Sourced from setuptools's changelog.

v53.0.0

Breaking Changes ^^^^^^^^^^^^^^^^

• #1527: Removed bootstrap script. Now Setuptools requires pip or another pep517-compliant builder such as 'build' to build. Now Setuptools can be installed from Github main branch.

v52.0.0

Breaking Changes ^^^^^^^^^^^^^^^^

• #2537: Remove fallback support for fetch_build_eggs using easy_install. Now pip is required for setup_requires to succeed.
• #2544: Removed 'easy_install' top-level model (runpy entry point) and 'easy_install' console script.
• #2545: Removed support for eggsecutables.

Changes ^^^^^^^

• #2459: Tests now run in parallel via pytest-xdist, completing in about half the time. Special thanks to :user:webknjaz for hard work implementing test isolation. To run without parallelization, disable the plugin with tox -- -p no:xdist.

v51.3.3

Misc ^^^^

• #2539: Fix AttributeError in Description validation.

v51.3.2

Misc ^^^^

• #1390: Validation of Description field now is more lenient, emitting a warning and mangling the value to be valid (replacing newlines with spaces).

v51.3.1

Misc ^^^^

• #2536: Reverted tag deduplication handling.

... (truncated)

• c121d28 Bump version: 52.0.0 → 53.0.0
• a96ab21 Merge pull request #2543 from pypa/bugfix/1996-no-bootstrap
• e1ffc2a Bump version: 51.3.3 → 52.0.0
• 4a4ef0b Merge pull request #2544 from pypa/feature/remove-easy-install
• 4fb7735 Update changelog
• 2885ca2 Remove 'main' function from 'easy_install'.
• 4b0408a Remove easy_install script and module.
• ea22005 Merge pull request #2545 from pypa/feature/remove-eggsecutable
• c0660de Update changelog.
• aaf0661 Merge pull request #2537 from pypa/feature/drop-fetch-build-eggs-easy-install...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pip's changelog.

21.0.1 (2021-01-30)

Bug Fixes

• commands: debug: Use packaging.version.parse to compare between versions. ([#9461](https://github.com/pypa/pip/issues/9461) <https://github.com/pypa/pip/issues/9461>_)
• New resolver: Download and prepare a distribution only at the last possible moment to avoid unnecessary network access when the same version is already installed locally. ([#9516](https://github.com/pypa/pip/issues/9516) <https://github.com/pypa/pip/issues/9516>_)

Vendored Libraries

• Upgrade packaging to 20.9

21.0 (2021-01-23)

Deprecations and Removals

• Drop support for Python 2. ([#6148](https://github.com/pypa/pip/issues/6148) <https://github.com/pypa/pip/issues/6148>_)
• Remove support for legacy wheel cache entries that were created with pip versions older than 20.0. ([#7502](https://github.com/pypa/pip/issues/7502) <https://github.com/pypa/pip/issues/7502>_)
• Remove support for VCS pseudo URLs editable requirements. It was emitting deprecation warning since version 20.0. ([#7554](https://github.com/pypa/pip/issues/7554) <https://github.com/pypa/pip/issues/7554>_)
• Modernise the codebase after Python 2. ([#8802](https://github.com/pypa/pip/issues/8802) <https://github.com/pypa/pip/issues/8802>_)
• Drop support for Python 3.5. ([#9189](https://github.com/pypa/pip/issues/9189) <https://github.com/pypa/pip/issues/9189>_)
• Remove the VCS export feature that was used only with editable VCS requirements and had correctness issues. ([#9338](https://github.com/pypa/pip/issues/9338) <https://github.com/pypa/pip/issues/9338>_)

Features

• Add --ignore-requires-python support to pip download. ([#1884](https://github.com/pypa/pip/issues/1884) <https://github.com/pypa/pip/issues/1884>_)
• New resolver: Error message shown when a wheel contains inconsistent metadata is made more helpful by including both values from the file name and internal metadata. ([#9186](https://github.com/pypa/pip/issues/9186) <https://github.com/pypa/pip/issues/9186>_)

Bug Fixes

• Fix a regression that made pip wheel do a VCS export instead of a VCS clone for editable requirements. This broke VCS requirements that need the VCS information to build correctly. ([#9273](https://github.com/pypa/pip/issues/9273) <https://github.com/pypa/pip/issues/9273>_)
• Fix pip download of editable VCS requirements that need VCS information to build correctly. ([#9337](https://github.com/pypa/pip/issues/9337) <https://github.com/pypa/pip/issues/9337>_)

... (truncated)

• 22c6efd Bump for release
• a085068 Update AUTHORS.txt
• 00fb5a0 Merge pull request #9533 from henryiii/chore/packaging-20.9
• c7ace4d Upgrade packaging to 20.9
• d1aa391 Merge pull request #9497 from hugovk/update-docs-tense
• 55d2969 Merge pull request #9522 from uranusjr/no-dup-fetch
• 7d43ec5 More permissive output check
• 2e70ec0 Create the candidate lazily to avoid download
• 68a86c5 Failing test for repeated fetch
• fa0ee31 Merge pull request #9504 from sbidoul/improve-pre-commit-sbi
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from coveralls's releases.

3.0.0

3.0.0 (2021-01-12)

Features (BREAKING)

• config: reorder configuration precedence (#249) (https://github.com/coveralls-clients/coveralls-python/blob/HEAD/f4faa92d)

We have reversed the order in which configurations are parsed. This means we are now following the following precedence (latest configured value is used):

1. CI Config
2. COVERALLS_* env vars
3. .coveralls.yml file
4. CLI flags

If you have the same fields set in multiple of the above locations, please double-check them before upgrading to v3.

The motivation for this change is allowing users to selectively fix values which may be automatically set to the wrong value. For example, Github Actions users may find that Github Actions expects you to use a different "service name" in various different cases. Now you can run, for example:

 coveralls --service=github

In places where you need to override the default (which is github-actions).

Bug Fixes

• github: send null job_id to fix 422 (https://github.com/coveralls-clients/coveralls-python/blob/HEAD/05b66aa0)
• api: fixup retries for services without job IDs (https://github.com/coveralls-clients/coveralls-python/blob/HEAD/6ebdc5e2)

Sourced from coveralls's changelog.

3.0.0 (2021-01-12)

Features (BREAKING)

• config: reorder configuration precedence (#249) (https://github.com/TheKevJames/coveralls-python/blob/master/f4faa92d)

We have reversed the order in which configurations are parsed. This means we are now following the following precedence (latest configured value is used):

1. CI Config
2. COVERALLS_* env vars
3. .coveralls.yml file
4. CLI flags

If you have the same fields set in multiple of the above locations, please double-check them before upgrading to v3.

The motivation for this change is allowing users to selectively fix values which may be automatically set to the wrong value. For example, Github Actions users may find that Github Actions expects you to use a different "service name" in various different cases. Now you can run, for example:

coveralls --service=github

In places where you need to override the default (which is github-actions).

Bug Fixes

• github: send null job_id to fix 422 (https://github.com/TheKevJames/coveralls-python/blob/master/05b66aa0)
• api: fixup retries for services without job IDs (https://github.com/TheKevJames/coveralls-python/blob/master/6ebdc5e2)

• 209a13a chore(release): bump version
• f4faa92 feat(config): reorder configuration precedence (#249)
• 6ebdc5e fix(api): fixup retries for services without job IDs
• db523ff tests(github): fixup test expectations
• 05b66aa fix(github): send null job_id to fix 422
• 14cea5a docs(github): fixes env var flag details (#244)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from coverage's releases.

coverage-5.4

• The text report produced by coverage report now always outputs a TOTAL line, even if only one Python file is reported. This makes regex parsing of the output easier. Thanks, Judson Neer. This had been requested a number of times (issue 1086, issue 922, issue 732).
• The skip_covered and skip_empty settings in the configuration file can now be specified in the [html] section, so that text reports and HTML reports can use separate settings. The HTML report will still use the [report] settings if there isn’t a value in the [html] section. Closes issue 1090.
• Combining files on Windows across drives now works properly, fixing issue 577. Thanks, Valentin Lab.
• Fix an obscure warning from deep in the _decimal module, as reported in issue 1084.
• Update to support Python 3.10 alphas in progress, including PEP 626: Precise line numbers for debugging and other tools.

coverage-5.3.1

• When using --source on a large source tree, v5.x was slower than previous versions. This performance regression is now fixed, closing issue 1037.
• Mysterious SQLite errors can happen on PyPy, as reported in issue 1010. An immediate retry seems to fix the problem, although it is an unsatisfying solution.
• The HTML report now saves the sort order in a more widely supported way, fixing issue 986. Thanks, Sebastián Ramírez (pull request 1066).
• The HTML report pages now have a Sleepy Snake favicon.
• Wheels are now provided for manylinux2010, and for PyPy3 (pp36 and pp37).
• Continuous integration has moved from Travis and AppVeyor to GitHub Actions.

Sourced from coverage's changelog.

Version 5.4 --- 2021-01-24

• The text report produced by coverage report now always outputs a TOTAL line, even if only one Python file is reported. This makes regex parsing of the output easier. Thanks, Judson Neer. This had been requested a number of times (issue 1086, issue 922, issue 732_).

• The skip_covered and skip_empty settings in the configuration file can now be specified in the [html] section, so that text reports and HTML reports can use separate settings. The HTML report will still use the [report] settings if there isn't a value in the [html] section. Closes issue 1090_.

