diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index aaa45004..92dd3fe1 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -47,7 +47,12 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-python@v4 with: - python-version: "3.10" + python-version: 3.x + - name: Collect Workflow Telemetry + uses: runforesight/foresight-workflow-kit-action@v1 + if: ${{ always() }} + with: + api_key: ${{ secrets.FORESIGHT_API_KEY }} - run: | python -m pip install pre-commit pre-commit run --all-files --verbose --show-diff-on-failure @@ -59,7 +64,13 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-python@v4 with: - python-version: "3.10" + + python-version: 3.x + - name: Collect Workflow Telemetry + uses: runforesight/foresight-workflow-kit-action@v1 + if: ${{ always() }} + with: + api_key: ${{ secrets.FORESIGHT_API_KEY }} - run: | python -m pip install --upgrade wheel invoke parver bs4 vistir towncrier requests python -m invoke vendoring.update @@ -81,6 +92,12 @@ jobs: with: python-version: ${{ matrix.python-version }} + - name: Collect Workflow Telemetry + uses: runforesight/foresight-workflow-kit-action@v1 + if: ${{ always() }} + with: + api_key: ${{ secrets.FORESIGHT_API_KEY }} + - name: Get python path id: python-path run: | @@ -122,7 +139,15 @@ jobs: PYTHONIOENCODING: "utf-8" GIT_SSH_COMMAND: ssh -o StrictHostKeyChecking=accept-new -o CheckHostIP=no run: | - pipenv run pytest -ra -n auto -v --fulltrace tests + pipenv run pytest --junitxml=./reports/results.xml -ra -n auto -v --fulltrace tests + - name: Analyze Test and/or Coverage Results + uses: runforesight/foresight-test-kit-action@v1 + if: ${{ always() }} + with: + api_key: ${{ secrets.FORESIGHT_API_KEY }} + test_format: JUNIT + test_framework: PYTEST + test_path: ./reports/** build: name: Build Package @@ -133,6 +158,11 @@ jobs: - uses: actions/setup-python@v4 with: python-version: 3.x + - name: Collect Workflow Telemetry + uses: runforesight/foresight-workflow-kit-action@v1 + if: ${{ always() }} + with: + api_key: ${{ secrets.FORESIGHT_API_KEY }} - run: pip install -U build twine - run: | python -m build diff --git a/.github/workflows/pypi_upload.yml b/.github/workflows/pypi_upload.yml index d59e3695..cd224194 100644 --- a/.github/workflows/pypi_upload.yml +++ b/.github/workflows/pypi_upload.yml @@ -21,6 +21,12 @@ jobs: - name: Checkout code uses: actions/checkout@v3 + - name: Collect Workflow Telemetry + uses: runforesight/foresight-workflow-kit-action@v1 + if: ${{ always() }} + with: + api_key: ${{ secrets.FORESIGHT_API_KEY }} + - name: Create Release id: create_release uses: actions/create-release@v1 diff --git a/LICENSE b/LICENSE index ea28562e..cda2cbdc 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright 2020 Python Packaging Authority +Copyright 2020-2022 Python Packaging Authority Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index e41bfc57..b3705f45 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,7 @@ Pipenv: Python Development Workflow for Humans [![image](https://img.shields.io/pypi/l/pipenv.svg)](https://python.org/pypi/pipenv) [![CI](https://github.com/pypa/pipenv/actions/workflows/ci.yaml/badge.svg)](https://github.com/pypa/pipenv/actions/workflows/ci.yaml) [![image](https://img.shields.io/pypi/pyversions/pipenv.svg)](https://python.org/pypi/pipenv) +[![image](https://api-public.service.runforesight.com/api/v1/badge/test?repoId=a9acfd31-fca9-4ebb-a449-c7bf0f85a481)](https://pypa.app.runforesight.com) ------------------------------------------------------------------------ @@ -36,6 +37,53 @@ You can quickly play with Pipenv right in your browser: [![Try in browser](https://cdn.rawgit.com/rootnroll/library/assets/try.svg)](https://rootnroll.com/d/pipenv/) +Table Of Contents +------------------ + +- [Pipenv](#pipenv-python-development-workflow-for-humans) + +- [Installation](#installation) + +- [User Testimonals](#☤-user-testimonials) + +- [Features](#☤-features) + +- [Basic Concepts](#basic-concepts) + +- [Other Commands](#other-commands) + +- [Shell Completion](#shell-completion) + +- [Usage](#☤-usage) + + - [Usage Examples](#usage-examples) + + - [Commands](#commands) + + - [Locate the Project](#locate-the-project) + + - [Locate the virtualenv](#locate-the-virtualenv) + + - [Locate the Python Interpreter](#locate-the-python-interpreter) + + - [Install Packages](#install-packages) + + - [Installing from git](#installing-from-git) + + - [Install a dev dependency](#install-a-dev-dependency) + + - [Show a dependency graph](#show-a-dependency-graph) + + - [Generate a lockfile](#generate-a-lockfile) + + - [Install all dev dependencies](#install-all-dev-dependencies) + + - [Uninstall everything](#uninstall-everything) + + - [Use the shell](#use-the-shell) + +- [Documentation](#☤-documentation) + Installation ------------ @@ -178,7 +226,7 @@ Magic shell completions are now enabled! -h, --help Show this message and exit. - Usage Examples: + ### Usage Examples: Create a new project using Python 3.7, specifically: $ pipenv --python 3.7 @@ -204,7 +252,7 @@ Magic shell completions are now enabled! Use a lower-level pip command: $ pipenv run pip freeze - Commands: + ### Commands: check Checks for PyUp Safety security vulnerabilities and against PEP 508 markers provided in Pipfile. @@ -224,22 +272,22 @@ Magic shell completions are now enabled! verify Verify the hash in Pipfile.lock is up-to-date. -Locate the project: +### Locate the project: $ pipenv --where /Users/kennethreitz/Library/Mobile Documents/com~apple~CloudDocs/repos/kr/pipenv/test -Locate the virtualenv: +### Locate the virtualenv: $ pipenv --venv /Users/kennethreitz/.local/share/virtualenvs/test-Skyy4vre -Locate the Python interpreter: +### Locate the Python interpreter: $ pipenv --py /Users/kennethreitz/.local/share/virtualenvs/test-Skyy4vre/bin/python -Install packages: +### Install packages: $ pipenv install Creating a virtualenv for this project... @@ -252,7 +300,7 @@ Install packages: To activate this project's virtualenv, run the following: $ pipenv shell -Installing from git: +### Installing from git: You can install packages with pipenv from git and other version control systems using URLs formatted according to the following rule: @@ -275,14 +323,14 @@ Below is an example usage which installs the git repository located at `https:// You can read more about [pip's implementation of vcs support here](https://pip.pypa.io/en/stable/topics/vcs-support/). -Install a dev dependency: +### Install a dev dependency: $ pipenv install pytest --dev Installing pytest... ... Adding pytest to Pipfile's [dev-packages]... -Show a dependency graph: +### Show a dependency graph: $ pipenv graph requests==2.18.4 @@ -291,7 +339,7 @@ Show a dependency graph: - idna [required: >=2.5,<2.7, installed: 2.6] - urllib3 [required: <1.23,>=1.21.1, installed: 1.22] -Generate a lockfile: +### Generate a lockfile: $ pipenv lock Assuring all dependencies from Pipfile are installed... @@ -300,7 +348,7 @@ Generate a lockfile: Note: your project now has only default [packages] installed. To install [dev-packages], run: $ pipenv install --dev -Install all dev dependencies: +### Install all dev dependencies: $ pipenv install --dev Pipfile found at /Users/kennethreitz/repos/kr/pip2/test/Pipfile. Considering this to be the project home. @@ -309,7 +357,7 @@ Install all dev dependencies: Locking [dev-packages] dependencies... Locking [packages] dependencies... -Uninstall everything: +### Uninstall everything: $ pipenv uninstall --all No package provided, un-installing all dependencies. @@ -317,7 +365,7 @@ Uninstall everything: ... Environment now purged and fresh! -Use the shell: +### Use the shell: $ pipenv shell Loading .env environment variables... diff --git a/docs/advanced.rst b/docs/advanced.rst index 43847cfd..a6cf001c 100644 --- a/docs/advanced.rst +++ b/docs/advanced.rst @@ -363,6 +363,27 @@ used to write them to a file:: pytest==3.2.3 setuptools==65.4.1 ; python_version >= '3.7' +If you have multiple categories in your Pipfile and wish to generate +a requirements file for only some categories, you can do that too, +using the ``--categories`` option:: + + $ pipenv requirements --categories="tests" > requirements-tests.txt + $ pipenv requirements --categories="docs" > requirements-docs.txt + $ cat requirements-tests.txt + -i https://pypi.org/simple + attrs==22.1.0 ; python_version >= '3.5' + iniconfig==1.1.1 + packaging==21.3 ; python_version >= '3.6' + pluggy==1.0.0 ; python_version >= '3.6' + py==1.11.0 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' + pyparsing==3.0.9 ; python_full_version >= '3.6.8' + pytest==7.1.3 + tomli==2.0.1 ; python_version >= '3.7' + +It can be used to specify multiple categories also. + + $ pipenv requirements --categories="tests,docs" + ☤ Detection of Security Vulnerabilities --------------------------------------- diff --git a/docs/conf.py b/docs/conf.py index 52603bb1..6f4cddf9 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -170,7 +170,7 @@ latex_documents = [ # One entry per manual page. List of tuples # (source start file, name, description, authors, manual section). -man_pages = [(master_doc, "pipenv", "pipenv Documentation", [author], 1)] +man_pages = [("quickstart", "pipenv", "", [author], 1)] # -- Options for Texinfo output ------------------------------------------- diff --git a/docs/dev/contributing.rst b/docs/dev/contributing.rst index a250975d..b84c658c 100644 --- a/docs/dev/contributing.rst +++ b/docs/dev/contributing.rst @@ -131,7 +131,7 @@ Tests are written in ``pytest`` style and can be run very simply: pytest However many tests depend on running a private pypi server on localhost:8080. -This can be accomplished by using either the ``run-tests.sh`` or ``run-tests.bat` +This can be accomplished by using either the ``run-tests.sh`` or ``run-tests.bat`` which will start the ``pypiserver`` process ahead of invoking pytest. You may also manually perform this step and then invoke pytest as you would normally. Example:: diff --git a/docs/index.rst b/docs/index.rst index b6a22d30..38d97fb0 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -65,10 +65,6 @@ More detailed installation instructions can be found in the :ref:`installing-pip ✨🍰✨ .. toctree:: - :maxdepth: 2 - - install - changelog User Testimonials ----------------- @@ -91,26 +87,8 @@ User Testimonials - Automatically adds/removes packages to a ``Pipfile`` when they are installed or uninstalled. - Automatically loads ``.env`` files, if they exist. -The main commands are ``install``, ``uninstall``, and ``lock``, which generates a ``Pipfile.lock``. These are intended to replace ``$ pip install`` usage, as well as manual virtualenv management (to activate a virtualenv, run ``$ pipenv shell``). - -Basic Concepts -////////////// - -- A virtualenv will automatically be created, when one doesn't exist. -- When no parameters are passed to ``install``, all packages ``[packages]`` specified will be installed. -- To initialize a Python 3 virtual environment, run ``$ pipenv --three``. -- Otherwise, whatever virtualenv defaults to will be the default. - - - -Other Commands -////////////// - -- ``graph`` will show you a dependency graph of your installed dependencies. -- ``shell`` will spawn a shell with the virtualenv activated. This shell can be deactivated by using ``exit``. -- ``run`` will run a given command from the virtualenv, with any arguments forwarded (e.g. ``$ pipenv run python`` or ``$ pipenv run pip freeze``). -- ``check`` checks for security vulnerabilities and asserts that `PEP 508 `_ requirements are being met by the current environment. +.. include:: quickstart.rst Further Documentation Guides ---------------------------- @@ -118,10 +96,12 @@ Further Documentation Guides .. toctree:: :maxdepth: 2 + install basics advanced cli diagnose + changelog Contribution Guides ------------------- diff --git a/docs/quickstart.rst b/docs/quickstart.rst new file mode 100644 index 00000000..543379c6 --- /dev/null +++ b/docs/quickstart.rst @@ -0,0 +1,34 @@ +Basic Commands and Concepts +/////////////////////////// + +Pipenv uses a set of commands to manage your Project's dependencies and custom scripts. +It replaces the use of ``Makefile``, direct calls to ``pip`` and ``python -m venv`` or ``virtualenv``. +to create virtual environments and install packages in them. +Pipenv uses two files to do this: ``Pipfile`` and ``Pipfile.lock`` (which will look familiar if you +are used to packages manager like ``yarn`` or ``npm``). + +The main commands are: + +- ``install`` - + + Will create a virtual env and install dependencies (if it does not exist already) + The dependencies will be installed inside. + +- ``install package==0.2`` - + + Will add the package in version 0.2 to the virtual environment and + to ``Pipfile`` and ``Pipfile.lock`` + +- ``uninstall`` - Will remove the dependency + +- ``lock`` - Regenarate ``Pipfile.lock`` and updates the dependencies inside it. + +These are intended to replace ``$ pip install`` usage, as well as manual virtualenv management. + +Other Commands +////////////// + +- ``graph`` will show you a dependency graph of your installed dependencies. +- ``shell`` will spawn a shell with the virtualenv activated. This shell can be deactivated by using ``exit``. +- ``run`` will run a given command from the virtualenv, with any arguments forwarded (e.g. ``$ pipenv run python`` or ``$ pipenv run pip freeze``). +- ``check`` checks for security vulnerabilities and asserts that `PEP 508 `_ requirements are being met by the current environment. diff --git a/news/5419.removal.rst b/news/5419.removal.rst new file mode 100644 index 00000000..97a67c5a --- /dev/null +++ b/news/5419.removal.rst @@ -0,0 +1 @@ +Remove usage of vistir.cmdparse in favor of pipenv.cmdparse diff --git a/news/5420.vendor.rst b/news/5420.vendor.rst new file mode 100644 index 00000000..71670b09 --- /dev/null +++ b/news/5420.vendor.rst @@ -0,0 +1 @@ +Remove appdirs.py in favor of platformdirs. diff --git a/news/5431.feature.rst b/news/5431.feature.rst new file mode 100644 index 00000000..627693cd --- /dev/null +++ b/news/5431.feature.rst @@ -0,0 +1 @@ +Add support to export requirements file for a specified set of categories. diff --git a/pipenv/cli/command.py b/pipenv/cli/command.py index 7e642eab..d5047adc 100644 --- a/pipenv/cli/command.py +++ b/pipenv/cli/command.py @@ -740,8 +740,16 @@ def verify(state): ) @option("--hash", is_flag=True, default=False, help="Add package hashes.") @option("--exclude-markers", is_flag=True, default=False, help="Exclude markers.") +@option( + "--categories", + is_flag=False, + default="", + help="Only add requirement of the specified categories.", +) @pass_state -def requirements(state, dev=False, dev_only=False, hash=False, exclude_markers=False): +def requirements( + state, dev=False, dev_only=False, hash=False, exclude_markers=False, categories="" +): from pipenv.utils.dependencies import convert_deps_to_pip @@ -752,11 +760,17 @@ def requirements(state, dev=False, dev_only=False, hash=False, exclude_markers=F echo(" ".join([prefix, package_index["url"]])) deps = {} + categories_list = categories.split(",") if categories else [] - if dev or dev_only: - deps.update(lockfile["develop"]) - if not dev_only: - deps.update(lockfile["default"]) + if categories_list: + for category in categories_list: + category = category.strip() + deps.update(lockfile.get(category, {})) + else: + if dev or dev_only: + deps.update(lockfile["develop"]) + if not dev_only: + deps.update(lockfile["default"]) pip_deps = convert_deps_to_pip( deps, diff --git a/pipenv/environment.py b/pipenv/environment.py index 66c53545..5edfaad7 100644 --- a/pipenv/environment.py +++ b/pipenv/environment.py @@ -13,6 +13,7 @@ from pathlib import Path from sysconfig import get_paths, get_python_version, get_scheme_names import pipenv +from pipenv import cmdparse