diff --git a/_multibuild b/_multibuild
index 6222fa7..fcc7b97 100644
--- a/_multibuild
+++ b/_multibuild
@@ -1,4 +1,3 @@
test
- wheel
diff --git a/disable-ssl-context-in-buildenv.patch b/disable-ssl-context-in-buildenv.patch
new file mode 100644
index 0000000..71942c7
--- /dev/null
+++ b/disable-ssl-context-in-buildenv.patch
@@ -0,0 +1,30 @@
+Index: pip-24.2/src/pip/_vendor/requests/adapters.py
+===================================================================
+--- pip-24.2.orig/src/pip/_vendor/requests/adapters.py
++++ pip-24.2/src/pip/_vendor/requests/adapters.py
+@@ -81,7 +81,7 @@ try:
+ _preloaded_ssl_context.load_verify_locations(
+ extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH)
+ )
+-except ImportError:
++except (ImportError, FileNotFoundError, ssl.SSLError):
+ # Bypass default SSLContext creation when Python
+ # interpreter isn't built with the ssl module.
+ _preloaded_ssl_context = None
+Index: pip-24.2/src/pip/_internal/cli/index_command.py
+===================================================================
+--- pip-24.2.orig/src/pip/_internal/cli/index_command.py
++++ pip-24.2/src/pip/_internal/cli/index_command.py
+@@ -43,7 +43,11 @@ def _create_truststore_ssl_context() ->
+ return None
+
+ ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+- ctx.load_verify_locations(certifi.where())
++ try:
++ ctx.load_verify_locations(certifi.where())
++ except (FileNotFoundError, ssl.SSLError):
++ logger.warning("Disabling truststore because of missing certificates")
++ return None
+ return ctx
+
+
diff --git a/distutils-reproducible-compile.patch b/distutils-reproducible-compile.patch
index f3fa1fd..5fe265b 100644
--- a/distutils-reproducible-compile.patch
+++ b/distutils-reproducible-compile.patch
@@ -2,11 +2,11 @@
src/pip/_vendor/distlib/wheel.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-Index: pip-22.3.1/src/pip/_vendor/distlib/wheel.py
+Index: pip-24.1.1/src/pip/_vendor/distlib/wheel.py
===================================================================
---- pip-22.3.1.orig/src/pip/_vendor/distlib/wheel.py
-+++ pip-22.3.1/src/pip/_vendor/distlib/wheel.py
-@@ -567,7 +567,7 @@ class Wheel(object):
+--- pip-24.1.1.orig/src/pip/_vendor/distlib/wheel.py
++++ pip-24.1.1/src/pip/_vendor/distlib/wheel.py
+@@ -578,7 +578,7 @@ class Wheel(object):
maker.source_dir = workdir
maker.target_dir = None
try:
diff --git a/pip-23.3.2-gh.tar.gz b/pip-23.3.2-gh.tar.gz
deleted file mode 100644
index 2ca7bf8..0000000
--- a/pip-23.3.2-gh.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:0e534d5c6dba159f0a4e64d55ef4d130222bcb4ac25f62275017eacbfa10a1d5
-size 9397451
diff --git a/pip-24.2-gh.tar.gz b/pip-24.2-gh.tar.gz
new file mode 100644
index 0000000..9429a52
--- /dev/null
+++ b/pip-24.2-gh.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e527f2366551b8483fa3a8ac2954aa79f2461e6600d917f3b6ae741d708cb982
+size 9189637
diff --git a/pip-shipped-requests-cabundle.patch b/pip-shipped-requests-cabundle.patch
index c90e180..56a3f24 100644
--- a/pip-shipped-requests-cabundle.patch
+++ b/pip-shipped-requests-cabundle.patch
@@ -3,26 +3,32 @@
tests/unit/test_options.py | 5 +
2 files changed, 13 insertions(+), 97 deletions(-)
---- a/src/pip/_vendor/certifi/core.py
-+++ b/src/pip/_vendor/certifi/core.py
-@@ -3,106 +3,17 @@ certifi.py
+Index: pip-24.1.1/src/pip/_vendor/certifi/core.py
+===================================================================
+--- pip-24.1.1.orig/src/pip/_vendor/certifi/core.py
++++ pip-24.1.1/src/pip/_vendor/certifi/core.py
+@@ -3,112 +3,15 @@ certifi.py
~~~~~~~~~~
This module returns the installation location of cacert.pem or its contents.
+Patched by openSUSE: return the system bundle
"""
-import sys
+-import atexit
+-def exit_cacert_ctx() -> None:
+- _CACERT_CTX.__exit__(None, None, None) # type: ignore[union-attr]
+def read_text(_module=None, _path=None, encoding="ascii"):
+ with open(where(), "r", encoding=encoding) as data:
+ return data.read()
--if sys.version_info >= (3, 11):
-
-- from importlib.resources import as_file, files
+def where() -> str:
+ return "/etc/ssl/ca-bundle.pem"
+-if sys.version_info >= (3, 11):
+-
+- from importlib.resources import as_file, files
+-
- _CACERT_CTX = None
- _CACERT_PATH = None
-
@@ -47,6 +53,7 @@
- # we will also store that at the global level as well.
- _CACERT_CTX = as_file(files("pip._vendor.certifi").joinpath("cacert.pem"))
- _CACERT_PATH = str(_CACERT_CTX.__enter__())
+- atexit.register(exit_cacert_ctx)
-
- return _CACERT_PATH
-
@@ -82,6 +89,7 @@
- # we will also store that at the global level as well.
- _CACERT_CTX = get_path("pip._vendor.certifi", "cacert.pem")
- _CACERT_PATH = str(_CACERT_CTX.__enter__())
+- atexit.register(exit_cacert_ctx)
-
- return _CACERT_PATH
-
@@ -113,15 +121,17 @@
- # of assuming we're on the filesystem and munge the path directly.
- def where() -> str:
- f = os.path.dirname(__file__)
-
+-
- return os.path.join(f, "cacert.pem")
-
- def contents() -> str:
- return read_text("pip._vendor.certifi", "cacert.pem", encoding="ascii")
+def contents() -> str:
+ return read_text(encoding="ascii")
---- a/tests/unit/test_options.py
-+++ b/tests/unit/test_options.py
+Index: pip-24.1.1/tests/unit/test_options.py
+===================================================================
+--- pip-24.1.1.orig/tests/unit/test_options.py
++++ pip-24.1.1/tests/unit/test_options.py
@@ -1,4 +1,5 @@
import os
+import os.path
@@ -136,7 +146,7 @@
from tests.lib.options_helpers import AddFakeCommandMixin
-@@ -618,6 +620,9 @@ class TestOptionsConfigFiles:
+@@ -617,6 +619,9 @@ class TestOptionsConfigFiles:
else:
assert expect == cmd._determine_file(options, need_value=False)
diff --git a/python-pip.changes b/python-pip.changes
index 291be97..dc3187f 100644
--- a/python-pip.changes
+++ b/python-pip.changes
@@ -1,3 +1,213 @@
+-------------------------------------------------------------------
+Mon Sep 23 11:21:24 UTC 2024 - Daniel Garcia
+
+- Adapt disable-ssl-context-in-buildenv.patch to make it compatible
+ with leap
+
+-------------------------------------------------------------------
+Mon Aug 12 16:49:06 UTC 2024 - Dirk Müller
+
+- update to 24.2:
+ * Deprecate pip install --editable falling back to setup.py
+ develop when using a setuptools version that does not support
+ PEP 660 (setuptools v63 and older).
+ * Check unsupported packages for the current platform. (#11054)
+ * Check unsupported packages for the current platform.
+ * Use system certificates and certifi certificates to verify
+ HTTPS connections on Python 3.10+. Python 3.9 and earlier
+ only use certifi. To revert to previous behaviour, pass the
+ flag --use-deprecated=legacy-certs. (#11647)
+ * Use system certificates and certifi certificates to verify
+ HTTPS connections on Python 3.10+. Python 3.9 and earlier
+ only use certifi.
+ * To revert to previous behaviour, pass the flag --use-
+ deprecated=legacy-certs.
