Accepting request 1271132 from devel:languages:python

OBS-URL: https://build.opensuse.org/request/show/1271132
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-pip?expand=0&rev=70

disable-ssl-context-in-buildenv.patch

@@ -7,7 +7,7 @@ Index: pip-24.2/src/pip/_vendor/requests/adapters.py
          extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH)
      )
 -except ImportError:
-+except (ImportError, FileNotFoundError):
++except (ImportError, FileNotFoundError, ssl.SSLError):
      # Bypass default SSLContext creation when Python
      # interpreter isn't built with the ssl module.
      _preloaded_ssl_context = None
@@ -22,7 +22,7 @@ Index: pip-24.2/src/pip/_internal/cli/index_command.py
 -    ctx.load_verify_locations(certifi.where())
 +    try:
 +        ctx.load_verify_locations(certifi.where())
-+    except FileNotFoundError:
++    except (FileNotFoundError, ssl.SSLError):
 +        logger.warning("Disabling truststore because of missing certificates")
 +        return None
      return ctx

pip-shipped-requests-cabundle.patch

@@ -3,10 +3,10 @@
  tests/unit/test_options.py      |    5 +
  2 files changed, 13 insertions(+), 97 deletions(-)
 
-Index: pip-24.1.1/src/pip/_vendor/certifi/core.py
+Index: pip-24.3.1/src/pip/_vendor/certifi/core.py
 ===================================================================
---- pip-24.1.1.orig/src/pip/_vendor/certifi/core.py
-+++ pip-24.1.1/src/pip/_vendor/certifi/core.py
+--- pip-24.3.1.orig/src/pip/_vendor/certifi/core.py
++++ pip-24.3.1/src/pip/_vendor/certifi/core.py
 @@ -3,112 +3,15 @@ certifi.py
  ~~~~~~~~~~
  
@@ -128,25 +128,25 @@ Index: pip-24.1.1/src/pip/_vendor/certifi/core.py
 -        return read_text("pip._vendor.certifi", "cacert.pem", encoding="ascii")
 +def contents() -> str:
 +    return read_text(encoding="ascii")
-Index: pip-24.1.1/tests/unit/test_options.py
+Index: pip-24.3.1/tests/unit/test_options.py
 ===================================================================
---- pip-24.1.1.orig/tests/unit/test_options.py
-+++ pip-24.1.1/tests/unit/test_options.py
+--- pip-24.3.1.orig/tests/unit/test_options.py
++++ pip-24.3.1/tests/unit/test_options.py
 @@ -1,4 +1,5 @@
  import os
 +import os.path
  from contextlib import contextmanager
  from optparse import Values
  from tempfile import NamedTemporaryFile
-@@ -11,6 +12,7 @@ from pip._internal.cli.main import main
+@@ -10,6 +11,7 @@ import pip._internal.configuration
+ from pip._internal.cli.main import main
  from pip._internal.commands import create_command
  from pip._internal.commands.configuration import ConfigurationCommand
- from pip._internal.exceptions import PipError
 +from pip._vendor.certifi import where
+ from pip._internal.exceptions import PipError
+ 
  from tests.lib.options_helpers import AddFakeCommandMixin
- 
- 
-@@ -617,6 +619,9 @@ class TestOptionsConfigFiles:
+@@ -618,6 +620,9 @@ class TestOptionsConfigFiles:
          else:
              assert expect == cmd._determine_file(options, need_value=False)
  

python-pip.changes

@@ -1,3 +1,80 @@
+-------------------------------------------------------------------
+Thu Apr 17 12:40:51 UTC 2025 - Felix Stegmeier <felix.stegmeier@suse.com>
+
+- update to 25.0.1
+  * Fix an unsupported type annotation on Python 3.10 and earlier. 
+    (#13181)
+  * Fix a regression where truststore would never be used while 
+    installing build dependencies. (#13186)
+  * Deprecate the no-python-version-warning flag as it has long done 
+    nothing since Python 2 support was removed in pip 21.0. (#13154)
+  * Prefer to display PEP 639 License-Expression in pip show if
+    metadata version is at least 2.4. (#13112)
+  * Support PEP 639 License-Expression and License-File metadata 
+    fields in JSON output. pip inspect and pip install --report now 
+    emit license_expression and license_file fields in the metadata 
+    object, if the corresponding fields are present in the installed 
+    METADATA file. (#13134)
+  * Files in the network cache will inherit the read/write permissions 
+    of pip’s cache directory (in addition to the current user retaining 
+    read/write access). This enables a single cache to be shared among 
+    multiple users. (#11012)
+  * Return the size, along with the number, of files cleared on pip 
+    cache purge and pip cache remove (#12176)
+  * Cache python-requires checks while filtering potential installation 
+    candidates. (#13128)
+  * Optimize package collection by avoiding unnecessary URL parsing and 
+    other processing. (#13132)
+  * Reorder the encoding detection when decoding a requirements file, 
+    relying on UTF-8 over the locale encoding by default, matching the 
+    documented behaviour. (#12771)
+  * The pip version self check is disabled on EXTERNALLY-MANAGED 
+    environments. (#11820)
+  * Fix a security bug allowing a specially crafted wheel to execute 
+    code during installation. (#13079)
+  * The inclusion of packaging 24.2 changes how pre-release specifiers 
+    with < and > behave. Including a pre-release version with these 
+    specifiers now implies accepting pre-releases (e.g., <2.0dev can 
+    include 1.0rc1). To avoid implying pre-releases, avoid specifying 
+    them (e.g., use <2.0). The exception is !=, which never implies 
+    pre-releases. (#13163)
+  * The --cert and --client-cert command-line options are now 
+    respected while installing build dependencies. Consequently, the 
+    private _PIP_STANDALONE_CERT environment variable is no longer 
+    used. (#5502)
+  * The --proxy command-line option is now respected while installing 
+    build dependencies. (#6018)
+
+
+-------------------------------------------------------------------
+Wed Oct 30 08:10:12 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 24.3.1:
+  * Allow multiple nested inclusions of the same requirements
+    file again.
+  * Deprecate wheel filenames that are not compliant with PEP
+    440.
+  * Detect recursively referencing requirements files and help
+    users identify the source.
+  * Support for PEP 730 iOS wheels.
+  * Display a better error message when an already installed
+    package has an invalid requirement.
+  * Ignore PIP_TARGET and pip.conf global.target when preparing a
+    build environment.
+  * Restore support for macOS 10.12 and older (via truststore).
+  * Allow installing pip in editable mode in a virtual
+    environment on Windows.
+  * Upgrade certifi to 2024.8.30
+  * Upgrade distlib to 0.3.9
+  * Upgrade truststore to 0.10.0
+  * Upgrade urllib3 to 1.26.20
+
+-------------------------------------------------------------------
+Mon Sep 23 11:21:24 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Adapt disable-ssl-context-in-buildenv.patch to make it compatible
+  with leap
+
 -------------------------------------------------------------------
 Mon Aug 12 16:49:06 UTC 2024 - Dirk Müller <dmueller@suse.com>
 

python-pip.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package python-pip
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -33,7 +33,7 @@
 %define mypython python
 %{?sle15_python_module_pythons}
 Name:           python-pip%{psuffix}
-Version:        24.2
+Version:        25.0.1
 Release:        0
 Summary:        A Python package management system
 License:        MIT