Bump pipenv from 2021.11.09 to 2022.1.8 in the pip group across 1 directory

[dependabot]

Bumps the pip group with 1 update in the / directory: pipenv.

Updates pipenv from 2021.11.09 to 2022.1.8

Release notes

Sourced from pipenv's releases.

Release v2022.1.8

What's Changed

• Add a clickable link to PEP 508 in index.rst by @​belkka in pypa/pipenv#4878
• duplicate parentheses removed by @​ReazNahid in pypa/pipenv#4877
• Fix the index parsing to reject illegal requirements by @​frostming in pypa/pipenv#4899 Fix CVE-2022-21668
• disallow abbreviated forms of full option names by @​milo-minderbinder in pypa/pipenv#4907
• Use a PackageFinder with ignore_compatibility when collecting hashes by @​jfly in pypa/pipenv#4908
• Misc doc updates (mostly around running tests) by @​jfly in pypa/pipenv#4910

New Contributors

• @​belkka made their first contribution in pypa/pipenv#4878
• @​ReazNahid made their first contribution in pypa/pipenv#4877
• @​milo-minderbinder made their first contribution in pypa/pipenv#4907

Full Changelog: pypa/pipenv@v2021.11.23...v2022.1.8

Release v2021.11.23

No release notes provided.

Release v2021.11.15

No release notes provided.

Changelog

Sourced from pipenv's changelog.

2022.1.8 (2022-01-08)

Bug Fixes

• Remove the extra parentheses around the venv prompt. #4877
• Fix a bug of installation fails when extra index url is given. #4881
• Fix regression where lockfiles would only include the hashes for releases for the platform generating the lockfile #4885
• Fix the index parsing to reject illegal requirements.txt. #4899

2021.11.23 (2021-11-23)

Bug Fixes

• Update charset-normalizer from 2.0.3 to 2.0.7, this fixes an import error on Python 3.6. #4865
• Fix a bug of deleting a virtualenv that is not managed by Pipenv. #4867
• Fix a bug that source is not added to Pipfile when index url is given with pipenv install. #4873

2021.11.15 (2021-11-15)

Bug Fixes

• Return an empty dict when PIPENV_DONT_LOAD_ENV is set. #4851
• Don't use sys.executable when inside an activated venv. #4852

Vendored Libraries

• Drop the vendored jinja2 dependency as it is not needed any more. #4858
• Update click from 8.0.1 to 8.0.3, to fix a problem with bash completion. #4860
• Drop unused vendor chardet. #4862

Improved Documentation

• Fix the documentation to reflect the fact that special characters must be percent-encoded in the URL. #4856

2021.11.9 (2021-11-09)

Features & Improvements

• Replace click-completion with click's own completion implementation. #4786

Bug Fixes

• Fix a bug that pipenv run doesn't set environment variables correctly. #4831
• Fix a bug that certifi can't be loaded within notpip's vendor library. This makes several objects of pip fail to be imported. #4833
• Fix a bug that 3.10.0 can be found be python finder. #4837

Vendored Libraries

• Update pythonfinder from 1.2.8 to 1.2.9. #4837

... (truncated)

Commits

• d378b9f Release v2022.1.8
• 439782a Merge pull request from GHSA-qc9x-gjcv-465w
• 1679098 fix TLS validation for requirements.txt
• 9cb42e1 Merge pull request #4910 from jfly/update-run-tests-instructions
• 08a7fcf Oops, set the CI environment variable even earlier.
• f42fcaa Misc doc updates (mostly around running tests)
• c8f34dd Merge pull request #4908 from jfly/issue-4885-custom-indices-lacking-hashes
• 34652df Use a PackageFinder with ignore_compatibility when collecting hashes
• b0ebaf0 Merge pull request #4907 from milo-minderbinder/bugfix/requirements-file-options
• d535301 disallow abbreviated forms of full option names
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.