rpm/python-pip
SHA256
1
0
Fork 0
forked from pool/python-pip
Code Pull Requests Activity

Accepting request 841036 from home:bnavigator:branches:devel:languages:python

Browse Source 
Update to 20.2.3

With the increased use of %pyproject_wheel we need an up to date pip

Needs new package python-csv23 for testing

OBS-URL: https://build.opensuse.org/request/show/841036
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pip?expand=0&rev=82
This commit is contained in:
Tomáš Chvátal 2020-10-15 08:14:59 +00:00 committed by Git OBS Bridge
parent ced1a9187c
commit 86e65d86fb
7 changed files with 350 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
20.0.2.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:00bdc118df4552f654a5ccf0bd3ff1a7d101ee7d7ac899fe9a752363b3f2f070
size 6445047

15
_service
View File

@ -1,15 +0,0 @@
<services>
<service name="tar_scm" mode="disabled">
<param name="url">https://github.com/pypa/pip</param>
<param name="scm">git</param>
<param name="exclude">.git*</param>
<param name="changesgenerate">enable</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="revision">082bc0411e9d17b3c80efed9237c61d7446515f5</param>
</service>
<service name="recompress" mode="disabled">
<param name="compression">xz</param>
<param name="file">*.tar</param>
</service>
<service name="set_version" mode="disabled"/>
</services>

4
_servicedata
View File

@ -1,4 +0,0 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/pypa/pip</param>
<param name="changesrevision">082bc0411e9d17b3c80efed9237c61d7446515f5</param></service></servicedata>

3
pip-20.2.3-gh.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:57125defc81049b227fd81679664221d2d9b2bc5d3b855660a93bf87ecdc3509
size 8719284