from pipenv.patched.pip._internal.commands.install import InstallCommand from pipenv.patched.pip._internal.index.package_finder import PackageFinder from pipenv.patched.pip._internal.req.req_uninstall import UninstallPathSet @@ -311,19 +312,12 @@ class Environment: return sys.path elif any([sys.prefix == self.prefix, not self.is_venv]): return sys.path - cmd_args = [self.python, "-c", "import json, sys; print(json.dumps(sys.path))"] - path, _ = vistir.misc.run( - cmd_args, - return_object=False, - nospin=True, - block=True, - combine_stderr=False, - write_to_stdout=False, - ) + try: - path = json.loads(path.strip()) - except json.JSONDecodeError: + path = pipenv.utils.shell.load_path(self.python) + except json.decoder.JSONDecodeError: path = sys.path + return path def build_command( @@ -815,7 +809,7 @@ class Environment: c = None with self.activated(): - script = vistir.cmdparse.Script.parse(cmd) + script = cmdparse.Script.parse(cmd) c = vistir.misc.run( script._parts, return_object=True, @@ -837,9 +831,9 @@ class Environment: c = None if isinstance(cmd, str): - script = vistir.cmdparse.Script.parse(f"{self.python} -c {cmd}") + script = cmdparse.Script.parse(f"{self.python} -c {cmd}") else: - script = vistir.cmdparse.Script.parse([self.python, "-c"] + list(cmd)) + script = cmdparse.Script.parse([self.python, "-c"] + list(cmd)) with self.activated(): c = vistir.misc.run( script._parts, diff --git a/pipenv/environments.py b/pipenv/environments.py index 73eac01a..9338c2eb 100644 --- a/pipenv/environments.py +++ b/pipenv/environments.py @@ -4,10 +4,10 @@ import pathlib import re import sys -from appdirs import user_cache_dir from vistir.path import normalize_drive from pipenv._compat import fix_utf8 +from pipenv.patched.pip._vendor.platformdirs import user_cache_dir from pipenv.utils.constants import FALSE_VALUES, TRUE_VALUES from pipenv.utils.shell import env_to_bool from pipenv.vendor.vistir.misc import _isatty diff --git a/pipenv/pipenv.1 b/pipenv/pipenv.1 index bcb3e90f..740f610f 100644 --- a/pipenv/pipenv.1 +++ b/pipenv/pipenv.1 @@ -27,2599 +27,33 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "PIPENV" "1" "Oct 12, 2022" "2022.10.12" "pipenv" -.SH NAME -pipenv \- pipenv Documentation -\fI\%\fP\fI\%\fP\fI\%\fP +.TH "PIPENV" "1" "Oct 24, 2022" "2022.10.13.dev0" "pipenv" .sp -.ce ----- - -.ce 0 +Pipenv uses a set of commands to manage your Project\(aqs dependencies and custom scripts. +It replaces the use of \fBMakefile\fP, direct calls to \fBpip\fP and \fBpython \-m venv\fP or \fBvirtualenv\fP\&. +to create virtual environments and install packages in them. +Pipenv uses two files to do this: \fBPipfile\fP and \fBPipfile.lock\fP (which will look familiar if you +are used to packages manager like \fByarn\fP or \fBnpm\fP). .sp -.sp -\fBPipenv\fP is a tool that aims to bring the best of all packaging worlds (bundler, composer, npm, cargo, yarn, etc.) to the Python world. \fIWindows is a first\-class citizen, in our world.\fP -.sp -It automatically creates and manages a virtualenv for your projects, as well as adds/removes packages from your \fBPipfile\fP as you install/uninstall packages. It also generates the ever\-important \fBPipfile.lock\fP, which is used to produce deterministic builds. -.sp -Pipenv is primarily meant to provide users and developers of applications with an easy method to setup a working environment. For the distinction between libraries and applications and the usage of \fBsetup.py\fP vs \fBPipfile\fP to define dependencies, see \fI\%☤ Pipfile vs setup.py\fP\&. -[image: a short animation of pipenv at work] -[image] -.sp -The problems that Pipenv seeks to solve are multi\-faceted: -.INDENT 0.0 -.IP \(bu 2 -You no longer need to use \fBpip\fP and \fBvirtualenv\fP separately. They work together. -.IP \(bu 2 -Managing a \fBrequirements.txt\fP file \fI\%can be problematic\fP, so Pipenv uses \fBPipfile\fP and \fBPipfile.lock\fP to separate abstract dependency declarations from the last tested combination. -.IP \(bu 2 -Hashes are used everywhere, always. Security. Automatically expose security vulnerabilities. -.IP \(bu 2 -Strongly encourage the use of the latest versions of dependencies to minimize security risks \fI\%arising from outdated components\fP\&. -.IP \(bu 2 -Give you insight into your dependency graph (e.g. \fB$ pipenv graph\fP). -.IP \(bu 2 -Streamline development workflow by loading \fB\&.env\fP files. -.UNINDENT -.sp -You can quickly play with Pipenv right in your browser: -\fI\%Try in browser\fP.SH INSTALL PIPENV TODAY! -.sp -If you already have Python and pip, you can easily install Pipenv into your home directory: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pip install \-\-user pipenv -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Or, if you\(aqre using Fedora 28: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ sudo dnf install pipenv -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -It\(aqs possible to install Pipenv with Homebrew on MacOS, or with Linuxbrew on Linux systems. However, \fBthis is now discouraged\fP, because updates to the brewed Python distribution will break Pipenv, and perhaps all virtual environments managed by it. You\(aqll then need to re\-install Pipenv at least. If you want to give it a try despite this warning, use: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ brew install pipenv -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -More detailed installation instructions can be found in the \fI\%☤ Installing Pipenv\fP chapter. -.sp -✨🍰✨ -.SS Pipenv & Virtual Environments -[image] -.sp -This tutorial walks you through installing and using Python packages. -.sp -It will show you how to install and use the necessary tools and make strong -recommendations on best practices. Keep in mind that Python is used for a great -many different purposes, and precisely how you want to manage your dependencies -may change based on how you decide to publish your software. The guidance -presented here is most directly applicable to the development and deployment of -network services (including web applications), but is also very well suited to -managing development and testing environments for any kind of project. -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -This guide is written for Python 3, however, these instructions -should work fine on Python 2.7—if you are still using it, for some reason. -.UNINDENT -.UNINDENT -.SS ☤ Make sure you\(aqve got Python & pip -.sp -Before you go any further, make sure you have Python and that it\(aqs available -from your command line. You can check this by simply running: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ python \-\-version -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -You should get some output like \fB3.6.2\fP\&. If you do not have Python, please -install the latest 3.x version from \fI\%python.org\fP or refer to the -\fI\%Installing Python\fP section of \fIThe Hitchhiker\(aqs Guide to Python\fP\&. -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -If you\(aqre newcomer and you get an error like this: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C ->>> python -Traceback (most recent call last): - File "", line 1, in -NameError: name \(aqpython\(aq is not defined -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -It\(aqs because this command is intended to be run in a \fIshell\fP (also called -a \fIterminal\fP or \fIconsole\fP). See the Python for Beginners -\fI\%getting started tutorial\fP for an introduction to using your operating -system\(aqs shell and interacting with Python. -.UNINDENT -.UNINDENT -.sp -Additionally, you\(aqll need to make sure you have pip available. You can -check this by running: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pip \-\-version -pip 9.0.1 -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -If you installed Python from source, with an installer from \fI\%python.org\fP, via \fI\%Homebrew\fP or via \fI\%Linuxbrew\fP you should already have pip. If you\(aqre on Linux and installed -using your OS package manager, you may have to \fI\%install pip\fP separately. -.sp -If you plan to install Pipenv using Homebrew or Linuxbrew you can skip this step. The -Homebrew/Linuxbrew installer takes care of pip for you. -.SS ☤ Installing Pipenv -.sp -Pipenv is a dependency manager for Python projects. If you\(aqre familiar -with Node.js\(aqs \fI\%npm\fP or Ruby\(aqs \fI\%bundler\fP, it is similar in spirit to those -tools. While pip can install Python packages, Pipenv is recommended as -it\(aqs a higher\-level tool that simplifies dependency management for common use -cases. -.SS ☤ Isolated Installation of Pipenv with Pipx -.sp -\fI\%Pipx\fP is a tool to help you install and run end\-user applications written in Python. It installs applications -into an isolated and clean environment on their own. To install pipx, just run: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pip install \-\-user pipx -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Once you have \fBpipx\fP ready on your system, continue to install Pipenv: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipx install pipenv -.ft P -.fi -.UNINDENT -.UNINDENT -.SS ☤ Pragmatic Installation of Pipenv -.sp -If you have a working installation of pip, and maintain certain "tool\-chain" type Python modules as global utilities in your user environment, pip \fI\%user installs\fP allow for installation into your home directory. Note that due to interaction between dependencies, you should limit tools installed in this way to basic building blocks for a Python workflow like virtualenv, pipenv, tox, and similar software. -.sp -To install: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pip install \-\-user pipenv -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -This does a \fI\%user installation\fP to prevent breaking any system\-wide -packages. If \fBpipenv\fP isn\(aqt available in your shell after installation, -you\(aqll need to add the \fI\%user base\fP\(aqs binary directory to your \fBPATH\fP\&. -.sp -On Linux and macOS you can find the user base binary directory by running -\fBpython \-m site \-\-user\-base\fP and adding \fBbin\fP to the end. For example, -this will typically print \fB~/.local\fP (with \fB~\fP expanded to the -absolute path to your home directory) so you\(aqll need to add -\fB~/.local/bin\fP to your \fBPATH\fP\&. You can set your \fBPATH\fP permanently by -\fI\%modifying ~/.profile\fP\&. -.sp -On Windows you can find the user base binary directory by running -\fBpython \-m site \-\-user\-site\fP and replacing \fBsite\-packages\fP with -\fBScripts\fP\&. For example, this could return -\fBC:\eUsers\eUsername\eAppData\eRoaming\ePython36\esite\-packages\fP so you would -need to set your \fBPATH\fP to include -\fBC:\eUsers\eUsername\eAppData\eRoaming\ePython36\eScripts\fP\&. You can set your -user \fBPATH\fP permanently in the \fI\%Control Panel\fP\&. You may need to log -out for the \fBPATH\fP changes to take effect. -.sp -For more information, see the \fI\%user installs documentation\fP\&. -.UNINDENT -.UNINDENT -.sp -To upgrade pipenv at any time: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pip install \-\-user \-\-upgrade pipenv -.ft P -.fi -.UNINDENT -.UNINDENT -.SS ☤ Crude Installation of Pipenv -.sp -If you don\(aqt even have pip installed, you can use this crude installation method, which will bootstrap your whole system: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ curl https://raw.githubusercontent.com/pypa/pipenv/master/get\-pipenv.py | python -.ft P -.fi -.UNINDENT -.UNINDENT -.SS ☤ Homebrew Installation of Pipenv(Discouraged) -.sp -\fI\%Homebrew\fP is a popular open\-source package management system for macOS. For Linux users, \fI\%Linuxbrew\fP is a Linux port of that. -.sp -Installing pipenv via Homebrew or Linuxbrew will keep pipenv and all of its dependencies in -an isolated virtual environment so it doesn\(aqt interfere with the rest of your -Python installation. -.sp -Once you have installed Homebrew or Linuxbrew simply run: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ brew install pipenv -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -To upgrade pipenv at any time: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ brew upgrade pipenv -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -Homebrew installation is discouraged because each time the Homebrew Python is upgraded, which Pipenv depends on, -users have to re\-install Pipenv, and perhaps all virtual environments managed by it. -.UNINDENT -.UNINDENT -.SS ☤ Installing packages for your project -.sp -Pipenv manages dependencies on a per\-project basis. To install packages, -change into your project\(aqs directory (or just an empty directory for this -tutorial) and run: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ cd myproject -$ pipenv install requests -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -Pipenv is designed to be used by non\-privileged OS users. It is not meant -to install or handle packages for the whole OS. Running Pipenv as \fBroot\fP -or with \fBsudo\fP (or \fBAdmin\fP on Windows) is highly discouraged and might -lead to unintend breakage of your OS. -.UNINDENT -.UNINDENT -.sp -Pipenv will install the excellent \fI\%Requests\fP library and create a \fBPipfile\fP -for you in your project\(aqs directory. The \fBPipfile\fP is used to track which -dependencies your project needs in case you need to re\-install them, such as -when you share your project with others. You should get output similar to this -(although the exact paths shown will vary): -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv install requests -Creating a virtualenv for this project... -Pipfile: /home/user/myproject/Pipfile -sing /home/user/.local/share/virtualenvs/pipenv\-Cv0J3wbi/bin/python3.9 (3.9.9) to create virtualenv... - Creating virtual environment...created virtual environment CPython3.9.9.final.0\-64 in 1142ms - creator CPython3Posix(dest=/home/user/.local/share/virtualenvs/myproject\-R3jRVewK, clear=False, no_vcs_ignore=False, global=False) - seeder FromAppData(download=False, pip=bundle, setuptools=bundle, wheel=bundle, via=copy, app_data_dir=/home/user/.local/share/virtualenv) - added seed packages: pip==21.3.1, setuptools==60.2.0, wheel==0.37.1 - activators BashActivator,CShellActivator,FishActivator,NushellActivator,PowerShellActivator,PythonActivator - -✔ Successfully created virtual environment! -Virtualenv location: /home/user/.local/share/virtualenvs/pms\-R3jRVewK -Creating a Pipfile for this project... -Installing requests... -Adding requests to Pipfile\(aqs [packages]... -Installation Succeeded -Pipfile.lock not found, creating... -Locking [dev\-packages] dependencies... -Locking [packages] dependencies... -Building requirements... -Resolving dependencies... -✔ Success! -Updated Pipfile.lock (fe5a22)! -Installing dependencies from Pipfile.lock (fe5a22)... -🐍 ▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉ 0/0 — 00:00:00 -.ft P -.fi -.UNINDENT -.UNINDENT -.SS ☤ Using installed packages -.sp -Now that Requests is installed you can create a simple \fBmain.py\fP file to -use it: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -import requests - -response = requests.get(\(aqhttps://httpbin.org/ip\(aq) - -print(\(aqYour IP is {0}\(aq.format(response.json()[\(aqorigin\(aq])) -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Then you can run this script using \fBpipenv run\fP: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv run python main.py -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -You should get output similar to this: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -Your IP is 8.8.8.8 -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Using \fB$ pipenv run\fP ensures that your installed packages are