Skip to content

Bump pip from 24.3.1 to 25.1 in /.github/workflows #159

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Closed

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 28, 2025

Bumps pip from 24.3.1 to 25.1.

Changelog

Sourced from pip's changelog.

25.1 (2025-04-26)

Deprecations and Removals

  • Drop support for Python 3.8. ([#12989](https://github.com/pypa/pip/issues/12989) <https://github.com/pypa/pip/issues/12989>_)
  • On python 3.14+, the pkg_resources metadata backend cannot be used anymore. ([#13010](https://github.com/pypa/pip/issues/13010) <https://github.com/pypa/pip/issues/13010>_)
  • Hide --no-python-version-warning from CLI help and documentation as it's useless since Python 2 support was removed. Despite being formerly slated for removal, the flag will remain as a no-op to avoid breakage. ([#13303](https://github.com/pypa/pip/issues/13303) <https://github.com/pypa/pip/issues/13303>_)
  • A warning is emitted when the deprecated pkg_resources library is used to inspect and discover installed packages. This warning should only be visible to users who set an undocumented environment variable to disable the default importlib.metadata backend. ([#13318](https://github.com/pypa/pip/issues/13318) <https://github.com/pypa/pip/issues/13318>_)
  • Deprecate the legacy setup.py bdist_wheel mechanism. To silence the warning, and future-proof their setup, users should enable --use-pep517 or add a pyproject.toml file to the projects they control. ([#13319](https://github.com/pypa/pip/issues/13319) <https://github.com/pypa/pip/issues/13319>_)

Features

  • Suggest checking "pip config debug" in case of an InvalidProxyURL error. ([#12649](https://github.com/pypa/pip/issues/12649) <https://github.com/pypa/pip/issues/12649>_)

  • Using --debug also enables verbose logging. ([#12710](https://github.com/pypa/pip/issues/12710) <https://github.com/pypa/pip/issues/12710>_)

  • Display a transient progress bar during package installation. ([#12712](https://github.com/pypa/pip/issues/12712) <https://github.com/pypa/pip/issues/12712>_)

  • Minor performance improvement when installing packages with a large number of dependencies by increasing the requirement string cache size. ([#12873](https://github.com/pypa/pip/issues/12873) <https://github.com/pypa/pip/issues/12873>_)

  • Add a --group option which allows installation from :pep:735 Dependency Groups. --group accepts arguments of the form group or path:group, where the default path is pyproject.toml, and installs the named Dependency Group from the provided pyproject.toml file. ([#12963](https://github.com/pypa/pip/issues/12963) <https://github.com/pypa/pip/issues/12963>_)

  • Add support to enable resuming incomplete downloads.

    Control the number of retry attempts using the --resume-retries flag. ([#12991](https://github.com/pypa/pip/issues/12991) <https://github.com/pypa/pip/issues/12991>_)

  • Use :pep:753 "Well-known Project URLs in Metadata" normalization rules when identifying an equivalent project URL to replace a missing Home-Page field in pip show. ([#13135](https://github.com/pypa/pip/issues/13135) <https://github.com/pypa/pip/issues/13135>_)

  • Remove experimental warning from pip index versions command. ([#13188](https://github.com/pypa/pip/issues/13188) <https://github.com/pypa/pip/issues/13188>_)

  • Add a structured --json output to pip index versions ([#13194](https://github.com/pypa/pip/issues/13194) <https://github.com/pypa/pip/issues/13194>_)

  • Add a new, experimental, pip lock command, implementing :pep:751. ([#13213](https://github.com/pypa/pip/issues/13213) <https://github.com/pypa/pip/issues/13213>_)

  • Speed up resolution by first only considering the preference of candidates that must be required to complete the resolution. ([#13253](https://github.com/pypa/pip/issues/13253) <https://github.com/pypa/pip/issues/13253>_)

  • Improved heuristics for determining the order of dependency resolution. ([#13273](https://github.com/pypa/pip/issues/13273) <https://github.com/pypa/pip/issues/13273>_)

  • Provide hint, documentation, and link to the documentation when resolution too deep error occurs. ([#13282](https://github.com/pypa/pip/issues/13282) <https://github.com/pypa/pip/issues/13282>_)

  • Include traceback on failure to import setuptools when setup.py is being invoked directly. ([#13290](https://github.com/pypa/pip/issues/13290) <https://github.com/pypa/pip/issues/13290>_)

  • Support for :pep:738 Android wheels. ([#13299](https://github.com/pypa/pip/issues/13299) <https://github.com/pypa/pip/issues/13299>_)

  • Display wheel build tag in pip list columns output if set. ([#5210](https://github.com/pypa/pip/issues/5210) <https://github.com/pypa/pip/issues/5210>_)

  • Build environment dependencies are no longer compiled to bytecode during

... (truncated)

Commits
  • daa7e54 Bump for release
  • 06c3182 Update AUTHORS.txt
  • b88324f Add a news file for the pip lock command
  • 38253a6 Merge pull request #13319 from sbidoul
  • 2791a8b Merge pull request #13344 from pypa/dependabot/pip/build-project/setuptools-7...
  • 24f4600 Remove LRU cache from methods [ruff rule cached-instance-method] (#13306)
  • d852ebd Merge pull request #12308
  • d35c08d Clarify what the removal of the pkg_ressources backend implies
  • e879422 Rename find_linked to find_legacy_editables
  • 4a76560 Fix uninstallation of zipped eggs
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [pip](https://github.com/pypa/pip) from 24.3.1 to 25.1.
- [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst)
- [Commits](pypa/pip@24.3.1...25.1)

---
updated-dependencies:
- dependency-name: pip
  dependency-version: '25.1'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 28, 2025
Copy link
Contributor Author

dependabot bot commented on behalf of github May 5, 2025

Superseded by #162.

@dependabot dependabot bot closed this May 5, 2025
@dependabot dependabot bot deleted the dependabot/pip/dot-github/workflows/pip-25.1 branch May 5, 2025 23:29
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants