b27ad3933a1"><code>76d2923</code></a>
Only attempt to fetch eggs for unsatisfied requirements.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/486081e9eff38c6ed19aa24eab8200d9bba4cdce"><code>486081e</code></a>
Bump version: 80.6.0 → 80.7.0</li>
<li><a
href="https://github.com/pypa/setuptools/commit/f2748d1c1c5046814d929cb270724c2b35ee6020"><code>f2748d1</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/4997">#4997</a>
from pypa/feature/remove-more-pkg_resources</li>
<li><a
href="https://github.com/pypa/setuptools/commit/1089223a382ca11ba70fcd9f1081ca22cd9997dc"><code>1089223</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/4996">#4996</a>
from abravalheri/cleanup-distutils</li>
<li><a
href="https://github.com/pypa/setuptools/commit/00c16df484fa3ec67223037846eff4a280dccb80"><code>00c16df</code></a>
Bump version: 80.5.0 → 80.6.0</li>
<li><a
href="https://github.com/pypa/setuptools/commit/89d3aef7fa7ff5e68cd5c2c29bc986bbd4afa782"><code>89d3aef</code></a>
Add news fragment.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/b74789e2aa3227e85d61b40708959b35d7f666cc"><code>b74789e</code></a>
Merge <a
href="https://github.com/jaraco/skeleton">https://github.com/jaraco/skeleton</a></li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/setuptools/compare/v79.0.0...v80.7.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `certifi` from 2025.1.31 to 2025.4.26
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/certifi/python-certifi/commit/275c9eb55733a464589c15fb4566fddd4598e5b2"><code>275c9eb</code></a>
2025.04.26 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/347">#347</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/37883310b51e56570919cdc2d44becc1c6940559"><code>3788331</code></a>
Bump actions/setup-python from 5.4.0 to 5.5.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/346">#346</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/9d1f1b782000baedf57026de5b79e193bcb7ef7b"><code>9d1f1b7</code></a>
Bump actions/download-artifact from 4.1.9 to 4.2.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/344">#344</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/96b97a5afe26bc1adef98cb0bfe68e34948a73b6"><code>96b97a5</code></a>
Bump actions/upload-artifact from 4.6.1 to 4.6.2 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/343">#343</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/c054ed3ac3d3505efc929b71cfd87a257bbdb6b3"><code>c054ed3</code></a>
Bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/342">#342</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/44547fc77121b12bb276b44b3b2b49cfcbeac06f"><code>44547fc</code></a>
Bump actions/download-artifact from 4.1.8 to 4.1.9 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/341">#341</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/5ea51247afecf1bf4ebfa8f2db3082e89a8bfaed"><code>5ea5124</code></a>
Bump actions/upload-artifact from 4.6.0 to 4.6.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/340">#340</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/2f142b7ae0b2d13fee4ba4b9fbd73a9cd5069060"><code>2f142b7</code></a>
Bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/339">#339</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/80d2ebdc77d2d005f408f789fe2fb1fe5f4e0265"><code>80d2ebd</code></a>
Bump actions/setup-python from 5.3.0 to 5.4.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/337">#337</a>)</li>
<li>See full diff in <a
href="https://github.com/certifi/python-certifi/compare/2025.01.31...2025.04.26">compare
view</a></li>
</ul>
</details>
<br />

