Accepting request 1299256 from devel:languages:python

OBS-URL: https://build.opensuse.org/request/show/1299256
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-pip?expand=0&rev=71

disable-ssl-context-in-buildenv.patch

@@ -7,7 +7,7 @@ Index: pip-24.2/src/pip/_vendor/requests/adapters.py
          extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH)
      )
 -except ImportError:
-+except (ImportError, FileNotFoundError):
++except (ImportError, FileNotFoundError, ssl.SSLError):
      # Bypass default SSLContext creation when Python
      # interpreter isn't built with the ssl module.
      _preloaded_ssl_context = None
@@ -22,7 +22,7 @@ Index: pip-24.2/src/pip/_internal/cli/index_command.py
 -    ctx.load_verify_locations(certifi.where())
 +    try:
 +        ctx.load_verify_locations(certifi.where())
-+    except FileNotFoundError:
++    except (FileNotFoundError, ssl.SSLError):
 +        logger.warning("Disabling truststore because of missing certificates")
 +        return None
      return ctx

distutils-reproducible-compile.patch

@@ -1,17 +0,0 @@
----
- src/pip/_vendor/distlib/wheel.py |    2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-Index: pip-24.1.1/src/pip/_vendor/distlib/wheel.py
-===================================================================
---- pip-24.1.1.orig/src/pip/_vendor/distlib/wheel.py
-+++ pip-24.1.1/src/pip/_vendor/distlib/wheel.py
-@@ -578,7 +578,7 @@ class Wheel(object):
-             maker.source_dir = workdir
-             maker.target_dir = None
-             try:
--                for zinfo in zf.infolist():
-+                for zinfo in sorted(zf.infolist()):
-                     arcname = zinfo.filename
-                     if isinstance(arcname, text_type):
-                         u_arcname = arcname

flit-core.patch

@@ -0,0 +1,369 @@
+From 9abe08127cb666e9eef9e231d4bec0e89afdc830 Mon Sep 17 00:00:00 2001
+From: Damian Shaw <damian.peter.shaw@gmail.com>
+Date: Fri, 1 Aug 2025 20:59:08 -0400
+Subject: [PATCH 1/5] Use flit to build pip distributions
+
+---
+ .github/workflows/ci.yml                      |  2 +-
+ MANIFEST.in                                   | 34 -----------
+ build-project/build-requirements.in           |  2 +-
+ build-project/build-requirements.txt          | 16 +++--
+ .../html/development/architecture/anatomy.rst |  1 -
+ pyproject.toml                                | 60 +++++++++++--------
+ 6 files changed, 44 insertions(+), 71 deletions(-)
+ delete mode 100644 MANIFEST.in
+
+diff --git a/MANIFEST.in b/MANIFEST.in
+deleted file mode 100644
+index 998cb4f485e..00000000000
+--- a/MANIFEST.in
++++ /dev/null
+@@ -1,34 +0,0 @@
+-include NEWS.rst
+-include README.rst
+-include SECURITY.md
+-include pyproject.toml
+-
+-include build-project/build-requirements.in
+-include build-project/build-requirements.txt
+-include build-project/build-project.py
+-include build-project/.python-version
+-
+-include src/pip/_vendor/README.rst
+-include src/pip/_vendor/vendor.txt
+-
+-include docs/requirements.txt
+-
+-exclude .git-blame-ignore-revs
+-exclude .mailmap
+-exclude .readthedocs.yml
+-exclude .pre-commit-config.yaml
+-exclude .readthedocs-custom-redirects.yml
+-exclude noxfile.py
+-
+-recursive-include src/pip/_vendor *.pem
+-recursive-include src/pip/_vendor py.typed
+-recursive-include docs *.css *.py *.rst *.md
+-recursive-include docs *.dot *.png
+-
+-recursive-exclude src/pip/_vendor *.pyi
+-
+-prune .github
+-prune docs/build
+-prune news
+-prune tests
+-prune tools
+diff --git a/build-project/build-requirements.in b/build-project/build-requirements.in
+index 4bc215a28d0..07a76cea647 100644
+--- a/build-project/build-requirements.in
++++ b/build-project/build-requirements.in
+@@ -1,2 +1,2 @@
+ build
+-setuptools
++flit-core
+diff --git a/build-project/build-requirements.txt b/build-project/build-requirements.txt
+index c0cf0575088..65b647daf2c 100644
+--- a/build-project/build-requirements.txt
++++ b/build-project/build-requirements.txt
+@@ -8,17 +8,15 @@ build==1.2.2.post1 \
+     --hash=sha256:1d61c0887fa860c01971625baae8bdd338e517b836a2f70dd1f7aa3a6b2fc5b5 \
+     --hash=sha256:b36993e92ca9375a219c99e606a122ff365a760a2d4bba0caa09bd5278b608b7
+     # via -r build-requirements.in
+-packaging==24.2 \
+-    --hash=sha256:09abb1bccd265c01f4a3aa3f7a7db064b36514d2cba19a2f694fe6150451a759 \
+-    --hash=sha256:c228a6dc5e932d346bc5739379109d49e8853dd8223571c7c5b55260edc0b97f
++flit-core==3.12.0 \
++    --hash=sha256:18f63100d6f94385c6ed57a72073443e1a71a4acb4339491615d0f16d6ff01b2 \
++    --hash=sha256:e7a0304069ea895172e3c7bb703292e992c5d1555dd1233ab7b5621b5b69e62c
++    # via -r build-requirements.in
++packaging==25.0 \
++    --hash=sha256:29572ef2b1f17581046b3a2227d5c611fb25ec70ca1ba8554b24b0e69331a484 \
++    --hash=sha256:d443872c98d677bf60f6a1f2f8c1cb748e8fe762d2bf9d3148b5599295b0fc4f
+     # via build
+ pyproject-hooks==1.2.0 \
+     --hash=sha256:1e859bd5c40fae9448642dd871adf459e5e2084186e8d2c2a79a824c970da1f8 \
+     --hash=sha256:9e5c6bfa8dcc30091c74b0cf803c81fdd29d94f01992a7707bc97babb1141913
+     # via build
+-
+-# The following packages are considered to be unsafe in a requirements file:
+-setuptools==80.9.0 \
+-    --hash=sha256:062d34222ad13e0cc312a4c02d73f059e86a4acbfbdea8f8f76b28c99f306922 \
+-    --hash=sha256:f36b47402ecde768dbfafc46e8e4207b4360c654f1f3bb84475f0a28628fb19c
+-    # via -r build-requirements.in
+diff --git a/docs/html/development/architecture/anatomy.rst b/docs/html/development/architecture/anatomy.rst
+index d5e205654ff..7a0fefbfa63 100644
+--- a/docs/html/development/architecture/anatomy.rst
++++ b/docs/html/development/architecture/anatomy.rst
+@@ -18,7 +18,6 @@ The ``README``, license, ``pyproject.toml``, and so on are in the top level.
+ 
+ * ``AUTHORS.txt``
+ * ``LICENSE.txt``
+-* ``MANIFEST.in``
+ * ``NEWS.rst``
+ * ``pyproject.toml``
+ * ``README.rst``
+diff --git a/pyproject.toml b/pyproject.toml
+index 2da4e4aa2b5..7c68cc64433 100644
+--- a/pyproject.toml
++++ b/pyproject.toml
+@@ -1,6 +1,5 @@
+ [project]
+ dynamic = ["version"]
+-
+ name = "pip"
+ description = "The PyPA recommended tool for installing Python packages."
+ readme = "README.rst"
+@@ -46,12 +45,13 @@ Source = "https://github.com/pypa/pip"
+ Changelog = "https://pip.pypa.io/en/stable/news/"
+ 
+ [build-system]
+-requires = ["setuptools>=77"]
+-build-backend = "setuptools.build_meta"
++requires = ["flit-core >=3.11,<4"]
++build-backend = "flit_core.buildapi"
+ 
+ [dependency-groups]
+ test = [
+     "cryptography",
++    "flit-core >= 3.11, < 4",
+     "freezegun",
+     "installer",
+     # pytest-subket requires 7.0+
+@@ -73,37 +73,35 @@ test = [
+ ]
+ 
+ test-common-wheels = [
++    "flit-core >= 3.11, < 4",
+     # We pin setuptools<80 because our test suite currently
+     # depends on setup.py develop to generate egg-link files.
+     "setuptools >= 40.8.0, != 60.6.0, <80",
+     "wheel",
++    "flit-core",
+     # As required by pytest-cov.
+     "coverage >= 4.4",
+     "pytest-subket >= 0.8.1",
+ ]
+ 
+-[tool.setuptools]
+-package-dir = {"" = "src"}
+-include-package-data = false
+-
+-[tool.setuptools.dynamic]
+-version = {attr = "pip.__version__"}
+-
+-[tool.setuptools.packages.find]
+-where = ["src"]
+-exclude = ["contrib", "docs", "tests*", "tasks"]
+-
+-[tool.setuptools.package-data]
+-"pip" = ["py.typed"]
+-"pip._vendor" = ["vendor.txt"]
+-"pip._vendor.certifi" = ["*.pem"]
+-"pip._vendor.distlib" = [
+-    "t32.exe",
+-    "t64.exe",
+-    "t64-arm.exe",
+-    "w32.exe",
+-    "w64.exe",
+-    "w64-arm.exe",
++[tool.flit.sdist]
++include = [
++    "NEWS.rst",
++    "SECURITY.md",
++    "build-project/.python-version",
++    "build-project/build-project.py",
++    "build-project/build-requirements.in",
++    "build-project/build-requirements.txt",
++    "docs/requirements.txt",
++    "docs/**/*.css",
++    "docs/**/*.dot",
++    "docs/**/*.md",
++    "docs/**/*.png",
++    "docs/**/*.py",
++    "docs/**/*.rst",
++]
++exclude = [
++    "src/pip/_vendor/**/*.pyi",
+ ]
+ 
+ ######################################################################################
+@@ -362,3 +360,15 @@ exclude_also = [
+     # This excludes typing-specific code, which will be validated by mypy anyway.
+     "if TYPE_CHECKING",
+ ]
++
++[tool.check-sdist]
++git-only = [
++  "tests/**",
++  "tools/**",
++  "news/.gitignore",
++  ".gitattributes",
++  ".gitignore",
++  ".git-blame-ignore-revs",
++  ".mailmap",
++  ".readthedocs-custom-redirects.yml"
++]
+
+From 95f685d279473a401314a4b583ebbcf6ce4720af Mon Sep 17 00:00:00 2001
+From: Damian Shaw <damian.peter.shaw@gmail.com>
+Date: Fri, 1 Aug 2025 20:59:19 -0400
+Subject: [PATCH 2/5] Fix tests for flit
+
+---
+ tests/functional/test_freeze.py      | 41 ++++++++++++----------------
+ tests/functional/test_self_update.py |  3 ++
+ 2 files changed, 21 insertions(+), 23 deletions(-)
+
+diff --git a/tests/functional/test_freeze.py b/tests/functional/test_freeze.py
+index 0a7cedd11cb..9883beb87fd 100644
+--- a/tests/functional/test_freeze.py
++++ b/tests/functional/test_freeze.py
+@@ -99,38 +99,33 @@ def test_freeze_with_pip(script: PipTestEnvironment) -> None:
+ 
+ def test_freeze_with_setuptools(script: PipTestEnvironment) -> None:
+     """
+-    Test that pip shows setuptools only when --all is used
+-    or _should_suppress_build_backends() returns false
++    Test that pip shows setuptools only when --all is used on Python < 3.12,
++    otherwise it should be shown in default freeze output.
+     """
+ 
+     result = script.pip("freeze", "--all")
+     assert "setuptools==" in result.stdout
+ 
+-    (script.site_packages_path / "mock.pth").write_text("import mock\n")
+-
+-    (script.site_packages_path / "mock.py").write_text(
+-        textwrap.dedent(
+-            """\
+-                import pip._internal.commands.freeze as freeze
+-                freeze._should_suppress_build_backends = lambda: False
+-            """
+-        )
+-    )
+-
++    # Test the default behavior (without --all)
+     result = script.pip("freeze")
+-    assert "setuptools==" in result.stdout
+ 
+-    (script.site_packages_path / "mock.py").write_text(
+-        textwrap.dedent(
+-            """\
+-                import pip._internal.commands.freeze as freeze
+-                freeze._should_suppress_build_backends = lambda: True
+-            """
++    should_suppress = sys.version_info < (3, 12)
++    if should_suppress:
++        # setuptools should be hidden in default freeze output
++        assert "setuptools==" not in result.stdout, (
++            f"setuptools should be suppressed in Python {sys.version_info[:2]} "
++            f"but was found in freeze output: {result.stdout}"
++        )
++    else:
++        # setuptools should be shown in default freeze output
++        assert "setuptools==" in result.stdout, (
++            f"setuptools should be shown in Python {sys.version_info[:2]} "
++            f"but was not found in freeze output: {result.stdout}"
+         )
+-    )
+ 
+-    result = script.pip("freeze")
+-    assert "setuptools==" not in result.stdout
++    # --all should always show setuptools regardless of version
++    result_all = script.pip("freeze", "--all")
++    assert "setuptools==" in result_all.stdout
+ 
+ 
+ def test_exclude_and_normalization(script: PipTestEnvironment, tmpdir: Path) -> None:
+diff --git a/tests/functional/test_self_update.py b/tests/functional/test_self_update.py
+index 1331a87c319..9019e89211d 100644
+--- a/tests/functional/test_self_update.py
++++ b/tests/functional/test_self_update.py
+@@ -8,6 +8,9 @@ def test_self_update_editable(script: Any, pip_src: Any) -> None:
+     # mode, that pip can safely update itself to an editable install.
+     # See https://github.com/pypa/pip/issues/12666 for details.
+ 
++    # Install flit-core (build backend) since we use --no-build-isolation
++    script.pip("install", "flit-core")
++
+     # Step 1. Install pip as non-editable. This is expected to succeed as
+     # the existing pip in the environment is installed in editable mode, so
+     # it only places a .pth file in the environment.
+
+From 41352dfaae2b518b361158748303bf6b6a821336 Mon Sep 17 00:00:00 2001
+From: Damian Shaw <damian.peter.shaw@gmail.com>
+Date: Fri, 1 Aug 2025 20:59:26 -0400
+Subject: [PATCH 3/5] News entry
+
+---
+ news/13743.feature.rst | 2 ++
+ 1 file changed, 2 insertions(+)
+ create mode 100644 news/13743.feature.rst
+
+diff --git a/news/13743.feature.rst b/news/13743.feature.rst
+new file mode 100644
+index 00000000000..37f7db147f8
+--- /dev/null
++++ b/news/13743.feature.rst
+@@ -0,0 +1,2 @@
++Building pip itself from source now uses flit-core instead of setuptools.
++This does not affect how pip installs or builds packages you use.
+
+From a7807befc6905429eb4127b6765283155d0e97f3 Mon Sep 17 00:00:00 2001
+From: Damian Shaw <damian.peter.shaw@gmail.com>
+Date: Sat, 2 Aug 2025 13:04:24 -0400
+Subject: [PATCH 4/5] Install flit-core offline for `test_self_update_editable`
+
+---
+ tests/functional/test_self_update.py | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/tests/functional/test_self_update.py b/tests/functional/test_self_update.py
+index 9019e89211d..bd09736aead 100644
+--- a/tests/functional/test_self_update.py
++++ b/tests/functional/test_self_update.py
+@@ -1,15 +1,16 @@
+ # Check that pip can update itself correctly
+ 
++from pathlib import Path
+ from typing import Any
+ 
+ 
+-def test_self_update_editable(script: Any, pip_src: Any) -> None:
++def test_self_update_editable(script: Any, pip_src: Any, common_wheels: Path) -> None:
+     # Test that if we have an environment with pip installed in non-editable
+     # mode, that pip can safely update itself to an editable install.
+     # See https://github.com/pypa/pip/issues/12666 for details.
+ 
+     # Install flit-core (build backend) since we use --no-build-isolation
+-    script.pip("install", "flit-core")
++    script.pip("install", "--no-index", "-f", common_wheels, "flit-core")
+ 
+     # Step 1. Install pip as non-editable. This is expected to succeed as
+     # the existing pip in the environment is installed in editable mode, so
+
+From d652eb9a847e061818ef07ba3e8e2f795a959c0f Mon Sep 17 00:00:00 2001
+From: Damian Shaw <damian.peter.shaw@gmail.com>
+Date: Wed, 6 Aug 2025 20:54:24 -0400
+Subject: [PATCH 5/5] Update pyproject.toml
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Co-authored-by: Stéphane Bidoul <stephane.bidoul@acsone.eu>
+---
+ pyproject.toml | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/pyproject.toml b/pyproject.toml
+index 7c68cc64433..56180b9d4a0 100644
+--- a/pyproject.toml
++++ b/pyproject.toml
+@@ -78,7 +78,6 @@ test-common-wheels = [
+     # depends on setup.py develop to generate egg-link files.
+     "setuptools >= 40.8.0, != 60.6.0, <80",
+     "wheel",
+-    "flit-core",
+     # As required by pytest-cov.
+     "coverage >= 4.4",
+     "pytest-subket >= 0.8.1",

pip-25.2-gh.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d09e469f9c6d829eb5094f8369912519c025868a772077e826afd161abd67aee
+size 9121715

pip-shipped-requests-cabundle.patch

@@ -3,11 +3,11 @@
  tests/unit/test_options.py      |    5 +
  2 files changed, 13 insertions(+), 97 deletions(-)
 
-Index: pip-24.1.1/src/pip/_vendor/certifi/core.py
+Index: pip-25.2/src/pip/_vendor/certifi/core.py
 ===================================================================
---- pip-24.1.1.orig/src/pip/_vendor/certifi/core.py
-+++ pip-24.1.1/src/pip/_vendor/certifi/core.py
-@@ -3,112 +3,15 @@ certifi.py
+--- pip-25.2.orig/src/pip/_vendor/certifi/core.py
++++ pip-25.2/src/pip/_vendor/certifi/core.py
+@@ -3,81 +3,14 @@ certifi.py
  ~~~~~~~~~~
  
  This module returns the installation location of cacert.pem or its contents.
@@ -15,16 +15,16 @@ Index: pip-24.1.1/src/pip/_vendor/certifi/core.py
  """
 -import sys
 -import atexit
- 
--def exit_cacert_ctx() -> None:
--    _CACERT_CTX.__exit__(None, None, None)  # type: ignore[union-attr]
 +def read_text(_module=None, _path=None, encoding="ascii"):
 +    with open(where(), "r", encoding=encoding) as data:
 +        return data.read()
  
+-def exit_cacert_ctx() -> None:
+-    _CACERT_CTX.__exit__(None, None, None)  # type: ignore[union-attr]
 +def where() -> str:
 +    return "/etc/ssl/ca-bundle.pem"
  
+-
 -if sys.version_info >= (3, 11):
 -
 -    from importlib.resources import as_file, files
@@ -60,7 +60,7 @@ Index: pip-24.1.1/src/pip/_vendor/certifi/core.py
 -    def contents() -> str:
 -        return files("pip._vendor.certifi").joinpath("cacert.pem").read_text(encoding="ascii")
 -
--elif sys.version_info >= (3, 7):
+-else:
 -
 -    from importlib.resources import path as get_path, read_text
 -
@@ -95,58 +95,29 @@ Index: pip-24.1.1/src/pip/_vendor/certifi/core.py
 -
 -    def contents() -> str:
 -        return read_text("pip._vendor.certifi", "cacert.pem", encoding="ascii")
--
--else:
--    import os
--    import types
--    from typing import Union
--
--    Package = Union[types.ModuleType, str]
--    Resource = Union[str, "os.PathLike"]
--
--    # This fallback will work for Python versions prior to 3.7 that lack the
--    # importlib.resources module but relies on the existing `where` function
--    # so won't address issues with environments like PyOxidizer that don't set
--    # __file__ on modules.
--    def read_text(
--        package: Package,
--        resource: Resource,
--        encoding: str = 'utf-8',
--        errors: str = 'strict'
--    ) -> str:
--        with open(where(), encoding=encoding) as data:
--            return data.read()
--
--    # If we don't have importlib.resources, then we will just do the old logic
--    # of assuming we're on the filesystem and munge the path directly.
--    def where() -> str:
--        f = os.path.dirname(__file__)
--
--        return os.path.join(f, "cacert.pem")
--
--    def contents() -> str:
--        return read_text("pip._vendor.certifi", "cacert.pem", encoding="ascii")
 +def contents() -> str:
 +    return read_text(encoding="ascii")
-Index: pip-24.1.1/tests/unit/test_options.py
+Index: pip-25.2/tests/unit/test_options.py
 ===================================================================
---- pip-24.1.1.orig/tests/unit/test_options.py
-+++ pip-24.1.1/tests/unit/test_options.py
-@@ -1,4 +1,5 @@
+--- pip-25.2.orig/tests/unit/test_options.py
++++ pip-25.2/tests/unit/test_options.py
+@@ -1,6 +1,7 @@
+ from __future__ import annotations
+ 
  import os
 +import os.path
+ from collections.abc import Iterator
  from contextlib import contextmanager
  from optparse import Values
- from tempfile import NamedTemporaryFile
-@@ -11,6 +12,7 @@ from pip._internal.cli.main import main
+@@ -13,6 +14,7 @@ import pip._internal.configuration
+ from pip._internal.cli.main import main
  from pip._internal.commands import create_command
  from pip._internal.commands.configuration import ConfigurationCommand
- from pip._internal.exceptions import PipError
 +from pip._vendor.certifi import where
+ from pip._internal.exceptions import PipError
+ 
  from tests.lib.options_helpers import AddFakeCommandMixin
- 
- 
-@@ -617,6 +619,9 @@ class TestOptionsConfigFiles:
+@@ -621,6 +623,9 @@ class TestOptionsConfigFiles:
          else:
              assert expect == cmd._determine_file(options, need_value=False)
  

python-pip.changes

@@ -1,3 +1,123 @@
+-------------------------------------------------------------------
+Wed Aug 13 12:25:02 UTC 2025 - Markéta Machová <mmachova@suse.com>
+
+- update to 25.2
+  # 25.1
+  * Drop support for Python 3.8.