available to -your script. It\(aqs also possible to spawn a new shell that ensures all commands -have access to your installed packages with \fB$ pipenv shell\fP\&. -.SS ☤ Virtualenv mapping caveat -.INDENT 0.0 -.IP \(bu 2 -Pipenv automatically maps projects to their specific virtualenvs. -.IP \(bu 2 -The virtualenv is stored globally with the name of the project’s root directory plus the hash of the full path to the project\(aqs root (e.g., \fBmy_project\-a3de50\fP). -.IP \(bu 2 -If you change your project\(aqs path, you break such a default mapping and pipenv will no longer be able to find and to use the project\(aqs virtualenv. -.IP \(bu 2 -You might want to set \fBexport PIPENV_VENV_IN_PROJECT=1\fP in your .bashrc/.zshrc (or any shell configuration file) for creating the virtualenv inside your project\(aqs directory, avoiding problems with subsequent path changes. -.UNINDENT -.SS ☤ Next steps -.sp -Congratulations, you now know how to install and use Python packages! ✨ 🍰 ✨ -.SS Release and Version History -.SS 2022.10.12 (2022\-10\-12) -.SS Pipenv 2022.10.12 (2022\-10\-12) -.SS Improved Documentation -.INDENT 0.0 -.IP \(bu 2 -Update pipenv docs for with example for callabale package functions in Pipfile scripts \fI\%#5396\fP -.UNINDENT -.SS 2022.10.11 (2022\-10\-11) -.SS Pipenv 2022.10.11 (2022\-10\-11) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Revert decision to change the default isolation level because it caused problems with existing workflows; solution is to recommend users that have issues requiring pre\-requisites to pass \-\-extra\-pip\-args="\-\-no\-build\-isolation" in their install or sync commands. \fI\%#5399\fP -.UNINDENT -.SS 2022.10.10 (2022\-10\-10) -.SS Pipenv 2022.10.10 (2022\-10\-10) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -Add ability for callable scripts in Pipfile under [scripts]. Callables can now be added like: \fB:\fP and can also take arguments. For exaple: \fBfunc = {call = "package.module:func(\(aqarg1\(aq, \(aqarg2\(aq)"}\fP then this can be activated in the shell with \fBpipenv run func\fP \fI\%#5294\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fixes regression from \fB2022.10.9\fP where \fBPipfile\fP with \fBpipenv\fP section began generating new hash, -and also fix regression where lock phase did not update the hash value. \fI\%#5394\fP -.UNINDENT -.SS 2022.10.9 (2022\-10\-09) -.SS Pipenv 2022.10.9 (2022\-10\-09) -.SS Behavior Changes -.INDENT 0.0 -.IP \(bu 2 -New pipfiles show python_full_version under [requires] if specified. Previously creating a new pipenv project would only specify in the Pipfile the major and minor version, i.e. "python_version = 3.7". Now if you create a new project with a fully named python version it will record both in the Pipfile. So: "python_version = 3.7" and "python_full_version = 3.7.2" \fI\%#5345\fP -.UNINDENT -.SS Relates to dev process changes -.INDENT 0.0 -.IP \(bu 2 -Silence majority of pytest.mark warnings by registering custom marks. Can view a list of custom marks by running \fBpipenv run pytest \-\-markers\fP -.UNINDENT -.SS 2022.10.4 (2022\-10\-04) -.SS Pipenv 2022.10.4 (2022\-10\-04) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Use \fB\-\-creator=venv\fP when creating virtual environments to avoid issue with sysconfig \fBposix_prefix\fP on some systems. \fI\%#5075\fP -.IP \(bu 2 -Prefer to use the lockfile sources if available during the install phase. \fI\%#5380\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Drop vendored six \- we no longer depend on this library, as we migrated from pipfile to plette. \fI\%#5187\fP -.UNINDENT -.SS 2022.9.24 (2022\-09\-24) -.SS Pipenv 2022.9.24 (2022\-09\-24) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Update \fBrequirementslib==2.0.3\fP to always evaluate the requirement markers fresh (without lru_cache) to fix marker determinism issue. \fI\%#4660\fP -.UNINDENT -.SS 2022.9.21 (2022\-09\-21) -.SS Pipenv 2022.9.21 (2022\-09\-21) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fix regression to \fBinstall \-\-skip\-lock\fP with update to \fBplette\fP\&. \fI\%#5368\fP -.UNINDENT -.SS 2022.9.20 (2022\-09\-20) -.SS Pipenv 2022.9.20 (2022\-09\-20) -.SS Behavior Changes -.INDENT 0.0 -.IP \(bu 2 -Remove usage of pipfile module in favour of Plette. -pipfile is not actively maintained anymore. Plette is actively maintained, -and has stricter checking of the Pipefile and Pipefile.lock. As a result, -Pipefile with unnamed package indecies will fail to lock. If a Pipefile -was hand crafeted, and the source is anonymous an error will be thrown. -The solution is simple, add a name to your index, e.g, replace: -.INDENT 2.0 -.INDENT 3.5 -.sp -.nf -.ft C -[[source]] -url = "https://pypi.acme.com/simple" -verify_ssl = true -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -With: -.INDENT 2.0 -.INDENT 3.5 -.sp -.nf -.ft C -[[source]] -url = "https://pypi.acme.com/simple" -verify_ssl = true -name = acmes_private_index \(ga#5339 \(ga_ -.ft P -.fi -.UNINDENT -.UNINDENT -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Modernize \fBpipenv\fP path patch with \fBimportlib.util\fP to eliminate import of \fBpkg_resources\fP \fI\%#5349\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Remove iso8601 from vendored packages since it was not used. \fI\%#5346\fP -.UNINDENT -.SS 2022.9.8 (2022\-09\-08) -.SS Pipenv 2022.9.8 (2022\-09\-08) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -It is now possible to supply additional arguments to \fBpip\fP install by supplying \fB\-\-extra\-pip\-args=" "\fP -See the updated documentation \fBSupplying additional arguments to pip\fP for more details. \fI\%#5283\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Make editable detection better because not everyone specifies editable entry in the Pipfile for local editable installs. \fI\%#4784\fP -.IP \(bu 2 -Add error handling for when the installed package setup.py does not contain valid markers. \fI\%#5329\fP -.IP \(bu 2 -Load the dot env earlier so that \fBPIPENV_CUSTOM_VENV_NAME\fP is more useful across projects. \fI\%#5334\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Bump version of shellingham to support nushell. \fI\%#5336\fP -.IP \(bu 2 -Bump plette to version v0.3.0 \fI\%#5337\fP -.IP \(bu 2 -Bump version of pipdeptree \fI\%#5343\fP -.UNINDENT -.SS Removals and Deprecations -.INDENT 0.0 -.IP \(bu 2 -Add deprecation warning to the \-\-three flag. Pipenv now uses python3 by default. \fI\%#5328\fP -.UNINDENT -.SS Relates to dev process changes -.INDENT 0.0 -.IP \(bu 2 -Convert the test runner to use \fBpypiserver\fP as a standalone process for all tests that referencce internal \fBpypi\fP artifacts. -General refactoring of some test cases to create more variety in packages selected\-\-preferring lighter weight packages\-\-in existing test cases. -.UNINDENT -.SS 2022.9.4 (2022\-09\-04) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fix the issue from \fB2022.9.2\fP where tarball URL packages were being skipped on batch_install. \fI\%#5306\fP -.UNINDENT -.SS 2022.9.2 (2022\-09\-02) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fix issue where unnamed constraints were provided but which are not allowed by \fBpip\fP resolver. \fI\%#5273\fP -.UNINDENT -.SS 2022.8.31 (2022\-08\-31) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -Performance optimization to \fBbatch_install\fP results in a faster and less CPU intensive \fBpipenv sync\fP or \fBpipenv install\fP experience. \fI\%#5301\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -\fBpipenv\fP now uses a \fBNamedTemporaryFile\fP for rsolver constraints and drops internal env var \fBPIPENV_PACKAGES\fP\&. \fI\%#4925\fP -.UNINDENT -.SS Removals and Deprecations -.INDENT 0.0 -.IP \(bu 2 -Remove no longer used method \fBwhich_pip\fP\&. \fI\%#5314\fP -.IP \(bu 2 -Drop progress bar file due to recent performance optimization to combine \fBbatch_install\fP requirements