Bump for release

2023-10-15 10:23:02 +02:00 · 2023-10-15 10:23:02 +02:00 · e3dc91dad9
parent 3e85558b10
commit e3dc91dad9
41 changed files with 58 additions and 39 deletions
--- a/NEWS.rst
+++ b/NEWS.rst
@ -9,6 +9,63 @@

 .. towncrier release notes start

+23.3 (2023-10-15)
+=================
+
+Process
+-------
+
+- Added reference to `vulnerability reporting guidelines <https://www.python.org/dev/security/>`_ to pip's security policy.
+
+Deprecations and Removals
+-------------------------
+
+- Drop a fallback to using SecureTransport on macOS. It was useful when pip detected OpenSSL older than 1.0.1, but the current pip does not support any Python version supporting such old OpenSSL versions. (`#12175 <https://github.com/pypa/pip/issues/12175>`_)
+
+Features
+--------
+
+- Improve extras resolution for multiple constraints on same base package. (`#11924 <https://github.com/pypa/pip/issues/11924>`_)
+- Improve use of datastructures to make candidate selection 1.6x faster (`#12204 <https://github.com/pypa/pip/issues/12204>`_)
+- Allow ``pip install --dry-run`` to use platform and ABI overriding options similar to ``--target``. (`#12215 <https://github.com/pypa/pip/issues/12215>`_)
+- Add ``is_yanked`` boolean entry to the installation report (``--report``) to indicate whether the requirement was yanked from the index, but was still selected by pip conform to PEP 592. (`#12224 <https://github.com/pypa/pip/issues/12224>`_)
+
+Bug Fixes
+---------
+
+- Ignore errors in temporary directory cleanup (show a warning instead). (`#11394 <https://github.com/pypa/pip/issues/11394>`_)
+- Normalize extras according to :pep:`685` from package metadata in the resolver
+  for comparison. This ensures extras are correctly compared and merged as long
+  as the package providing the extra(s) is built with values normalized according
+  to the standard. Note, however, that this *does not* solve cases where the
+  package itself contains unnormalized extra values in the metadata. (`#11649 <https://github.com/pypa/pip/issues/11649>`_)
+- Prevent downloading sdists twice when PEP 658 metadata is present. (`#11847 <https://github.com/pypa/pip/issues/11847>`_)
+- Include all requested extras in the install report (``--report``). (`#11924 <https://github.com/pypa/pip/issues/11924>`_)
+- Removed uses of ``datetime.datetime.utcnow`` from non-vendored code. (`#12005 <https://github.com/pypa/pip/issues/12005>`_)
+- Consistently report whether a dependency comes from an extra. (`#12095 <https://github.com/pypa/pip/issues/12095>`_)
+- Fix completion script for zsh (`#12166 <https://github.com/pypa/pip/issues/12166>`_)
+- Fix improper handling of the new onexc argument of ``shutil.rmtree()`` in Python 3.12. (`#12187 <https://github.com/pypa/pip/issues/12187>`_)
+- Filter out yanked links from the available versions error message: "(from versions: 1.0, 2.0, 3.0)" will not contain yanked versions conform PEP 592. The yanked versions (if any) will be mentioned in a separate error message. (`#12225 <https://github.com/pypa/pip/issues/12225>`_)
+- Fix crash when the git version number contains something else than digits and dots. (`#12280 <https://github.com/pypa/pip/issues/12280>`_)
+- Use ``-r=...`` instead of ``-r ...`` to specify references with Mercurial. (`#12306 <https://github.com/pypa/pip/issues/12306>`_)
+- Redact password from URLs in some additional places. (`#12350 <https://github.com/pypa/pip/issues/12350>`_)
+- pip uses less memory when caching large packages. As a result, there is a new on-disk cache format stored in a new directory ($PIP_CACHE_DIR/http-v2). (`#2984 <https://github.com/pypa/pip/issues/2984>`_)
+
+Vendored Libraries
+------------------
+
+- Upgrade certifi to 2023.7.22
+- Add truststore 0.8.0
+- Upgrade urllib3 to 1.26.17
+
+Improved Documentation
+----------------------
+
+- Document that ``pip search`` support has been removed from PyPI (`#12059 <https://github.com/pypa/pip/issues/12059>`_)
+- Clarify --prefer-binary in CLI and docs (`#12122 <https://github.com/pypa/pip/issues/12122>`_)
+- Document that using OS-provided Python can cause pip's test suite to report false failures. (`#12334 <https://github.com/pypa/pip/issues/12334>`_)
+
+
 23.2.1 (2023-07-22)
 ===================

