|
9 | 9 |
|
10 | 10 | .. towncrier release notes start
|
11 | 11 |
|
| 12 | +25.0 (2025-01-26) |
| 13 | +================= |
| 14 | + |
| 15 | +Deprecations and Removals |
| 16 | +------------------------- |
| 17 | + |
| 18 | +- Deprecate the ``no-python-version-warning`` flag as it has long done nothing |
| 19 | + since Python 2 support was removed in pip 21.0. (`#13154 <https://github.com/pypa/pip/issues/13154>`_) |
| 20 | + |
| 21 | +Features |
| 22 | +-------- |
| 23 | + |
| 24 | +- Prefer to display :pep:`639` ``License-Expression`` in ``pip show`` if metadata version is at least 2.4. (`#13112 <https://github.com/pypa/pip/issues/13112>`_) |
| 25 | +- Support :pep:`639` ``License-Expression`` and ``License-File`` metadata fields in JSON |
| 26 | + output. ``pip inspect`` and ``pip install --report`` now emit |
| 27 | + ``license_expression`` and ``license_file`` fields in the ``metadata`` object, |
| 28 | + if the corresponding fields are present in the installed ``METADATA`` file. (`#13134 <https://github.com/pypa/pip/issues/13134>`_) |
| 29 | +- Files in the network cache will inherit the read/write permissions of pip's cache |
| 30 | + directory (in addition to the current user retaining read/write access). This |
| 31 | + enables a single cache to be shared among multiple users. (`#11012 <https://github.com/pypa/pip/issues/11012>`_) |
| 32 | +- Return the size, along with the number, of files cleared on ``pip cache purge`` and ``pip cache remove`` (`#12176 <https://github.com/pypa/pip/issues/12176>`_) |
| 33 | +- Cache ``python-requires`` checks while filtering potential installation candidates. (`#13128 <https://github.com/pypa/pip/issues/13128>`_) |
| 34 | +- Optimize package collection by avoiding unnecessary URL parsing and other processing. (`#13132 <https://github.com/pypa/pip/issues/13132>`_) |
| 35 | + |
| 36 | +Bug Fixes |
| 37 | +--------- |
| 38 | + |
| 39 | +- Reorder the encoding detection when decoding a requirements file, relying on |
| 40 | + UTF-8 over the locale encoding by default, matching the documented behaviour. |
| 41 | + (`#12771 <https://github.com/pypa/pip/issues/12771>`_) |
| 42 | +- The pip version self check is disabled on ``EXTERNALLY-MANAGED`` environments. (`#11820 <https://github.com/pypa/pip/issues/11820>`_) |
| 43 | +- Fix a security bug allowing a specially crafted wheel to execute code during |
| 44 | + installation. (`#13079 <https://github.com/pypa/pip/issues/13079>`_) |
| 45 | +- The inclusion of ``packaging`` 24.2 changes how pre-release specifiers with ``<`` and ``>`` |
| 46 | + behave. Including a pre-release version with these specifiers now implies |
| 47 | + accepting pre-releases (e.g., ``<2.0dev`` can include ``1.0rc1``). To avoid |
| 48 | + implying pre-releases, avoid specifying them (e.g., use ``<2.0``). |
| 49 | + The exception is ``!=``, which never implies pre-releases. (`#13163 <https://github.com/pypa/pip/issues/13163>`_) |
| 50 | +- The ``--cert`` and ``--client-cert`` command-line options are now respected while |
| 51 | + installing build dependencies. Consequently, the private ``_PIP_STANDALONE_CERT`` |
| 52 | + environment variable is no longer used. (`#5502 <https://github.com/pypa/pip/issues/5502>`_) |
| 53 | +- The ``--proxy`` command-line option is now respected while installing build dependencies. (`#6018 <https://github.com/pypa/pip/issues/6018>`_) |
| 54 | + |
| 55 | +Vendored Libraries |
| 56 | +------------------ |
| 57 | + |
| 58 | +- Upgrade CacheControl to 0.14.1 |
| 59 | +- Upgrade idna to 3.10 |
| 60 | +- Upgrade msgpack to 1.1.0 |
| 61 | +- Upgrade packaging to 24.2 |
| 62 | +- Upgrade platformdirs to 4.3.6 |
| 63 | +- Upgrade pyproject-hooks to 1.2.0 |
| 64 | +- Upgrade rich to 13.9.4 |
| 65 | +- Upgrade tomli to 2.2.1 |
| 66 | + |
| 67 | +Improved Documentation |
| 68 | +---------------------- |
| 69 | + |
| 70 | +- Removed section about non-existing ``--force-keyring`` flag. (`#12455 <https://github.com/pypa/pip/issues/12455>`_) |
| 71 | + |
| 72 | +Process |
| 73 | +------- |
| 74 | + |
| 75 | +- Started releasing to PyPI from a GitHub Actions CI/CD workflow that implements trusted publishing and bundles :pep:`740` digital attestations. |
| 76 | + |
12 | 77 | 24.3.1 (2024-10-27)
|
13 | 78 | ===================
|
14 | 79 |
|
|
0 commit comments