This adds a --use-feature=truststore flag that, when specified on Python
3.10+ with truststore installed, switches pip to use truststore to
provide HTTPS certificate validation, instead of certifi. This allows
pip to verify certificates against custom certificates in the system
store.
truststore is deliberately NOT vendored because it is expected the
library to be under active development in the short term, and this
prevents users having to wait for a pip release to get potentially vital
bug fixes needed to be made in truststore.
Supplying the use-feature flag without installing truststore beforehand,
or on Python versions prior to 3.10, results in a command error.
The most recent version of distro, 1.6.0, include type information. This
allows pip to remove some workarounds. See upstream commit:
20cb68d6b0
The new version also deprecated the top level function
distro.linux_distribution(). Switch to the new preferred API. See
upstream commit:
f947776f5a
Rust is becoming more popular for writing Python extension modules in, this information would be valuable for package maintainers to assess the ecosystem, in the same way glibc or openssl version is.
The typing module has been available since Python 3.5. Guarding the
import has been unnecessary since dropping Python 2.
Some guards remain to either:
- Avoid circular imports
- Importing objects that are also guarded by typing.TYPE_CHECKING
- Avoid mypy_extensions dependency
All usages of it now use Environment.get_distribution() instead.
InstallRequirement.installed_version is also removed since it is no
longer used anywhere in the code base.
The stdlib module has been available since Python 3.5 and the
TYPE_CHECKING constant has been available since 3.5.2.
By using stdlib, this removes the need for pip to maintain its own
Python 2 typing compatibility shim.
https://www.python.org/dev/peps/pep-3102/
Replaces the pattern: self.name = kwargs.pop('name')
Keyword-only arguments offer some advantages:
- In the event of a typo or misuse, a more informative error is
presented to the programmer.
- More self documenting and makes interfaces more explicit.
- They more easily allow explicit typing.
Adding types to ConfigOptionParser required changing some call sites to
pass arguments without using a dict due to mypy bug:
https://github.com/python/mypy/issues/9676
Now that Python 2 is not supported, the bytes/str boundaries are more
clear and explicit. Using six.ensure_* methods for backwards
compatibility is no longer necessary as the types are known and verified
using mypy.
One exception is tests/lib/wheel.py which allows tests to pass test
setup data as either bytes or str.
The module operations.install.wheel also remains untouched as it is
especially delicate to bytes/str mixups and the current version is
working.
Use pyupgrade to convert simple string formatting to use f-string
syntax. pyupgrade is intentionally timid and will not create an f-string
if it would make the expression longer or if the substitution parameters
are anything but simple names or dotted names.