• Combining files on Windows across drives now works properly, fixing issue 577. Thanks, Valentin Lab <pr1080_>.

• Fix an obscure warning from deep in the decimal module, as reported in issue 1084.

• Update to support Python 3.10 alphas in progress, including PEP 626: Precise line numbers for debugging and other tools <pep626_>_.

.. _issue 577: nedbat/coveragepy#577 .. _issue 732: nedbat/coveragepy#732 .. _issue 922: nedbat/coveragepy#922 .. _issue 1084: nedbat/coveragepy#1084 .. _issue 1086: nedbat/coveragepy#1086 .. _issue 1090: nedbat/coveragepy#1090 .. _pr1080: nedbat/coveragepy#1080 .. _pep626: https://www.python.org/dev/peps/pep-0626/

.. _changes_531:

Version 5.3.1 --- 2020-12-19

• When using --source on a large source tree, v5.x was slower than previous versions. This performance regression is now fixed, closing issue 1037_.

• Mysterious SQLite errors can happen on PyPy, as reported in issue 1010_. An immediate retry seems to fix the problem, although it is an unsatisfying solution.

• The HTML report now saves the sort order in a more widely supported way, fixing issue 986. Thanks, Sebastián Ramírez (pull request 1066).

• The HTML report pages now have a :ref:Sleepy Snake <sleepy> favicon.

... (truncated)

• 4c8c34c Remove unneeded slash
• 96ae200 Prep for 5.4
• 6ce7b4e Latest sample HTML
• a09b171 Simplify the testing of the toml extra, fixing #1084
• 94239ad Add changelog for #1080 #577
• dc0e806 fix: combine aliases on windows base dirs (ie: X:\) (fixes: #577)
• b0710b1 skip_covered and skip_empty for HTML. #1090
• 6957366 I don't understand the codecov comments, so turn them off
• 07ac031 Mention PEP 626 in the changelog
• 5a76fa9 Better control over setup.py warnings
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from virtualenv's changelog.

v20.4.2 (2021-02-01)

Bugfixes - 20.4.2

- Running virtualenv ``--upgrade-embed-wheels`` crashes - by :user:`gaborbernat`. (`[#2058](https://github.com/pypa/virtualenv/issues/2058) <https://github.com/pypa/virtualenv/issues/2058>`_)
v20.4.1 (2021-01-31)
Bugfixes - 20.4.1

• Bump embedded pip and setuptools packages to latest upstream supported (21.0.1 and 52.0.0) - by :user:gaborbernat. ([#2060](https://github.com/pypa/virtualenv/issues/2060) <https://github.com/pypa/virtualenv/issues/2060>_)

v20.4.0 (2021-01-19)

Features - 20.4.0

- On the programmatic API allow passing in the environment variable dictionary to use, defaults to ``os.environ`` if not
  specified - by :user:`gaborbernat`. (`[#2054](https://github.com/pypa/virtualenv/issues/2054) <https://github.com/pypa/virtualenv/issues/2054>`_)
Bugfixes - 20.4.0

• Upgrade embedded setuptools to 51.3.3 from 51.1.2 - by :user:gaborbernat. ([#2055](https://github.com/pypa/virtualenv/issues/2055) <https://github.com/pypa/virtualenv/issues/2055>_)

v20.3.1 (2021-01-13)

Bugfixes - 20.3.1

- Bump embed pip to ``20.3.3``, setuptools to ``51.1.1`` and wheel to ``0.36.2`` - by :user:`gaborbernat`. (`[#2036](https://github.com/pypa/virtualenv/issues/2036) <https://github.com/pypa/virtualenv/issues/2036>`_)
- Allow unfunctioning of pydoc to fail freely so that virtualenvs can be
  activated under Zsh with set -e (since otherwise ``unset -f`` and
  ``unfunction`` exit with 1 if the function does not exist in Zsh) - by
  :user:`d125q`. (`[#2049](https://github.com/pypa/virtualenv/issues/2049) <https://github.com/pypa/virtualenv/issues/2049>`_)
- Drop cached python information if the system executable is no longer present (for example when the executable is a
  shim and the mapped executable is replaced - such is the case with pyenv) - by :user:`gaborbernat`. (`[#2050](https://github.com/pypa/virtualenv/issues/2050) <https://github.com/pypa/virtualenv/issues/2050>`_)
v20.3.0 (2021-01-10)
Features - 20.3.0

• The builtin discovery takes now a --try-first-with argument and is first attempted as valid interpreters. One can use this to force discovery of a given python executable when the discovery order/mechanism raises errors -

... (truncated)

• 325e95e release 20.4.2
• 531e576 Fix upgrade embeded crashes (#2062)
• d9725b7 Merge pull request #2061 from pypa/release-20.4.1
• 61b2f6f release 20.4.1
• 0e85268 Bump setuptools and pip (#2060)
• 9093686 Merge pull request #2057 from pypa/release-20.4.0
• d47e0a5 release 20.4.0
• a9b0f3b Fix Windows failure (#2056)
• 40aec48 API: Allow passing on the environment variable as an argument (#2054)
• 4c95506 Upgrade embedded setuptools to 51.3.3 from 51.1.2 (#2055)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from tox's changelog.

v3.21.4 (2021-02-02)

Bugfixes ^^^^^^^^

• Adapt tests not to assume the easy_install command exists, as it was removed from setuptools 52.0.0+ - by :user:hroncok [#1893](https://github.com/tox-dev/tox/issues/1893) <https://github.com/tox-dev/tox/issues/1893>_

v3.21.3 (2021-01-28)

Bugfixes ^^^^^^^^

• Fix a killed tox (via SIGTERM) leaving the commands subprocesses running by handling it as if it were a KeyboardInterrupt - by :user:dajose [#1772](https://github.com/tox-dev/tox/issues/1772) <https://github.com/tox-dev/tox/issues/1772>_

v3.21.2 (2021-01-19)

Bugfixes ^^^^^^^^

• Newer coverage tools update the COV_CORE_CONTEXT environment variable, add it to the list of environment variables that can change in our pytest plugin - by :user:gaborbernat. [#1854](https://github.com/tox-dev/tox/issues/1854) <https://github.com/tox-dev/tox/issues/1854>_

v3.21.1 (2021-01-13)

Bugfixes ^^^^^^^^

• Fix regression that broke using install_command in config replacements - by :user:jayvdb [#1777](https://github.com/tox-dev/tox/issues/1777) <https://github.com/tox-dev/tox/issues/1777>_
• Fix regression parsing posargs default containing colon. - by :user:jayvdb [#1785](https://github.com/tox-dev/tox/issues/1785) <https://github.com/tox-dev/tox/issues/1785>_

Features ^^^^^^^^

• Prevent .tox in envlist - by :user:jayvdb [#1684](https://github.com/tox-dev/tox/issues/1684) <https://github.com/tox-dev/tox/issues/1684>_

... (truncated)

• ff9990a release 3.21.4
• 7355b65 Adapt tests not to assume easy_install exists, it was removed from setuptools...
• a42ff11 Merge pull request #1880 from tox-dev/release-3.21.3
• 7dbed25 release 3.21.3
• 15533dd [pre-commit.ci] pre-commit autoupdate (#1872)
• 8a2bb56 Format markdown
• 6725807 tox use discord
• 833b33f Handle sigterm by killing the commands subprocess (#1860)
• 3d80588 Merge pull request #1858 from tox-dev/release-3.21.2
• 4116e90 release 3.21.2
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

41.2.0

-------

* 479: Remove some usage of the deprecated ``imp`` module.
* 1565: Changed html_sidebars from string to list of string as per
https://www.sphinx-doc.org/en/master/changes.htmlid58

41.1.0

-------

* 1697: Moved most of the constants from setup.py to setup.cfg
* 1749: Fixed issue with the PEP 517 backend where building a source distribution would fail if any tarball existed in the destination directory.
* 1750: Fixed an issue with PEP 517 backend where wheel builds would fail if the destination directory did not already exist.
* 1756: Forse metadata-version >= 1.2. when project urls are present.
* 1769: Improve ``package_data`` check: ensure the dictionary values are lists/tuples of strings.
* 1788: Changed compatibility fallback logic for ``html.unescape`` to avoid accessing ``HTMLParser.unescape`` when not necessary. ``HTMLParser.unescape`` is deprecated and will be removed in Python 3.9.
* 1790: Added the file path to the error message when a ``UnicodeDecodeError`` occurs while reading a metadata file.
* 1776: Use license classifiers rather than the license field.

• PyPI: https://pypi.org/project/setuptools
• Changelog: https://pyup.io/changelogs/setuptools/
• Repo: https://github.com/pypa/setuptools

19.2.2

===================

Bug Fixes
---------

- Fix handling of tokens (single part credentials) in URLs. (`6795 <https://github.com/pypa/pip/issues/6795>`_)
- Fix a regression that caused ``~`` expansion not to occur in ``--find-links``
paths. (`6804 <https://github.com/pypa/pip/issues/6804>`_)

19.2.1

===================

Bug Fixes
---------

- Fix a ``NoneType`` ``AttributeError`` when evaluating hashes and no hashes
are provided. (`6772 <https://github.com/pypa/pip/issues/6772>`_)

19.2

=================

Deprecations and Removals
-------------------------

- Drop support for EOL Python 3.4. (`6685 <https://github.com/pypa/pip/issues/6685>`_)
- Improve deprecation messages to include the version in which the functionality will be removed. (`6549 <https://github.com/pypa/pip/issues/6549>`_)

Features
--------

- Credentials will now be loaded using `keyring` when installed. (`5948 <https://github.com/pypa/pip/issues/5948>`_)
- Fully support using ``--trusted-host`` inside requirements files. (`3799 <https://github.com/pypa/pip/issues/3799>`_)
- Update timestamps in pip's ``--log`` file to include milliseconds. (`6587 <https://github.com/pypa/pip/issues/6587>`_)
- Respect whether a file has been marked as "yanked" from a simple repository
(see `PEP 592 <https://www.python.org/dev/peps/pep-0592/>`__ for details). (`6633 <https://github.com/pypa/pip/issues/6633>`_)
- When choosing candidates to install, prefer candidates with a hash matching
one of the user-provided hashes. (`5874 <https://github.com/pypa/pip/issues/5874>`_)
- Improve the error message when ``METADATA`` or ``PKG-INFO`` is None when
accessing metadata. (`5082 <https://github.com/pypa/pip/issues/5082>`_)
- Add a new command ``pip debug`` that can display e.g. the list of compatible
tags for the current Python. (`6638 <https://github.com/pypa/pip/issues/6638>`_)
- Display hint on installing with --pre when search results include pre-release versions. (`5169 <https://github.com/pypa/pip/issues/5169>`_)
- Report to Warehouse that pip is running under CI if the ``PIP_IS_CI`` environment variable is set. (`5499 <https://github.com/pypa/pip/issues/5499>`_)
- Allow ``--python-version`` to be passed as a dotted version string (e.g.
``3.7`` or ``3.7.3``). (`6585 <https://github.com/pypa/pip/issues/6585>`_)
- Log the final filename and SHA256 of a ``.whl`` file when done building a
wheel. (`5908 <https://github.com/pypa/pip/issues/5908>`_)
- Include the wheel's tags in the log message explanation when a candidate
wheel link is found incompatible. (`6121 <https://github.com/pypa/pip/issues/6121>`_)
- Add a ``--path`` argument to ``pip freeze`` to support ``--target``
installations. (`6404 <https://github.com/pypa/pip/issues/6404>`_)
- Add a ``--path`` argument to ``pip list`` to support ``--target``
installations. (`6551 <https://github.com/pypa/pip/issues/6551>`_)

Bug Fixes
---------

- Set ``sys.argv[0]`` to the underlying ``setup.py`` when invoking ``setup.py``
via the setuptools shim so setuptools doesn't think the path is ``-c``. (`1890 <https://github.com/pypa/pip/issues/1890>`_)
- Update ``pip download`` to respect the given ``--python-version`` when checking
``"Requires-Python"``. (`5369 <https://github.com/pypa/pip/issues/5369>`_)
- Respect ``--global-option`` and ``--install-option`` when installing from
a version control url (e.g. ``git``). (`5518 <https://github.com/pypa/pip/issues/5518>`_)
- Make the "ascii" progress bar really be "ascii" and not Unicode. (`5671 <https://github.com/pypa/pip/issues/5671>`_)
- Fail elegantly when trying to set an incorrectly formatted key in config. (`5963 <https://github.com/pypa/pip/issues/5963>`_)
- Prevent DistutilsOptionError when prefix is indicated in the global environment and `--target` is used. (`6008 <https://github.com/pypa/pip/issues/6008>`_)
- Fix ``pip install`` to respect ``--ignore-requires-python`` when evaluating
links. (`6371 <https://github.com/pypa/pip/issues/6371>`_)
- Fix a debug log message when freezing an editable, non-version controlled
requirement. (`6383 <https://github.com/pypa/pip/issues/6383>`_)
- Extend to Subversion 1.8+ the behavior of calling Subversion in
interactive mode when pip is run interactively. (`6386 <https://github.com/pypa/pip/issues/6386>`_)
- Prevent ``pip install <url>`` from permitting directory traversal if e.g.
a malicious server sends a ``Content-Disposition`` header with a filename
containing ``../`` or ``..\\``. (`6413 <https://github.com/pypa/pip/issues/6413>`_)
- Hide passwords in output when using ``--find-links``. (`6489 <https://github.com/pypa/pip/issues/6489>`_)
- Include more details in the log message if ``pip freeze`` can't generate a
requirement string for a particular distribution. (`6513 <https://github.com/pypa/pip/issues/6513>`_)
- Add the line number and file location to the error message when reading an
invalid requirements file in certain situations. (`6527 <https://github.com/pypa/pip/issues/6527>`_)
- Prefer ``os.confstr`` to ``ctypes`` when extracting glibc version info. (`6543 <https://github.com/pypa/pip/issues/6543>`_, `6675 <https://github.com/pypa/pip/issues/6675>`_)
- Improve error message printed when an invalid editable requirement is provided. (`6648 <https://github.com/pypa/pip/issues/6648>`_)
- Improve error message formatting when a command errors out in a subprocess. (`6651 <https://github.com/pypa/pip/issues/6651>`_)

Vendored Libraries
------------------

- Upgrade certifi to 2019.6.16
- Upgrade distlib to 0.2.9.post0
- Upgrade msgpack to 0.6.1
- Upgrade requests to 2.22.0
- Upgrade urllib3 to 1.25.3
- Patch vendored html5lib, to prefer using `collections.abc` where possible.

Improved Documentation
----------------------

- Document how Python 2.7 support will be maintained. (`6726 <https://github.com/pypa/pip/issues/6726>`_)
- Upgrade Sphinx version used to build documentation. (`6471 <https://github.com/pypa/pip/issues/6471>`_)
- Fix generation of subcommand manpages. (`6724 <https://github.com/pypa/pip/issues/6724>`_)
- Mention that pip can install from git refs. (`6512 <https://github.com/pypa/pip/issues/6512>`_)
- Replace a failing example of pip installs with extras with a working one. (`4733 <https://github.com/pypa/pip/issues/4733>`_)

• PyPI: https://pypi.org/project/pip
• Changelog: https://pyup.io/changelogs/pip/
• Homepage: https://pip.pypa.io/

3.7.8

-------------------

You can view the `3.7.8 milestone`_ on GitLab for more details.

