Bump pipenv from 2023.12.1 to 2024.0.0 (#758) · foxglove/ws-protocol@b672b54

Commit

Bump pipenv from 2023.12.1 to 2024.0.0 (#758)
Bumps [pipenv](https://github.com/pypa/pipenv) from 2023.12.1 to
2024.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pipenv/releases">pipenv's
releases</a>.</em></p>
<blockquote>
<h2>Release v2024.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update CONTRIBUTING.md by <a
href="https://github.com/PzaThief"><code>@PzaThief</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6084">pypa/pipenv#6084</a></li>
<li>Check for name attribute in source parameter. by <a
href="https://github.com/jralls"><code>@jralls</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6114">pypa/pipenv#6114</a></li>
<li>Smarter uninstall by <a
href="https://github.com/matteius"><code>@matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6029">pypa/pipenv#6029</a></li>
<li>Use fancy mode for pwsh on *nix (draft) by <a
href="https://github.com/samcarswell"><code>@samcarswell</code></a> in
<a
href="https://redirect.github.com/pypa/pipenv/pull/6108">pypa/pipenv#6108</a></li>
<li>Vendor in Pip 24.0 by <a
href="https://github.com/matteius"><code>@matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6117">pypa/pipenv#6117</a></li>
<li>Update index.md by <a
href="https://github.com/mierzejk"><code>@mierzejk</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6129">pypa/pipenv#6129</a></li>
<li>Spring 2024 vendoring by <a
href="https://github.com/matteius"><code>@matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6118">pypa/pipenv#6118</a></li>
<li>Add nested vcs dependency subdirectory when locking to Pipfile.lock
(Fix <a
href="https://redirect.github.com/pypa/pipenv/issues/6120">#6120</a>) by
<a
href="https://github.com/AlexandreArpin"><code>@AlexandreArpin</code></a>
in <a
href="https://redirect.github.com/pypa/pipenv/pull/6136">pypa/pipenv#6136</a></li>
<li>pipenv upgrade invoke -d by <a
href="https://github.com/matteius"><code>@matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6138">pypa/pipenv#6138</a></li>
<li>Bump plette take 2 by <a
href="https://github.com/oz123"><code>@oz123</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6134">pypa/pipenv#6134</a></li>
<li>Convert off pkg resources by <a
href="https://github.com/matteius"><code>@matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6139">pypa/pipenv#6139</a></li>
<li>Fix the issue(<a
href="https://redirect.github.com/pypa/pipenv/issues/6126">#6126</a>):
add lockfile_path presence in pipenv check command by <a
href="https://github.com/nitintecg"><code>@nitintecg</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6135">pypa/pipenv#6135</a></li>
<li>debugging weird CI failures by <a
href="https://github.com/matteius"><code>@matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6143">pypa/pipenv#6143</a></li>
<li>apply ruff fixes by <a
href="https://github.com/matteius"><code>@matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6145">pypa/pipenv#6145</a></li>
<li>docs update for <code>scripts</code> section and other small changes
by <a href="https://github.com/sss-ng"><code>@sss-ng</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6152">pypa/pipenv#6152</a></li>
<li>Add --from-pipfile subcommand to <code>pipenv requirements</code> by
<a
href="https://github.com/sanspareilsmyn"><code>@sanspareilsmyn</code></a>
in <a
href="https://redirect.github.com/pypa/pipenv/pull/6156">pypa/pipenv#6156</a></li>
<li>Bump jinja2 from 3.1.3 to 3.1.4 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6150">pypa/pipenv#6150</a></li>
<li>Bump requests from 2.31.0 to 2.32.0 by <a
href="https://github.com/dependabot"><code>@dependabot</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6157">pypa/pipenv#6157</a></li>
<li>Fix windows CI for 3.8 and the outdated command that was refactored
to remove pkg_resources. by <a
href="https://github.com/matteius"><code>@matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6146">pypa/pipenv#6146</a></li>
<li>pipenv 2024 install (behavioral refactor) by <a