+ * Improve discovery performance of installed packages when the
+ importlib.metadata backend is used to load distribution
+ metadata (used by default under Python 3.11+). (#12656)
+ * Improve discovery performance of installed packages when the
+ importlib.metadata backend is used to load distribution
+ metadata (used by default under Python 3.11+).
+ * Improve performance when the same requirement string appears
+ many times during resolution, by consistently caching the
+ parsed requirement string. (#12663)
+ * Improve performance when the same requirement string appears
+ many times during resolution, by consistently caching the
+ parsed requirement string.
+ * Minor performance improvement of finding applicable package
+ candidates by not repeatedly calculating their versions
+ (#12664)
+ * Minor performance improvement of finding applicable package
+ candidates by not repeatedly calculating their versions
+ * Disable pip's self version check when invoking a pip
+ subprocess to install PEP 517 build requirements. (#12683)
+ * Disable pip's self version check when invoking a pip
+ subprocess to install PEP 517 build requirements.
+ * Improve dependency resolution performance by caching platform
+ compatibility tags during wheel cache lookup. (#12712)
+ * Improve dependency resolution performance by caching platform
+ compatibility tags during wheel cache lookup.
+ * wheel is no longer explicitly listed as a build dependency of
+ pip. setuptools injects this dependency in the
+ get_requires_for_build_wheel() hook and no longer needs it on
+ newer versions. (#12728)
+ * wheel is no longer explicitly listed as a build dependency of
+ pip. setuptools injects this dependency in the
+ get_requires_for_build_wheel() hook and no longer needs it on
+ newer versions.
+ * Ignore --require-virtualenv for pip check and pip freeze
+ (#12842)
+ * Ignore --require-virtualenv for pip check and pip freeze
+ * Improve package download and install performance. Increase
+ chunk sizes when downloading (256 kB, up from 10 kB) and
+ reading files (1 MB, up from 8 kB). This reduces the
+ frequency of updates to pip's progress bar. (#12810)
+ * Improve package download and install performance.
+ * Increase chunk sizes when downloading (256 kB, up from 10 kB)
+ and reading files (1 MB, up from 8 kB). This reduces the
+ frequency of updates to pip's progress bar.
+ * Improve pip install performance. Files are now extracted in
+ 1MB blocks, or in one block matching the file size for
+ smaller files. A decompressor is no longer instantiated when
+ extracting 0 bytes files, it is not necessary because there
+ is no data to decompress. (#12803)
+ * Improve pip install performance.
+ * Files are now extracted in 1MB blocks, or in one block
+ matching the file size for smaller files. A decompressor is
+ no longer instantiated when extracting 0 bytes files, it is
+ not necessary because there is no data to decompress.
+ * Set no_color to global rich.Console instance.
+ * Fix resolution to respect --python-version when checking
+ Requires-Python.
+ * Perform hash comparisons in a case-insensitive manner.
+ * Avoid dlopen failure for glibc detection in musl builds
+ * Avoid keyring logging crashes when pip is run in verbose
+ mode.
+ * Fix finding hardlink targets in tar files with an ignored
+ top-level directory.
+ * Improve pip install performance by only creating required
+ parent directories once, instead of before extracting every
+ file in the wheel.
+ * Improve pip install performance by calculating installed
+ packages printout in linear time instead of quadratic time.
+ * Remove vendored tenacity.
+ * Update the preload list for the DEBUNDLED case, to replace
+ pep517 that has been renamed to pyproject_hooks.
+ * Use tomllib from the stdlib if available, rather than tomli
+ * Upgrade certifi to 2024.7.4
+ * Upgrade platformdirs to 4.2.2
+ * Upgrade pygments to 2.18.0
+ * Upgrade setuptools to 70.3.0
+ * Upgrade typing_extensions to 4.12.2
+ * Correct —-ignore-conflicts (including an em dash) to
+ --ignore-conflicts.
+ * Fix finding hardlink targets in tar files with an ignored
+ top-level directory.
