From 590193ac39c1b6030b6f6617a6c83e22c28baf2cae4d78543fbaabbe205f6040 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Sun, 30 Jun 2024 18:46:56 +0000 Subject: [PATCH] - update to 24.1.1: * Actually use system trust stores when the truststore feature is enabled. * Report informative messages about invalid requirements. * Eagerly import the self version check logic to avoid crashes while upgrading or downgrading pip at the same time. * Accommodate for mismatches between different sources of truth for extra names, for packages generated by setuptools. * Accommodate for development versions of CPython ending in + in the version string. * requests provides optional character detection support on some APIs when processing ambiguous bytes. This isn't relevant for pip to function and we're able to remove it due to recent upstream changes. * Drop support for EOL Python 3.7. * Remove support for legacy versions and dependency specifiers. * Packages with non standard-compliant versions or dependency specifiers are now ignored by the resolver. Already installed packages with non standard-compliant versions or dependency specifiers must be uninstalled before upgrading them. * Improve performance of resolution of large dependency trees, with more caching. * Further improve resolution performance of large dependency trees, by caching hash calculations. * Reduce startup time of commands (e.g. show, freeze) that do not access the network by 15-30%. * Reword and improve presentation of uninstallation errors. * Add a 'raw' progress_bar type for simple and parsable download progress reports * pip list no longer performs the pip version check unless OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pip?expand=0&rev=122 --- distutils-reproducible-compile.patch | 8 ++-- pip-24.0-gh.tar.gz | 3 -- pip-24.1.1-gh.tar.gz | 3 ++ pip-shipped-requests-cabundle.patch | 30 ++++++++++----- python-pip.changes | 57 ++++++++++++++++++++++++++++ python-pip.spec | 7 ++-- 6 files changed, 87 insertions(+), 21 deletions(-) delete mode 100644 pip-24.0-gh.tar.gz create mode 100644 pip-24.1.1-gh.tar.gz diff --git a/distutils-reproducible-compile.patch b/distutils-reproducible-compile.patch index f3fa1fd..5fe265b 100644 --- a/distutils-reproducible-compile.patch +++ b/distutils-reproducible-compile.patch @@ -2,11 +2,11 @@ src/pip/_vendor/distlib/wheel.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -Index: pip-22.3.1/src/pip/_vendor/distlib/wheel.py +Index: pip-24.1.1/src/pip/_vendor/distlib/wheel.py =================================================================== ---- pip-22.3.1.orig/src/pip/_vendor/distlib/wheel.py -+++ pip-22.3.1/src/pip/_vendor/distlib/wheel.py -@@ -567,7 +567,7 @@ class Wheel(object): +--- pip-24.1.1.orig/src/pip/_vendor/distlib/wheel.py ++++ pip-24.1.1/src/pip/_vendor/distlib/wheel.py +@@ -578,7 +578,7 @@ class Wheel(object): maker.source_dir = workdir maker.target_dir = None try: diff --git a/pip-24.0-gh.tar.gz b/pip-24.0-gh.tar.gz deleted file mode 100644 index 3d05d7b..0000000 --- a/pip-24.0-gh.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ad0dfe75fb28092a8cbe18523391695ceb0c0d65a5c9a969349fcb13b12b84c7 -size 9398156 diff --git a/pip-24.1.1-gh.tar.gz b/pip-24.1.1-gh.tar.gz new file mode 100644 index 0000000..532a0f4 --- /dev/null +++ b/pip-24.1.1-gh.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5fc497cd1651c39af0207b88eab91b6905ca9cecbae11ad99503b317f8b06def +size 9190972 diff --git a/pip-shipped-requests-cabundle.patch b/pip-shipped-requests-cabundle.patch index c90e180..56a3f24 100644 --- a/pip-shipped-requests-cabundle.patch +++ b/pip-shipped-requests-cabundle.patch @@ -3,26 +3,32 @@ tests/unit/test_options.py | 5 + 2 files changed, 13 insertions(+), 97 deletions(-) ---- a/src/pip/_vendor/certifi/core.py -+++ b/src/pip/_vendor/certifi/core.py -@@ -3,106 +3,17 @@ certifi.py +Index: pip-24.1.1/src/pip/_vendor/certifi/core.py +=================================================================== +--- pip-24.1.1.orig/src/pip/_vendor/certifi/core.py ++++ pip-24.1.1/src/pip/_vendor/certifi/core.py +@@ -3,112 +3,15 @@ certifi.py ~~~~~~~~~~ This module returns the installation location of cacert.pem or its contents. +Patched by openSUSE: return the system bundle """ -import sys +-import atexit +-def exit_cacert_ctx() -> None: +- _CACERT_CTX.__exit__(None, None, None) # type: ignore[union-attr] +def read_text(_module=None, _path=None, encoding="ascii"): + with open(where(), "r", encoding=encoding) as data: + return data.read() --if sys.version_info >= (3, 11): - -- from importlib.resources import as_file, files +def where() -> str: + return "/etc/ssl/ca-bundle.pem" +-if sys.version_info >= (3, 11): +- +- from importlib.resources import as_file, files +- - _CACERT_CTX = None - _CACERT_PATH = None - @@ -47,6 +53,7 @@ - # we will also store that at the global level as well. - _CACERT_CTX = as_file(files("pip._vendor.certifi").joinpath("cacert.pem")) - _CACERT_PATH = str(_CACERT_CTX.__enter__()) +- atexit.register(exit_cacert_ctx) - - return _CACERT_PATH - @@ -82,6 +89,7 @@ - # we will also store that at the global level as well. - _CACERT_CTX = get_path("pip._vendor.certifi", "cacert.pem") - _CACERT_PATH = str(_CACERT_CTX.