- update to 24.3.1:
  * Allow multiple nested inclusions of the same requirements
    file again.
  * Deprecate wheel filenames that are not compliant with PEP
    440.
  * Detect recursively referencing requirements files and help
    users identify the source.
  * Support for PEP 730 iOS wheels.
  * Display a better error message when an already installed
    package has an invalid requirement.
  * Ignore PIP_TARGET and pip.conf global.target when preparing a
    build environment.
  * Restore support for macOS 10.12 and older (via truststore).
  * Allow installing pip in editable mode in a virtual
    environment on Windows.
  * Upgrade certifi to 2024.8.30
  * Upgrade distlib to 0.3.9
  * Upgrade truststore to 0.10.0
  * Upgrade urllib3 to 1.26.20

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- update to 24.2:
  * Deprecate pip install --editable falling back to setup.py
    develop when using a setuptools version that does not support
    PEP 660 (setuptools v63 and older).
  * Check unsupported packages for the current platform. (#11054)
  * Check unsupported packages for the current platform.
  * Use system certificates and certifi certificates to verify
    HTTPS connections on Python 3.10+. Python 3.9 and earlier
    only use certifi. To revert to previous behaviour, pass the
    flag --use-deprecated=legacy-certs. (#11647)
  * Use system certificates and certifi certificates to verify
    HTTPS connections on Python 3.10+. Python 3.9 and earlier
    only use certifi.
  * To revert to previous behaviour, pass the flag --use-
    deprecated=legacy-certs.
  * Improve discovery performance of installed packages when the
    importlib.metadata backend is used to load distribution
    metadata (used by default under Python 3.11+). (#12656)
  * Improve discovery performance of installed packages when the
    importlib.metadata backend is used to load distribution
    metadata (used by default under Python 3.11+).
  * Improve performance when the same requirement string appears
    many times during resolution, by consistently caching the
    parsed requirement string. (#12663)
  * Improve performance when the same requirement string appears
    many times during resolution, by consistently caching the
    parsed requirement string.
  * Minor performance improvement of finding applicable package
    candidates by not repeatedly calculating their versions
    (#12664)

• Files Changed
• Browse Source

- update to 24.0:
  * Retry on HTTP status code 502
  * Automatically use the setuptools PEP 517 build backend when
    --config-settings is used for projects without
    pyproject.toml.
  * Make pip freeze and pip uninstall of legacy editable installs
    of packages whose name contains _ compatible with
    setuptools>=69.0.3.
  * Support per requirement --config-settings for editable
    installs.
  * Optimized usage of --find-links=<path-to-dir>, by only
    scanning the relevant directory once, only considering file
    names that are valid wheel or sdist names, and only
    considering files in the directory that are related to the
    install.
  * Removed wheel from the [build-system].requires list fallback
    that is used when pyproject.toml is absent.
  * Upgrade distlib to 0.3.8
  * Fix explanation of how PIP_CONFIG_FILE works
  * Fix outdated pip install argument description in
    documentation.
  * Replace some links to PEPs with links to the canonical
    specifications on the :doc:`pypug:index`
  * Updated the pyproject.toml document to stop suggesting to
    depend on wheel as a build dependency directly.
  * Update supported interpreters in development docs
  * Most project metadata is now defined statically via pip's
    pyproject.toml file.

• Files Changed
• Browse Source

- Fix shebang path for "pip3.XX" binaries

• Files Changed
• Browse Source

Forwarded request #1134667 from bnavigator

- Drop deprecated setup.py installmethod, bootstrap PEP517 with
    built-in pip instead
  - python3XX-pip-wheel can now be a regular subpackage
  - Drop obsolete python2 directives in specfile

• Files Changed
• Browse Source

- update to 23.3.2:
  * Fix a bug in extras handling for link requirements (`#12372
  * Fix mercurial revision "parse error": use ``--rev={ref}``
    instead of ``-r={ref}`` (`#12373

- Finally drop csv23, it has been removed upstream since 2021.
    ``setup.py``.
- Use libalternatives instead of update-alternatives.
    * Document that certain removals can be fast tracked.
  * use %python_clone and %python_install_alternative for sip and
  * Make the setup.py install deprecation warning less
    noisy. We warn only when setup.py install succeeded and
    setup.py bdist_wheel failed, as situations where both
    fails are most probably irrelevant to this deprecation.
- 20.2.2
  * Only attempt to use the keyring once and if it fails, don’t try
    again. This prevents spamming users with several keyring unlock
  * Fix regression that distributions in system site-packages are
    not correctly found when a virtual environment is configured
  * Disable caching for range requests, which causes corrupted
    wheels when pip tries to obtain metadata using the feature
  * Always use UTF-8 to read pyvenv.cfg to match the built-in venv.
  * 2020 Resolver: Correctly handle marker evaluation in
    constraints and exclude them if their markers do not match the
  * Correctly find already-installed distributions with dot (.) in
  * Trace a better error message on installation failure due to
  * Fix SVN version detection for alternative SVN distributions.
  * New resolver: Correctly include the base package when specified
  * Use UTF-8 to handle ZIP archive entries on Python 2 according
    to PEP 427, so non-ASCII paths can be resolved as expected.

• Files Changed
• Browse Source

- Update to 23.3.1:
  - Bug Fixes
    - Handle a timezone indicator of Z when parsing dates in the
      self check. (#12338)
    - Fix bug where installing the same package at the same time
      with multiple pip processes could fail. (#12361)
- Update to 23.3:
  - Process
    - Added reference to vulnerability reporting guidelines to
      pip's security policy.
  - Features
    - Improve extras resolution for multiple constraints on same
      base package. (#11924)
    - Improve use of datastructures to make candidate selection
      1.6x faster. (#12204)
    - Allow pip install --dry-run to use platform and ABI
      overriding options. (#12215)
    - Add is_yanked boolean entry to the installation report
      (--report) to indicate whether the requirement was yanked
      from the index, but was still selected by pip conform to
      PEP 592. (#12224)
  - Bug Fixes
    - Ignore errors in temporary directory cleanup (show a
      warning instead). (#11394)
    - Normalize extras according to PEP 685 from package metadata
      in the resolver for comparison. This ensures extras are
      correctly compared and merged as long as the package
      providing the extra(s) is built with values normalized
      according to the standard. Note, however, that this
      does not solve cases where the package itself contains
      unnormalized extra values in the metadata. (#11649)
    - Prevent downloading sdists twice when PEP 658 metadata is
      present. (#11847)
    - Include all requested extras in the install report
      (--report). (#11924)
    - Removed uses of datetime.datetime.utcnow from non-vendored
      code. (#12005)
    - Consistently report whether a dependency comes from an
      extra. (#12095)
    - Fix completion script for zsh (#12166)
    - Fix improper handling of the new onexc argument of
      shutil.rmtree() in Python 3.12. (#12187)
    - Filter out yanked links from the available versions
      error message: "(from versions: 1.0, 2.0, 3.0)" will
      not contain yanked versions conform PEP 592. The yanked
      versions (if any) will be mentioned in a separate error
      message. (#12225)
    - Fix crash when the git version number contains something
      else than digits and dots. (#12280)
    - Use -r=... instead of -r ... to specify references with
      Mercurial. (#12306, CVE-2023-5752, bsc#1217353)
    - Redact password from URLs in some additional
      places. (#12350)
    - pip uses less memory when caching large packages. As a
      result, there is a new on-disk cache format stored in a new
      directory ($PIP_CACHE_DIR/http-v2). (#2984)
  - Vendored Libraries
    - Upgrade certifi to 2023.7.22
    - Add truststore 0.8.0
    - Upgrade urllib3 to 1.26.17
  - Improved Documentation
    - Document that pip search support has been removed from PyPI
      (#12059)
    - Clarify --prefer-binary in CLI and docs (#12122)
    - Document that using OS-provided Python can cause pip's test
      suite to report false failures. (#12334)
- Adjust pip-shipped-requests-cabundle.patch.

• Files Changed
• Browse Source

- Finally drop csv23, it has been removed upstream since 2021. 
- Shift around sle15_python_module_pythons.

- Upgrade to 23.2.1
  * Bug fixes
    - Disable PEP 658 metadata fetching with the legacy resolver.
- Upgrade to 23.2
  * Process
    - Deprecate support for eggs for Python 3.11 or later, when the
      new importlib.metadata backend is used to load distribution
      metadata. This only affects the egg distribution format (with
      the .egg extension); distributions using the .egg-info metadata
      format (but are not actually eggs) are not affected. For more
      information about eggs, see relevant section in the setuptools
      documentation.
  * Deprecations and Removals
    - Deprecate legacy version and version specifiers that don’t
      conform to PEP 440
    - freeze no longer excludes the setuptools, distribute, and wheel
      from the output when running on Python 3.12 or later, where they
      are not included in a virtual environment by default. Use
      --exclude if you wish to exclude any of these packages.
  * Features
    - make rejection messages slightly different between 1 and 8, so
      the user can make the difference.
  * Bug Fixes
    - Fix pip completion --zsh.
    - Prevent downloading files twice when PEP 658 metadata is present
    - Add permission check before configuration
    - Fix deprecation warnings in Python 3.12 for usage of

• Files Changed
• Browse Source

- Remove .exe files from package (bsc#1212015)

• Files Changed
• Browse Source

- Update to 23.1.2
  - Upgrade setuptools to 67.7.2
- 23.1.1:
  - Revert #11487, as it causes issues with virtualenvs created by the
    Windows Store distribution of Python. (#11987)
  - Revert pkg_resources (via setuptools) back to 65.6.3
  - Update documentation to reflect the new behavior of using the
    cache of locally built wheels in hash-checking mode. (#11967)

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Update to 22.3.1: (bsc#1205478)
  * Deprecations and Removals
    + Deprecate installation with setup.py install when no-binary is enabled
      for source distributions without pyproject.toml. (#11452)
    + Deprecate installation with setup.py install when the wheel package is
      absent for source distributions without pyproject.toml. (#8559)
    + Drop --use-deprecated=out-of-tree-build. (#11001)
  * Features
    + Use the data-dist-info-metadata attribute from PEP 658 to resolve
      distribution metadata without downloading the dist yet. (#11111)
    + Add --dry-run option to pip install, to let it print what it would
     install but not actually make changes in the target environment. (#11096)
    + Add pip inspect command to obtain the list of installed distributions
     and other information about the Python environment, in JSON. (#11245)
    + Add option to install and uninstall commands to opt-out from
      running-as-root warning. (#10556)
    + Add a user interface for supplying config settings to build backends.
      (#11059)
    + Explains why specified version cannot be retrieved when Requires-Python
      is not satisfied. (#9615)
    + Validate build dependencies when using --no-build-isolation. (#9794)
  * Bug Fixes
    + Fix entry point generation of pip.X, pipX.Y, and easy_install-X.Y to
      correctly account for multi-digit Python version segments. (#11547)
    + Fix --no-index when --index-url or --extra-index-url is specified
      inside a requirements file. (#11276)
    + Ignore distributions with invalid Name in metadata instead of crashing,
      when using the importlib.metadata backend. (#11352)
    + Raise RequirementsFileParseError when parsing malformed requirements
      options that can’t be sucessfully parsed by shlex. (#11491)

• Files Changed
• Browse Source

- skip subversion tests, not that relevant to pull in
  dozens of dependencies into small bootstrap

- Add distutils-reproducible-compile.patch to make installed
  files ordered correctly and thus builds reproducible again
  (port of the fix for bpo#29708 and gh#python/cpython#8057).

• Files Changed
• Browse Source

• Files Changed
• Browse Source

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Fix the condition to really not break Python 2.7 in Leap

- We don't need to break Python 2.7

- Add remove_mock.patch to remove dependency on the external mock
  package (gh#pypa/pip#9266).

• Files Changed
• Browse Source

- Actually, test the new structure of package. :$
- Remove the additional sourced setuptools*.whl and use BR on
  python-setuptools-wheel.

- Add wheel subpackage with the generated wheel for this package
  (bsc#1176262, CVE-2019-20916).
- Make wheel a separate build run to avoid the setuptools/wheel build
  cycle.

• Files Changed
• Browse Source

• Files Changed
• Browse Source