in at most two invocations of \fBpip install\fP\&. -To see progress of install pass \fB\-\-verbose\fP flag and \fBpip\fP progress will be output in realtime. \fI\%#5315\fP -.UNINDENT -.SS 2022.8.30 (2022\-08\-30) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fix an issue when using \fBpipenv install \-\-system\fP on systems that having the \fBpython\fP executable pointing to Python 2 and a Python 3 executable being \fBpython3\fP\&. \fI\%#5296\fP -.IP \(bu 2 -Sorting \fBconstraints\fP before resolving, which fixes \fBpipenv lock\fP generates nondeterminism environment markers. \fI\%#5299\fP -.IP \(bu 2 -Fix #5273, use our own method for checking if a package is a valid constraint. \fI\%#5309\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Vendor in \fBrequirementslib==2.0.1\fP which fixes issue with local install not marked editable, and vendor in \fBvistir==0.6.1\fP which drops python2 support. -Drops \fBorderedmultidict\fP from vendoring. \fI\%#5308\fP -.UNINDENT -.SS 2022.8.24 (2022\-08\-24) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Remove eager and unnecessary importing of \fBsetuptools\fP and \fBpkg_resources\fP to avoid conflict upgrading \fBsetuptools\fP\&. -Roll back \fBsysconfig\fP patch of \fBpip\fP because it was problematic for some \fB\-\-system\fP commands. \fI\%#5228\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Vendor in \fBrequirementslib==2.0.0\fP and drop \fBpip\-shims\fP entirely. \fI\%#5228\fP -.IP \(bu 2 -Vendor in \fBpythonfinder==1.3.1\fP \fI\%#5292\fP -.UNINDENT -.SS 2022.8.19 (2022\-08\-19) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fix issue where resolver is provided with \fBinstall_requires\fP constraints from \fBsetup.py\fP that depend on editable dependencies and could not resolve them. \fI\%#5271\fP -.IP \(bu 2 -Fix for \fBpipenv lock\fP fails for packages with extras as of \fB2022.8.13\fP\&. \fI\%#5274\fP -.IP \(bu 2 -Revert the exclusion of \fBBAD_PACKAGES\fP from \fBbatch_install\fP in order for \fBpipenv\fP to install specific versions of \fBsetuptools\fP\&. -To prevent issue upgrading \fBsetuptools\fP this patches \fB_USE_SYSCONFIG_DEFAULT\fP to use \fBsysconfig\fP for \fB3.7\fP and above whereas \fBpip\fP default behavior was \fB3.10\fP and above. \fI\%#5275\fP -.UNINDENT -.SS 2022.8.17 (2022\-08\-17) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fix "The Python interpreter can\(aqt be found" error when running \fBpipenv install \-\-system\fP with a python3 but no python. \fI\%#5261\fP -.IP \(bu 2 -Revise pip import patch to include only \fBpipenv\fP from site\-packages and removed \fB\-\-ignore\-installed\fP argument from pip install in order to fix regressions with \fB\-\-use\-site\-packages\fP\&. \fI\%#5265\fP -.UNINDENT -.SS 2022.8.15 (2022\-08\-15) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -\fBpip_install\fP method was using a different way of finding the python executable than other \fBpipenv\fP commands, which caused an issue with skipping package installation if it was already installed in site\-packages. \fI\%#5254\fP -.UNINDENT -.SS 2022.8.14 (2022\-08\-14) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Removed \fBpackaging\fP library from \fBBAD_PACKAGES\fP constant to allow it to be installed, which fixes regression from \fBpipenv==2022.8.13\fP\&. \fI\%#5247\fP -.UNINDENT -.SS 2022.8.13 (2022\-08\-13) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -If environment variable \fBCI\fP or \fBTF_BUILD\fP is set but does not evaluate to \fBFalse\fP it is now treated as \fBTrue\fP\&. \fI\%#5128\fP -.IP \(bu 2 -Fix auto\-complete crashing on \(aqinstall\(aq and \(aquninstall\(aq keywords \fI\%#5214\fP -.IP \(bu 2 -Address remaining \fBpipenv\fP commands that were still referencing the user or system installed \fBpip\fP to use the vendored \fBpip\fP internal to \fBpipenv\fP\&. \fI\%#5229\fP -.IP \(bu 2 -Use \fBpackages\fP as contraints when locking \fBdev\-packages\fP in Pipfile. -Use \fBpackages\fP as contraints when installing new \fBdev\-packages\fP\&. \fI\%#5234\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Vendor in minor \fBpip\fP update \fB22.2.2\fP \fI\%#5230\fP -.UNINDENT -.SS Improved Documentation -.INDENT 0.0 -.IP \(bu 2 -Add documentation for environment variables the configure pipenv. \fI\%#5235\fP -.UNINDENT -.SS Removals and Deprecations -.INDENT 0.0 -.IP \(bu 2 -The deprecated way of generating requirements \fBinstall \-r\fP or \fBlock \-r\fP has been removed in favor of the \fBpipenv requirements\fP command. \fI\%#5200\fP -.UNINDENT -.SS 2022.8.5 (2022\-08\-05) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -support PIPENV_CUSTOM_VENV_NAME to be the venv name if specified, update relevant docs. \fI\%#4974\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Remove usages of \fBpip_shims\fP from the non vendored \fBpipenv\fP code, but retain initialization for \fBrequirementslib\fP still has usages. \fI\%#5204\fP -.IP \(bu 2 -Fix case sensitivity of color name \fBred\fP in exception when getting hashes from pypi in \fB_get_hashes_from_pypi\fP\&. \fI\%#5206\fP -.IP \(bu 2 -Write output from \fBsubprocess_run\fP directly to \fBstdout\fP instead of creating temporary file. -Remove deprecated \fBdistutils.sysconfig\fP, use \fBsysconfig\fP\&. \fI\%#5210\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -.INDENT 2.0 -.IP \(bu 2 -Rename patched \fBnotpip\fP to \fBpip\fP in order to be clear that its a patched version of pip. -.IP \(bu 2 -Remove the part of _post_pip_import.patch that overrode the standalone pip to be the user installed pip, -.UNINDENT -.sp -now we fully rely on our vendored and patched \fBpip\fP, even for all types of installs. -* Vendor in the next newest version of \fBpip==22.2\fP -* Modify patch for \fBpipdeptree\fP to not use \fBpip\-shims\fP \fI\%#5188\fP -.IP \(bu 2 -.INDENT 2.0 -.IP \(bu 2 -Remove vendored \fBurllib3\fP in favor of using it from vendored version in \fBpip._vendor\fP \fI\%#5215\fP -.UNINDENT -.UNINDENT -.SS Removals and Deprecations -.INDENT 0.0 -.IP \(bu 2 -Remove tests that have been for a while been marked skipped and are no longer relevant. \fI\%#5165\fP -.UNINDENT -.SS 2022.7.24 (2022\-07\-24) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Re\-enabled three installs tests again on the Windows CI as recent refactor work has fixed them. \fI\%#5064\fP -.IP \(bu 2 -Support ANSI \fBNO_COLOR\fP environment variable and deprecate \fBPIPENV_COLORBLIND\fP variable, which will be removed after this release. \fI\%#5158\fP -.IP \(bu 2 -Fixed edge case where a non\-editable file, url or vcs would overwrite the value \fBno_deps\fP for all other requirements in the loop causing a retry condition. \fI\%#5164\fP -.IP \(bu 2 -Vendor in latest \fBrequirementslib\fP for fix to lock when using editable VCS module with specific \fB@\fP git reference. \fI\%#5179\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Remove crayons and replace with click.secho and click.styles per \fI\%https://github.com/pypa/pipenv/issues/3741\fP \fI\%#3741\fP -.IP \(bu 2 -Vendor in latest version of \fBpip==22.1.2\fP which upgrades \fBpipenv\fP from \fBpip==22.0.4\fP\&. -Vendor in latest version of \fBrequirementslib==1.6.7\fP which includes a fix for tracebacks on encountering Annotated variables. -Vendor in latest version of \fBpip\-shims==0.7.3\fP such that imports could be rewritten to utilize \fBpackaging\fP from vendor\(aqd \fBpip\fP\&. -Drop the \fBpackaging\fP requirement from the \fBvendor\fP directory in \fBpipenv\fP\&. \fI\%#5147\fP -.IP \(bu 2 -Remove unused vendored dependency \fBnormailze\-charset\fP\&. \fI\%#5161\fP -.IP \(bu 2 -Remove obsolete package \fBfuncsigs\fP\&. \fI\%#5168\fP -.IP \(bu 2 -Bump vendored dependency \fBpyparsing==3.0.9\fP\&. \fI\%#5170\fP -.UNINDENT -.SS 2022.7.4 (2022\-07\-04) -.SS Behavior Changes -.INDENT 0.0 -.IP \(bu 2 -Adjust \fBpipenv requirements\fP to add markers and add an \fB\-\-exclude\-markers\fP