Bugs Fixed
~~~~~~~~~~

- Fix handling of ``Application.parse_preliminary_options_and_args`` when
argv is an empty list (See also `GitLab!310`_, `GitLab518`_)

- Fix crash when a file parses but fails to tokenize (See also `GitLab!314`_,
`GitLab532`_)

- Log the full traceback on plugin exceptions (See also `GitLab!317`_)

- Fix `` noqa: ...`` comments with multi-letter codes (See also `GitLab!326`_,
`GitLab549`_)


.. all links
.. _3.7.8 milestone:
 https://gitlab.com/pycqa/flake8/milestones/31

.. issue links
.. _GitLab518:
 https://gitlab.com/pycqa/flake8/issues/518
.. _GitLab532:
 https://gitlab.com/pycqa/flake8/issues/532
.. _GitLab549:
 https://gitlab.com/pycqa/flake8/issues/549

.. merge request links
.. _GitLab!310:
 https://gitlab.com/pycqa/flake8/merge_requests/310
.. _GitLab!314:
 https://gitlab.com/pycqa/flake8/merge_requests/314
.. _GitLab!317:
 https://gitlab.com/pycqa/flake8/merge_requests/317
.. _GitLab!326:
 https://gitlab.com/pycqa/flake8/merge_requests/326

• PyPI: https://pypi.org/project/flake8
• Changelog: https://pyup.io/changelogs/flake8/
• Repo: https://gitlab.com/pycqa/flake8

• PyPI: https://pypi.org/project/pydocstyle
• Changelog: https://pyup.io/changelogs/pydocstyle/
• Repo: https://github.com/PyCQA/pydocstyle/

16.7.3

--------------------

Bugfixes
^^^^^^^^

- upgrade pip from ``19.1.1`` to ``19.2.2`` and setuptools from ``41.0.1`` to ``41.1.0`` (`1404 <https://github.com/pypa/virtualenv/issues/1404>`_)

16.7.2

--------------------

Bugfixes
^^^^^^^^

- fix regression - sh activation script not working under sh (only bash) (`1396 <https://github.com/pypa/virtualenv/issues/1396>`_)

16.7.1

--------------------

Features
^^^^^^^^

- pip bumped to 19.2.1 (`1392 <https://github.com/pypa/virtualenv/issues/1392>`_)

16.7.0

--------------------

Features
^^^^^^^^

- ``activate.ps1`` syntax and style updated to follow ``PSStyleAnalyzer`` rules (`1371 <https://github.com/pypa/virtualenv/issues/1371>`_)
- Allow creating virtual environments for ``3.xy``. (`1385 <https://github.com/pypa/virtualenv/issues/1385>`_)
- Report error when running activate scripts directly, instead of sourcing. By reporting an error instead of running silently, the user get immediate feedback that the script was not used correctly. Only Bash and PowerShell are supported for now. (`1388 <https://github.com/pypa/virtualenv/issues/1388>`_)
- * add pip 19.2 (19.1.1 is kept to still support python 3.4 dropped by latest pip) (`1389 <https://github.com/pypa/virtualenv/issues/1389>`_)

16.6.2

--------------------

Bugfixes
^^^^^^^^

- Extend the LICENSE search paths list by ``lib64/pythonX.Y`` to support Linux
vendors who install their Python to ``/usr/lib64/pythonX.Y`` (Gentoo, Fedora,
openSUSE, RHEL and others) - by ``hroncok`` (`1382 <https://github.com/pypa/virtualenv/issues/1382>`_)

• PyPI: https://pypi.org/project/virtualenv
• Changelog: https://pyup.io/changelogs/virtualenv/
• Homepage: https://virtualenv.pypa.io/

4.5.4

---------------------------

- Multiprocessing support in Python 3.8 was broken, but is now fixed.  Closes
`issue 828`_.

.. _issue 828: https://github.com/nedbat/coveragepy/issues/828


.. _changes_453:

• PyPI: https://pypi.org/project/coverage
• Changelog: https://pyup.io/changelogs/coverage/
• Repo: https://github.com/nedbat/coveragepy

• PyPI: https://pypi.org/project/tox
• Docs: http://tox.readthedocs.org

1.8.2

Internal

* **dependencies**: update pass urllib3<1.25 pin, now that that's fixed.

<a name="1.8.1"></a>

• PyPI: https://pypi.org/project/coveralls
• Changelog: https://pyup.io/changelogs/coveralls/
• Repo: http://github.com/coveralls-clients/coveralls-python

19.2

=================

Deprecations and Removals
-------------------------

- Drop support for EOL Python 3.4. (`6685 <https://github.com/pypa/pip/issues/6685>`_)
- Improve deprecation messages to include the version in which the functionality will be removed. (`6549 <https://github.com/pypa/pip/issues/6549>`_)

Features
--------

- Credentials will now be loaded using `keyring` when installed. (`5948 <https://github.com/pypa/pip/issues/5948>`_)
- Fully support using ``--trusted-host`` inside requirements files. (`3799 <https://github.com/pypa/pip/issues/3799>`_)
- Update timestamps in pip's ``--log`` file to include milliseconds. (`6587 <https://github.com/pypa/pip/issues/6587>`_)
- Respect whether a file has been marked as "yanked" from a simple repository
(see `PEP 592 <https://www.python.org/dev/peps/pep-0592/>`__ for details). (`6633 <https://github.com/pypa/pip/issues/6633>`_)
- When choosing candidates to install, prefer candidates with a hash matching
one of the user-provided hashes. (`5874 <https://github.com/pypa/pip/issues/5874>`_)
- Improve the error message when ``METADATA`` or ``PKG-INFO`` is None when
accessing metadata. (`5082 <https://github.com/pypa/pip/issues/5082>`_)
- Add a new command ``pip debug`` that can display e.g. the list of compatible
tags for the current Python. (`6638 <https://github.com/pypa/pip/issues/6638>`_)
- Display hint on installing with --pre when search results include pre-release versions. (`5169 <https://github.com/pypa/pip/issues/5169>`_)
- Report to Warehouse that pip is running under CI if the ``PIP_IS_CI`` environment variable is set. (`5499 <https://github.com/pypa/pip/issues/5499>`_)
- Allow ``--python-version`` to be passed as a dotted version string (e.g.
``3.7`` or ``3.7.3``). (`6585 <https://github.com/pypa/pip/issues/6585>`_)
- Log the final filename and SHA256 of a ``.whl`` file when done building a
wheel. (`5908 <https://github.com/pypa/pip/issues/5908>`_)
- Include the wheel's tags in the log message explanation when a candidate
wheel link is found incompatible. (`6121 <https://github.com/pypa/pip/issues/6121>`_)
- Add a ``--path`` argument to ``pip freeze`` to support ``--target``
installations. (`6404 <https://github.com/pypa/pip/issues/6404>`_)
- Add a ``--path`` argument to ``pip list`` to support ``--target``
installations. (`6551 <https://github.com/pypa/pip/issues/6551>`_)

Bug Fixes
---------

- Set ``sys.argv[0]`` to the underlying ``setup.py`` when invoking ``setup.py``
via the setuptools shim so setuptools doesn't think the path is ``-c``. (`1890 <https://github.com/pypa/pip/issues/1890>`_)
- Update ``pip download`` to respect the given ``--python-version`` when checking
``"Requires-Python"``. (`5369 <https://github.com/pypa/pip/issues/5369>`_)
- Respect ``--global-option`` and ``--install-option`` when installing from
a version control url (e.g. ``git``). (`5518 <https://github.com/pypa/pip/issues/5518>`_)
- Make the "ascii" progress bar really be "ascii" and not Unicode. (`5671 <https://github.com/pypa/pip/issues/5671>`_)
- Fail elegantly when trying to set an incorrectly formatted key in config. (`5963 <https://github.com/pypa/pip/issues/5963>`_)
- Prevent DistutilsOptionError when prefix is indicated in the global environment and `--target` is used. (`6008 <https://github.com/pypa/pip/issues/6008>`_)
- Fix ``pip install`` to respect ``--ignore-requires-python`` when evaluating
links. (`6371 <https://github.com/pypa/pip/issues/6371>`_)
- Fix a debug log message when freezing an editable, non-version controlled
requirement. (`6383 <https://github.com/pypa/pip/issues/6383>`_)
- Extend to Subversion 1.8+ the behavior of calling Subversion in
interactive mode when pip is run interactively. (`6386 <https://github.com/pypa/pip/issues/6386>`_)
- Prevent ``pip install <url>`` from permitting directory traversal if e.g.
a malicious server sends a ``Content-Disposition`` header with a filename
containing ``../`` or ``..\\``. (`6413 <https://github.com/pypa/pip/issues/6413>`_)
- Hide passwords in output when using ``--find-links``. (`6489 <https://github.com/pypa/pip/issues/6489>`_)
- Include more details in the log message if ``pip freeze`` can't generate a
requirement string for a particular distribution. (`6513 <https://github.com/pypa/pip/issues/6513>`_)
- Add the line number and file location to the error message when reading an
invalid requirements file in certain situations. (`6527 <https://github.com/pypa/pip/issues/6527>`_)
- Prefer ``os.confstr`` to ``ctypes`` when extracting glibc version info. (`6543 <https://github.com/pypa/pip/issues/6543>`_, `6675 <https://github.com/pypa/pip/issues/6675>`_)
- Improve error message printed when an invalid editable requirement is provided. (`6648 <https://github.com/pypa/pip/issues/6648>`_)
- Improve error message formatting when a command errors out in a subprocess. (`6651 <https://github.com/pypa/pip/issues/6651>`_)

Vendored Libraries
------------------

- Upgrade certifi to 2019.6.16
- Upgrade distlib to 0.2.9.post0
- Upgrade msgpack to 0.6.1
- Upgrade requests to 2.22.0
- Upgrade urllib3 to 1.25.3
- Patch vendored html5lib, to prefer using `collections.abc` where possible.

Improved Documentation
----------------------

- Document how Python 2.7 support will be maintained. (`6726 <https://github.com/pypa/pip/issues/6726>`_)
- Upgrade Sphinx version used to build documentation. (`6471 <https://github.com/pypa/pip/issues/6471>`_)
- Fix generation of subcommand manpages. (`6724 <https://github.com/pypa/pip/issues/6724>`_)
- Mention that pip can install from git refs. (`6512 <https://github.com/pypa/pip/issues/6512>`_)
- Replace a failing example of pip installs with extras with a working one. (`4733 <https://github.com/pypa/pip/issues/4733>`_)

• PyPI: https://pypi.org/project/pip
• Changelog: https://pyup.io/changelogs/pip/
• Homepage: https://pip.pypa.io/

3.7.8

-------------------

You can view the `3.7.8 milestone`_ on GitLab for more details.

Bugs Fixed
~~~~~~~~~~

- Fix handling of ``Application.parse_preliminary_options_and_args`` when
argv is an empty list (See also `GitLab!310`_, `GitLab518`_)

- Fix crash when a file parses but fails to tokenize (See also `GitLab!314`_,
`GitLab532`_)

- Log the full traceback on plugin exceptions (See also `GitLab!317`_)

- Fix `` noqa: ...`` comments with multi-letter codes (See also `GitLab!326`_,
`GitLab549`_)


.. all links
.. _3.7.8 milestone:
 https://gitlab.com/pycqa/flake8/milestones/31

.. issue links
.. _GitLab518:
 https://gitlab.com/pycqa/flake8/issues/518
.. _GitLab532:
 https://gitlab.com/pycqa/flake8/issues/532
.. _GitLab549:
 https://gitlab.com/pycqa/flake8/issues/549

.. merge request links
.. _GitLab!310:
 https://gitlab.com/pycqa/flake8/merge_requests/310
.. _GitLab!314:
 https://gitlab.com/pycqa/flake8/merge_requests/314
.. _GitLab!317:
 https://gitlab.com/pycqa/flake8/merge_requests/317
.. _GitLab!326:
 https://gitlab.com/pycqa/flake8/merge_requests/326

• PyPI: https://pypi.org/project/flake8
• Changelog: https://pyup.io/changelogs/flake8/
• Repo: https://gitlab.com/pycqa/flake8

• PyPI: https://pypi.org/project/pydocstyle
• Changelog: https://pyup.io/changelogs/pydocstyle/
• Repo: https://github.com/PyCQA/pydocstyle/

16.7.1

--------------------

Features
^^^^^^^^

- pip bumped to 19.2.1 (`1392 <https://github.com/pypa/virtualenv/issues/1392>`_)

16.7.0

--------------------

Features
^^^^^^^^

- ``activate.ps1`` syntax and style updated to follow ``PSStyleAnalyzer`` rules (`1371 <https://github.com/pypa/virtualenv/issues/1371>`_)
- Allow creating virtual environments for ``3.xy``. (`1385 <https://github.com/pypa/virtualenv/issues/1385>`_)
- Report error when running activate scripts directly, instead of sourcing. By reporting an error instead of running silently, the user get immediate feedback that the script was not used correctly. Only Bash and PowerShell are supported for now. (`1388 <https://github.com/pypa/virtualenv/issues/1388>`_)
- * add pip 19.2 (19.1.1 is kept to still support python 3.4 dropped by latest pip) (`1389 <https://github.com/pypa/virtualenv/issues/1389>`_)

16.6.2

--------------------

Bugfixes
^^^^^^^^

- Extend the LICENSE search paths list by ``lib64/pythonX.Y`` to support Linux
vendors who install their Python to ``/usr/lib64/pythonX.Y`` (Gentoo, Fedora,
openSUSE, RHEL and others) - by ``hroncok`` (`1382 <https://github.com/pypa/virtualenv/issues/1382>`_)

• PyPI: https://pypi.org/project/virtualenv
• Changelog: https://pyup.io/changelogs/virtualenv/
• Homepage: https://virtualenv.pypa.io/

4.5.4

---------------------------

- Multiprocessing support in Python 3.8 was broken, but is now fixed.  Closes
`issue 828`_.

