[pip] Bump the non-major-dependencies group with 1 update

[dependabot]

Bumps the non-major-dependencies group with 1 update: pipenv.

Updates pipenv from 2023.2.18 to 2023.12.0

Release notes

Sourced from pipenv's releases.

Release v2023.12.0

What's Changed

• NOTE: this is our second semver release with a plan to release major version 3000 later this winter/Spring.
• Convert from pydantic to vanilla dataclasses (includes pythonfinder 2.1.0) by @​matteius in pypa/pipenv#6065
• Remove forcing CI code path to use nt shell code path by @​matteius in pypa/pipenv#6072
• Only editable entry should trigger editable installs by @​matteius in pypa/pipenv#6069

Full Changelog: pypa/pipenv@v2023.11.17...v2023.12.0

Release v2023.11.17

What's Changed

• Vendor latest tomlkit by @​deivid-rodriguez in pypa/pipenv#6024
• Chore: Resolve CI deprecation warnings by @​stumpylog in pypa/pipenv#6025
• Fix the issue(#6022): Add additional installation method in README by @​y-vectorfield in pypa/pipenv#6023
• Make project.get_default_index() populate a default name by @​deivid-rodriguez in pypa/pipenv#6021
• Drop markupsafe - way too late for that by @​oz123 in pypa/pipenv#6033
• Fix for the safety test failure in the CI by @​matteius in pypa/pipenv#6038
• Add markers to Pipfile when parsing requirements.txt by @​geonik-code in pypa/pipenv#6008
• Fixed a bug with locking packages with non canonical names by @​mangin in pypa/pipenv#6057
• Bump jinja2 from 3.1.2 to 3.1.3 by @​dependabot in pypa/pipenv#6059
• Vendor bump pipdeptree by @​oz123 in pypa/pipenv#6055
• updated readme by @​Suprithvarma1 in pypa/pipenv#6049
• Update release script to enforce semver going forward in 2024 by @​matteius in pypa/pipenv#6052
• Vendoring in pip-23.3.2 by @​matteius in pypa/pipenv#6064

New Contributors

• @​deivid-rodriguez made their first contribution in pypa/pipenv#6024
• @​stumpylog made their first contribution in pypa/pipenv#6025
• @​geonik-code made their first contribution in pypa/pipenv#6008
• @​mangin made their first contribution in pypa/pipenv#6057
• @​Suprithvarma1 made their first contribution in pypa/pipenv#6049

Full Changelog: pypa/pipenv@v2023.11.15...v2023.11.17

Release v2023.11.15

What's Changed

• Treat all return paths of this method as strings by @​matteius in pypa/pipenv#6017

Full Changelog: pypa/pipenv@v2023.11.14...v2023.11.15

Release v2023.11.14

What's Changed

• Restore this code that should prevent the string has no attribute update bug. by @​matteius in pypa/pipenv#6007
• Pass through pipfile index urls when creating https session so that keyring fully works by @​mungojam in pypa/pipenv#5994
• Fix issue-6011 direct file url path by @​matteius in pypa/pipenv#6012
• Ignore existing venv dir when PIPENV_VENV_IN_PROJECT is false by @​arnaud-dezandee in pypa/pipenv#6009
• Assume that vcs and direct URL installs need to be reinstalled by @​matteius in pypa/pipenv#5936

... (truncated)

Changelog

Sourced from pipenv's changelog.

2023.12.0 (2024-02-01)

Pipenv 2023.12.0 (2024-02-01)

Bug Fixes

• Removal of pydantic from pythonfinder and pipenv; reduced complexity of pythonfinder pathlib usage (avoid posix conversions). [#6065](https://github.com/pypa/pipenv/issues/6065) <https://github.com/pypa/pipenv/issues/6065>_
• Adjusted logic which assumed any file, path or VCS install should be considered editable. Instead relies on the user specified editable flag to mark requirement as editable install. [#6069](https://github.com/pypa/pipenv/issues/6069) <https://github.com/pypa/pipenv/issues/6069>_
• Remove logic that treats CI variable to use do_run_nt shell logic, as the original reasons for that patch were no longer valid. [#6072](https://github.com/pypa/pipenv/issues/6072) <https://github.com/pypa/pipenv/issues/6072>_ 2023.11.17 (2024-01-21) ======================= Pipenv 2023.11.17 (2024-01-21) ==============================

Bug Fixes

• Add markers to Pipfile when parsing requirements.txt [#6008](https://github.com/pypa/pipenv/issues/6008) <https://github.com/pypa/pipenv/issues/6008>_
• Fix KeyError when using a source without a name in Pipfile [#6021](https://github.com/pypa/pipenv/issues/6021) <https://github.com/pypa/pipenv/issues/6021>_
• Fix a bug with locking projects that contains packages with non canonical names from private indexes [#6056](https://github.com/pypa/pipenv/issues/6056) <https://github.com/pypa/pipenv/issues/6056>_

Vendored Libraries

• Update vendored tomlkit to 0.12.3 [#6024](https://github.com/pypa/pipenv/issues/6024) <https://github.com/pypa/pipenv/issues/6024>_
• Bump version of pipdeptree to 0.13.2 [#6055](https://github.com/pypa/pipenv/issues/6055) <https://github.com/pypa/pipenv/issues/6055>_ 2023.11.15 (2023-11-15) ======================= Pipenv 2023.11.15 (2023-11-15) ==============================

Bug Fixes

• Fix regression with path installs on most recent release 2023.11.14 [#6017](https://github.com/pypa/pipenv/issues/6017) <https://github.com/pypa/pipenv/issues/6017>_

2023.11.14 (2023-11-14)

Pipenv 2023.11.14 (2023-11-14)

Behavior Changes

... (truncated)

Commits

• d4483dd Release v2023.12.0
• e26edd5 Bumped version to 2023.12.0.
• 23dbe27 Only editable entry should trigger editable installs (#6069)
• 15149f0 Remove forcing CI code path to use nt shell code path (#6072)
• 95df3fd Convert from pydantic to vanilla dataclasses (includes pythonfinder 2.1.0) (#...
• 2bd7eab Fix release CI step for next release
• 7a640f2 Release v2023.11.17
• d202fac Bumped version to 2023.11.17.
• 542554e upgrade sphinx due to release script bug
• 624ec01 Vendoring in pip-23.3.2 (#6064)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[changeset-bot]

⚠️ No Changeset found

Latest commit: eb61262

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR