Skip to content

Add support for Android #13299

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
1 task done
mhsmith opened this issue Mar 24, 2025 · 1 comment · Fixed by #13303
Closed
1 task done

Add support for Android #13299

mhsmith opened this issue Mar 24, 2025 · 1 comment · Fixed by #13303
Labels
state: awaiting PR Feature discussed, PR is needed type: feature request Request for a new feature

Comments

@mhsmith
Copy link
Contributor

mhsmith commented Mar 24, 2025
edited
Loading

What's the problem this feature will solve?

Android has been an officially supported Python platform since Python 3.13. More recently, its wheel tag format was added to the PyPA specs page, and that format is now accepted by PyPI (e.g. see here).

pip should be able to install these wheels in two contexts:

  • Directly on an Android device, e.g. via the Termux app.
  • Through an app packaging tool such as Briefcase, using a command like pip install --platform android_21_arm64_v8a mypackage.

Describe the solution you'd like

To avoid repeating the confusion around adding iOS support (#13053), I think the best sequence would be:

Alternative Solutions

Briefcase and Chaquopy currently use a forked version of pip that's several years old. They therefore lack many of pip's recent features, such as the new resolver.

Termux and Kivy don't support Android wheels at all, and compile everything from source, which is much slower.

Code of Conduct
@mhsmith mhsmith added S: needs triage Issues/PRs that need to be triaged type: feature request Request for a new feature labels Mar 24, 2025
@ichard26 ichard26 added state: awaiting PR Feature discussed, PR is needed and removed S: needs triage Issues/PRs that need to be triaged labels Mar 26, 2025
@ichard26
Copy link
Member

Sounds good to me. Although this is already implied, it's worth stating that the pip core team will be entirely incapable of maintaining Android support. Thus, any bug-fixes or improvements will need to come from external contributors (like yourself, thank you!) who know the Android platform. This is also the case for iOS since no one on the core team uses pip on a smartphone.

Anyway, let's wait until packaging lands the Android support changes.

@mhsmith mhsmith mentioned this issue Mar 26, 2025
Merged
This was referenced Apr 16, 2025
Open
Merged
@pradyunsg pradyunsg mentioned this issue Apr 17, 2025
Closed
github-merge-queue bot pushed a commit to MeltanoLabs/target-csv that referenced this issue Apr 28, 2025
@dependabot
ci: bump pip from 25.0.1 to 25.1 in /.github/workflows in the ci group (
b814dd5 
#193)

Bumps the ci group in /.github/workflows with 1 update:
[pip](https://github.com/pypa/pip).

Updates `pip` from 25.0.1 to 25.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-merge-queue bot pushed a commit to MeltanoLabs/tap-pulumi-cloud that referenced this issue Apr 28, 2025
@dependabot
ci: bump pip from 25.0.1 to 25.1 in /.github/workflows in the ci group (
15e7ecd 
#248)

Bumps the ci group in /.github/workflows with 1 update:
[pip](https://github.com/pypa/pip).

Updates `pip` from 25.0.1 to 25.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-merge-queue bot pushed a commit to google/scaaml that referenced this issue Apr 28, 2025
@dependabot
Bump the dependabot group with 4 updates (#375)
61332fa 
Bumps the dependabot group with 4 updates:
[setuptools](https://github.com/pypa/setuptools),
[certifi](https://github.com/certifi/python-certifi),
[pip](https://github.com/pypa/pip) and
[importlib-metadata](https://github.com/python/importlib_metadata).

Updates `setuptools` from 79.0.0 to 80.0.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/setuptools/blob/main/NEWS.rst">setuptools's
changelog</a>.</em></p>
<blockquote>
<h1>v80.0.0</h1>
<h2>Bugfixes</h2>
<ul>
<li>Update test to honor new behavior in importlib_metadata 8.7. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4961">#4961</a>)</li>
</ul>
<h2>Deprecations and Removals</h2>
<ul>
<li>Removed support for the easy_install command including the sandbox
module. (<a
href="https://redirect.github.com/pypa/setuptools/issues/2908">#2908</a>)</li>
<li>Develop command no longer uses easy_install, but instead defers
execution to pip (which then will re-invoke Setuptools via PEP 517 to
build the editable wheel). Most of the options to develop are dropped.
This is the final warning before the command is dropped completely in a
few months. Use-cases relying on 'setup.py develop' should pin to older
Setuptools version or migrate to modern build tooling. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4955">#4955</a>)</li>
</ul>
<h1>v79.0.1</h1>
<h2>Bugfixes</h2>
<ul>
<li>Merge with pypa/distutils@24bd3179b including fix for <a
href="https://redirect.github.com/pypa/distutils/issues/355">pypa/distutils#355</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/setuptools/commit/aeea79266d82f99dbe556126b90b64215a663a2c"><code>aeea792</code></a>
Bump version: 79.0.1 → 80.0.0</li>
<li><a
href="https://github.com/pypa/setuptools/commit/2c874e78f4240963f74debcaadcccb97cb302ded"><code>2c874e7</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/4962">#4962</a>
from pypa/bugfix/4961-validated-eps</li>
<li><a
href="https://github.com/pypa/setuptools/commit/82c588aedd8142e7615031358e2d2640213a351d"><code>82c588a</code></a>
Update test to honor new behavior in importlib_metadata 8.7</li>
<li><a
href="https://github.com/pypa/setuptools/commit/ef4cd2960d75f2d49f40f5495347523be62d20e5"><code>ef4cd29</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/2908">#2908</a>
from pypa/debt/remove-easy-install</li>
<li><a
href="https://github.com/pypa/setuptools/commit/85bbad4945d874a2444e4531c74c5074cdeca010"><code>85bbad4</code></a>
Merge branch 'main' into debt/remove-easy-install</li>
<li><a
href="https://github.com/pypa/setuptools/commit/9653305c35a143b8d1bad2c190f918887dd1e6d5"><code>9653305</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/4955">#4955</a>
from pypa/debt/develop-uses-pip</li>
<li><a
href="https://github.com/pypa/setuptools/commit/da119e7e996b00b6e26f79995bec55684a3fabbe"><code>da119e7</code></a>
Set a due date 6 months in advance.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/a7603da5d3c709f6f01c8df8031ba7a7ae7959a0"><code>a7603da</code></a>
Rename news fragment to reference the pull request for better precise
locality.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/018a20cb130e9357f39c176b59c83738a09d7daa"><code>018a20c</code></a>
Restore a few of the options to develop.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/a5f02fe88d46e963bc470a60a9f8613d7f889d49"><code>a5f02fe</code></a>
Remove another test relying on setup.py develop.</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/setuptools/compare/v79.0.0...v80.0.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `certifi` from 2025.1.31 to 2025.4.26
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/certifi/python-certifi/commit/275c9eb55733a464589c15fb4566fddd4598e5b2"><code>275c9eb</code></a>
2025.04.26 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/347">#347</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/37883310b51e56570919cdc2d44becc1c6940559"><code>3788331</code></a>
Bump actions/setup-python from 5.4.0 to 5.5.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/346">#346</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/9d1f1b782000baedf57026de5b79e193bcb7ef7b"><code>9d1f1b7</code></a>
Bump actions/download-artifact from 4.1.9 to 4.2.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/344">#344</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/96b97a5afe26bc1adef98cb0bfe68e34948a73b6"><code>96b97a5</code></a>
Bump actions/upload-artifact from 4.6.1 to 4.6.2 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/343">#343</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/c054ed3ac3d3505efc929b71cfd87a257bbdb6b3"><code>c054ed3</code></a>
Bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/342">#342</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/44547fc77121b12bb276b44b3b2b49cfcbeac06f"><code>44547fc</code></a>
Bump actions/download-artifact from 4.1.8 to 4.1.9 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/341">#341</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/5ea51247afecf1bf4ebfa8f2db3082e89a8bfaed"><code>5ea5124</code></a>
Bump actions/upload-artifact from 4.6.0 to 4.6.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/340">#340</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/2f142b7ae0b2d13fee4ba4b9fbd73a9cd5069060"><code>2f142b7</code></a>
Bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/339">#339</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/80d2ebdc77d2d005f408f789fe2fb1fe5f4e0265"><code>80d2ebd</code></a>
Bump actions/setup-python from 5.3.0 to 5.4.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/337">#337</a>)</li>
<li>See full diff in <a
href="https://github.com/certifi/python-certifi/compare/2025.01.31...2025.04.26">compare
view</a></li>
</ul>
</details>
<br />

Updates `pip` from 25.0.1 to 25.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `importlib-metadata` from 8.6.1 to 8.7.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python/importlib_metadata/blob/main/NEWS.rst">importlib-metadata's
changelog</a>.</em></p>
<blockquote>
<h1>v8.7.0</h1>
<h2>Features</h2>
<ul>
<li><code>.metadata()</code> (and <code>Distribution.metadata</code>)
can now return <code>None</code> if the metadata directory exists but
not metadata file is present. (<a
href="https://redirect.github.com/python/importlib_metadata/issues/493">#493</a>)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>Raise consistent ValueError for invalid EntryPoint.value (<a
href="https://redirect.github.com/python/importlib_metadata/issues/518">#518</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/python/importlib_metadata/commit/708dff4f1ab89bdd126e3e8c56098d04282c5809"><code>708dff4</code></a>
Finalize</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/b3065f03cc3395f46ed575e612e213f92a064879"><code>b3065f0</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_metadata/issues/519">#519</a>
from python/bugfix/493-metadata-missing</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/e4351c226765f53a40316fa6aab50488aee8a90f"><code>e4351c2</code></a>
Add a new test capturing the new expectation.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/5a657051f7386de6f0560c200d78e941be2c8058"><code>5a65705</code></a>
Refactor the casting into a wrapper for brevity and to document its
purpose.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/0830c39b8a23e48024365120c0e97a6f7c36c5ec"><code>0830c39</code></a>
Add news fragment.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/22bb567692d8e7bd216f864a9d8dee1272ee8674"><code>22bb567</code></a>
Fix type errors where metadata could be None.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/57f31d77e18fef11dfadfd44775f253971c36920"><code>57f31d7</code></a>
Allow metadata to return None when there is no metadata present.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/b9c4be4253250ad604610db66204e5fa70fa2455"><code>b9c4be4</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_metadata/issues/518">#518</a>
from python/bugfix/488-bad-ep-value</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/9f8af013635833cf3ac348413c9ac63b37caa3dd"><code>9f8af01</code></a>
Prefer a cached property, as the property is likely to be retrieved at
least ...</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/f179e28888b2c6caf12baaf5449ff1cd82513dfe"><code>f179e28</code></a>
Also raise ValueError on construction if the value is invalid.</li>
<li>Additional commits viewable in <a
href="https://github.com/python/importlib_metadata/compare/v8.6.1...v8.7.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-actions bot pushed a commit to aio-libs/aiohttp that referenced this issue Apr 28, 2025
@dependabot
Bump pip from 25.0.1 to 25.1 (#10799)
299fc52 
Bumps [pip](https://github.com/pypa/pip) from 25.0.1 to 25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-actions bot pushed a commit to aio-libs/aiohttp that referenced this issue Apr 28, 2025
@dependabot
Bump pip from 25.0.1 to 25.1 (#10804)
ad5d139 
Bumps [pip](https://github.com/pypa/pip) from 25.0.1 to 25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
mergify bot pushed a commit to aws/jsii that referenced this issue Apr 28, 2025
@dependabot
chore(deps-dev): Bump pip from 25.0.1 to 25.1 in /packages/jsii-pacma…
939ed4e 
…k/test/generated-code (#4819)

Bumps [pip](https://github.com/pypa/pip) from 25.0.1 to 25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8. (<code>[#12989](pypa/pip#12989) &lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend cannot be used anymore. (<code>[#13010](pypa/pip#13010) &lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage. (<code>[#13303](pypa/pip#13303) &lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code> library is used to
inspect and discover installed packages. This warning should only be visible to
users who set an undocumented environment variable to disable the default
<code>importlib.metadata</code> backend. (<code>[#13318](pypa/pip#13318) &lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To silence the warning,
and future-proof their setup, users should enable <code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control. (<code>[#13319](pypa/pip#13319) &lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an InvalidProxyURL error. (<code>[#12649](pypa/pip#12649) &lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging. (<code>[#12710](pypa/pip#12710) &lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation. (<code>[#12712](pypa/pip#12712) &lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large number
of dependencies by increasing the requirement string cache size. (<code>[#12873](pypa/pip#12873) &lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from :pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form <code>group</code> or
<code>path:group</code>, where the default path is <code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code> file. (<code>[#12963](pypa/pip#12963) &lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the <code>--resume-retries</code> flag. (<code>[#12991](pypa/pip#12991) &lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing <code>Home-Page</code> field
in <code>pip show</code>. (<code>[#13135](pypa/pip#13135) &lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index versions</code> command. (<code>[#13188](pypa/pip#13188) &lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index versions</code> (<code>[#13194](pypa/pip#13194) &lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command, implementing :pep:<code>751</code>. (<code>[#13213](pypa/pip#13213) &lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution. (<code>[#13253](pypa/pip#13253) &lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency resolution. (<code>[#13273](pypa/pip#13273) &lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs. (<code>[#13282](pypa/pip#13282) &lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when <code>setup.py</code> is being invoked directly. (<code>[#13290](pypa/pip#13290) &lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels. (<code>[#13299](pypa/pip#13299) &lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if set. (<code>[#5210](pypa/pip#5210) &lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode during</p>
</li>
</ul>

</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a> Add a news file for the pip lock command</li>
<li><a href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from sbidoul</li>
<li><a href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a> Remove LRU cache from methods [ruff rule cached-instance-method] (<a href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a> Clarify what the removal of the pkg_ressources backend implies</li>
<li><a href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a> Rename find_linked to find_legacy_editables</li>
<li><a href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a> Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
mergify bot pushed a commit to aws/jsii that referenced this issue Apr 28, 2025
@dependabot
chore(deps): Update pip requirement from ~=25.0 to ~=25.1 in /package…
a616890 
…s/@jsii/python-runtime (#4820)

Updates the requirements on [pip](https://github.com/pypa/pip) to permit the latest version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8. (<code>[#12989](pypa/pip#12989) &lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend cannot be used anymore. (<code>[#13010](pypa/pip#13010) &lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage. (<code>[#13303](pypa/pip#13303) &lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code> library is used to
inspect and discover installed packages. This warning should only be visible to
users who set an undocumented environment variable to disable the default
<code>importlib.metadata</code> backend. (<code>[#13318](pypa/pip#13318) &lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To silence the warning,
and future-proof their setup, users should enable <code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control. (<code>[#13319](pypa/pip#13319) &lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an InvalidProxyURL error. (<code>[#12649](pypa/pip#12649) &lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging. (<code>[#12710](pypa/pip#12710) &lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation. (<code>[#12712](pypa/pip#12712) &lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large number
of dependencies by increasing the requirement string cache size. (<code>[#12873](pypa/pip#12873) &lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from :pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form <code>group</code> or
<code>path:group</code>, where the default path is <code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code> file. (<code>[#12963](pypa/pip#12963) &lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the <code>--resume-retries</code> flag. (<code>[#12991](pypa/pip#12991) &lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing <code>Home-Page</code> field
in <code>pip show</code>. (<code>[#13135](pypa/pip#13135) &lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index versions</code> command. (<code>[#13188](pypa/pip#13188) &lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index versions</code> (<code>[#13194](pypa/pip#13194) &lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command, implementing :pep:<code>751</code>. (<code>[#13213](pypa/pip#13213) &lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution. (<code>[#13253](pypa/pip#13253) &lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency resolution. (<code>[#13273](pypa/pip#13273) &lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs. (<code>[#13282](pypa/pip#13282) &lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when <code>setup.py</code> is being invoked directly. (<code>[#13290](pypa/pip#13290) &lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels. (<code>[#13299](pypa/pip#13299) &lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if set. (<code>[#5210](pypa/pip#5210) &lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode during</p>
</li>
</ul>

</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a> Add a news file for the pip lock command</li>
<li><a href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from sbidoul</li>
<li><a href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a> Remove LRU cache from methods [ruff rule cached-instance-method] (<a href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a> Clarify what the removal of the pkg_ressources backend implies</li>
<li><a href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a> Rename find_linked to find_legacy_editables</li>
<li><a href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a> Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/25.0...25.1">compare view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
github-merge-queue bot pushed a commit to MeltanoLabs/tap-postgres that referenced this issue Apr 28, 2025
@dependabot
build(deps): Bump pip from 25.0.1 to 25.1 in /.github/workflows in th…
10d8f98 
…e ci group (#622)

Bumps the ci group in /.github/workflows with 1 update:
[pip](https://github.com/pypa/pip).

Updates `pip` from 25.0.1 to 25.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
inmantaci pushed a commit to inmanta/inmanta-core that referenced this issue Apr 28, 2025
@dependabot @inmantaci
Bump pip from 25.0.1 to 25.1 (PR #8993)
2283c90 
Bumps [pip](https://github.com/pypa/pip) from 25.0.1 to 25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8. (<code>[#12989](pypa/pip#12989) &lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend cannot be used anymore. (<code>[#13010](pypa/pip#13010) &lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage. (<code>[#13303](pypa/pip#13303) &lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code> library is used to
inspect and discover installed packages. This warning should only be visible to
users who set an undocumented environment variable to disable the default
<code>importlib.metadata</code> backend. (<code>[#13318](pypa/pip#13318) &lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To silence the warning,
and future-proof their setup, users should enable <code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control. (<code>[#13319](pypa/pip#13319) &lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an InvalidProxyURL error. (<code>[#12649](pypa/pip#12649) &lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging. (<code>[#12710](pypa/pip#12710) &lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation. (<code>[#12712](pypa/pip#12712) &lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large number
of dependencies by increasing the requirement string cache size. (<code>[#12873](pypa/pip#12873) &lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from :pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form <code>group</code> or
<code>path:group</code>, where the default path is <code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code> file. (<code>[#12963](pypa/pip#12963) &lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the <code>--resume-retries</code> flag. (<code>[#12991](pypa/pip#12991) &lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing <code>Home-Page</code> field
in <code>pip show</code>. (<code>[#13135](pypa/pip#13135) &lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index versions</code> command. (<code>[#13188](pypa/pip#13188) &lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index versions</code> (<code>[#13194](pypa/pip#13194) &lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command, implementing :pep:<code>751</code>. (<code>[#13213](pypa/pip#13213) &lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution. (<code>[#13253](pypa/pip#13253) &lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency resolution. (<code>[#13273](pypa/pip#13273) &lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs. (<code>[#13282](pypa/pip#13282) &lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when <code>setup.py</code> is being invoked directly. (<code>[#13290](pypa/pip#13290) &lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels. (<code>[#13299](pypa/pip#13299) &lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if set. (<code>[#5210](pypa/pip#5210) &lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a> Add a news file for the pip lock command</li>
<li><a href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from sbidoul</li>
<li><a href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a> Remove LRU cache from methods [ruff rule cached-instance-method] (<a href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a> Clarify what the removal of the pkg_ressources backend implies</li>
<li><a href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a> Rename find_linked to find_legacy_editables</li>
<li><a href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a> Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
inmantaci pushed a commit to inmanta/inmanta-core that referenced this issue Apr 28, 2025
@dependabot @inmantaci
Bump pip from 25.0.1 to 25.1 (PR #8995)
a3365ad 
Bumps [pip](https://github.com/pypa/pip) from 25.0.1 to 25.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8. (<code>[#12989](pypa/pip#12989) &lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend cannot be used anymore. (<code>[#13010](pypa/pip#13010) &lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage. (<code>[#13303](pypa/pip#13303) &lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code> library is used to
inspect and discover installed packages. This warning should only be visible to
users who set an undocumented environment variable to disable the default
<code>importlib.metadata</code> backend. (<code>[#13318](pypa/pip#13318) &lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To silence the warning,
and future-proof their setup, users should enable <code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control. (<code>[#13319](pypa/pip#13319) &lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an InvalidProxyURL error. (<code>[#12649](pypa/pip#12649) &lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging. (<code>[#12710](pypa/pip#12710) &lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation. (<code>[#12712](pypa/pip#12712) &lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large number
of dependencies by increasing the requirement string cache size. (<code>[#12873](pypa/pip#12873) &lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from :pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form <code>group</code> or
<code>path:group</code>, where the default path is <code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code> file. (<code>[#12963](pypa/pip#12963) &lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the <code>--resume-retries</code> flag. (<code>[#12991](pypa/pip#12991) &lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing <code>Home-Page</code> field
in <code>pip show</code>. (<code>[#13135](pypa/pip#13135) &lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index versions</code> command. (<code>[#13188](pypa/pip#13188) &lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index versions</code> (<code>[#13194](pypa/pip#13194) &lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command, implementing :pep:<code>751</code>. (<code>[#13213](pypa/pip#13213) &lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution. (<code>[#13253](pypa/pip#13253) &lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency resolution. (<code>[#13273](pypa/pip#13273) &lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs. (<code>[#13282](pypa/pip#13282) &lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when <code>setup.py</code> is being invoked directly. (<code>[#13290](pypa/pip#13290) &lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels. (<code>[#13299](pypa/pip#13299) &lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if set. (<code>[#5210](pypa/pip#5210) &lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a> Bump for release</li>
<li><a href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a> Update AUTHORS.txt</li>
<li><a href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a> Add a news file for the pip lock command</li>
<li><a href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from sbidoul</li>
<li><a href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a> Remove LRU cache from methods [ruff rule cached-instance-method] (<a href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a> Merge pull request <a href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a> Clarify what the removal of the pkg_ressources backend implies</li>
<li><a href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a> Rename find_linked to find_legacy_editables</li>
<li><a href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a> Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
github-merge-queue bot pushed a commit to meltano/tap-smoke-test that referenced this issue Apr 29, 2025
@dependabot
ci: bump pip from 25.0.1 to 25.1 in /.github/workflows in the ci group (
4f158d8 
#259)

Bumps the ci group in /.github/workflows with 1 update:
[pip](https://github.com/pypa/pip).

Updates `pip` from 25.0.1 to 25.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-merge-queue bot pushed a commit to MeltanoLabs/tap-circle-ci that referenced this issue May 1, 2025
@dependabot
ci: bump pip from 25.0.1 to 25.1 in /.github/workflows in the ci group (
a396c08 
#238)

Bumps the ci group in /.github/workflows with 1 update:
[pip](https://github.com/pypa/pip).

Updates `pip` from 25.0.1 to 25.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>25.1 (2025-04-26)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Drop support for Python 3.8.
(<code>[#12989](pypa/pip#12989)
&lt;https://github.com/pypa/pip/issues/12989&gt;</code>_)</li>
<li>On python 3.14+, the <code>pkg_resources</code> metadata backend
cannot be used anymore.
(<code>[#13010](pypa/pip#13010)
&lt;https://github.com/pypa/pip/issues/13010&gt;</code>_)</li>
<li>Hide <code>--no-python-version-warning</code> from CLI help and
documentation
as it's useless since Python 2 support was removed. Despite being
formerly slated for removal, the flag will remain as a no-op to
avoid breakage.
(<code>[#13303](pypa/pip#13303)
&lt;https://github.com/pypa/pip/issues/13303&gt;</code>_)</li>
<li>A warning is emitted when the deprecated <code>pkg_resources</code>
library is used to
inspect and discover installed packages. This warning should only be
visible to
users who set an undocumented environment variable to disable the
default
<code>importlib.metadata</code> backend.
(<code>[#13318](pypa/pip#13318)
&lt;https://github.com/pypa/pip/issues/13318&gt;</code>_)</li>
<li>Deprecate the legacy <code>setup.py bdist_wheel</code> mechanism. To
silence the warning,
and future-proof their setup, users should enable
<code>--use-pep517</code> or add a
<code>pyproject.toml</code> file to the projects they control.
(<code>[#13319](pypa/pip#13319)
&lt;https://github.com/pypa/pip/issues/13319&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Suggest checking &quot;pip config debug&quot; in case of an
InvalidProxyURL error.
(<code>[#12649](pypa/pip#12649)
&lt;https://github.com/pypa/pip/issues/12649&gt;</code>_)</p>
</li>
<li>
<p>Using <code>--debug</code> also enables verbose logging.
(<code>[#12710](pypa/pip#12710)
&lt;https://github.com/pypa/pip/issues/12710&gt;</code>_)</p>
</li>
<li>
<p>Display a transient progress bar during package installation.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement when installing packages with a large
number
of dependencies by increasing the requirement string cache size.
(<code>[#12873](pypa/pip#12873)
&lt;https://github.com/pypa/pip/issues/12873&gt;</code>_)</p>
</li>
<li>
<p>Add a <code>--group</code> option which allows installation from
:pep:<code>735</code> Dependency
Groups. <code>--group</code> accepts arguments of the form
<code>group</code> or
<code>path:group</code>, where the default path is
<code>pyproject.toml</code>, and installs
the named Dependency Group from the provided <code>pyproject.toml</code>
file. (<code>[#12963](pypa/pip#12963)
&lt;https://github.com/pypa/pip/issues/12963&gt;</code>_)</p>
</li>
<li>
<p>Add support to enable resuming incomplete downloads.</p>
<p>Control the number of retry attempts using the
<code>--resume-retries</code> flag.
(<code>[#12991](pypa/pip#12991)
&lt;https://github.com/pypa/pip/issues/12991&gt;</code>_)</p>
</li>
<li>
<p>Use :pep:<code>753</code> &quot;Well-known Project URLs in
Metadata&quot; normalization rules when
identifying an equivalent project URL to replace a missing
<code>Home-Page</code> field
in <code>pip show</code>.
(<code>[#13135](pypa/pip#13135)
&lt;https://github.com/pypa/pip/issues/13135&gt;</code>_)</p>
</li>
<li>
<p>Remove <code>experimental</code> warning from <code>pip index
versions</code> command.
(<code>[#13188](pypa/pip#13188)
&lt;https://github.com/pypa/pip/issues/13188&gt;</code>_)</p>
</li>
<li>
<p>Add a structured <code>--json</code> output to <code>pip index
versions</code>
(<code>[#13194](pypa/pip#13194)
&lt;https://github.com/pypa/pip/issues/13194&gt;</code>_)</p>
</li>
<li>
<p>Add a new, <em>experimental</em>, <code>pip lock</code> command,
implementing :pep:<code>751</code>.
(<code>[#13213](pypa/pip#13213)
&lt;https://github.com/pypa/pip/issues/13213&gt;</code>_)</p>
</li>
<li>
<p>Speed up resolution by first only considering the preference of
candidates that must be required to complete the resolution.
(<code>[#13253](pypa/pip#13253)
&lt;https://github.com/pypa/pip/issues/13253&gt;</code>_)</p>
</li>
<li>
<p>Improved heuristics for determining the order of dependency
resolution. (<code>[#13273](pypa/pip#13273)
&lt;https://github.com/pypa/pip/issues/13273&gt;</code>_)</p>
</li>
<li>
<p>Provide hint, documentation, and link to the documentation when
resolution too deep error occurs.
(<code>[#13282](pypa/pip#13282)
&lt;https://github.com/pypa/pip/issues/13282&gt;</code>_)</p>
</li>
<li>
<p>Include traceback on failure to import <code>setuptools</code> when
<code>setup.py</code> is being invoked directly.
(<code>[#13290](pypa/pip#13290)
&lt;https://github.com/pypa/pip/issues/13290&gt;</code>_)</p>
</li>
<li>
<p>Support for :pep:<code>738</code> Android wheels.
(<code>[#13299](pypa/pip#13299)
&lt;https://github.com/pypa/pip/issues/13299&gt;</code>_)</p>
</li>
<li>
<p>Display wheel build tag in <code>pip list</code> columns output if
set. (<code>[#5210](pypa/pip#5210)
&lt;https://github.com/pypa/pip/issues/5210&gt;</code>_)</p>
</li>
<li>
<p>Build environment dependencies are no longer compiled to bytecode
during</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/daa7e5448312392c621bbaec4204d961c363e5f7"><code>daa7e54</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/06c3182a6ebb79ae95aa6ca42e43a9f750c9df57"><code>06c3182</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/b88324fe98b510fbc6ddd8951f006b1c8f0e7a3c"><code>b88324f</code></a>
Add a news file for the pip lock command</li>
<li><a
href="https://github.com/pypa/pip/commit/38253a6002c23706153a0cb741b8caca290c9165"><code>38253a6</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13319">#13319</a> from
sbidoul</li>
<li><a
href="https://github.com/pypa/pip/commit/2791a8b35a4e9e4ebacf18cc08be81f53998701d"><code>2791a8b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/13344">#13344</a> from
pypa/dependabot/pip/build-project/setuptools-7...</li>
<li><a
href="https://github.com/pypa/pip/commit/24f4600851bbb3d7f22aed0ba6b1e2dcc4973412"><code>24f4600</code></a>
Remove LRU cache from methods [ruff rule cached-instance-method] (<a
href="https://redirect.github.com/pypa/pip/issues/13306">#13306</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/d852ebd2868abc526189fc7172babca9b1d2b395"><code>d852ebd</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12308">#12308</a></li>
<li><a
href="https://github.com/pypa/pip/commit/d35c08df09cebe2f4887b0a31bb1127e730d8ead"><code>d35c08d</code></a>
Clarify what the removal of the pkg_ressources backend implies</li>
<li><a
href="https://github.com/pypa/pip/commit/e8794224f513a2b964d5f969026f283dc9a23003"><code>e879422</code></a>
Rename find_linked to find_legacy_editables</li>
<li><a
href="https://github.com/pypa/pip/commit/4a765606f9c1d39059e429cd5394c246045fb34a"><code>4a76560</code></a>
Fix uninstallation of zipped eggs</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/25.0.1...25.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.0.1&new-version=25.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
state: awaiting PR Feature discussed, PR is needed type: feature request Request for a new feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add support for Android tags mhsmith/pip
2 participants
@mhsmith @ichard26