+- add disable-ssl-context-in-buildenv.patch: treat missing
+ ca-certificates as "ssl not available" for buildenvs
+
+-------------------------------------------------------------------
+Sun Jun 30 18:45:16 UTC 2024 - Dirk Müller
+
+- update to 24.1.1:
+ * Actually use system trust stores when the truststore feature
+ is enabled.
+ * Report informative messages about invalid requirements.
+ * Eagerly import the self version check logic to avoid crashes
+ while upgrading or downgrading pip at the same time.
+ * Accommodate for mismatches between different sources of truth
+ for extra names, for packages generated by setuptools.
+ * Accommodate for development versions of CPython ending in +
+ in the version string.
+ * requests provides optional character detection support on
+ some APIs when processing ambiguous bytes. This isn't
+ relevant for pip to function and we're able to remove it due
+ to recent upstream changes.
+ * Drop support for EOL Python 3.7.
+ * Remove support for legacy versions and dependency specifiers.
+ * Packages with non standard-compliant versions or dependency
+ specifiers are now ignored by the resolver. Already installed
+ packages with non standard-compliant versions or dependency
+ specifiers must be uninstalled before upgrading them.
+ * Improve performance of resolution of large dependency trees,
+ with more caching.
+ * Further improve resolution performance of large dependency
+ trees, by caching hash calculations.
+ * Reduce startup time of commands (e.g. show, freeze) that do
+ not access the network by 15-30%.
+ * Reword and improve presentation of uninstallation errors.
+ * Add a 'raw' progress_bar type for simple and parsable
+ download progress reports
+ * pip list no longer performs the pip version check unless
+ --outdated or --uptodate is given.
+ * Use the data_filter when extracting tarballs, if it's
+ available.
+ * Display the Project-URL value under key "Home-page" in pip
+ show when the Home-Page metadata field is not set.
+ * The Project-URL key detection is case-insensitive, and
+ ignores any dashes and underscores.
+ * Ensure -vv gets passed to any pip install build environment
+ subprocesses.
+ * Deduplicate entries in the Requires field of pip show.
+ * Fix error on checkout for subversion and bazaar with verbose
+ mode on.
+ * Fix exception with completions when COMP_CWORD is not set
+ * Fix intermittent "cannot locate t64.exe" errors when
+ upgrading pip.
+ * Remove duplication in invalid wheel error message
+ * Remove the incorrect pip3.x console entrypoint from the pip
+ wheel. This console script continues to be generated by pip
+ when it installs itself.
+ * Gracefully skip VCS detection in pip freeze when PATH points
+ to a non-directory path.
+ * Make the --proxy parameter take precedence over environment
+ variables.
+
+-------------------------------------------------------------------
+Sun Apr 28 19:10:12 UTC 2024 - Dirk Müller
+
+- update to 24.0:
+ * Retry on HTTP status code 502
+ * Automatically use the setuptools PEP 517 build backend when
+ --config-settings is used for projects without
+ pyproject.toml.
+ * Make pip freeze and pip uninstall of legacy editable installs
+ of packages whose name contains _ compatible with
+ setuptools>=69.0.3.
+ * Support per requirement --config-settings for editable
+ installs.
+ * Optimized usage of --find-links=, by only
+ scanning the relevant directory once, only considering file
+ names that are valid wheel or sdist names, and only
+ considering files in the directory that are related to the
+ install.
+ * Removed wheel from the [build-system].requires list fallback
+ that is used when pyproject.toml is absent.
+ * Upgrade distlib to 0.3.8
+ * Fix explanation of how PIP_CONFIG_FILE works
+ * Fix outdated pip install argument description in
+ documentation.
+ * Replace some links to PEPs with links to the canonical
+ specifications on the :doc:`pypug:index`
+ * Updated the pyproject.toml document to stop suggesting to
+ depend on wheel as a build dependency directly.
+ * Update supported interpreters in development docs
+ * Most project metadata is now defined statically via pip's
+ pyproject.toml file.