href="https://github.com/matteius"><code>@matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6098">pypa/pipenv#6098</a></li>
<li>Supply the extra pip args in the resolver. by <a
href="https://github.com/matteius"><code>@matteius</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6006">pypa/pipenv#6006</a></li>
<li>Handle unsupported python versioning on Pipfile by <a
href="https://github.com/sanspareilsmyn"><code>@sanspareilsmyn</code></a>
in <a
href="https://redirect.github.com/pypa/pipenv/pull/6164">pypa/pipenv#6164</a></li>
<li>Remove secho from pipenv.utils.shell by <a
href="https://github.com/aidencullo"><code>@aidencullo</code></a> in <a
href="https://redirect.github.com/pypa/pipenv/pull/6170">pypa/pipenv#6170</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/PzaThief"><code>@PzaThief</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6084">pypa/pipenv#6084</a></li>
<li><a href="https://github.com/jralls"><code>@jralls</code></a> made
their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6114">pypa/pipenv#6114</a></li>
<li><a
href="https://github.com/samcarswell"><code>@samcarswell</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6108">pypa/pipenv#6108</a></li>
<li><a href="https://github.com/mierzejk"><code>@mierzejk</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6129">pypa/pipenv#6129</a></li>
<li><a
href="https://github.com/AlexandreArpin"><code>@AlexandreArpin</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6136">pypa/pipenv#6136</a></li>
<li><a href="https://github.com/nitintecg"><code>@nitintecg</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6135">pypa/pipenv#6135</a></li>
<li><a href="https://github.com/sss-ng"><code>@sss-ng</code></a> made
their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6152">pypa/pipenv#6152</a></li>
<li><a
href="https://github.com/sanspareilsmyn"><code>@sanspareilsmyn</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6156">pypa/pipenv#6156</a></li>
<li><a
href="https://github.com/aidencullo"><code>@aidencullo</code></a> made
their first contribution in <a
href="https://redirect.github.com/pypa/pipenv/pull/6170">pypa/pipenv#6170</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/pipenv/compare/v2023.12.1...v2024.0.0">https://github.com/pypa/pipenv/compare/v2023.12.1...v2024.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pipenv/blob/main/CHANGELOG.md">pipenv's
changelog</a>.</em></p>
<blockquote>
<h1>2024.0.0 (2024-06-06)</h1>
<h1>Pipenv 2024.0.0 (2024-06-06)</h1>
<h2>Features &amp; Improvements</h2>
<ul>
<li>Supply any <code>--extra-pip-args</code> also in the resolver steps.
<code>[#6006](pypa/pipenv#6006)
&lt;https://github.com/pypa/pipenv/issues/6006&gt;</code>_</li>
<li>The <code>uninstall</code> command now does the inverse of
<code>upgrade</code> which means it no longer invokes a full
<code>lock</code> cycle which was problematic for projects with many
dependencies. <code>[#6029](pypa/pipenv#6029)
&lt;https://github.com/pypa/pipenv/issues/6029&gt;</code>_</li>
<li>The <code>pipenv requirements</code> subcommand now supports the
<code>--from-pipfile</code> flag. When this flag is used, the
requirements file will only include the packages explicitly listed in
the Pipfile, excluding any sub-packages.
<code>[#6156](pypa/pipenv#6156)
&lt;https://github.com/pypa/pipenv/issues/6156&gt;</code>_</li>
</ul>
<h2>Behavior Changes</h2>
<ul>
<li><code>pipenv==3000.0.0</code> denotes the first major release of our
semver strategy.
As much requested, the <code>install</code> no longer does a complete
lock operation. Instead <code>install</code> follows the same code path
as pipenv update (which is upgrade + sync).
This is what most new users expect the behavior to be; it is a
behavioral change, a necessary one to make the tool more usable.
Remember that complete lock resolution can be invoked with <code>pipenv
lock</code> just as before.
<code>[#6098](pypa/pipenv#6098)
&lt;https://github.com/pypa/pipenv/issues/6098&gt;</code>_</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Fix a bug that passes pipenv check command if Pipfile.lock not exist