.. _issue 828: https://github.com/nedbat/coveragepy/issues/828


.. _changes_453:

• PyPI: https://pypi.org/project/coverage
• Changelog: https://pyup.io/changelogs/coverage/
• Repo: https://github.com/nedbat/coveragepy

• PyPI: https://pypi.org/project/tox
• Docs: http://tox.readthedocs.org

1.8.2

Internal

* **dependencies**: update pass urllib3<1.25 pin, now that that's fixed.

<a name="1.8.1"></a>

• PyPI: https://pypi.org/project/coveralls
• Changelog: https://pyup.io/changelogs/coveralls/
• Repo: http://github.com/coveralls-clients/coveralls-python

41.0.1

-------

* 1671: Fixed issue with the PEP 517 backend that prevented building a wheel when the ``dist/`` directory contained existing ``.whl`` files.
* 1709: In test.paths_on_python_path, avoid adding unnecessary duplicates to the PYTHONPATH.
* 1741: In package_index, now honor "current directory" during a checkout of git and hg repositories under Windows

41.0.0

-------

* 1735: When parsing setup.cfg files, setuptools now requires the files to be encoded as UTF-8. Any other encoding will lead to a UnicodeDecodeError. This change removes support for specifying an encoding using a 'coding: ' directive in the header of the file, a feature that was introduces in 40.7. Given the recent release of the aforementioned feature, it is assumed that few if any projects are utilizing the feature to specify an encoding other than UTF-8.

40.9.0

-------

* 1675: Added support for ``setup.cfg``-only projects when using the ``setuptools.build_meta`` backend. Projects that have enabled PEP 517 no longer need to have a ``setup.py`` and can use the purely declarative ``setup.cfg`` configuration file instead.
* 1720: Added support for ``pkg_resources.parse_requirements``-style requirements in ``setup_requires`` when ``setup.py`` is invoked from the ``setuptools.build_meta`` build backend.
* 1664: Added the path to the ``PKG-INFO`` or ``METADATA`` file in the exception
text when the ``Version:`` header can't be found.
* 1705: Removed some placeholder documentation sections referring to deprecated features.

• PyPI: https://pypi.org/project/setuptools
• Changelog: https://pyup.io/changelogs/setuptools/
• Repo: https://github.com/pypa/setuptools

19.1.1

===================

Features
--------

- Restore ``pyproject.toml`` handling to how it was with pip 19.0.3 to prevent
the need to add ``--no-use-pep517`` when installing in editable mode. (`6434 <https://github.com/pypa/pip/issues/6434>`_)

Bug Fixes
---------

- Fix a regression that caused `` to be quoted in pypiserver links.
This interfered with parsing the revision string from VCS urls. (`6440 <https://github.com/pypa/pip/issues/6440>`_)

19.1

=================

Features
--------

- Configuration files may now also be stored under ``sys.prefix`` (`5060 <https://github.com/pypa/pip/issues/5060>`_)
- Avoid creating an unnecessary local clone of a Bazaar branch when exporting. (`5443 <https://github.com/pypa/pip/issues/5443>`_)
- Include in pip's User-Agent string whether it looks like pip is running
under CI. (`5499 <https://github.com/pypa/pip/issues/5499>`_)
- A custom (JSON-encoded) string can now be added to pip's User-Agent
using the ``PIP_USER_AGENT_USER_DATA`` environment variable. (`5549 <https://github.com/pypa/pip/issues/5549>`_)
- For consistency, passing ``--no-cache-dir`` no longer affects whether wheels
will be built.  In this case, a temporary directory is used. (`5749 <https://github.com/pypa/pip/issues/5749>`_)
- Command arguments in ``subprocess`` log messages are now quoted using
``shlex.quote()``. (`6290 <https://github.com/pypa/pip/issues/6290>`_)
- Prefix warning and error messages in log output with `WARNING` and `ERROR`. (`6298 <https://github.com/pypa/pip/issues/6298>`_)
- Using ``--build-options`` in a PEP 517 build now fails with an error,
rather than silently ignoring the option. (`6305 <https://github.com/pypa/pip/issues/6305>`_)
- Error out with an informative message if one tries to install a
``pyproject.toml``-style (PEP 517) source tree using ``--editable`` mode. (`6314 <https://github.com/pypa/pip/issues/6314>`_)
- When downloading a package, the ETA and average speed now only update once per second for better legibility. (`6319 <https://github.com/pypa/pip/issues/6319>`_)

Bug Fixes
---------

- The stdout and stderr from VCS commands run by pip as subprocesses (e.g.
``git``, ``hg``, etc.) no longer pollute pip's stdout. (`1219 <https://github.com/pypa/pip/issues/1219>`_)
- Fix handling of requests exceptions when dependencies are debundled. (`4195 <https://github.com/pypa/pip/issues/4195>`_)
- Make pip's self version check avoid recommending upgrades to prereleases if the currently-installed version is stable. (`5175 <https://github.com/pypa/pip/issues/5175>`_)
- Fixed crash when installing a requirement from a URL that comes from a dependency without a URL. (`5889 <https://github.com/pypa/pip/issues/5889>`_)
- Improve handling of file URIs: correctly handle `file://localhost/...` and don't try to use UNC paths on Unix. (`5892 <https://github.com/pypa/pip/issues/5892>`_)
- Fix ``utils.encoding.auto_decode()`` ``LookupError`` with invalid encodings.
``utils.encoding.auto_decode()`` was broken when decoding Big Endian BOM
byte-strings on Little Endian or vice versa. (`6054 <https://github.com/pypa/pip/issues/6054>`_)
- Fix incorrect URL quoting of IPv6 addresses. (`6285 <https://github.com/pypa/pip/issues/6285>`_)
- Redact the password from the extra index URL when using ``pip -v``. (`6295 <https://github.com/pypa/pip/issues/6295>`_)
- The spinner no longer displays a completion message after subprocess calls
not needing a spinner. It also no longer incorrectly reports an error after
certain subprocess calls to Git that succeeded. (`6312 <https://github.com/pypa/pip/issues/6312>`_)
- Fix the handling of editable mode during installs when ``pyproject.toml`` is
present but PEP 517 doesn't require the source tree to be treated as
``pyproject.toml``-style. (`6370 <https://github.com/pypa/pip/issues/6370>`_)
- Fix ``NameError`` when handling an invalid requirement. (`6419 <https://github.com/pypa/pip/issues/6419>`_)

Vendored Libraries
------------------

- Updated certifi to 2019.3.9
- Updated distro to 1.4.0
- Update progress to 1.5
- Updated pyparsing to 2.4.0
- Updated pkg_resources to 41.0.1 (via setuptools)

Improved Documentation
----------------------

- Make dashes render correctly when displaying long options like
``--find-links`` in the text. (`6422 <https://github.com/pypa/pip/issues/6422>`_)

• PyPI: https://pypi.org/project/pip
• Changelog: https://pyup.io/changelogs/pip/
• Homepage: https://pip.pypa.io/

16.6.0

--------------------

Features
^^^^^^^^

- Drop Jython support. Jython became slower and slower in the last few months and significantly holds back our
CI and development. As there's very little user base for it decided to drop support for it. If there are Jython
developers reach out to us to see how we can add back support. (`1354 <https://github.com/pypa/virtualenv/issues/1354>`_)
- Upgrade embedded packages:

   * upgrade wheel from ``0.33.1`` to ``0.33.4``
   * upgrade pip from ``19.1`` to ``19.1.1`` (`1356 <https://github.com/pypa/virtualenv/issues/1356>`_)

16.5.0

--------------------

Bugfixes
^^^^^^^^

- Add tests covering prompt manipulation during activation/deactivation,
and harmonize behavior of all supported shells - by ``bskinn`` (`1330 <https://github.com/pypa/virtualenv/issues/1330>`_)
- Handle running virtualenv from within a virtual environment created
using the stdlib ``venv`` module. Fixes 1339. (`1345 <https://github.com/pypa/virtualenv/issues/1345>`_)


Features
^^^^^^^^

- ``-p`` option accepts Python version in following formats now: ``X``, ``X-ZZ``, ``X.Y`` and ``X.Y-ZZ``, where ``ZZ`` is ``32`` or ``64``. (Windows only) (`1340 <https://github.com/pypa/virtualenv/issues/1340>`_)
- upgrade pip from ``19.0.3`` to ``19.1`` (`1346 <https://github.com/pypa/virtualenv/issues/1346>`_)
- upgrade setuptools from ``40.8.0 to ``41.0.1`` (`1346 <https://github.com/pypa/virtualenv/issues/1346>`_)

• PyPI: https://pypi.org/project/virtualenv
• Changelog: https://pyup.io/changelogs/virtualenv/
• Homepage: https://virtualenv.pypa.io/

• PyPI: https://pypi.org/project/coverage
• Changelog: https://pyup.io/changelogs/coverage/
• Repo: https://github.com/nedbat/coveragepy

• PyPI: https://pypi.org/project/tox
• Docs: http://tox.readthedocs.org

1.7.0

Features

* **api:**  support pull requests on buildkite (197) ([2700e3e2](2700e3e2))

Bug Fixes

* **cli:**  ensure upload failures trigger cli failures ([16192b84](16192b84))

<a name="1.6.0"></a>

• PyPI: https://pypi.org/project/coveralls
• Changelog: https://pyup.io/changelogs/coveralls/
• Repo: http://github.com/coveralls-clients/coveralls-python

41.0.1

-------

* 1671: Fixed issue with the PEP 517 backend that prevented building a wheel when the ``dist/`` directory contained existing ``.whl`` files.
* 1709: In test.paths_on_python_path, avoid adding unnecessary duplicates to the PYTHONPATH.
* 1741: In package_index, now honor "current directory" during a checkout of git and hg repositories under Windows

41.0.0

-------

* 1735: When parsing setup.cfg files, setuptools now requires the files to be encoded as UTF-8. Any other encoding will lead to a UnicodeDecodeError. This change removes support for specifying an encoding using a 'coding: ' directive in the header of the file, a feature that was introduces in 40.7. Given the recent release of the aforementioned feature, it is assumed that few if any projects are utilizing the feature to specify an encoding other than UTF-8.

40.9.0

-------

* 1675: Added support for ``setup.cfg``-only projects when using the ``setuptools.build_meta`` backend. Projects that have enabled PEP 517 no longer need to have a ``setup.py`` and can use the purely declarative ``setup.cfg`` configuration file instead.
* 1720: Added support for ``pkg_resources.parse_requirements``-style requirements in ``setup_requires`` when ``setup.py`` is invoked from the ``setuptools.build_meta`` build backend.
* 1664: Added the path to the ``PKG-INFO`` or ``METADATA`` file in the exception
text when the ``Version:`` header can't be found.
* 1705: Removed some placeholder documentation sections referring to deprecated features.

• PyPI: https://pypi.org/project/setuptools
• Changelog: https://pyup.io/changelogs/setuptools/
• Repo: https://github.com/pypa/setuptools

• PyPI: https://pypi.org/project/pip
• Changelog: https://pyup.io/changelogs/pip/
• Homepage: https://pip.pypa.io/

16.5.0

--------------------

Bugfixes
^^^^^^^^

- Add tests covering prompt manipulation during activation/deactivation,
and harmonize behavior of all supported shells - by ``bskinn`` (`1330 <https://github.com/pypa/virtualenv/issues/1330>`_)
- Handle running virtualenv from within a virtual environment created
using the stdlib ``venv`` module. Fixes 1339. (`1345 <https://github.com/pypa/virtualenv/issues/1345>`_)


Features
^^^^^^^^

- ``-p`` option accepts Python version in following formats now: ``X``, ``X-ZZ``, ``X.Y`` and ``X.Y-ZZ``, where ``ZZ`` is ``32`` or ``64``. (Windows only) (`1340 <https://github.com/pypa/virtualenv/issues/1340>`_)
- upgrade pip from ``19.0.3`` to ``19.1`` (`1346 <https://github.com/pypa/virtualenv/issues/1346>`_)
- upgrade setuptools from ``40.8.0 to ``41.0.1`` (`1346 <https://github.com/pypa/virtualenv/issues/1346>`_)

• PyPI: https://pypi.org/project/virtualenv
• Changelog: https://pyup.io/changelogs/virtualenv/
• Homepage: https://virtualenv.pypa.io/

• PyPI: https://pypi.org/project/coverage
• Changelog: https://pyup.io/changelogs/coverage/
• Repo: https://github.com/nedbat/coveragepy

• PyPI: https://pypi.org/project/tox
• Docs: http://tox.readthedocs.org

1.7.0

Features

* **api:**  support pull requests on buildkite (197) ([2700e3e2](2700e3e2))

Bug Fixes

* **cli:**  ensure upload failures trigger cli failures ([16192b84](16192b84))

<a name="1.6.0"></a>

• PyPI: https://pypi.org/project/coveralls
• Changelog: https://pyup.io/changelogs/coveralls/
• Repo: http://github.com/coveralls-clients/coveralls-python

• PyPI: https://pypi.org/project/coverage
• Changelog: https://pyup.io/changelogs/coverage/
• Repo: https://github.com/nedbat/coveragepy

• PyPI: https://pypi.org/project/tox
• Docs: http://tox.readthedocs.org

1.7.0

Features

* **api:**  support pull requests on buildkite (197) ([2700e3e2](2700e3e2))

Bug Fixes

* **cli:**  ensure upload failures trigger cli failures ([16192b84](16192b84))

<a name="1.6.0"></a>

• PyPI: https://pypi.org/project/coveralls
• Changelog: https://pyup.io/changelogs/coveralls/
• Repo: http://github.com/coveralls-clients/coveralls-python

Sourced from virtualenv's releases.

20.16.7

What's Changed

• release 20.16.6 by @​gaborbernat in pypa/virtualenv#2437
• Replace six in tests/unit/test_run.py by @​cjmayo in pypa/virtualenv#2439
• Try to fix Nushell install by @​kubouch in pypa/virtualenv#2444
• Try alternate filenames for system_executable by @​vfazio in pypa/virtualenv#2442
• Bump embedded by @​gaborbernat in pypa/virtualenv#2443
• Set 'home' to parent directory of system_executable by @​vfazio in pypa/virtualenv#2441

New Contributors

• @​cjmayo made their first contribution in pypa/virtualenv#2439
• @​vfazio made their first contribution in pypa/virtualenv#2442

Full Changelog: https://github.com/pypa/virtualenv/compare/20.16.6...20.16.7

20.16.6

What's Changed

• release 20.16.5 by @​gaborbernat in pypa/virtualenv#2413
• fix building python3.10 virtualenvs on debian derivatives by @​asottile in pypa/virtualenv#2415
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in pypa/virtualenv#2423
• Allow empty string as version for find_compatible_in_house by @​schaap in pypa/virtualenv#2430
• Fix test_csh when running with the original csh by @​kulikjak in pypa/virtualenv#2418
• Remove outdated PyPy stdlib overrides by @​mattip in pypa/virtualenv#2426
• Upgrade pip and setuptools by @​gaborbernat in pypa/virtualenv#2434

New Contributors

• @​schaap made their first contribution in pypa/virtualenv#2430
• @​kulikjak made their first contribution in pypa/virtualenv#2418

Full Changelog: https://github.com/pypa/virtualenv/compare/20.16.5...20.16.6

20.16.5

What's Changed

• release 20.16.4 by @​gaborbernat in pypa/virtualenv#2407
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in pypa/virtualenv#2410
• Do not turn echo off for subsequent commands in batch activators (#2411) by @​pawelszramowski in pypa/virtualenv#2412

New Contributors

• @​pawelszramowski made their first contribution in pypa/virtualenv#2412

Full Changelog: https://github.com/pypa/virtualenv/compare/20.16.4...20.16.5

20.16.4

What's Changed

• release 20.16.3 by @​gaborbernat in pypa/virtualenv#2396
• Remove universal wheel, python 2 is unsupported by @​gopackgo90 in pypa/virtualenv#2402
• Bump setuptools by @​gaborbernat in pypa/virtualenv#2405

New Contributors

• @​gopackgo90 made their first contribution in pypa/virtualenv#2402

... (truncated)

Sourced from virtualenv's changelog.

v20.16.7 (2022-11-12)

Bugfixes - 20.16.7

- Use parent directory of python executable for pyvenv.cfg "home" value per PEP 405 - by :user:`vfazio`. (`[#2440](https://github.com/pypa/virtualenv/issues/2440) <https://github.com/pypa/virtualenv/issues/2440>`_)
- In POSIX virtual environments, try alternate binary names if ``sys._base_executable`` does not exist - by :user:`vfazio`. (`[#2442](https://github.com/pypa/virtualenv/issues/2442) <https://github.com/pypa/virtualenv/issues/2442>`_)
- Upgrade embedded wheel to ``0.38.4`` and  pip to ``22.3.1`` from ``22.3`` and setuptools to ``65.5.1`` from
  ``65.5.0`` - by :user:`gaborbernat`. (`[#2443](https://github.com/pypa/virtualenv/issues/2443) <https://github.com/pypa/virtualenv/issues/2443>`_)
v20.16.6 (2022-10-25)
Features - 20.16.6

• Drop unneeded shims for PyPy3 directory structure ([#2426](https://github.com/pypa/virtualenv/issues/2426) <https://github.com/pypa/virtualenv/issues/2426>_)

Bugfixes - 20.16.6

- Fix selected scheme on debian derivatives for python 3.10 when ``python3-distutils`` is not installed or the ``venv`` scheme is not avaiable - by :user:`asottile`. (`[#2350](https://github.com/pypa/virtualenv/issues/2350) <https://github.com/pypa/virtualenv/issues/2350>`_)
- Allow the test suite to pass even with the original C shell (rather than ``tcsh``) - by :user:`kulikjak`. (`[#2418](https://github.com/pypa/virtualenv/issues/2418) <https://github.com/pypa/virtualenv/issues/2418>`_)
- Fix fallback handling of downloading wheels for bundled packages - by :user:`schaap`. (`[#2429](https://github.com/pypa/virtualenv/issues/2429) <https://github.com/pypa/virtualenv/issues/2429>`_)
- Upgrade embedded setuptools to ``65.5.0`` from ``65.3.0`` and pip to ``22.3`` from ``22.2.2`` - by :user:`gaborbernat`. (`[#2434](https://github.com/pypa/virtualenv/issues/2434) <https://github.com/pypa/virtualenv/issues/2434>`_)
v20.16.5 (2022-09-07)
Bugfixes - 20.16.5

• Do not turn echo off for subsequent commands in batch activators (activate.bat and deactivate.bat) - by :user:pawelszramowski. ([#2411](https://github.com/pypa/virtualenv/issues/2411) <https://github.com/pypa/virtualenv/issues/2411>_)

v20.16.4 (2022-08-29)

Bugfixes - 20.16.4

- Bump embed setuptools to ``65.3`` - by :user:`gaborbernat`. (`[#2405](https://github.com/pypa/virtualenv/issues/2405) <https://github.com/pypa/virtualenv/issues/2405>`_)
v20.16.3 (2022-08-04)
Bugfixes - 20.16.3

• Upgrade embedded pip to 22.2.2 from 22.2.1 and setuptools to 63.4.1 from 63.2.0 - by :user:gaborbernat. ([#2395](https://github.com/pypa/virtualenv/issues/2395) <https://github.com/pypa/virtualenv/issues/2395>_)

... (truncated)

• d536b25 release 20.16.7
• cf36e4f Set 'home' to parent directory of system_executable (#2441)
• b7178cd Bump embedded (#2443)
• 50b4b6b Try alternate filenames for system_executable (#2442)
• dbc57c2 Try to fix Nushell install (#2444)
• e4a42c6 Fix nushell install
• c13db75 Fix documentation build
• 2224abb Replace six in tests/unit/test_run.py (#2439)
• 1e90b97 Simplify docs conf
• ba6ac17 Bump tools and deps
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from tox's releases.

3.27.1

What's Changed

• release 3.27.0 by @​gaborbernat in tox-dev/tox#2520
• setup.cfg: Replace deprecated license_file with license_files by @​mgorny in tox-dev/tox#2521
• Fix PYTHONPATH passed to envreport / "pip freeze" by @​f3flight in tox-dev/tox#2529

New Contributors

• @​mgorny made their first contribution in tox-dev/tox#2521
• @​f3flight made their first contribution in tox-dev/tox#2529

Full Changelog: https://github.com/tox-dev/tox/compare/3.27.0...3.27.1

3.27.0

What's Changed

• release 3.26.0 by @​gaborbernat in tox-dev/tox#2490
• Drop --build-option flag from isolated build script by @​adamchainz in tox-dev/tox#2497
• Remove read-only files upon cleanup by @​robgom in tox-dev/tox#2501
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in tox-dev/tox#2503
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in tox-dev/tox#2505
• Clearly state that install_command only takes one command by @​jugmac00 in tox-dev/tox#2509
• Document problems with plugin and provision env (refs #2469) by @​ziima in tox-dev/tox#2511
• Provision lock by @​masenf in tox-dev/tox#2516

New Contributors

• @​robgom made their first contribution in tox-dev/tox#2501
• @​masenf made their first contribution in tox-dev/tox#2516

Full Changelog: https://github.com/tox-dev/tox/compare/3.26.0...3.27.0

3.26.0

What's Changed

• release 3.25.1 by @​gaborbernat in tox-dev/tox#2451
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in tox-dev/tox#2454
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in tox-dev/tox#2465
• Check 3.11 support v3 by @​gaborbernat in tox-dev/tox#2468
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in tox-dev/tox#2471
• Update CODEOWNERS by @​jugmac00 in tox-dev/tox#2472
• Fix fallback to "python" environment when "isolated_build = true" is set by @​Unrud in tox-dev/tox#2475
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in tox-dev/tox#2477
• Use tomllib from the standard library on Python 3.11+ by @​hroncok in tox-dev/tox#2463
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in tox-dev/tox#2485
• Fix SetuptoolsDeprecationWarning about using --global-option by @​adamchainz in tox-dev/tox#2487

New Contributors

• @​Unrud made their first contribution in tox-dev/tox#2475

Full Changelog: https://github.com/tox-dev/tox/compare/3.25.1...3.26.0

3.25.1

What's Changed

... (truncated)

Sourced from tox's changelog.

v3.27.1 (2022-11-13)

Bugfixes ^^^^^^^^

• Replaced deprecated license_file key with license_files in setup.cfg -- by :user:mgorny. [#2521](https://github.com/tox-dev/tox/issues/2521) <https://github.com/tox-dev/tox/issues/2521>_
• Add env cleanup to envreport - fix PYTHONPATH leak into "envreport" -- by :user:f3flight. [#2528](https://github.com/tox-dev/tox/issues/2528) <https://github.com/tox-dev/tox/issues/2528>_

v3.27.0 (2022-10-25)

Bugfixes ^^^^^^^^

• Dropped --build-option in isolated builds, an alternative fix for the SetuptoolsDeprecationWarning about using --global-option -- by :user:adamchainz [#2497](https://github.com/tox-dev/tox/issues/2497) <https://github.com/tox-dev/tox/issues/2497>_
• Remove read-only files in ensure_empty_dir. [#2498](https://github.com/tox-dev/tox/issues/2498) <https://github.com/tox-dev/tox/issues/2498>_
• Multiple tox instances no longer clobber the .tox directory when provision_tox_env is used. - by :user:masenf [#2515](https://github.com/tox-dev/tox/issues/2515) <https://github.com/tox-dev/tox/issues/2515>_

Documentation ^^^^^^^^^^^^^

• Clarify that install_command only takes one command - by :user:jugmac00 [#2433](https://github.com/tox-dev/tox/issues/2433) <https://github.com/tox-dev/tox/issues/2433>_
• Documented problems with plugin and provision env - by :user:ziima. [#2469](https://github.com/tox-dev/tox/issues/2469) <https://github.com/tox-dev/tox/issues/2469>_

v3.26.0 (2022-09-07)

Bugfixes ^^^^^^^^

• Fix fallback to python environment when isolated_build = true is set -- by :user:Unrud [#2474](https://github.com/tox-dev/tox/issues/2474) <https://github.com/tox-dev/tox/issues/2474>_
• Fixed SetuptoolsDeprecationWarning about using --global-option -- by :user:adamchainz [#2478](https://github.com/tox-dev/tox/issues/2478) <https://github.com/tox-dev/tox/issues/2478>_

Features ^^^^^^^^

... (truncated)

• 1d5d3b8 release 3.27.1
• b61e780 Fix changelog
• 6473221 Fix PYTHONPATH passed to envreport / "pip freeze" (#2529)
• 0f0c505 Simplify docs conf
• 95e7124 Update check.yml
• b123cdb setup.cfg: Replace deprecated license_file with license_files (#2521)
• d0be3c6 Merge pull request #2520 from tox-dev/release-3.27.0
• 96ff2c9 release 3.27.0
• e378131 Provision lock (#2516)
• d41bd62 Document problems with plugin and provision env (refs #2469) (#2511)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pip's changelog.

22.3.1 (2022-11-05)

Bug Fixes

• Fix entry point generation of pip.X, pipX.Y, and easy_install-X.Y to correctly account for multi-digit Python version segments (e.g. the "11" part of 3.11). ([#11547](https://github.com/pypa/pip/issues/11547) <https://github.com/pypa/pip/issues/11547>_)

22.3 (2022-10-15)

Deprecations and Removals

• Deprecate --install-options which forces pip to use the deprecated install command of setuptools. ([#11358](https://github.com/pypa/pip/issues/11358) <https://github.com/pypa/pip/issues/11358>_)
• Deprecate installation with 'setup.py install' when no-binary is enabled for source distributions without 'pyproject.toml'. ([#11452](https://github.com/pypa/pip/issues/11452) <https://github.com/pypa/pip/issues/11452>_)
• Deprecate ```--no-binary`` disabling the wheel cache. ([#11454](https://github.com/pypa/pip/issues/11454) <https://github.com/pypa/pip/issues/11454>_)
• Remove --use-feature=2020-resolver opt-in flag. This was supposed to be removed in 21.0, but missed during that release cycle. ([#11493](https://github.com/pypa/pip/issues/11493) <https://github.com/pypa/pip/issues/11493>_)
• Deprecate installation with 'setup.py install' when the 'wheel' package is absent for source distributions without 'pyproject.toml'. ([#8559](https://github.com/pypa/pip/issues/8559) <https://github.com/pypa/pip/issues/8559>_)
• Remove the ability to use pip list --outdated in combination with --format=freeze. ([#9789](https://github.com/pypa/pip/issues/9789) <https://github.com/pypa/pip/issues/9789>_)

Features

• Use shell=True for opening the editor with pip config edit. ([#10716](https://github.com/pypa/pip/issues/10716) <https://github.com/pypa/pip/issues/10716>_)
• Use the data-dist-info-metadata attribute from :pep:658 to resolve distribution metadata without downloading the dist yet. ([#11111](https://github.com/pypa/pip/issues/11111) <https://github.com/pypa/pip/issues/11111>_)
• Add an option to run the test suite with pip built as a zipapp. ([#11250](https://github.com/pypa/pip/issues/11250) <https://github.com/pypa/pip/issues/11250>_)
• Add a --python option to allow pip to manage Python environments other than the one pip is installed in. ([#11320](https://github.com/pypa/pip/issues/11320) <https://github.com/pypa/pip/issues/11320>_)
• Document the new (experimental) zipapp distribution of pip. ([#11459](https://github.com/pypa/pip/issues/11459) <https://github.com/pypa/pip/issues/11459>_)
• Use the much faster 'bzr co --lightweight' to obtain a copy of a Bazaar tree. ([#5444](https://github.com/pypa/pip/issues/5444) <https://github.com/pypa/pip/issues/5444>_)

Bug Fixes

• Fix --no-index when --index-url or --extra-index-url is specified inside a requirements file. ([#11276](https://github.com/pypa/pip/issues/11276) <https://github.com/pypa/pip/issues/11276>_)
• Ensure that the candidate pip executable exists, when checking for a new version of pip. ([#11309](https://github.com/pypa/pip/issues/11309) <https://github.com/pypa/pip/issues/11309>_)
• Ignore distributions with invalid Name in metadata instead of crashing, when using the importlib.metadata backend. ([#11352](https://github.com/pypa/pip/issues/11352) <https://github.com/pypa/pip/issues/11352>_)
• Raise RequirementsFileParseError when parsing malformed requirements options that can't be sucessfully parsed by shlex. ([#11491](https://github.com/pypa/pip/issues/11491) <https://github.com/pypa/pip/issues/11491>_)
• Fix build environment isolation on some system Pythons. ([#6264](https://github.com/pypa/pip/issues/6264) <https://github.com/pypa/pip/issues/6264>_)

Vendored Libraries

... (truncated)

• 1463081 Bump for release
• 22fd64a Merge pull request #11547 from uranusjr/entry-point-python-version-replacemen...
• 0a76da3 Bump for release
• 2563828 Update AUTHORS.txt
• e86f27f Merge pull request #11493 from pradyunsg/remove-2020-resolver-opt-in
• 1fcc3ce Merge pull request #11514 from pradyunsg/certifi-update
• 65c23fa Unnormalise the certifi version
• 739158c Merge pull request #11516 from pradyunsg/check-manifest
• 4e48bbc Move check-manifest to a CI check
• 1b7e5ef Upgrade certifi to 2022.9.24
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from setuptools's releases.

v65.5.1

No release notes provided.

v65.5.0

No release notes provided.

v65.4.1

No release notes provided.

v65.4.0

No release notes provided.

v65.3.0

No release notes provided.

v65.2.0

No release notes provided.

v65.1.1

No release notes provided.

v65.1.0

No release notes provided.

v65.0.2

No release notes provided.

v65.0.1

No release notes provided.

v65.0.0

No release notes provided.

v64.0.3

No release notes provided.

v64.0.2

No release notes provided.

v64.0.1

No release notes provided.

v64.0.0

No release notes provided.

v63.4.3

No release notes provided.

v63.4.2

No release notes provided.

... (truncated)

Sourced from setuptools's changelog.

v65.5.1

Misc ^^^^

• #3638: Drop a test dependency on the mock package, always use :external+python:py:mod:unittest.mock -- by :user:hroncok
• #3659: Fixed REDoS vector in package_index.

v65.5.0

Changes ^^^^^^^

• #3624: Fixed editable install for multi-module/no-package src-layout projects.
• #3626: Minor refactorings to support distutils using stdlib logging module.

Documentation changes ^^^^^^^^^^^^^^^^^^^^^

• #3419: Updated the example version numbers to be compliant with PEP-440 on the "Specifying Your Project’s Version" page of the user guide.

Misc ^^^^

• #3569: Improved information about conflicting entries in the current working directory and editable install (in documentation and as an informational warning).
• #3576: Updated version of validate_pyproject.

v65.4.1

Misc ^^^^

• #3613: Fixed encoding errors in expand.StaticModule when system default encoding doesn't match expectations for source files.
• #3617: Merge with pypa/[email protected] including fix for pypa/distutils#181.

v65.4.0

Changes ^^^^^^^

• #3609: Merge with pypa/[email protected] including support for DIST_EXTRA_CONFIG in pypa/distutils#177.

v65.3.0

... (truncated)

• a462cb5 Bump version: 65.5.0 → 65.5.1
• de35d8b Merge pull request #3656 from bmorris3/typos
• 58e23de Update changelog. Ref #3659.
• 43a9c9b Limit the amount of whitespace to search/backtrack. Fixes #3659.
• 5791343 Add test capturing failed expectation. Ref #3659.
• 1f97905 ⚫ Fade to black.
• 6254567 Remove workaround for emacs.
• 729b180 ⚫ Fade to black.
• c068081 Typo corrections
• f777a40 Suppress deprecation warning in --rsyncdir. Workaround for #3655.
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from wheel's changelog.

Release Notes

0.38.4 (2022-11-09)

• Fixed PKG-INFO conversion in bdist_wheel mangling UTF-8 header values in METADATA (PR by Anderson Bravalheri)

0.38.3 (2022-11-08)

• Fixed install failure when used with --no-binary, reported on Ubuntu 20.04, by removing setup_requires from setup.cfg

0.38.2 (2022-11-05)

• Fixed regression introduced in v0.38.1 which broke parsing of wheel file names with multiple platform tags

0.38.1 (2022-11-04)

• Removed install dependency on setuptools
• The future-proof fix in 0.36.0 for converting PyPy's SOABI into a abi tag was faulty. Fixed so that future changes in the SOABI will not change the tag.

0.38.0 (2022-10-21)

• Dropped support for Python < 3.7
• Updated vendored packaging to 21.3
• Replaced all uses of distutils with setuptools
• The handling of license_files (including glob patterns and default values) is now delegated to setuptools>=57.0.0 (#466). The package dependencies were updated to reflect this change.
• Fixed potential DoS attack via the WHEEL_INFO_RE regular expression
• Fixed ValueError: ZIP does not support timestamps before 1980 when using SOURCE_DATE_EPOCH=0 or when on-disk timestamps are earlier than 1980-01-01. Such timestamps are now changed to the minimum value before packaging.

0.37.1 (2021-12-22)

• Fixed wheel pack duplicating the WHEEL contents when the build number has changed (#415)
• Fixed parsing of file names containing commas in RECORD (PR by Hood Chatham)

0.37.0 (2021-08-09)

• Added official Python 3.10 support
• Updated vendored packaging library to v20.9

0.36.2 (2020-12-13)

• Updated vendored packaging library to v20.8

... (truncated)

• 814c2ef Created a new release
• 10a422d Added news item about PR #489
• 3f8bdf1 Allow METADATA file to contain UTF-8 chars (#489)
• daeb157 Created a new release
• 7a633c9 Removed setup_requires
• 4419390 Fixed parsing of wheel file names with multiple platform tags
• 6f1608d Created a new release
• cf8f5ef Moved news item from PR #484 to its proper place
• 9ec2016 Removed install dependency on setuptools (#483)
• 747e1f6 Fixed PyPy SOABI parsing (#484)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from build's changelog.

0.9.0 (2022-10-27)

• Hide a Python 3.11.0 unavoidable warning with venv (PR [#527](https://github.com/pypa/build/issues/527)_)
• Fix infinite recursion error in check_dependency with circular dependencies (PR [#512](https://github.com/pypa/build/issues/512), Fixes [#511](https://github.com/pypa/build/issues/511))
• Only import colorama on Windows (PR [#494](https://github.com/pypa/build/issues/494), Fixes [#493](https://github.com/pypa/build/issues/493))
• Flush output more often to reduce interleaved output (PR [#494](https://github.com/pypa/build/issues/494)_)
• Small API cleanup, like better __all__ and srcdir being read only. (PR [#477](https://github.com/pypa/build/issues/477)_)
• Only use importlib_metadata when needed (PR [#401](https://github.com/pypa/build/issues/401)_)
• Clarify in printout when build dependencies are being installed (PR [#514](https://github.com/pypa/build/issues/514)_)

.. _PR #401: pypa/build#401 .. _PR #477: pypa/build#477 .. _PR #494: pypa/build#494 .. _PR #512: pypa/build#512 .. _PR #514: pypa/build#514 .. _PR #527: pypa/build#527 .. _#493: pypa/build#493 .. _#511: pypa/build#511

• 7b002bb release 0.9.0
• 9c60690 docs: update changelog
• a3700d3 env: avoid warning on Windows 3.11.0
• 3b36b6e tests: skip toml vs. tomli test on 3.11+
• dd5ec7e tests: ignore warning from pytest-dist + pytest-cov
• 4e7e64c ci: move to final release of 3.11
• b1acadc main: disable colorama on Linux and flush output (#494)
• a1de450 pre-commit: bump repositories (#524)
• aaaf4f8 tests: better isolate test_venv_fail
• 03f93d5 pre-commit: bump repositories
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)