73
pip-shipped-requests-cabundle.patch
View File

@ -1,10 +1,69 @@
--- a/src/pip/_vendor/certifi/core.py Index: pip-20.2.3/src/pip/_vendor/certifi/core.py
+++ b/src/pip/_vendor/certifi/core.py ===================================================================
@@ -10,6 +10,4 @@ import os --- pip-20.2.3.orig/src/pip/_vendor/certifi/core.py
+++ pip-20.2.3/src/pip/_vendor/certifi/core.py
@@ -5,56 +5,18 @@ certifi.py
~~~~~~~~~~
This module returns the installation location of cacert.pem or its contents.
-"""
-import os
def where(): -try:
- f = os.path.dirname(__file__) - from importlib.resources import path as get_path, read_text
+Patched by openSUSE: return the system bundle
+"""
- _CACERT_CTX = None
- _CACERT_PATH = None
+def read_text(_module=None, _path=None, encoding="ascii"):
+ with open(where(), "r", encoding=encoding) as data:
+ return data.read()
- def where():
- # This is slightly terrible, but we want to delay extracting the file
- # in cases where we're inside of a zipimport situation until someone
- # actually calls where(), but we don't want to re-extract the file
- # on every call of where(), so we'll do it once then store it in a
- # global variable.
- global _CACERT_CTX
- global _CACERT_PATH
- if _CACERT_PATH is None:
- # This is slightly janky, the importlib.resources API wants you to
- # manage the cleanup of this file, so it doesn't actually return a
- # path, it returns a context manager that will give you the path
- # when you enter it and will do any cleanup when you leave it. In
- # the common case of not needing a temporary file, it will just
- # return the file system location and the __exit__() is a no-op.
- #
- # We also have to hold onto the actual context manager, because
- # it will do the cleanup whenever it gets garbage collected, so
- # we will also store that at the global level as well.
- _CACERT_CTX = get_path("pip._vendor.certifi", "cacert.pem")
- _CACERT_PATH = str(_CACERT_CTX.__enter__())
- -
- return os.path.join(f, 'cacert.pem') - return _CACERT_PATH
+ return '/etc/ssl/ca-bundle.pem' -
-
-except ImportError:
- # This fallback will work for Python versions prior to 3.7 that lack the
- # importlib.resources module but relies on the existing `where` function
- # so won't address issues with environments like PyOxidizer that don't set
- # __file__ on modules.
- def read_text(_module, _path, encoding="ascii"):
- with open(where(), "r", encoding=encoding) as data:
- return data.read()
-
- # If we don't have importlib.resources, then we will just do the old logic
- # of assuming we're on the filesystem and munge the path directly.
- def where():
- f = os.path.dirname(__file__)
- return os.path.join(f, "cacert.pem")
+def where():
+ return "/etc/ssl/ca-bundle.pem"
def contents():
- return read_text("certifi", "cacert.pem", encoding="ascii")
+ return read_text(encoding="ascii")

252
python-pip.changes
View File

@ -1,3 +1,255 @@
-------------------------------------------------------------------
Sun Oct 11 13:08:15 UTC 2020 - Benjamin Greiner <code@bnavigator.de>
- Update to 20.2.3
Deprecations and Removals
* Deprecate support for Python 3.5 (#8181)
Features
* Make the setup.py install deprecation warning less
noisy. We warn only when setup.py install succeeded and
setup.py bdist_wheel failed, as situations where both
fails are most probably irrelevant to this deprecation.
(#8752)
- 20.2.2
Bug Fixes
* Only attempt to use the keyring once and if it fails, dont try
again. This prevents spamming users with several keyring unlock
prompts when they cannot unlock or dont want to do so. (#8090)
* Fix regression that distributions in system site-packages are
not correctly found when a virtual environment is configured
with system-site-packages on. (#8695)
* Disable caching for range requests, which causes corrupted
wheels when pip tries to obtain metadata using the feature
fast-deps. (#8701, #8716)
* Always use UTF-8 to read pyvenv.cfg to match the built-in venv.
(#8717)
* 2020 Resolver: Correctly handle marker evaluation in
constraints and exclude them if their markers do not match the
current environment. (#8724)
- 20.2.1
Features
* Ignore require-virtualenv in pip list (#8603)
Bug Fixes
* Correctly find already-installed distributions with dot (.) in
the name and uninstall them when needed. (#8645)
* Trace a better error message on installation failure due to
invalid .data files in wheels. (#8654)
* Fix SVN version detection for alternative SVN distributions.
(#8665)
* New resolver: Correctly include the base package when specified
with extras in --no-deps mode. (#8677)