<code>[#6126](pypa/pipenv#6126)
&lt;https://github.com/pypa/pipenv/issues/6126&gt;</code>_</li>
<li>Fix a bug that vcs subdependencies were locked without their
subdirectory fragment if they had one
<code>[#6136](pypa/pipenv#6136)
&lt;https://github.com/pypa/pipenv/issues/6136&gt;</code>_</li>
<li><code>pipenv</code> converts off <code>pkg_resources</code> API
usages. This necessitated also vendoring in:
<ul>
<li>latest <code>pipdeptree==2.18.1</code> which also converted off
<code>pkg_resources</code></li>
<li><code>importlib-metadata==7.1.0</code> to continue supporting python
3.8 and 3.9</li>
<li><code>packaging==24.0</code> since the packaging we were utilizing
in pip's <em>vendor was insufficient for this conversion.
<code>[#6139](pypa/pipenv#6139)
&lt;https://github.com/pypa/pipenv/issues/6139&gt;</code></em></li>
</ul>
</li>
<li>Pipenv only supports absolute python version. If the user specifies
a Python version with inequality signs like &gt;=3.12, <!-- raw HTML
omitted -->`_</li>
</ul>
<h2>Vendored Libraries</h2>
<ul>
<li>Vendor in <code>pip==24.0</code>
<code>[#6117](pypa/pipenv#6117)
&lt;https://github.com/pypa/pipenv/issues/6117&gt;</code>_</li>
<li>Spring 2024 Vendoring includes:
<ul>
<li><code>click-didyoumean==0.3.1</code></li>
<li><code>expect==4.9.0</code></li>
<li><code>pipdeptree==2.16.2</code></li>
<li><code>python-dotenv==1.0.1</code></li>
<li><code>ruamel.yaml==0.18.6</code></li>
<li><code>shellingham==1.5.4</code></li>
<li><code>tomlkit==0.12.4</code>
<code>[#6118](pypa/pipenv#6118)
&lt;https://github.com/pypa/pipenv/issues/6118&gt;</code>_</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pipenv/commit/0618fab5f40a599335f0c363abaaa882bf33dd29"><code>0618fab</code></a>
Prepare actually for 2024.0.0 release after peer feedback.</li>
<li><a
href="https://github.com/pypa/pipenv/commit/fd763515d09ae4d0e19b50477f0ffd8d8506e74d"><code>fd76351</code></a>
Release v2024.0.0</li>
<li><a
href="https://github.com/pypa/pipenv/commit/878d7c45dba0a9ec6a2653a2c55d6cd908868981"><code>878d7c4</code></a>
Bumped version to 2024.0.0.</li>
<li><a
href="https://github.com/pypa/pipenv/commit/a84ecd351d1bd558ffdd4c023bcf79e5f4d4d348"><code>a84ecd3</code></a>
Release v3000.0.0</li>
<li><a
href="https://github.com/pypa/pipenv/commit/0cee88e9633d80f9d9c8b6d1a3174d24010d305f"><code>0cee88e</code></a>
Bumped version to 3000.0.0.</li>
<li><a
href="https://github.com/pypa/pipenv/commit/2c04a632ad08f85cdf8224af782235423fe60d4e"><code>2c04a63</code></a>
Remove secho from pipenv.utils.shell</li>
<li><a
href="https://github.com/pypa/pipenv/commit/6abb08cd9a6702912c25a374338b25469517a931"><code>6abb08c</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pipenv/issues/6164">#6164</a>
from sanspareilsmyn/handle-unspecified-python-version</li>
<li><a
href="https://github.com/pypa/pipenv/commit/66eef03cccc0901e830561ea45e97307adac95fa"><code>66eef03</code></a>
Supply the extra pip args in the resolver. (<a
href="https://redirect.github.com/pypa/pipenv/issues/6006">#6006</a>)</li>
<li><a
href="https://github.com/pypa/pipenv/commit/09799120a0fd201976653ec92d5798f21fadac10"><code>0979912</code></a>
pipenv 3000 install (behavioral refactor) (<a
href="https://redirect.github.com/pypa/pipenv/issues/6098">#6098</a>)</li>
<li><a
href="https://github.com/pypa/pipenv/commit/a1fe8d7c40eb3decb667ecb14f7ef584d7bffe55"><code>a1fe8d7</code></a>
Apply feedbacks</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pipenv/compare/v2023.12.1...v2024.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pipenv&package-manager=pip&previous-version=2023.12.1&new-version=2024.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Loading branch information
dependabot[bot] committed Jun 10, 2024
1 parent c9e40b8 commit b672b54
Pipfile.lock
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
0 comments on commit `b672b54`

Please sign in to comment.
Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `b672b54`

Commit

There are no files selected for viewing

0 comments on commit b672b54

0 comments on commit `b672b54`