+  * On python 3.14+, the pkg_resources metadata backend cannot be used
+    anymore.
+  * Hide --no-python-version-warning from CLI help and documentation
+    as it's useless since Python 2 support was removed.
+  * A warning is emitted when the deprecated pkg_resources library is
+    used to inspect and discover installed packages.
+  * Deprecate the legacy setup.py bdist_wheel mechanism. To silence
+    the warning, and future-proof their setup, users should enable
+    --use-pep517 or add a pyproject.toml file to the projects they
+    control.
+  * Using --debug also enables verbose logging.
+  * Display a transient progress bar during package installation.
+  * Add a --group option which allows installation from PEP 735
+    Dependency Groups.
+  * Use PEP 753 "Well-known Project URLs in Metadata" normalization
+    rules when identifying an equivalent project URL to replace
+    a missing Home-Page field in pip show.
+  * Add a new, experimental, pip lock command, implementing PEP 751.
+  * Resolvelib 1.1.0 fixes a known issue where pip would report a
+    ResolutionImpossible error even though there is a valid solution.
+    However, some very complex dependency resolutions that previously
+    resolved may resolve slower or fail with an ResolutionTooDeep error.
+  # 25.2
+  * Declare support for Python 3.14
+  * Automatic download resumption and retrying is enabled by default.
+  * Requires-Python error message displays version clauses in numerical
+    order.
+  * Show time taken instead of eta 0:00:00 at download completion.
+  * Remove warning when cloning from a Git reference that does not look
+    like a commit hash.
+  * pip's own licensing metadata now follows PEP 639. In addition, the
+    licenses of pip's vendored dependencies are now included in the
+    License-File metadata field and in the wheel.
+- Drop no-longer-applicable distutils-reproducible-compile.patch
+  * distlib was trimmed https://github.com/pypa/pip/pull/13342
+- Add upstream flit-core.patch to fix build
+
+-------------------------------------------------------------------
+Thu Apr 17 12:40:51 UTC 2025 - Felix Stegmeier <felix.stegmeier@suse.com>
+
+- update to 25.0.1
+  * Fix an unsupported type annotation on Python 3.10 and earlier. 
+    (#13181)
+  * Fix a regression where truststore would never be used while 
+    installing build dependencies. (#13186)
+  * Deprecate the no-python-version-warning flag as it has long done 
+    nothing since Python 2 support was removed in pip 21.0. (#13154)
+  * Prefer to display PEP 639 License-Expression in pip show if
+    metadata version is at least 2.4. (#13112)
+  * Support PEP 639 License-Expression and License-File metadata 
+    fields in JSON output. pip inspect and pip install --report now 
+    emit license_expression and license_file fields in the metadata 
+    object, if the corresponding fields are present in the installed 
+    METADATA file. (#13134)
+  * Files in the network cache will inherit the read/write permissions 
+    of pip’s cache directory (in addition to the current user retaining 
+    read/write access). This enables a single cache to be shared among 
+    multiple users. (#11012)
+  * Return the size, along with the number, of files cleared on pip 
+    cache purge and pip cache remove (#12176)
+  * Cache python-requires checks while filtering potential installation 
+    candidates. (#13128)
+  * Optimize package collection by avoiding unnecessary URL parsing and 
+    other processing. (#13132)
+  * Reorder the encoding detection when decoding a requirements file, 
+    relying on UTF-8 over the locale encoding by default, matching the 
+    documented behaviour. (#12771)
+  * The pip version self check is disabled on EXTERNALLY-MANAGED 
+    environments. (#11820)
+  * Fix a security bug allowing a specially crafted wheel to execute 
+    code during installation. (#13079)
+  * The inclusion of packaging 24.2 changes how pre-release specifiers 
+    with < and > behave. Including a pre-release version with these 
+    specifiers now implies accepting pre-releases (e.g., <2.0dev can 
+    include 1.0rc1). To avoid implying pre-releases, avoid specifying 
+    them (e.g., use <2.0). The exception is !=, which never implies 
+    pre-releases. (#13163)
+  * The --cert and --client-cert command-line options are now 
+    respected while installing build dependencies. Consequently, the 
+    private _PIP_STANDALONE_CERT environment variable is no longer 
+    used. (#5502)
+  * The --proxy command-line option is now respected while installing 
+    build dependencies. (#6018)
+
+
+-------------------------------------------------------------------
+Wed Oct 30 08:10:12 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 24.3.1:
+  * Allow multiple nested inclusions of the same requirements
+    file again.