--- a/news/11394.bugfix.rst
+++ b/news/11394.bugfix.rst
@ -1 +0,0 @@
-Ignore errors in temporary directory cleanup (show a warning instead).
--- a/news/11649.bugfix.rst
+++ b/news/11649.bugfix.rst
@ -1,5 +0,0 @@
-Normalize extras according to :pep:`685` from package metadata in the resolver
-for comparison. This ensures extras are correctly compared and merged as long
-as the package providing the extra(s) is built with values normalized according
-to the standard. Note, however, that this *does not* solve cases where the
-package itself contains unnormalized extra values in the metadata.
--- a/news/11847.bugfix.rst
+++ b/news/11847.bugfix.rst
@ -1 +0,0 @@
-Prevent downloading sdists twice when PEP 658 metadata is present.
--- a/news/11924.bugfix.rst
+++ b/news/11924.bugfix.rst
@ -1 +0,0 @@
-Include all requested extras in the install report (``--report``).
--- a/news/11924.feature.rst
+++ b/news/11924.feature.rst
@ -1 +0,0 @@
-Improve extras resolution for multiple constraints on same base package.
--- a/news/12005.bugfix.rst
+++ b/news/12005.bugfix.rst
@ -1 +0,0 @@
-Removed uses of ``datetime.datetime.utcnow`` from non-vendored code.
--- a/news/12059.doc.rst
+++ b/news/12059.doc.rst
@ -1 +0,0 @@
-Document that ``pip search`` support has been removed from PyPI
--- a/news/12095.bugfix.rst
+++ b/news/12095.bugfix.rst
@ -1 +0,0 @@
-Consistently report whether a dependency comes from an extra.
--- a/news/12122.doc.rst
+++ b/news/12122.doc.rst
@ -1 +0,0 @@
-Clarify --prefer-binary in CLI and docs
--- a/news/12155.trivial.rst
+++ b/news/12155.trivial.rst
@ -1,6 +0,0 @@
-The metadata-fetching log message is moved to the VERBOSE level and now hidden
-by default. The more significant information in this message to most users are
-already available in surrounding logs (the package name and version of the
-metadata being fetched), while the URL to the exact metadata file is generally
-too long and clutters the output. The message can be brought back with
-``--verbose``.
--- a/news/12166.bugfix.rst
+++ b/news/12166.bugfix.rst
@ -1 +0,0 @@
-Fix completion script for zsh
--- a/news/12175.removal.rst
+++ b/news/12175.removal.rst
@ -1 +0,0 @@
-Drop a fallback to using SecureTransport on macOS. It was useful when pip detected OpenSSL older than 1.0.1, but the current pip does not support any Python version supporting such old OpenSSL versions.
--- a/news/12183.trivial.rst
+++ b/news/12183.trivial.rst
@ -1 +0,0 @@
-Add test cases for some behaviors of ``install --dry-run`` and ``--use-feature=fast-deps``.
--- a/news/12187.bugfix.rst
+++ b/news/12187.bugfix.rst
@ -1 +0,0 @@
-Fix improper handling of the new onexc argument of ``shutil.rmtree()`` in Python 3.12.
--- a/news/12194.trivial.rst
+++ b/news/12194.trivial.rst
@ -1 +0,0 @@
-Add lots of comments to the ``BuildTracker``.
--- a/news/12204.feature.rst
+++ b/news/12204.feature.rst
@ -1 +0,0 @@
-Improve use of datastructures to make candidate selection 1.6x faster
--- a/news/12215.feature.rst
+++ b/news/12215.feature.rst
@ -1 +0,0 @@
-Allow ``pip install --dry-run`` to use platform and ABI overriding options similar to ``--target``.
--- a/news/12224.feature.rst
+++ b/news/12224.feature.rst
@ -1 +0,0 @@
-Add ``is_yanked`` boolean entry to the installation report (``--report``) to indicate whether the requirement was yanked from the index, but was still selected by pip conform to PEP 592.
--- a/news/12225.bugfix.rst
+++ b/news/12225.bugfix.rst
@ -1 +0,0 @@
-Filter out yanked links from the available versions error message: "(from versions: 1.0, 2.0, 3.0)" will not contain yanked versions conform PEP 592. The yanked versions (if any) will be mentioned in a separate error message.
--- a/news/12252.trivial.rst
+++ b/news/12252.trivial.rst
--- a/news/12254.process.rst
+++ b/news/12254.process.rst
@ -1 +0,0 @@
-Added reference to `vulnerability reporting guidelines <https://www.python.org/dev/security/>`_ to pip's security policy.
--- a/news/12261.trivial.rst
+++ b/news/12261.trivial.rst
--- a/news/12280.bugfix.rst
+++ b/news/12280.bugfix.rst
@ -1 +0,0 @@
-Fix crash when the git version number contains something else than digits and dots.
--- a/news/12306.bugfix.rst
+++ b/news/12306.bugfix.rst
@ -1 +0,0 @@
-Use ``-r=...`` instead of ``-r ...`` to specify references with Mercurial.
--- a/news/12334.doc.rst
+++ b/news/12334.doc.rst
@ -1 +0,0 @@
-Document that using OS-provided Python can cause pip's test suite to report false failures.
--- a/news/12350.bugfix.rst
+++ b/news/12350.bugfix.rst
@ -1 +0,0 @@
-Redact password from URLs in some additional places.
--- a/news/12AE57EC-683C-4A8E-BCCB-851FCD0730B4.trivial.rst
+++ b/news/12AE57EC-683C-4A8E-BCCB-851FCD0730B4.trivial.rst
--- a/news/1F54AB69-21F3-49F6-B938-AB16E326F82C.trivial.rst
+++ b/news/1F54AB69-21F3-49F6-B938-AB16E326F82C.trivial.rst
--- a/news/2984.bugfix.rst
+++ b/news/2984.bugfix.rst
@ -1 +0,0 @@
-pip uses less memory when caching large packages. As a result, there is a new on-disk cache format stored in a new directory ($PIP_CACHE_DIR/http-v2).
--- a/news/4A0C40FF-ABE1-48C7-954C-7C3EB229135F.trivial.rst
+++ b/news/4A0C40FF-ABE1-48C7-954C-7C3EB229135F.trivial.rst
@ -1 +0,0 @@
-Add ruff rules ASYNC,C4,C90,PERF,PLE,PLR for minor optimizations and to set upper limits on code complexity.
--- a/news/732404DE-8011-4146-8CAD-85D7756D88A6.trivial.rst
+++ b/news/732404DE-8011-4146-8CAD-85D7756D88A6.trivial.rst
--- a/news/80291DF4-7B0F-4268-B682-E1FCA1C3ACED.trivial.rst
+++ b/news/80291DF4-7B0F-4268-B682-E1FCA1C3ACED.trivial.rst
--- a/news/85F7E260-68FF-4C1E-A2CB-CF8634829D2D.trivial.rst
+++ b/news/85F7E260-68FF-4C1E-A2CB-CF8634829D2D.trivial.rst
--- a/news/E2B261CA-A0CF-4309-B808-1210C0B54632.trivial.rst
+++ b/news/E2B261CA-A0CF-4309-B808-1210C0B54632.trivial.rst
--- a/news/certifi.vendor.rst
+++ b/news/certifi.vendor.rst
@ -1 +0,0 @@
-Upgrade certifi to 2023.7.22
--- a/news/d7179b28-bc23-46aa-9175-834117a42dbd.trivial.rst
+++ b/news/d7179b28-bc23-46aa-9175-834117a42dbd.trivial.rst
--- a/news/truststore.vendor.rst
+++ b/news/truststore.vendor.rst
@ -1 +0,0 @@
-Add truststore 0.8.0
--- a/news/urllib3.vendor.rst
+++ b/news/urllib3.vendor.rst
@ -1 +0,0 @@
-Upgrade urllib3 to 1.26.17
--- a/news/zhsdgdlsjgksdfj.trivial.rst
+++ b/news/zhsdgdlsjgksdfj.trivial.rst
--- a/src/pip/init.py
+++ b/src/pip/init.py
@ -1,6 +1,6 @@
 from typing import List, Optional

