build(deps): bump pip from 25.3 to 26.0.1 #920 (lando@main)
| Warnings |
|
|---|---|
| Blockers |
|
| Branches | dependabot/pip/pip-26.0.1 -> main |
| Repo | lando@main (git) (git://github.com/mozilla-conduit/lando.git) |
| Author | dependabot[bot] |
| State | open |
| Commit Title | build(deps): bump pip from 25.3 to 26.0.1 |
| Commit Body | Bumps [pip](https://github.com/pypa/pip) from 25.3 to 26.0.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>26.0.1 (2026-02-04)</h1> <h2>Bug Fixes</h2> <ul> <li>Fix <code>--pre</code> not being respected from the command line when a requirement file includes an option e.g. <code>-extra-index-url</code>. (<code>[#13788](https://github.com/pypa/pip/issues/13788) <https://github.com/pypa/pip/issues/13788></code>_)</li> </ul> <h1>26.0 (2026-01-30)</h1> <h2>Deprecations and Removals</h2> <ul> <li>Remove support for non-bare project names in egg fragments. Affected users should use the <code>Direct URL requirement syntax <https://packaging.python.org/en/latest/specifications/version-specifiers/#direct-references></code><em>. (<code>[#13157](https://github.com/pypa/pip/issues/13157) <https://github.com/pypa/pip/issues/13157></code></em>)</li> </ul> <h2>Features</h2> <ul> <li> <p>Display pip's command-line help in colour, if possible. (<code>[#12134](https://github.com/pypa/pip/issues/12134) <https://github.com/pypa/pip/issues/12134></code>_)</p> </li> <li> <p>Support installing dependencies declared with inline script metadata (:pep:<code>723</code>) with <code>--requirements-from-script</code>. (<code>[#12891](https://github.com/pypa/pip/issues/12891) <https://github.com/pypa/pip/issues/12891></code>_)</p> </li> <li> <p>Add <code>--all-releases</code> and <code>--only-final</code> options to control pre-release and final release selection during package installation. (<code>[#13221](https://github.com/pypa/pip/issues/13221) <https://github.com/pypa/pip/issues/13221></code>_)</p> </li> <li> <p>Add <code>--uploaded-prior-to</code> option to only consider packages uploaded prior to a given datetime when the <code>upload-time</code> field is available from a remote index. (<code>[#13625](https://github.com/pypa/pip/issues/13625) <https://github.com/pypa/pip/issues/13625></code>_)</p> </li> <li> <p>Add <code>--use-feature inprocess-build-deps</code> to request that build dependencies are installed within the same pip install process. This new mechanism is faster, supports <code>--no-clean</code> and <code>--no-cache-dir</code> reliably, and supports prompting for authentication.</p> <p>Enabling this feature will also enable <code>--use-feature build-constraints</code>. This feature will become the default in a future pip version. (<code>[#9081](https://github.com/pypa/pip/issues/9081) <https://github.com/pypa/pip/issues/9081></code>_)</p> </li> <li> <p><code>pip cache purge</code> and <code>pip cache remove</code> now clean up empty directories and legacy files left by older pip versions. (<code>[#9058](https://github.com/pypa/pip/issues/9058) <https://github.com/pypa/pip/issues/9058></code>_)</p> </li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix selecting pre-release versions when only pre-releases match. For example, <code>package>1.0</code> with versions <code>1.0, 2.0rc1</code> now installs <code>2.0rc1</code> instead of failing. (<code>[#13746](https://github.com/pypa/pip/issues/13746) <https://github.com/pypa/pip/issues/13746></code>_)</li> <li>Revisions in version control URLs now must be percent-encoded. For example, use <code>git+https://example.com/repo.git@issue%231</code> to specify the branch <code>issue#1</code>. If you previously used a branch name containing a <code>%</code> character in a version control URL, you now need to replace it with <code>%25</code> to ensure correct percent-encoding. (<code>[#13407](https://github.com/pypa/pip/issues/13407) <https://github.com/pypa/pip/issues/13407></code>_)</li> <li>Preserve original casing when a path is displayed. (<code>[#6823](https://github.com/pypa/pip/issues/6823) <https://github.com/pypa/pip/issues/6823></code>_)</li> <li>Fix bash completion when the <code>$IFS</code> variable has been modified from its default. (<code>[#13555](https://github.com/pypa/pip/issues/13555) <https://github.com/pypa/pip/issues/13555></code>_)</li> <li>Precompute Python requirements on each candidate, reducing time of long resolutions. (<code>[#13656](https://github.com/pypa/pip/issues/13656) <https://github.com/pypa/pip/issues/13656></code>_)</li> <li>Skip redundant work converting version objects to strings when using the</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/5fe4ea4f24cd9756316a4b5ef05daa15d84f7d0c"><code>5fe4ea4</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/bea3cbe3b4d637be6d5007e9a5a2327e500b00d8"><code>bea3cbe</code></a> windows fix tests</li> <li><a href="https://github.com/pypa/pip/commit/ed22252bd19a71ce351b84405fa23230ca45ceea"><code>ed22252</code></a> News Entry</li> <li><a href="https://github.com/pypa/pip/commit/af1327407f048bd2310b8b633f8e8a4e41c38d2c"><code>af13274</code></a> Match release control behavior to the same as format control behavior</li> <li><a href="https://github.com/pypa/pip/commit/2f4d4a836ed00076001376fbb0ce6dc4f22cdae2"><code>2f4d4a8</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13779">#13779</a> from notatallshaw/fix-26.0-news</li> <li><a href="https://github.com/pypa/pip/commit/04307a42261749cfa1c86a5537ad88f44ed2a41a"><code>04307a4</code></a> fix 26.0 news</li> <li><a href="https://github.com/pypa/pip/commit/6ec7b0a488f614a7632442fe7c651957fdb5fc85"><code>6ec7b0a</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13775">#13775</a> from notatallshaw/release/26.0</li> <li><a href="https://github.com/pypa/pip/commit/4104356cd83d1614af45d203d64cb84705dad9d2"><code>4104356</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/58be8836b68814295d33bc5c56c38d3a0659ae81"><code>58be883</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/66f2dece5ba9cc0ee9fe7035c46ba4b0756559b5"><code>66f2dec</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13778">#13778</a> from ichard26/docs/groups</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/25.3...26.0.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> |
Landings
Not yet Landed
There has been no attempt to land revisions in this stack.