Sync from SUSE:SLFO:Main python-pip revision 02e0fed9cbb67f5eac32bbc7798e4773

2024-12-13 11:55:33 +01:00 · 2024-12-13 11:55:33 +01:00 · 5973e5d8e7
commit 5973e5d8e7
parent 05580bcb3e
8 changed files with 313 additions and 75 deletions
--- a/1
+++ b/1
@ -1,4 +1,3 @@
 <multibuild>
  <package>test</package>
  <package>wheel</package>
 </multibuild>
--- a/disable-ssl-context-in-buildenv.patch
+++ b/disable-ssl-context-in-buildenv.patch
@ -0,0 +1,30 @@
 Index: pip-24.2/src/pip/_vendor/requests/adapters.py
 ===================================================================
 --- pip-24.2.orig/src/pip/_vendor/requests/adapters.py
 +++ pip-24.2/src/pip/_vendor/requests/adapters.py
@@ -81,7 +81,7 @@ try:
     _preloaded_ssl_context.load_verify_locations(
         extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH)
     )
 -except ImportError:
 +except (ImportError, FileNotFoundError, ssl.SSLError):
     # Bypass default SSLContext creation when Python
     # interpreter isn't built with the ssl module.
     _preloaded_ssl_context = None
 Index: pip-24.2/src/pip/_internal/cli/index_command.py
 ===================================================================
 --- pip-24.2.orig/src/pip/_internal/cli/index_command.py
 +++ pip-24.2/src/pip/_internal/cli/index_command.py
@@ -43,7 +43,11 @@ def _create_truststore_ssl_context() ->
         return None
     ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
 -    ctx.load_verify_locations(certifi.where())
 +    try:
 +        ctx.load_verify_locations(certifi.where())
 +    except (FileNotFoundError, ssl.SSLError):
 +        logger.warning("Disabling truststore because of missing certificates")
 +        return None
     return ctx
--- a/distutils-reproducible-compile.patch
+++ b/distutils-reproducible-compile.patch
@ -2,11 +2,11 @@
 src/pip/_vendor/distlib/wheel.py |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
-Index: pip-22.3.1/src/pip/_vendor/distlib/wheel.py
+Index: pip-24.1.1/src/pip/_vendor/distlib/wheel.py
 ===================================================================
--- pip-22.3.1.orig/src/pip/_vendor/distlib/wheel.py
+--- pip-24.1.1.orig/src/pip/_vendor/distlib/wheel.py
-+++ pip-22.3.1/src/pip/_vendor/distlib/wheel.py
+++ pip-24.1.1/src/pip/_vendor/distlib/wheel.py
-@@ -567,7 +567,7 @@ class Wheel(object):
+@@ -578,7 +578,7 @@ class Wheel(object):
             maker.source_dir = workdir
             maker.target_dir = None
             try:
--- a/pip-23.3.2-gh.tar.gz
+++ b/pip-23.3.2-gh.tar.gz
--- a/pip-24.2-gh.tar.gz
+++ b/pip-24.2-gh.tar.gz
--- a/pip-shipped-requests-cabundle.patch
+++ b/pip-shipped-requests-cabundle.patch
@ -3,26 +3,32 @@
 tests/unit/test_options.py      |    5 +
 2 files changed, 13 insertions(+), 97 deletions(-)
--- a/src/pip/_vendor/certifi/core.py
+Index: pip-24.1.1/src/pip/_vendor/certifi/core.py
-+++ b/src/pip/_vendor/certifi/core.py
+===================================================================
-@@ -3,106 +3,17 @@ certifi.py
+--- pip-24.1.1.orig/src/pip/_vendor/certifi/core.py
 +++ pip-24.1.1/src/pip/_vendor/certifi/core.py
@@ -3,112 +3,15 @@ certifi.py
 ~~~~~~~~~~
 This module returns the installation location of cacert.pem or its contents.