Updates `pluggy` from 1.5.0 to 1.6.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pytest-dev/pluggy/blob/main/CHANGELOG.rst">pluggy's
changelog</a>.</em></p>
<blockquote>
<h1>pluggy 1.6.0 (2025-05-15)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li><code>[#556](pytest-dev/pluggy#556)
&lt;https://github.com/pytest-dev/pluggy/issues/556&gt;</code>_: Python
3.8 is no longer supported.</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>
<p><code>[#504](pytest-dev/pluggy#504)
&lt;https://github.com/pytest-dev/pluggy/issues/504&gt;</code>_: Fix a
regression in pluggy 1.1.0 where using :func:<code>result.get_result()
&lt;pluggy.Result.get_result&gt;</code> on the same failed
:class:<code>~pluggy.Result</code> causes the exception's traceback to
get longer and longer.</p>
</li>
<li>
<p><code>[#544](pytest-dev/pluggy#544)
&lt;https://github.com/pytest-dev/pluggy/issues/544&gt;</code>_:
Correctly pass :class:<code>StopIteration</code> through hook
wrappers.</p>
<p>Raising a :class:<code>StopIteration</code> in a generator triggers a
:class:<code>RuntimeError</code>.</p>
<p>If the :class:<code>RuntimeError</code> of a generator has the passed
in :class:<code>StopIteration</code> as cause
resume with that :class:<code>StopIteration</code> as normal exception
instead of failing with the :class:<code>RuntimeError</code>.</p>
</li>
<li>
<p><code>[#573](pytest-dev/pluggy#573)
&lt;https://github.com/pytest-dev/pluggy/issues/573&gt;</code>_: Fix
python 3.14 SyntaxError by rearranging code.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pytest-dev/pluggy/commit/fd08ab5f811a9b2fa9124ae8cbbd393221151e2c"><code>fd08ab5</code></a>
Preparing release 1.6.0</li>
<li><a
href="https://github.com/pytest-dev/pluggy/commit/c240362152d6f354a4056bfd6d28560e226fb70b"><code>c240362</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pytest-dev/pluggy/issues/578">#578</a>)</li>
<li><a
href="https://github.com/pytest-dev/pluggy/commit/0ceb558860b5e228b67adbe8c19a368802e7d324"><code>0ceb558</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pluggy/issues/546">#546</a>
from RonnyPfannschmidt/ronny/hookwrapper-wrap-legacy</li>
<li><a
href="https://github.com/pytest-dev/pluggy/commit/1f4872e8cb2547dacea155a27f94f75e7e8f66ae"><code>1f4872e</code></a>
[pre-commit.ci] auto fixes from pre-commit.com hooks</li>
<li><a
href="https://github.com/pytest-dev/pluggy/commit/4be0c554ea22ca01c7dc30ecccac413a412c1ea7"><code>4be0c55</code></a>
add changelog</li>
<li><a
href="https://github.com/pytest-dev/pluggy/commit/615c6c57c2de62bd9652b59c7a89b3e1fcef08ae"><code>615c6c5</code></a>
Merge branch 'main' into hookwrapper-wrap-legacy</li>
<li><a
href="https://github.com/pytest-dev/pluggy/commit/2acc644f2ead34ac3a154bff2566037480b5c310"><code>2acc644</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pytest-dev/pluggy/issues/577">#577</a>)</li>
<li><a
href="https://github.com/pytest-dev/pluggy/commit/ea5ada08d36d71bbd1f4e0c8472f8f9a4b210a2d"><code>ea5ada0</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pytest-dev/pluggy/issues/576">#576</a>)</li>
<li><a
href="https://github.com/pytest-dev/pluggy/commit/dfd250bcfc3d73f72693d4f14cf48bb737ded9f0"><code>dfd250b</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pytest-dev/pluggy/issues/575">#575</a>)</li>
<li><a
href="https://github.com/pytest-dev/pluggy/commit/1e1862fe458b663728b7523bee2c407455836931"><code>1e1862f</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pytest-dev/pluggy/issues/574">#574</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pytest-dev/pluggy/compare/1.5.0...1.6.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `termcolor` from 3.0.1 to 3.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/termcolor/termcolor/releases">termcolor's
releases</a>.</em></p>
<blockquote>
<h2>Release 3.1.0</h2>
<h2>Added</h2>
<ul>
<li>Add true colour RGB option as input arguments (<a
href="https://redirect.github.com/termcolor/termcolor/issues/102">#102</a>)
<a href="https://github.com/icyveins7"><code>@​icyveins7</code></a></li>
<li>Cache system lookups to save invocation time (<a
href="https://redirect.github.com/termcolor/termcolor/issues/107">#107</a>)
<a
href="https://github.com/miketheman"><code>@​miketheman</code></a></li>
<li>Advertise typing via classifier (<a
href="https://redirect.github.com/termcolor/termcolor/issues/104">#104</a>)
<a
href="https://github.com/miketheman"><code>@​miketheman</code></a></li>
</ul>
<h2>Changed</h2>
<ul>
<li>Migrate coverage configuration to <code>pyproject.toml</code> (<a
href="https://redirect.github.com/termcolor/termcolor/issues/105">#105</a>)
<a
href="https://github.com/miketheman"><code>@​miketheman</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/termcolor/termcolor/commit/1e0ae11ba804f391c1d843c2512b37e8744b0ada"><code>1e0ae11</code></a>
Test free-threaded Python 3.13t and 3.14t (<a
href="https://redirect.github.com/termcolor/termcolor/issues/111">#111</a>)</li>
<li><a
href="https://github.com/termcolor/termcolor/commit/9e3f5bb3f4fce51b99da69534fa43686581090a4"><code>9e3f5bb</code></a>
Test free-threaded Python 3.13t and 3.14t</li>
<li><a
href="https://github.com/termcolor/termcolor/commit/52bf7215ce809ab4ba5a11a298c09e6ed44eb00d"><code>52bf721</code></a>
Add mutation testing (<a
href="https://redirect.github.com/termcolor/termcolor/issues/109">#109</a>)</li>
<li><a
href="https://github.com/termcolor/termcolor/commit/968cfa566d656755f8cabf863f59e5a0df0f8c2b"><code>968cfa5</code></a>
Add tests for cprint kwargs</li>
<li><a
href="https://github.com/termcolor/termcolor/commit/6048bd599d2f7fe47a2dfe82bbc33af4e64098e9"><code>6048bd5</code></a>
Add mutation testing</li>
<li><a
href="https://github.com/termcolor/termcolor/commit/fd08149187df889da631805ab3651e9265eb8f00"><code>fd08149</code></a>
Test code branches (<a
href="https://redirect.github.com/termcolor/termcolor/issues/108">#108</a>)</li>
<li><a
href="https://github.com/termcolor/termcolor/commit/b32a0068c05ff624c322cf311d2b6782494d8f33"><code>b32a006</code></a>
Test code branches</li>
<li><a
href="https://github.com/termcolor/termcolor/commit/60815d2a7eea7b239f2f006bab618f630a323f2e"><code>60815d2</code></a>
Cache system lookups to save invocation time (<a
href="https://redirect.github.com/termcolor/termcolor/issues/107">#107</a>)</li>
<li><a
href="https://github.com/termcolor/termcolor/commit/7e1e892a38b86cfc0dbebfa969f39d33295c9b29"><code>7e1e892</code></a>
Complete coverage via added tests (<a
href="https://redirect.github.com/termcolor/termcolor/issues/106">#106</a>)</li>
<li><a
href="https://github.com/termcolor/termcolor/commit/e516dd521e870c1a6b06d86974c415aa8c3cfc99"><code>e516dd5</code></a>
Cache system lookups to save invocation time</li>
<li>Additional commits viewable in <a
href="https://github.com/termcolor/termcolor/compare/3.0.1...3.1.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: kralka <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ichard26 ichard26 ichard26 approved these changes

Assignees
No one assigned
Labels
bot:chronographer:provided
Projects
None yet
Milestone
25.2
Development

Successfully merging this pull request may close these issues.

Add support for Android
3 participants
@mhsmith @ichard26 @pfmoore