option to allow the exclusion of markers. \fI\%#5092\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Stopped expanding environment variables when using \fBpipenv requirements\fP \fI\%#5134\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Depend on \fBrequests\fP and \fBcertifi\fP from vendored \fBpip\fP and remove them as explicit vendor dependencies. \fI\%#5000\fP -.IP \(bu 2 -Vendor in the latest version of \fBrequirementslib==1.6.5\fP which includes bug fixes for beta python versions, projects with an at sign (@) in the path, and a \fBsetuptools\fP deprecation warning. \fI\%#5132\fP -.UNINDENT -.SS Relates to dev process changes -.INDENT 0.0 -.IP \(bu 2 -Switch from using type comments to type annotations. -.UNINDENT -.SS 2022.5.3.dev0 (2022\-06\-07) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Adjust pipenv to work with the newly added \fBvenv\fP install scheme in Python. -First check if \fBvenv\fP is among the available install schemes, and use it if it is. Otherwise fall back to the \fBnt\fP or \fBposix_prefix\fP install schemes as before. This should produce no change for environments where the install schemes were not redefined. \fI\%#5096\fP -.UNINDENT -.SS 2022.5.2 (2022\-05\-02) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fixes issue of \fBpipenv lock \-r\fP command printing to stdout instead of stderr. \fI\%#5091\fP -.UNINDENT -.SS 2022.4.30 (2022\-04\-30) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fixes issue of \fBrequirements\fP command problem by modifying to print \fB\-e\fP and path of the editable package. \fI\%#5070\fP -.IP \(bu 2 -Revert specifier of \fBsetuptools\fP requirement in \fBsetup.py\fP back to what it was in order to fix \fBFileNotFoundError: [Errno 2]\fP issue report. \fI\%#5075\fP -.IP \(bu 2 -Fixes issue of requirements command where git requirements cause the command to fail, solved by using existing convert_deps_to_pip function. \fI\%#5076\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Vendor in \fBrequirementslib==1.6.4\fP to Fix \fBSetuptoolsDeprecationWarning\fP \fBsetuptools.config.read_configuration\fP became deprecated. \fI\%#5081\fP -.UNINDENT -.SS Removals and Deprecations -.INDENT 0.0 -.IP \(bu 2 -Remove more usage of misc functions of vistir. Many of this function are availabel in the STL or in another dependency of pipenv. \fI\%#5078\fP -.UNINDENT -.SS 2022.4.21 (2022\-04\-21) -.SS Removals and Deprecations -.INDENT 0.0 -.IP \(bu 2 -Updated setup.py to remove support for python 3.6 from built \fBpipenv\fP packages\(aq Metadata. \fI\%#5065\fP -.UNINDENT -.SS 2022.4.20 (2022\-04\-20) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -Added new Pipenv option \fBinstall_search_all_sources\fP that allows installation of packages from an -existing \fBPipfile.lock\fP to search all defined indexes for the constrained package version and hash signatures. \fI\%#5041\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -allow the user to disable the \fBno_input\fP flag, so the use of e.g Google Artifact Registry is possible. \fI\%#4706\fP -.IP \(bu 2 -Fixes case where packages could fail to install and the exit code was successful. \fI\%#5031\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Updated vendor version of \fBpip\fP from \fB21.2.2\fP to \fB22.0.4\fP which fixes a number of bugs including -several reports of pipenv locking for an infinite amount of time when using certain package constraints. -This also drops support for python 3.6 as it is EOL and support was removed in pip 22.x \fI\%#4995\fP -.UNINDENT -.SS Removals and Deprecations -.INDENT 0.0 -.IP \(bu 2 -Removed the vendor dependency \fBmore\-itertools\fP as it was originally added for \fBzipp\fP, which since stopped using it. \fI\%#5044\fP -.IP \(bu 2 -Removed all usages of \fBpipenv.vendor.vistir.compat.fs_str\fP, since this function was used for PY2\-PY3 compatability and is no longer needed. \fI\%#5062\fP -.UNINDENT -.SS Relates to dev process changes -.INDENT 0.0 -.IP \(bu 2 -Added pytest\-cov and basic configuration to the project for generating html testing coverage reports. -.IP \(bu 2 -Make all CI jobs run only after the lint stage. Also added a makefile target for vendoring the packages. -.UNINDENT -.SS 2022.4.8 (2022\-04\-08) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -Implements a \fBpipenv requirements\fP command which generates a requirements.txt compatible output without locking. \fI\%#4959\fP -.IP \(bu 2 -Internal to pipenv, the utils.py was split into a utils module with unused code removed. \fI\%#4992\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Pipenv will now ignore \fB\&.venv\fP in the project when \fBPIPENV_VENV_IN_PROJECT\fP variable is False. -Unset variable maintains the existing behavior of preferring to use the project\(aqs \fB\&.venv\fP should it exist. \fI\%#2763\fP -.IP \(bu 2 -Fix an edge case of hash collection in index restricted packages whereby the hashes for some packages would -be missing from the \fBPipfile.lock\fP following package index restrictions added in \fBpipenv==2022.3.23\fP\&. \fI\%#5023\fP -.UNINDENT -.SS Improved Documentation -.INDENT 0.0 -.IP \(bu 2 -Pipenv CLI documentation generation has been fixed. It had broke when \fBclick\fP was vendored into the project in -\fB2021.11.9\fP because by default \fBsphinx\-click\fP could no longer determine the CLI inherited from click. \fI\%#4778\fP -.IP \(bu 2 -Improve documentation around extra indexes and index restricted packages. \fI\%#5022\fP -.UNINDENT -.SS Removals and Deprecations -.INDENT 0.0 -.IP \(bu 2 -Removes the optional \fBinstall\fP argument \fB\-\-extra\-index\-url\fP as it was not compatible with index restricted packages. -Using the \fB\-\-index\fP argument is the correct way to specify a package should be pulled from the non\-default index. \fI\%#5022\fP -.UNINDENT -.SS Relates to dev process changes -.INDENT 0.0 -.IP \(bu 2 -Added code linting using pre\-commit\-hooks, black, flake8, isort, pygrep\-hooks, news\-fragments and check\-manifest. -Very similar to pip\(aqs configuration; adds a towncrier new\(aqs type \fBprocess\fP for change to Development processes. -.UNINDENT -.SS 2022.3.28 (2022\-03\-27) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Environment variables were not being loaded when the \fB\-\-quiet\fP flag was set \fI\%#5010\fP -.IP \(bu 2 -It would appear that \fBrequirementslib\fP was not fully specifying the subdirectory to \fBbuild_pep517\fP and -and when a new version of \fBsetuptools\fP was released, the test \fBtest_lock_nested_vcs_direct_url\fP -broke indicating the Pipfile.lock no longer contained the extra dependencies that should have been resolved. -This regression affected \fBpipenv>=2021.11.9\fP but has been fixed by a patch to \fBrequirementslib\fP\&. \fI\%#5019\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Vendor in pip==21.2.4 (from 21.2.2) in order to bring in requested bug fix for python3.6. Note: support for 3.6 will be dropped in a subsequent release. \fI\%#5008\fP -.UNINDENT -.SS 2022.3.24 (2022\-03\-23) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -It is now possible to silence the \fBLoading .env environment variables\fP message on \fBpipenv run\fP -with the \fB\-\-quiet\fP flag or the \fBPIPENV_QUIET\fP environment variable. \fI\%#4027\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fixes issue with new index safety restriction, whereby an unnamed extra sources index -caused and error to be thrown during install. \fI\%#5002\fP -.IP \(bu 2 -The text \fBLoading .env environment variables...