Bump pipenv from 2022.4.8 to 2023.7.23 in /python/helpers #7715
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
dependabot
bot
added
dependencies
python
jeffwidman
requested changes
Aug 3, 2023
jeffwidman
added
the
Ecosystems
This was referenced Aug 3, 2023
1 task
|
Fixing the failing tests may require some combination of: |
dependabot
bot
force-pushed
the
dependabot/pip/python/helpers/pipenv-2023.7.23
branch
2 times, most recently
from
3eca4ba
to
9dbdbc5
Compare
jeffwidman
force-pushed
the
dependabot/pip/python/helpers/pipenv-2023.7.23
branch
from
9dbdbc5
to
8b1c64e
Compare
jeffwidman
force-pushed
the
dependabot/pip/python/helpers/pipenv-2023.7.23
branch
2 times, most recently
from
34bca45
to
de961de
Compare
jeffwidman
added a commit
that referenced
this pull request
Aug 8, 2023
In the versions between what we are currently on in `dependaobt-core` and the latest versions of `pipenv`, they deprecated and then completely removed the `pipenv lock [-d]` command in favor of `pipenv requirements [--dev]` command. Since our current version of `pipenv` supports the `pipenv requirements` command, let's proactively switch to it now. That will make the future upgrade in #7715 easier. More context: * pypa/pipenv#5069 * pypa/pipenv#5091 * pypa/pipenv#5198 * pypa/pipenv#5200
jeffwidman
force-pushed
the
dependabot/pip/python/helpers/pipenv-2023.7.23
branch
from
de961de
to
a86590d
Compare
jeffwidman
added a commit
that referenced
this pull request
Aug 8, 2023
In the versions between what we are currently on in `dependaobt-core` and the latest versions of `pipenv`, they deprecated and then completely removed the `pipenv lock [-d]` command in favor of `pipenv requirements [--dev]` command. Since our current version of `pipenv` supports the `pipenv requirements` command, let's proactively switch to it now. That will make the future upgrade in #7715 easier. More context: * pypa/pipenv#5069 * pypa/pipenv#5091 * pypa/pipenv#5198 * pypa/pipenv#5200
jeffwidman
added a commit
that referenced
this pull request
Aug 8, 2023
In the versions between what we are currently on in `dependaobt-core` and the latest versions of `pipenv`, they deprecated and then completely removed the `pipenv lock [-d]` command in favor of `pipenv requirements [--dev]` command. Since our current version of `pipenv` supports the `pipenv requirements` command, let's proactively switch to it now. That will make the future upgrade in #7715 easier. More context: * pypa/pipenv#5069 * pypa/pipenv#5091 * pypa/pipenv#5198 * pypa/pipenv#5200
jeffwidman
force-pushed
the
dependabot/pip/python/helpers/pipenv-2023.7.23
branch
from
a86590d
to
2c168ae
Compare
jeffwidman
added a commit
that referenced
this pull request
Aug 8, 2023
In the versions between what we are currently on in `dependaobt-core` and the latest versions of `pipenv`, they deprecated and then completely removed the `pipenv lock [-d]` command in favor of `pipenv requirements [--dev]` command. Since our current version of `pipenv` supports the `pipenv requirements` command, let's proactively switch to it now. That will make the future upgrade in #7715 easier. More context: * pypa/pipenv#5069 * pypa/pipenv#5091 * pypa/pipenv#5198 * pypa/pipenv#5200
jeffwidman
force-pushed
the
dependabot/pip/python/helpers/pipenv-2023.7.23
branch
4 times, most recently
from
7267496
to
6db4da1
Compare
jeffwidman
force-pushed
the
dependabot/pip/python/helpers/pipenv-2023.7.23
branch
3 times, most recently
from
4f2af03
to
3f37636
Compare
jeffwidman
force-pushed
the
dependabot/pip/python/helpers/pipenv-2023.7.23
branch
3 times, most recently
from
8564a3c
to
250fa2b
Compare
Bumps [pipenv](https://github.com/pypa/pipenv) from 2022.4.8 to 2023.7.23. - [Release notes](https://github.com/pypa/pipenv/releases) - [Changelog](https://github.com/pypa/pipenv/blob/main/CHANGELOG.rst) - [Commits](pypa/pipenv@v2022.4.8...v2023.7.23) --- updated-dependencies: - dependency-name: pipenv dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Old error format: ``` ERROR:pip.subprocessor:Command errored out with exit status 128:\n command: git clone -q https://github.com/user/django.git ``` New format: ``` ERROR:pip.subprocessor:[present-rich] git clone --filter=blob:none https://github.com/user/django.git /tmp/reqlib-src4k0l3qz3/django_56e3fa519acb44ee941b689a515b62fe exited with 128 ``` Updated the regex accordingly.
The format of this error message changed.
Old message:
```
ERROR:pip.subprocessor:Command errored out with exit status 1:
command: git checkout -q v15.1.2
cwd: /tmp/pipenv-4y8m31vy-src/pythonfinder
Complete output (1 lines):
error: pathspec 'v15.1.2' did not match any file(s) known to git
<full traceback>
```
New message:
```
ERROR:pip.subprocessor:[present-rich] git checkout -q v15.1.2 exited with 1
<full traceback>
```
So updated the regex to match the new format.
Unfortunately the dependency name is nowhere to be found in the error
message or full traceback, so we can no longer provide the user with
that helpful information.
I'm planning to reach out to the `pipenv` maintainers to see if they'd
be open to exposing that information again in this error message.
Upstream `pipenv` renamed their internal patched version of `pip` folder to be called `patch.pip`: * pypa/pipenv#5199 So this updates our code as well.
jeffwidman
force-pushed
the
dependabot/pip/python/helpers/pipenv-2023.7.23
branch
from
250fa2b
to
52d620f
Compare
|
A newer version of pipenv exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged. |
|
|
to open a new PR for the newer version, then will cherry-pick my fixup commits over to that.
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
bot
deleted the
dependabot/pip/python/helpers/pipenv-2023.7.23
branch
brettfo
pushed a commit
to brettfo/dependabot-core
that referenced
this pull request
Oct 11, 2023
…ot#7764) In the versions between what we are currently on in `dependaobt-core` and the latest versions of `pipenv`, they deprecated and then completely removed the `pipenv lock [-d]` command in favor of `pipenv requirements [--dev]` command. Since our current version of `pipenv` supports the `pipenv requirements` command, let's proactively switch to it now. That will make the future upgrade in dependabot#7715 easier. More context: * pypa/pipenv#5069 * pypa/pipenv#5091 * pypa/pipenv#5198 * pypa/pipenv#5200
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps pipenv from 2022.4.8 to 2023.7.23.
Release notes
Sourced from pipenv's releases.
... (truncated)
Changelog
Sourced from pipenv's changelog.
... (truncated)
Commits
836e756Release v2023.7.23839554dadd news fragment662a521Vendor in pythonfinder==2.0.576d40f5add commentsa72e961add news fragmentb3fefa5Restore prior resolver default behavior but maintain direct code path for tes...c37f031add news fragment.492ed44re-run vendoring after removing patch5618166Vendor in pip 23.2301d204Update safety patchDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)