Ana Guerrero
b7d53e233c
- Update to 26.1 (bsc#1262429, CVE-2026-3219):
# Deprecations and Removals
- Drop support for Python 3.9.
# Features
- Add experimental support to read requirements from standardized
pylock.toml files (``-r pylock.toml``).
- Allow ``--uploaded-prior-to`` to accept a duration in days (e.g.,
``P3D`` for 3 days ago).
# Enhancements
- Speed up dependency resolution when there are complex conflicts.
- Reduce memory usage when resolving large dependency trees.
- Emit a deprecation warning when pip imports an unexpected module
after installation of a distribution has started.
- Allow URL constraints to apply to requirements with extras.
- Allow unpinned requirements to use hashes from constraints.
Constraints like ``{name}=={version} --hash=...`` feeds into hash
verification for a corresponding requirement.
- Improve conflict reports that involve direct URLs.
- Show all errors instead of first error for faulty
``dependency_groups`` definitions.
# Bug Fixes
- Fix recovery hint for missing RECORD file to use
``--ignore-installed`` instead of ``--force-reinstall``.
- Fix misleading error message when a constraint file cannot be
opened.
- Show the filename rather than the full URL when downloading files
from non-PyPI indexes in non-verbose mode.
- Remove the adjacent ``__pycache__`` directory when a .py file is
removed.
- Force UTF-8 encoding for :pep:`723` metadata.
OBS-URL: https://build.opensuse.org/request/show/1349554
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-pip?expand=0&rev=73