* Use UTF-8 to handle ZIP archive entries on Python 2 according
to PEP 427, so non-ASCII paths can be resolved as expected.
(#8684)
Improved Documentation
* Add details on old resolver deprecation and removal to
migration documentation. (#8371)
* Fix feature flag name in docs. (#8660)
- 20.2 (2020-07-29)
Deprecations and Removals
* Deprecate setup.py-based builds that do not generate an .egg-
info directory. (#6998, #8617)
* Disallow passing install-location-related arguments in --
install-options. (#7309)
* Add deprecation warning for invalid requirements format
“base>=1.0[extra]” (#8288)
* Deprecate legacy setup.py install when building a wheel failed
for source distributions without pyproject.toml (#8368)
* Deprecate -b/--build/--build-dir/--build-directory. Its current
behaviour is confusing and breaks in case different versions of
the same distribution need to be built during the resolution
process. Using the TMPDIR/TEMP/TMP environment variable,
possibly combined with --no-clean covers known use cases.
(#8372)
* Remove undocumented and deprecated option --always-unzip
(#8408)
Features
* Log debugging information about pip, in pip install --verbose.
(#3166)
* Refine error messages to avoid showing Python tracebacks when
an HTTP error occurs. (#5380)
* Install wheel files directly instead of extracting them to a
temp directory. (#6030)
* Add a beta version of pips next-generation dependency
resolver.
* Move pips new resolver into beta, remove the --unstable-
feature=resolver flag, and enable the --use-feature=2020-
resolver flag. The new resolver is significantly stricter and
more consistent when it receives incompatible instructions, and
reduces support for certain kinds of Constraints Files, so some
workarounds and workflows may break. More details about how to
test and migrate, and how to report issues, at Changes to the
pip dependency resolver in 20.2 (2020) . Maintainers are
preparing to release pip 20.3, with the new resolver on by
default, in October. (#6536)
* Introduce a new ResolutionImpossible error, raised when pip
encounters un-satisfiable dependency conflicts (#8546, #8377)
* Add a subcommand debug to pip config to list available
configuration sources and the key-value pairs defined in them.
(#6741)
* Warn if index pages have unexpected content-type (#6754)
* Allow specifying --prefer-binary option in a requirements file (#7693)
* Generate PEP 376 REQUESTED metadata for user supplied
requirements installed by pip. (#7811)
* Warn if package url is a vcs or an archive url with invalid
scheme (#8128)
* Parallelize network operations in pip list. (#8504)
* Allow the new resolver to obtain dependency information through
wheels lazily downloaded using HTTP range requests. To enable
this feature, invoke pip with --use-feature=fast-deps. (#8588)
* Support --use-feature in requirements files (#8601)
* Bug Fixes
* Use canonical package names while looking up already installed
packages. (#5021)
* Fix normalizing path on Windows when installing package on
another logical disk. (#7625)
* The VCS commands run by pip as subprocesses dont merge stdout
and stderr anymore, improving the output parsing by subsequent
commands. (#7968)
* Correctly treat non-ASCII entry point declarations in wheels so
they can be installed on Windows. (#8342)
* Update author email in config and tests to reflect
decommissioning of pypa-dev list. (#8454)
* Headers provided by wheels in .data directories are now
correctly installed into the user-provided locations, such as
--prefix, instead of the virtual environment pip is running in.
(#8521)
Vendored Libraries
* Vendored htmlib5 no longer imports deprecated
xml.etree.cElementTree on Python 3.
* Upgrade appdirs to 1.4.4
* Upgrade certifi to 2020.6.20
* Upgrade distlib to 0.3.1
* Upgrade html5lib to 1.1
* Upgrade idna to 2.10
* Upgrade packaging to 20.4
* Upgrade requests to 2.24.0
* Upgrade six to 1.15.0
* Upgrade toml to 0.10.1
* Upgrade urllib3 to 1.25.9
Improved Documentation
* Add --no-input option to pip docs (#7688)
* List of options supported in requirements file are extracted
from source of truth, instead of being maintained manually.
(#7908)
* Fix pip config docstring so that the subcommands render
correctly in the docs (#8072)
* replace links to the old pypa-dev mailing list with https://
mail.python.org/mailman3/lists/distutils-sig.python.org/
(#8353)
* Fix example for defining multiple values for options which
support them (#8373)
* Add documentation for the ResolutionImpossible error that helps
the user fix dependency conflicts (#8459)
* Add feature flags to docs (#8512)