+
+-------------------------------------------------------------------
+Mon Feb 5 11:50:28 UTC 2024 - Daniel Garcia
+
+- Fix shebang path for "pip3.XX" binaries
+
+-------------------------------------------------------------------
+Fri Dec 22 16:06:25 UTC 2023 - Ben Greiner
+
+- Drop deprecated setup.py installmethod, bootstrap PEP517 with
+ built-in pip instead
+- python3XX-pip-wheel can now be a regular subpackage
+- Drop obsolete python2 directives in specfile
+
-------------------------------------------------------------------
Mon Dec 18 14:18:45 UTC 2023 - Dirk Müller
diff --git a/python-pip.spec b/python-pip.spec
index b5625ea..1ebdb73 100644
--- a/python-pip.spec
+++ b/python-pip.spec
@@ -1,7 +1,7 @@
#
-# spec file
+# spec file for package python-pip
#
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,27 +20,20 @@
%if "%{flavor}" == "test"
%define psuffix -test
%bcond_without test
-%bcond_with wheel
-%else
-%if "%{flavor}" == "wheel"
-%define psuffix -wheel
-%bcond_without wheel
-%bcond_with test
%else
%define psuffix %{nil}
%bcond_with test
-%bcond_with wheel
%endif
-%endif
-%global skip_python2 1
%if 0%{?suse_version} > 1500
%bcond_without libalternatives
%else
%bcond_with libalternatives
%endif
+# in order to avoid rewriting for subpackage generator
+%define mypython python
%{?sle15_python_module_pythons}
Name: python-pip%{psuffix}
-Version: 23.3.2
+Version: 24.2
Release: 0
Summary: A Python package management system
License: MIT
@@ -52,14 +45,16 @@ Patch0: pip-shipped-requests-cabundle.patch
# PATCH-FIX-UPSTREAM distutils-reproducible-compile.patch gh#python/cpython#8057 mcepl@suse.com
# To get reproducible builds, byte_compile() of distutils.util now sorts filenames.
Patch1: distutils-reproducible-compile.patch
+# PATCH-FIX-OPENSUSE: deal missing ca-certificates as "ssl not available"
+Patch2: disable-ssl-context-in-buildenv.patch
BuildRequires: %{python_module base >= 3.7}
BuildRequires: %{python_module setuptools >= 40.8.0}
+# The rpm python-wheel build is bootstrap friendly since 0.42
+BuildRequires: %{python_module wheel}
BuildRequires: fdupes
BuildRequires: python-rpm-macros >= 20210929
Requires: ca-certificates
Requires: coreutils
-Requires: python-setuptools
-Requires: python-xml
Recommends: ca-certificates-mozilla
BuildArch: noarch
%if %{with libalternatives}
@@ -67,30 +62,24 @@ BuildRequires: alts
Requires: alts
%else
Requires(post): update-alternatives
-Requires(postun):update-alternatives
+Requires(postun): update-alternatives
%endif
%if %{with test}
-# Test requirements:
BuildRequires: %{python_module PyYAML}
BuildRequires: %{python_module Werkzeug}
BuildRequires: %{python_module cryptography}
-BuildRequires: %{python_module docutils}
BuildRequires: %{python_module freezegun}
BuildRequires: %{python_module installer}
+# Test requirements:
+BuildRequires: %{python_module pip = %{version}}
BuildRequires: %{python_module pretend}
+BuildRequires: %{python_module pytest-xdist}
BuildRequires: %{python_module pytest}
BuildRequires: %{python_module scripttest}
BuildRequires: %{python_module setuptools-wheel}
BuildRequires: %{python_module virtualenv >= 1.10}
-BuildRequires: %{python_module wheel}
-BuildRequires: ca-certificates
+BuildRequires: ca-certificates-mozilla
BuildRequires: git-core
-%if 0%{?suse_version} <= 1500
-BuildRequires: %{python_module mock}
-%endif
-%endif
-%if %{with wheel}
-BuildRequires: %{python_module wheel}
%endif
%python_subpackages
@@ -99,13 +88,19 @@ Pip is a replacement for easy_install. It uses mostly the same techniques for
finding packages, so packages that were made easy_installable should be
pip-installable as well.