 +Patched by openSUSE: return the system bundle
 """
 -import sys
 -import atexit
 -def exit_cacert_ctx() -> None:
 -    _CACERT_CTX.__exit__(None, None, None)  # type: ignore[union-attr]
 +def read_text(_module=None, _path=None, encoding="ascii"):
 +    with open(where(), "r", encoding=encoding) as data:
 +        return data.read()
 -if sys.version_info >= (3, 11):
 -    from importlib.resources import as_file, files
 +def where() -> str:
 +    return "/etc/ssl/ca-bundle.pem"
 -if sys.version_info >= (3, 11):
 -
 -    from importlib.resources import as_file, files
 -
 -    _CACERT_CTX = None
 -    _CACERT_PATH = None
 -
@ -47,6 +53,7 @@
 -            # we will also store that at the global level as well.
 -            _CACERT_CTX = as_file(files("pip._vendor.certifi").joinpath("cacert.pem"))
 -            _CACERT_PATH = str(_CACERT_CTX.__enter__())
 -            atexit.register(exit_cacert_ctx)
 -
 -        return _CACERT_PATH
 -
@ -82,6 +89,7 @@
 -            # we will also store that at the global level as well.
 -            _CACERT_CTX = get_path("pip._vendor.certifi", "cacert.pem")
 -            _CACERT_PATH = str(_CACERT_CTX.__enter__())
 -            atexit.register(exit_cacert_ctx)
 -
 -        return _CACERT_PATH
 -
@ -113,15 +121,17 @@
 -    # of assuming we're on the filesystem and munge the path directly.
 -    def where() -> str:
 -        f = os.path.dirname(__file__)
- 
+-
 -        return os.path.join(f, "cacert.pem")
 -
 -    def contents() -> str:
 -        return read_text("pip._vendor.certifi", "cacert.pem", encoding="ascii")
 +def contents() -> str:
 +    return read_text(encoding="ascii")
--- a/tests/unit/test_options.py
+Index: pip-24.1.1/tests/unit/test_options.py
-+++ b/tests/unit/test_options.py
+===================================================================
 --- pip-24.1.1.orig/tests/unit/test_options.py
 +++ pip-24.1.1/tests/unit/test_options.py
@@ -1,4 +1,5 @@
 import os
 +import os.path
@ -136,7 +146,7 @@
 from tests.lib.options_helpers import AddFakeCommandMixin
-@@ -618,6 +620,9 @@ class TestOptionsConfigFiles:
+@@ -617,6 +619,9 @@ class TestOptionsConfigFiles:
         else:
             assert expect == cmd._determine_file(options, need_value=False)
--- a/python-pip.changes
+++ b/python-pip.changes
@ -1,3 +1,213 @@
 -------------------------------------------------------------------
 Mon Sep 23 11:21:24 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
 - Adapt disable-ssl-context-in-buildenv.patch to make it compatible
  with leap
 -------------------------------------------------------------------
 Mon Aug 12 16:49:06 UTC 2024 - Dirk Müller <dmueller@suse.com>
 - update to 24.2:
  * Deprecate pip install --editable falling back to setup.py
    develop when using a setuptools version that does not support
    PEP 660 (setuptools v63 and older).
  * Check unsupported packages for the current platform. (#11054)
  * Check unsupported packages for the current platform.
  * Use system certificates and certifi certificates to verify
    HTTPS connections on Python 3.10+. Python 3.9 and earlier
    only use certifi. To revert to previous behaviour, pass the
    flag --use-deprecated=legacy-certs. (#11647)
  * Use system certificates and certifi certificates to verify
    HTTPS connections on Python 3.10+. Python 3.9 and earlier
    only use certifi.
  * To revert to previous behaviour, pass the flag --use-
    deprecated=legacy-certs.
  * Improve discovery performance of installed packages when the
    importlib.metadata backend is used to load distribution
    metadata (used by default under Python 3.11+). (#12656)
  * Improve discovery performance of installed packages when the
    importlib.metadata backend is used to load distribution
    metadata (used by default under Python 3.11+).