* Document how to install package extras from git branch and
source distributions. (#8576)
- 20.2b1
Bug Fixes
* Correctly treat wheels containing non-ASCII file contents so
they can be installed on Windows. (#5712)
* Prompt the user for password if the keyring backend doesnt
return one (#7998)
Improved Documentation
* Add GitHub issue template for reporting when the dependency
resolver fails (#8207)
- 20.1.1
Deprecations and Removals
* Revert building of local directories in place, restoring the
pre-20.1 behaviour of copying to a temporary directory. (#7555)
* Drop parallelization from pip list --outdated. (#8167)
Bug Fixes
* Fix metadata permission issues when umask has the executable
bit set. (#8164)
* Avoid unnecessary message about the wheel package not being
installed when a wheel would not have been built. Additionally,
clarify the message. (#8178)
- 20.1
Process
* Document that pip 21.0 will drop support for Python 2.7.
Features
* Add pip cache dir to show the cache directory. (#7350)
Bug Fixes
* Abort pip cache commands early when cache is disabled. (#8124)
* Correctly set permissions on metadata files during wheel
installation, to permit non-privileged users to read from
system site-packages. (#8139)
- 20.1b1
Deprecations and Removals
* Remove emails from AUTHORS.txt to prevent usage for spamming,
and only populate names in AUTHORS.txt at time of release
(#5979)
* Remove deprecated --skip-requirements-regex option. (#7297)
* Building of local directories is now done in place, instead of
a temporary location containing a copy of the directory tree.
(#7555)
* Remove unused tests/scripts/test_all_pip.py test script and the
tests/scripts folder. (#7680)
Features
* pip now implements PEP 610, so pip freeze has better fidelity
in presence of distributions installed from Direct URL
requirements. (#609)
* Add pip cache command for inspecting/managing pips wheel
cache. (#6391)
* Raise error if --user and --target are used together in pip
install (#7249)
* Significantly improve performance when --find-links points to a
very large HTML page. (#7729)
* Indicate when wheel building is skipped, due to lack of the
wheel package. (#7768)
* Change default behaviour to always cache responses from
trusted-host source. (#7847)
* An alpha version of a new resolver is available via --unstable-
feature=resolver. (#988)
Bug Fixes
* Correctly freeze a VCS editable package when it is nested
inside another VCS repository. (#3988)
* Correctly handle %2F in URL parameters to avoid accidentally
unescape them into /. (#6446)
* Reject VCS URLs with an empty revision. (#7402)
* Warn when an invalid URL is passed with --index-url (#7430)
* Use better mechanism for handling temporary files, when
recording metadata about installed files (RECORD) and the
installer (INSTALLER). (#7699)
* Correctly detect global site-packages availability of virtual
environments created by PyPAs virtualenv>=20.0. (#7718)
* Remove current directory from sys.path when invoked as
python -m pip <command> (#7731)
* Stop failing uninstallation, when trying to remove non-
existent files. (#7856)
* Prevent an infinite recursion with pip wheel when $TMPDIR is
within the source directory. (#7872)
* Significantly speedup pip list --outdated by parallelizing
index interaction. (#7962)
* Improve Windows compatibility when detecting writability in
folder. (#8013)
Vendored Libraries
* Update semi-supported debundling script to reflect that
appdirs is vendored.
* Add ResolveLib as a vendored dependency.
* Upgrade certifi to 2020.04.05.1
* Upgrade contextlib2 to 0.6.0.post1
* Upgrade distro to 1.5.0.
* Upgrade idna to 2.9.
* Upgrade msgpack to 1.0.0.
* Upgrade packaging to 20.3.
* Upgrade pep517 to 0.8.2.
* Upgrade pyparsing to 2.4.7.
* Remove pytoml as a vendored dependency.
* Upgrade requests to 2.23.0.
* Add toml as a vendored dependency.
* Upgrade urllib3 to 1.25.8.
Improved Documentation
* Emphasize that VCS URLs using git, git+git and git+http are
insecure due to lack of authentication and encryption (#1983)
* Clarify the usage of --no-binary command. (#3191)
* Clarify the usage of freeze command in the example of Using pip in your program (#7008)
* Add a “Copyright” page. (#7767)
* Added example of defining multiple values for options which
support them (#7803)
- Test on test flavor without installing package
- Update pip-shipped-requests-cabundle.patch for newer certifi
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Mar 19 09:42:10 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com> Thu Mar 19 09:42:10 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>

39
python-pip.spec
View File

@ -26,15 +26,19 @@
%bcond_with test %bcond_with test
%endif %endif
Name: python-pip%{psuffix} Name: python-pip%{psuffix}
Version: 20.0.2 Version: 20.2.3
Release: 0 Release: 0
Summary: A Python package management system Summary: A Python package management system
License: MIT License: MIT
URL: http://www.pip-installer.org URL: http://www.pip-installer.org
Source: https://github.com/pypa/pip/archive/%{version}.tar.gz # The PyPI archive lacks the tests
Source1: setuptools-45.1.0-py3-none-any.whl Source: https://github.com/pypa/pip/archive/%{version}.tar.gz#/pip-%{version}-gh.tar.gz
# Wheel used for testing, no need to update regularly beyond the minimum version specified in
# tools/requirements/tests-common_wheels.txt
Source1: https://files.pythonhosted.org/packages/py3/s/setuptools/setuptools-45.1.0-py3-none-any.whl
# PATCH-FIX-OPENSUSE pip-shipped-requests-cabundle.patch -- adapted patch from python-certifi package
Patch0: pip-shipped-requests-cabundle.patch Patch0: pip-shipped-requests-cabundle.patch
BuildRequires: %{python_module setuptools} BuildRequires: %{python_module setuptools >= 40.8.0}
BuildRequires: fdupes BuildRequires: fdupes
BuildRequires: python-rpm-macros BuildRequires: python-rpm-macros
Requires: ca-certificates Requires: ca-certificates
@ -50,14 +54,15 @@ BuildArch: noarch
BuildRequires: %{python_module PyYAML} BuildRequires: %{python_module PyYAML}
BuildRequires: %{python_module Werkzeug} BuildRequires: %{python_module Werkzeug}
BuildRequires: %{python_module cryptography} BuildRequires: %{python_module cryptography}
BuildRequires: %{python_module csv23}
BuildRequires: %{python_module docutils} BuildRequires: %{python_module docutils}
BuildRequires: %{python_module freezegun} BuildRequires: %{python_module freezegun}
BuildRequires: %{python_module mock} BuildRequires: %{python_module mock}
BuildRequires: %{python_module pip = %{version}}
BuildRequires: %{python_module pretend} BuildRequires: %{python_module pretend}
BuildRequires: %{python_module pytest} BuildRequires: %{python_module pytest}
BuildRequires: %{python_module scripttest >= 1.3} BuildRequires: %{python_module scripttest}
BuildRequires: %{python_module virtualenv >= 1.10} BuildRequires: %{python_module virtualenv >= 1.10}
BuildRequires: %{python_module wheel}
BuildRequires: ca-certificates BuildRequires: ca-certificates
BuildRequires: git BuildRequires: git
BuildRequires: subversion BuildRequires: subversion
@ -71,7 +76,11 @@ pip-installable as well.
%prep %prep
%setup -q -n pip-%{version} %setup -q -n pip-%{version}
# Unbundling is not advised by upstream. See src/pip/_vendor/README.rst
# Exception: Use our own cabundle. Adapted patch from python-certifi package
%patch0 -p1 %patch0 -p1
rm src/pip/_vendor/certifi/cacert.pem
%if %{with test} %if %{with test}
mkdir -p tests/data/common_wheels mkdir -p tests/data/common_wheels
cp %{SOURCE1} tests/data/common_wheels/ cp %{SOURCE1} tests/data/common_wheels/
@ -80,13 +89,12 @@ cp %{SOURCE1} tests/data/common_wheels/
for f in $(find src -name \*.py -exec grep -l '^#!%{_bindir}/env' {} \;); do for f in $(find src -name \*.py -exec grep -l '^#!%{_bindir}/env' {} \;); do
sed -i 's|^#!%{_bindir}/env .*$||g' $f sed -i 's|^#!%{_bindir}/env .*$||g' $f
done done
rm src/pip/_vendor/certifi/cacert.pem
%build %build
%python_build %python_build
%install
%if ! %{with test} %if ! %{with test}
%install
%python_install %python_install
%prepare_alternative pip %prepare_alternative pip
%python_expand %fdupes %{buildroot}%{$python_sitelib} %python_expand %fdupes %{buildroot}%{$python_sitelib}
@ -94,8 +102,19 @@ rm src/pip/_vendor/certifi/cacert.pem
%if %{with test} %if %{with test}
%check %check
export PYTHONPATH=build/lib export PYTHONPATH=$(pwd)/build/lib
%pytest -k 'not network and not (test_build_env_allow_only_one_install or test_build_env_requirements_check or test_build_env_overlay_prefix_has_priority or test_build_env_isolation or test_should_cache_git_sha)' tests/unit # no network on OBS
donttest="test_network or test_remote_reqs_parse"
# incompatible virtualenv version
donttest+=" or test_build_env_allow_only_one_install"
donttest+=" or test_build_env_isolation"
donttest+=" or test_build_env_requirements_check"
donttest+=" or test_build_env_overlay_prefix_has_priority"
donttest+=" or test_should_cache_git_sha"
# incompatible virtualenv version and no coverage wheel in common_wheels
donttest+=" or test_from_link_vcs_with_source_dir_obtains_commit_id"
donttest+=" or test_from_link_vcs_without_source_dir"
%pytest -k "not ($donttest)" tests/unit
%endif %endif
%pre %pre