+%package wheel
+Summary: The pip wheel for custom tests and install requirements
+Requires: %mypython(abi) = %python_version
+
+%description wheel
+This packages provides the pip wheel as separate file for cases where
+the wheel needs to be used directly in test or install setups
+
%prep
# Unbundling is not advised by upstream. See src/pip/_vendor/README.rst
# Exception: Use our own cabundle. Adapted patch from python-certifi package
%autosetup -p1 -n pip-%{version}
-rm src/pip/_vendor/certifi/cacert.pem
-
%if %{with test}
mkdir -p tests/data/common_wheels
%python_expand cp %{$python_sitelib}/../wheels/setuptools*.whl tests/data/common_wheels/
@@ -118,35 +113,38 @@ done
# Remove windows executable binaries
# bsc#1212015
rm -v src/pip/_vendor/distlib/*.exe
-sed -i '/\.exe/d' setup.py
%build
-%if ! %{with wheel}
-%python_build
-%else
-%python_exec setup.py bdist_wheel --universal
+%if !%{with test}
+%{python_expand # bootstrap with built-in pip
+$python -m venv build/env
+build/env/bin/python -m ensurepip
+export PYTHONPATH=build/env/lib/python%{$python_bin_suffix}/site-packages
+%{$python_pyproject_wheel}
+}
%endif
-%if !%{with test} && !%{with wheel}
%install
-%python_install
+%if !%{with test}
+%{python_expand # use pip bootstrapped above
+export PYTHONPATH=build/env/lib/python%{$python_bin_suffix}/site-packages
+%{$python_pyproject_install}
+install -D -m 0644 -t %{buildroot}%{$python_sitelib}/../wheels dist/*.whl
+%fdupes %{buildroot}%{$python_sitelib}
+}
+
+%{python_expand # Fix shebang path for "pip3.XX" binaries
+sed -i "1s|#\!.*python.*|#\!%{_bindir}/$python|" %{buildroot}%{_bindir}/pip%{$python_bin_suffix}
+}
+
%python_clone -a %{buildroot}%{_bindir}/pip
%python_clone -a %{buildroot}%{_bindir}/pip3
-# if we just cloned to pip3-2.7 delete it
-rm -f %{buildroot}%{_bindir}/pip3-2*
-%python_expand %fdupes %{buildroot}%{$python_sitelib}
-%endif
-
-%if %{with wheel}
-%python_expand install -D -m 0644 -t %{buildroot}%{$python_sitelib}/../wheels dist/*.whl
+%python_expand %fdupes %{buildroot}%{_bindir}
%endif
%if %{with test}
%check
-export PYTHONPATH=$(pwd)/build/lib
-# Looks broken with 22.3.1
-donttest="test_pip_self_version_check_calls_underlying_implementation"
-%pytest -m "not network" -k "not ($donttest)" tests/unit
+%pytest -m "not network" tests/unit
%endif
%pre
@@ -157,36 +155,27 @@ donttest="test_pip_self_version_check_calls_underlying_implementation"
# If libalternatives is used: Removing old update-alternatives entries.
%python_libalternatives_reset_alternative pip
-%if !%{with test} && !%{with wheel}
%post
# keep the alternative groups separate. Users could decide to let pip and pip3 point to
# different flavors
%python_install_alternative pip
-%if "%{python_flavor}" != "python2"
%python_install_alternative pip3
-%endif
%postun
%python_uninstall_alternative pip
%python_uninstall_alternative pip3
-%endif
+%if !%{with test}
%files %{python_files}
-%if !%{with test} && !%{with wheel}
%license LICENSE.txt
%doc AUTHORS.txt NEWS.rst README.rst
%python_alternative %{_bindir}/pip
-%if "%{python_flavor}" == "python2"
-%{_bindir}/pip2
-%else
%python_alternative %{_bindir}/pip3
-%endif
%{_bindir}/pip%{python_bin_suffix}
-%{python_sitelib}/pip-%{version}*-info
+%{python_sitelib}/pip-%{version}.dist-info
%{python_sitelib}/pip
-%endif
-%if %{with wheel}
+%files %{python_files wheel}
%dir %{python_sitelib}/../wheels
%{python_sitelib}/../wheels/*
%endif