  * Improve performance when the same requirement string appears
    many times during resolution, by consistently caching the
    parsed requirement string. (#12663)
  * Improve performance when the same requirement string appears
    many times during resolution, by consistently caching the
    parsed requirement string.
  * Minor performance improvement of finding applicable package
    candidates by not repeatedly calculating their versions
    (#12664)
  * Minor performance improvement of finding applicable package
    candidates by not repeatedly calculating their versions
  * Disable pip's self version check when invoking a pip
    subprocess to install PEP 517 build requirements. (#12683)
  * Disable pip's self version check when invoking a pip
    subprocess to install PEP 517 build requirements.
  * Improve dependency resolution performance by caching platform
    compatibility tags during wheel cache lookup. (#12712)
  * Improve dependency resolution performance by caching platform
    compatibility tags during wheel cache lookup.
  * wheel is no longer explicitly listed as a build dependency of
    pip. setuptools injects this dependency in the
    get_requires_for_build_wheel() hook and no longer needs it on
    newer versions. (#12728)
  * wheel is no longer explicitly listed as a build dependency of
    pip. setuptools injects this dependency in the
    get_requires_for_build_wheel() hook and no longer needs it on
    newer versions.
  * Ignore --require-virtualenv for pip check and pip freeze
    (#12842)
  * Ignore --require-virtualenv for pip check and pip freeze
  * Improve package download and install performance. Increase
    chunk sizes when downloading (256 kB, up from 10 kB) and
    reading files (1 MB, up from 8 kB). This reduces the
    frequency of updates to pip's progress bar. (#12810)
  * Improve package download and install performance.
  * Increase chunk sizes when downloading (256 kB, up from 10 kB)
    and reading files (1 MB, up from 8 kB). This reduces the
    frequency of updates to pip's progress bar.
  * Improve pip install performance. Files are now extracted in
    1MB blocks, or in one block matching the file size for
    smaller files. A decompressor is no longer instantiated when
    extracting 0 bytes files, it is not necessary because there
    is no data to decompress. (#12803)
  * Improve pip install performance.
  * Files are now extracted in 1MB blocks, or in one block
    matching the file size for smaller files. A decompressor is
    no longer instantiated when extracting 0 bytes files, it is
    not necessary because there is no data to decompress.
  * Set no_color to global rich.Console instance.
  * Fix resolution to respect --python-version when checking
    Requires-Python.
  * Perform hash comparisons in a case-insensitive manner.
  * Avoid dlopen failure for glibc detection in musl builds
  * Avoid keyring logging crashes when pip is run in verbose
    mode.
  * Fix finding hardlink targets in tar files with an ignored
    top-level directory.
  * Improve pip install performance by only creating required
    parent directories once, instead of before extracting every
    file in the wheel.
  * Improve pip install performance by calculating installed
    packages printout in linear time instead of quadratic time.
  * Remove vendored tenacity.
  * Update the preload list for the DEBUNDLED case, to replace
    pep517 that has been renamed to pyproject_hooks.
  * Use tomllib from the stdlib if available, rather than tomli
  * Upgrade certifi to 2024.7.4
  * Upgrade platformdirs to 4.2.2
  * Upgrade pygments to 2.18.0
  * Upgrade setuptools to 70.3.0
  * Upgrade typing_extensions to 4.12.2
  * Correct —-ignore-conflicts (including an em dash) to
    --ignore-conflicts.
  * Fix finding hardlink targets in tar files with an ignored
    top-level directory.
 - add disable-ssl-context-in-buildenv.patch: treat missing
  ca-certificates as "ssl not available" for buildenvs
 -------------------------------------------------------------------
 Sun Jun 30 18:45:16 UTC 2024 - Dirk Müller <dmueller@suse.com>
 - update to 24.1.1:
  * Actually use system trust stores when the truststore feature
    is enabled.
  * Report informative messages about invalid requirements.
  * Eagerly import the self version check logic to avoid crashes
    while upgrading or downgrading pip at the same time.
  * Accommodate for mismatches between different sources of truth
    for extra names, for packages generated by setuptools.
  * Accommodate for development versions of CPython ending in +
    in the version string.
  * requests provides optional character detection support on
    some APIs when processing ambiguous bytes. This isn't
    relevant for pip to function and we're able to remove it due
    to recent upstream changes.
  * Drop support for EOL Python 3.7.
  * Remove support for legacy versions and dependency specifiers.
  * Packages with non standard-compliant versions or dependency
    specifiers are now ignored by the resolver. Already installed
    packages with non standard-compliant versions or dependency
    specifiers must be uninstalled before upgrading them.
  * Improve performance of resolution of large dependency trees,
    with more caching.
  * Further improve resolution performance of large dependency
    trees, by caching hash calculations.
  * Reduce startup time of commands (e.g. show, freeze) that do
    not access the network by 15-30%.
  * Reword and improve presentation of uninstallation errors.
  * Add a 'raw' progress_bar type for simple and parsable
    download progress reports
  * pip list no longer performs the pip version check unless
    --outdated or --uptodate is given.
  * Use the data_filter when extracting tarballs, if it's
    available.
  * Display the Project-URL value under key "Home-page" in pip
    show when the Home-Page metadata field is not set.
  * The Project-URL key detection is case-insensitive, and
    ignores any dashes and underscores.
  * Ensure -vv gets passed to any pip install build environment
    subprocesses.
  * Deduplicate entries in the Requires field of pip show.
  * Fix error on checkout for subversion and bazaar with verbose
    mode on.
  * Fix exception with completions when COMP_CWORD is not set
  * Fix intermittent "cannot locate t64.exe" errors when
    upgrading pip.
  * Remove duplication in invalid wheel error message
  * Remove the incorrect pip3.x console entrypoint from the pip
    wheel. This console script continues to be generated by pip
    when it installs itself.
  * Gracefully skip VCS detection in pip freeze when PATH points
    to a non-directory path.
  * Make the --proxy parameter take precedence over environment
    variables.
 -------------------------------------------------------------------
 Sun Apr 28 19:10:12 UTC 2024 - Dirk Müller <dmueller@suse.com>
 - update to 24.0:
  * Retry on HTTP status code 502
  * Automatically use the setuptools PEP 517 build backend when
    --config-settings is used for projects without
    pyproject.toml.
  * Make pip freeze and pip uninstall of legacy editable installs
    of packages whose name contains _ compatible with
    setuptools>=69.0.3.
  * Support per requirement --config-settings for editable
    installs.
  * Optimized usage of --find-links=<path-to-dir>, by only
    scanning the relevant directory once, only considering file
    names that are valid wheel or sdist names, and only
    considering files in the directory that are related to the
    install.
  * Removed wheel from the [build-system].requires list fallback
    that is used when pyproject.toml is absent.
  * Upgrade distlib to 0.3.8
  * Fix explanation of how PIP_CONFIG_FILE works
  * Fix outdated pip install argument description in
    documentation.
  * Replace some links to PEPs with links to the canonical
    specifications on the :doc:`pypug:index`
  * Updated the pyproject.toml document to stop suggesting to
    depend on wheel as a build dependency directly.
  * Update supported interpreters in development docs
  * Most project metadata is now defined statically via pip's
    pyproject.toml file.