__enter__()) +- atexit.register(exit_cacert_ctx) - - return _CACERT_PATH - @@ -113,15 +121,17 @@ - # of assuming we're on the filesystem and munge the path directly. - def where() -> str: - f = os.path.dirname(__file__) - +- - return os.path.join(f, "cacert.pem") - - def contents() -> str: - return read_text("pip._vendor.certifi", "cacert.pem", encoding="ascii") +def contents() -> str: + return read_text(encoding="ascii") ---- a/tests/unit/test_options.py -+++ b/tests/unit/test_options.py +Index: pip-24.1.1/tests/unit/test_options.py +=================================================================== +--- pip-24.1.1.orig/tests/unit/test_options.py ++++ pip-24.1.1/tests/unit/test_options.py @@ -1,4 +1,5 @@ import os +import os.path @@ -136,7 +146,7 @@ from tests.lib.options_helpers import AddFakeCommandMixin -@@ -618,6 +620,9 @@ class TestOptionsConfigFiles: +@@ -617,6 +619,9 @@ class TestOptionsConfigFiles: else: assert expect == cmd._determine_file(options, need_value=False) diff --git a/python-pip.changes b/python-pip.changes index 2c3858b..3a336e8 100644 --- a/python-pip.changes +++ b/python-pip.changes @@ -1,3 +1,60 @@ +------------------------------------------------------------------- +Sun Jun 30 18:45:16 UTC 2024 - Dirk Müller + +- update to 24.1.1: + * Actually use system trust stores when the truststore feature + is enabled. + * Report informative messages about invalid requirements. + * Eagerly import the self version check logic to avoid crashes + while upgrading or downgrading pip at the same time. + * Accommodate for mismatches between different sources of truth + for extra names, for packages generated by setuptools. + * Accommodate for development versions of CPython ending in + + in the version string. + * requests provides optional character detection support on + some APIs when processing ambiguous bytes. This isn't + relevant for pip to function and we're able to remove it due + to recent upstream changes. + * Drop support for EOL Python 3.7. + * Remove support for legacy versions and dependency specifiers. + * Packages with non standard-compliant versions or dependency + specifiers are now ignored by the resolver. Already installed + packages with non standard-compliant versions or dependency + specifiers must be uninstalled before upgrading them. + * Improve performance of resolution of large dependency trees, + with more caching. + * Further improve resolution performance of large dependency + trees, by caching hash calculations. + * Reduce startup time of commands (e.g. show, freeze) that do + not access the network by 15-30%. + * Reword and improve presentation of uninstallation errors. + * Add a 'raw' progress_bar type for simple and parsable + download progress reports + * pip list no longer performs the pip version check unless + --outdated or --uptodate is given. + * Use the data_filter when extracting tarballs, if it's + available. + * Display the Project-URL value under key "Home-page" in pip + show when the Home-Page metadata field is not set. + * The Project-URL key detection is case-insensitive, and + ignores any dashes and underscores. + * Ensure -vv gets passed to any pip install build environment + subprocesses. + * Deduplicate entries in the Requires field of pip show. + * Fix error on checkout for subversion and bazaar with verbose + mode on. + * Fix exception with completions when COMP_CWORD is not set + * Fix intermittent "cannot locate t64.exe" errors when + upgrading pip. + * Remove duplication in invalid wheel error message + * Remove the incorrect pip3.x console entrypoint from the pip + wheel. This console script continues to be generated by pip + when it installs itself. + * Gracefully skip VCS detection in pip freeze when PATH points + to a non-directory path. + * Make the --proxy parameter take precedence over environment + variables. + ------------------------------------------------------------------- Sun Apr 28 19:10:12 UTC 2024 - Dirk Müller diff --git a/python-pip.spec b/python-pip.spec index 7bcd08d..3e3fa83 100644 --- a/python-pip.spec +++ b/python-pip.spec @@ -34,7 +34,7 @@ %define mypython python %{?sle15_python_module_pythons} Name: python-pip%{psuffix} -Version: 24.0 +Version: 24.1.1 Release: 0 Summary: A Python package management system License: MIT @@ -69,15 +69,15 @@ BuildRequires: %{python_module pip = %{version}} BuildRequires: %{python_module PyYAML} BuildRequires: %{python_module Werkzeug} BuildRequires: %{python_module cryptography} -BuildRequires: %{python_module docutils} BuildRequires: %{python_module freezegun} BuildRequires: %{python_module installer} BuildRequires: %{python_module pretend} +BuildRequires: %{python_module pytest-xdist} BuildRequires: %{python_module pytest} BuildRequires: %{python_module scripttest} BuildRequires: %{python_module setuptools-wheel} BuildRequires: %{python_module virtualenv >= 1.10} -BuildRequires: ca-certificates +BuildRequires: ca-certificates-mozilla BuildRequires: git-core %endif %python_subpackages @@ -114,7 +114,6 @@ done # Remove windows executable binaries # bsc#1212015 rm -v src/pip/_vendor/distlib/*.exe -sed -i '/\.exe/d' setup.py %build %if !%{with test}