-__version__ = "23.3.dev0"
+__version__ = "23.3"


 def main(args: Optional[List[str]] = None) -> int:
				`@ -1 +0,0 @@`
				`Ignore errors in temporary directory cleanup (show a warning instead).`
				`@ -1 +0,0 @@`
				`Prevent downloading sdists twice when PEP 658 metadata is present.`
				`@ -1 +0,0 @@`
				Include all requested extras in the install report (``--report``).
				`@ -1 +0,0 @@`
				`Improve extras resolution for multiple constraints on same base package.`
				`@ -1 +0,0 @@`
				Removed uses of ``datetime.datetime.utcnow`` from non-vendored code.
				`@ -1 +0,0 @@`
				Document that ``pip search`` support has been removed from PyPI
				`@ -1 +0,0 @@`
				`Consistently report whether a dependency comes from an extra.`
				`@ -1 +0,0 @@`
				`Drop a fallback to using SecureTransport on macOS. It was useful when pip detected OpenSSL older than 1.0.1, but the current pip does not support any Python version supporting such old OpenSSL versions.`
				`@ -1 +0,0 @@`
				Add test cases for some behaviors of ``install --dry-run`` and ``--use-feature=fast-deps``.
				`@ -1 +0,0 @@`
				Fix improper handling of the new onexc argument of ``shutil.rmtree()`` in Python 3.12.