+  * Deprecate wheel filenames that are not compliant with PEP
+    440.
+  * Detect recursively referencing requirements files and help
+    users identify the source.
+  * Support for PEP 730 iOS wheels.
+  * Display a better error message when an already installed
+    package has an invalid requirement.
+  * Ignore PIP_TARGET and pip.conf global.target when preparing a
+    build environment.
+  * Restore support for macOS 10.12 and older (via truststore).
+  * Allow installing pip in editable mode in a virtual
+    environment on Windows.
+  * Upgrade certifi to 2024.8.30
+  * Upgrade distlib to 0.3.9
+  * Upgrade truststore to 0.10.0
+  * Upgrade urllib3 to 1.26.20
+
+-------------------------------------------------------------------
+Mon Sep 23 11:21:24 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Adapt disable-ssl-context-in-buildenv.patch to make it compatible
+  with leap
+
 -------------------------------------------------------------------
 Mon Aug 12 16:49:06 UTC 2024 - Dirk Müller <dmueller@suse.com>
 

python-pip.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package python-pip
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -33,7 +33,7 @@
 %define mypython python
 %{?sle15_python_module_pythons}
 Name:           python-pip%{psuffix}
-Version:        24.2
+Version:        25.2
 Release:        0
 Summary:        A Python package management system
 License:        MIT
@@ -42,13 +42,13 @@ URL:            https://pip.pypa.io
 Source:         https://github.com/pypa/pip/archive/%{version}.tar.gz#/pip-%{version}-gh.tar.gz
 # PATCH-FIX-OPENSUSE pip-shipped-requests-cabundle.patch -- adapted patch from python-certifi package
 Patch0:         pip-shipped-requests-cabundle.patch
-# PATCH-FIX-UPSTREAM distutils-reproducible-compile.patch gh#python/cpython#8057 mcepl@suse.com
-# To get reproducible builds, byte_compile() of distutils.util now sorts filenames.
-Patch1:         distutils-reproducible-compile.patch
 # PATCH-FIX-OPENSUSE: deal missing ca-certificates as "ssl not available"
-Patch2:         disable-ssl-context-in-buildenv.patch
-BuildRequires:  %{python_module base >= 3.7}
-BuildRequires:  %{python_module setuptools >= 40.8.0}
+Patch1:         disable-ssl-context-in-buildenv.patch
+# PATCH-FIX-UPSTREAM https://github.com/pypa/pip/pull/13473 Use flit-core to build pip distributions
+# setuptools was unable to handle the new license expression for some reason
+Patch2:         flit-core.patch
+BuildRequires:  %{python_module base >= 3.9}
+BuildRequires:  %{python_module flit-core >= 3.11}
 # The rpm python-wheel build is bootstrap friendly since 0.42
 BuildRequires:  %{python_module wheel}
 BuildRequires:  fdupes
@@ -73,6 +73,7 @@ BuildRequires:  %{python_module installer}
 # Test requirements:
 BuildRequires:  %{python_module pip = %{version}}
 BuildRequires:  %{python_module pretend}
+BuildRequires:  %{python_module pytest-socket}
 BuildRequires:  %{python_module pytest-xdist}
 BuildRequires:  %{python_module pytest}
 BuildRequires:  %{python_module scripttest}