 -------------------------------------------------------------------
 Mon Feb  5 11:50:28 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
 - Fix shebang path for "pip3.XX" binaries
 -------------------------------------------------------------------
 Fri Dec 22 16:06:25 UTC 2023 - Ben Greiner <code@bnavigator.de>
 - Drop deprecated setup.py installmethod, bootstrap PEP517 with
  built-in pip instead
 - python3XX-pip-wheel can now be a regular subpackage
 - Drop obsolete python2 directives in specfile
 -------------------------------------------------------------------
 Mon Dec 18 14:18:45 UTC 2023 - Dirk Müller <dmueller@suse.com>
--- a/python-pip.spec
+++ b/python-pip.spec
@ -1,7 +1,7 @@
 #
-# spec file
+# spec file for package python-pip
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -20,27 +20,20 @@
 %if "%{flavor}" == "test"
 %define psuffix -test
 %bcond_without test
 %bcond_with wheel
 %else
 %if "%{flavor}" == "wheel"
 %define psuffix -wheel
 %bcond_without wheel
 %bcond_with test
 %else
 %define psuffix %{nil}
 %bcond_with test
 %bcond_with wheel
 %endif
 %endif
 %global skip_python2 1
 %if 0%{?suse_version} > 1500
 %bcond_without libalternatives
 %else
 %bcond_with libalternatives
 %endif
 # in order to avoid rewriting for subpackage generator
 %define mypython python
 %{?sle15_python_module_pythons}
 Name:           python-pip%{psuffix}
-Version:        23.3.2
+Version:        24.2
 Release:        0
 Summary:        A Python package management system
 License:        MIT
@ -52,14 +45,16 @@ Patch0:         pip-shipped-requests-cabundle.patch
 # PATCH-FIX-UPSTREAM distutils-reproducible-compile.patch gh#python/cpython#8057 mcepl@suse.com
 # To get reproducible builds, byte_compile() of distutils.util now sorts filenames.
 Patch1:         distutils-reproducible-compile.patch
 # PATCH-FIX-OPENSUSE: deal missing ca-certificates as "ssl not available"
 Patch2:         disable-ssl-context-in-buildenv.patch
 BuildRequires:  %{python_module base >= 3.7}
 BuildRequires:  %{python_module setuptools >= 40.8.0}
 # The rpm python-wheel build is bootstrap friendly since 0.42
 BuildRequires:  %{python_module wheel}
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros >= 20210929
 Requires:       ca-certificates
 Requires:       coreutils
 Requires:       python-setuptools
 Requires:       python-xml
 Recommends:     ca-certificates-mozilla
 BuildArch:      noarch
 %if %{with libalternatives}
@ -67,30 +62,24 @@ BuildRequires:  alts
 Requires:       alts
 %else
 Requires(post): update-alternatives
-Requires(postun):update-alternatives
+Requires(postun): update-alternatives
 %endif
 %if %{with test}
 # Test requirements:
 BuildRequires:  %{python_module PyYAML}
 BuildRequires:  %{python_module Werkzeug}
 BuildRequires:  %{python_module cryptography}
 BuildRequires:  %{python_module docutils}
 BuildRequires:  %{python_module freezegun}
 BuildRequires:  %{python_module installer}
 # Test requirements:
 BuildRequires:  %{python_module pip = %{version}}
 BuildRequires:  %{python_module pretend}
 BuildRequires:  %{python_module pytest-xdist}
 BuildRequires:  %{python_module pytest}
 BuildRequires:  %{python_module scripttest}
 BuildRequires:  %{python_module setuptools-wheel}
 BuildRequires:  %{python_module virtualenv >= 1.10}
-BuildRequires:  %{python_module wheel}
+BuildRequires:  ca-certificates-mozilla
 BuildRequires:  ca-certificates
 BuildRequires:  git-core
 %if 0%{?suse_version} <= 1500
 BuildRequires:  %{python_module mock}
 %endif
 %endif
 %if %{with wheel}
 BuildRequires:  %{python_module wheel}
 %endif
 %python_subpackages
@ -99,13 +88,19 @@ Pip is a replacement for easy_install. It uses mostly the same techniques for
 finding packages, so packages that were made easy_installable should be
 pip-installable as well.
 %package wheel
 Summary:        The pip wheel for custom tests and install requirements
 Requires:       %mypython(abi) = %python_version
 %description wheel
 This packages provides the pip wheel as separate file for cases where
 the wheel needs to be used directly in test or install setups
 %prep
 # Unbundling is not advised by upstream. See src/pip/_vendor/README.rst
 # Exception: Use our own cabundle. Adapted patch from python-certifi package
 %autosetup -p1 -n pip-%{version}
 rm src/pip/_vendor/certifi/cacert.pem
 %if %{with test}
 mkdir -p tests/data/common_wheels
 %python_expand cp %{$python_sitelib}/../wheels/setuptools*.whl tests/data/common_wheels/
@ -118,35 +113,38 @@ done
 # Remove windows executable binaries
 # bsc#1212015
 rm -v src/pip/_vendor/distlib/*.exe
 sed -i '/\.exe/d' setup.py
 %build
-%if ! %{with wheel}
+%if !%{with test}
-%python_build
+%{python_expand # bootstrap with built-in pip
-%else
+$python -m venv build/env
-%python_exec setup.py bdist_wheel --universal
+build/env/bin/python -m ensurepip
 export PYTHONPATH=build/env/lib/python%{$python_bin_suffix}/site-packages
 %{$python_pyproject_wheel}
 }
 %endif
 %if !%{with test} && !%{with wheel}
 %install
-%python_install
+%if !%{with test}
 %{python_expand # use pip bootstrapped above
 export PYTHONPATH=build/env/lib/python%{$python_bin_suffix}/site-packages
 %{$python_pyproject_install}
 install -D -m 0644 -t %{buildroot}%{$python_sitelib}/../wheels dist/*.whl
 %fdupes %{buildroot}%{$python_sitelib}
 }
 %{python_expand # Fix shebang path for "pip3.XX" binaries
 sed -i "1s|#\!.*python.*|#\!%{_bindir}/$python|" %{buildroot}%{_bindir}/pip%{$python_bin_suffix}
 }
 %python_clone -a %{buildroot}%{_bindir}/pip
 %python_clone -a %{buildroot}%{_bindir}/pip3
-# if we just cloned to pip3-2.7 delete it
+%python_expand %fdupes %{buildroot}%{_bindir}
 rm -f %{buildroot}%{_bindir}/pip3-2*
 %python_expand %fdupes %{buildroot}%{$python_sitelib}
 %endif
 %if %{with wheel}
 %python_expand install -D -m 0644 -t %{buildroot}%{$python_sitelib}/../wheels dist/*.whl
 %endif
 %if %{with test}
 %check
-export PYTHONPATH=$(pwd)/build/lib
+%pytest -m "not network" tests/unit
 # Looks broken with 22.3.1
 donttest="test_pip_self_version_check_calls_underlying_implementation"
 %pytest -m "not network" -k "not ($donttest)" tests/unit
 %endif
 %pre
@ -157,36 +155,27 @@ donttest="test_pip_self_version_check_calls_underlying_implementation"
 # If libalternatives is used: Removing old update-alternatives entries.
 %python_libalternatives_reset_alternative pip
 %if !%{with test} && !%{with wheel}
 %post
 # keep the alternative groups separate. Users could decide to let pip and pip3 point to
 # different flavors
 %python_install_alternative pip
 %if "%{python_flavor}" != "python2"
 %python_install_alternative pip3
 %endif
 %postun
 %python_uninstall_alternative pip
 %python_uninstall_alternative pip3
 %endif
 %if !%{with test}
 %files %{python_files}
 %if !%{with test} && !%{with wheel}
 %license LICENSE.txt
 %doc AUTHORS.txt NEWS.rst README.rst
 %python_alternative %{_bindir}/pip
 %if "%{python_flavor}" == "python2"
 %{_bindir}/pip2
 %else
 %python_alternative %{_bindir}/pip3
 %endif
 %{_bindir}/pip%{python_bin_suffix}
-%{python_sitelib}/pip-%{version}*-info
+%{python_sitelib}/pip-%{version}.dist-info
 %{python_sitelib}/pip
 %endif
-%if %{with wheel}
+%files %{python_files wheel}
 %dir %{python_sitelib}/../wheels
 %{python_sitelib}/../wheels/*
 %endif