\fP has been switched back to stderr as to not -break requirements.txt generation. Also it only prints now when a \fB\&.env\fP file is actually present. \fI\%#5003\fP -.UNINDENT -.SS 2022.3.23 (2022\-03\-22) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -Use environment variable \fBPIPENV_SKIP_LOCK\fP to control the behaviour of lock skipping. \fI\%#4797\fP -.IP \(bu 2 -New CLI command \fBverify\fP, checks the Pipfile.lock is up\-to\-date \fI\%#4893\fP -.UNINDENT -.SS Behavior Changes -.INDENT 0.0 -.IP \(bu 2 -Pattern expansion for arguments was disabled on Windows. \fI\%#4935\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Python versions on Windows can now be installed automatically through pyenv\-win \fI\%#4525\fP -.IP \(bu 2 -Patched our vendored Pip to fix: Pipenv Lock (Or Install) Does Not Respect Index Specified For A Package. \fI\%#4637\fP -.IP \(bu 2 -If \fBPIP_TARGET\fP is set to environment variables, Refer specified directory for calculate delta, instead default directory \fI\%#4775\fP -.IP \(bu 2 -Remove remaining mention of python2 and \-\-two flag from codebase. \fI\%#4938\fP -.IP \(bu 2 -Use \fBCI\fP environment value, over mere existence of name \fI\%#4944\fP -.IP \(bu 2 -Environment variables from dot env files are now properly expanded when included in scripts. \fI\%#4975\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Updated vendor version of \fBpythonfinder\fP from \fB1.2.9\fP to \fB1.2.10\fP which fixes a bug with WSL -(Windows Subsystem for Linux) when a path can not be read and Permission Denied error is encountered. \fI\%#4976\fP -.UNINDENT -.SS Removals and Deprecations -.INDENT 0.0 -.IP \(bu 2 -Removes long broken argument \fB\-\-code\fP from \fBinstall\fP and \fB\-\-unused\fP from \fBcheck\fP\&. -Check command no longer takes in arguments to ignore. -Removed the vendored dependencies: \fBpipreqs\fP and \fByarg\fP \fI\%#4998\fP -.UNINDENT -.SS 2022.1.8 (2022\-01\-08) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Remove the extra parentheses around the venv prompt. \fI\%#4877\fP -.IP \(bu 2 -Fix a bug of installation fails when extra index url is given. \fI\%#4881\fP -.IP \(bu 2 -Fix regression where lockfiles would only include the hashes for releases for the platform generating the lockfile \fI\%#4885\fP -.IP \(bu 2 -Fix the index parsing to reject illegal requirements.txt. \fI\%#4899\fP -.UNINDENT -.SS 2021.11.23 (2021\-11\-23) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Update \fBcharset\-normalizer\fP from \fB2.0.3\fP to \fB2.0.7\fP, this fixes an import error on Python 3.6. \fI\%#4865\fP -.IP \(bu 2 -Fix a bug of deleting a virtualenv that is not managed by Pipenv. \fI\%#4867\fP -.IP \(bu 2 -Fix a bug that source is not added to \fBPipfile\fP when index url is given with \fBpipenv install\fP\&. \fI\%#4873\fP -.UNINDENT -.SS 2021.11.15 (2021\-11\-15) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Return an empty dict when \fBPIPENV_DONT_LOAD_ENV\fP is set. \fI\%#4851\fP -.IP \(bu 2 -Don\(aqt use \fBsys.executable\fP when inside an activated venv. \fI\%#4852\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Drop the vendored \fBjinja2\fP dependency as it is not needed any more. \fI\%#4858\fP -.IP \(bu 2 -Update \fBclick\fP from \fB8.0.1\fP to \fB8.0.3\fP, to fix a problem with bash completion. \fI\%#4860\fP -.IP \(bu 2 -Drop unused vendor \fBchardet\fP\&. \fI\%#4862\fP -.UNINDENT -.SS Improved Documentation -.INDENT 0.0 -.IP \(bu 2 -Fix the documentation to reflect the fact that special characters must be percent\-encoded in the URL. \fI\%#4856\fP -.UNINDENT -.SS 2021.11.9 (2021\-11\-09) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -Replace \fBclick\-completion\fP with \fBclick\fP\(aqs own completion implementation. \fI\%#4786\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fix a bug that \fBpipenv run\fP doesn\(aqt set environment variables correctly. \fI\%#4831\fP -.IP \(bu 2 -Fix a bug that certifi can\(aqt be loaded within \fBnotpip\fP\(aqs vendor library. This makes several objects of \fBpip\fP fail to be imported. \fI\%#4833\fP -.IP \(bu 2 -Fix a bug that \fB3.10.0\fP can be found be python finder. \fI\%#4837\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Update \fBpythonfinder\fP from \fB1.2.8\fP to \fB1.2.9\fP\&. \fI\%#4837\fP -.UNINDENT -.SS 2021.11.5.post0 (2021\-11\-05) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fix a regression that \fBpipenv shell\fP fails to start a subshell. \fI\%#4828\fP -.IP \(bu 2 -Fix a regression that \fBpip_shims\fP object isn\(aqt imported correctly. \fI\%#4829\fP -.UNINDENT -.SS 2021.11.5 (2021\-11\-05) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -Avoid sharing states but create project objects on demand. So that most integration test cases are able to switch to a in\-process execution method. \fI\%#4757\fP -.IP \(bu 2 -Shell\-quote \fBpip\fP commands when logging. \fI\%#4760\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Ignore empty .venv in rood dir and create project name base virtual environment \fI\%#4790\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Update vendored dependencies -\- \fBattrs\fP from \fB20.3.0\fP to \fB21.2.0\fP -\- \fBcerberus\fP from \fB1.3.2\fP to \fB1.3.4\fP -\- \fBcertifi\fP from \fB2020.11.8\fP to \fB2021.5.30\fP -\- \fBchardet\fP from \fB3.0.4\fP to \fB4.0.0\fP -\- \fBclick\fP from \fB7.1.2\fP to \fB8.0.1\fP -\- \fBdistlib\fP from \fB0.3.1\fP to \fB0.3.2\fP -\- \fBidna\fP from \fB2.10\fP to \fB3.2\fP -\- \fBimportlib\-metadata\fP from \fB2.0.0\fP to \fB4.6.1\fP -\- \fBimportlib\-resources\fP from \fB3.3.0\fP to \fB5.2.0\fP -\- \fBjinja2\fP from \fB2.11.2\fP to \fB3.0.1\fP -\- \fBmarkupsafe\fP from \fB1.1.1\fP to \fB2.0.1\fP -\- \fBmore\-itertools\fP from \fB5.0.0\fP to \fB8.8.0\fP -\- \fBpackaging\fP from \fB20.8\fP to \fB21.0\fP -\- \fBpep517\fP from \fB0.9.1\fP to \fB0.11.0\fP -\- \fBpipdeptree\fP from \fB1.0.0\fP to \fB2.0.0\fP -\- \fBptyprocess\fP from \fB0.6.0\fP to \fB0.7.0\fP -\- \fBpython\-dateutil\fP from \fB2.8.1\fP to \fB2.8.2\fP -\- \fBpython\-dotenv\fP from \fB0.15.0\fP to \fB0.19.0\fP -\- \fBpythonfinder\fP from \fB1.2.5\fP to \fB1.2.8\fP -\- \fBrequests\fP from \fB2.25.0\fP to \fB2.26.0\fP -\- \fBshellingham\fP from \fB1.3.2\fP to \fB1.4.0\fP -\- \fBsix\fP from \fB1.15.0\fP to \fB1.16.0\fP -\- \fBtomlkit\fP from \fB0.7.0\fP to \fB0.7.2\fP -\- \fBurllib3\fP from \fB1.26.1\fP to \fB1.26.6\fP -\- \fBzipp\fP from \fB1.2.0\fP to \fB3.5.0\fP -.sp -Add new vendored dependencies -\- \fBcharset\-normalizer 2.0.3\fP -\- \fBtermcolor 1.1.0\fP -\- \fBtomli 1.1.0\fP -\- \fBwheel 0.36.2\fP \fI\%#4747\fP -.IP \(bu 2 -Drop the dependencies for Python 2.7 compatibility purpose. \fI\%#4751\fP -.IP \(bu 2 -Switch the dependency resolver from \fBpip\-tools\fP to \fBpip\fP\&. -.sp -Update vendor libraries: -\- Update \fBrequirementslib\fP from \fB1.5.16\fP to \fB1.6.1\fP -\- Update \fBpip\-shims\fP from \fB0.5.6\fP to \fB0.6.0\fP -\- New vendor \fBplatformdirs 2.4.0\fP \fI\%#4759\fP -.UNINDENT -.SS Improved Documentation -.INDENT 0.0 -.IP \(bu 2 -remove prefixes on install commands for easy copy/pasting \fI\%#4792\fP -.IP \(bu 2 -Officially drop support for Python 2.7 and Python 3.5. \fI\%#4261\fP -.UNINDENT -.SS 2021.5.29 (2021\-05\-29) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fix a bug where passing \-\-skip\-lock when PIPFILE has no [SOURCE] section throws the error: "tomlkit.exceptions.NonExistentKey: \(aqKey "source" does not exist.\(aq" \fI\%#4141\fP -.IP \(bu 2 -Fix bug where environment wouldn\(aqt activate in paths containing & and $ symbols \fI\%#4538\fP -.IP \(bu 2 -Fix a bug that \fBimportlib\-metadata\fP from the project\(aqs dependencies conflicts with that from \fBpipenv\fP\(aqs. \fI\%#4549\fP -.IP \(bu 2 -Fix a bug where \fBpep508checker.py\fP did not expect double\-digit Python minor versions (e.g. "3.10"). \fI\%#4602\fP -.IP \(bu 2 -Fix bug where environment wouldn\(aqt activate in paths containing () and [] symbols \fI\%#4615\fP -.IP \(bu 2 -Fix bug preventing use of pipenv lock \-\-pre \fI\%#4642\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Update \fBpackaging\fP from \fB20.4\fP to \fB20.8\fP\&. \fI\%#4591\fP -.UNINDENT -.SS 2020.11.15 (2020\-11\-15) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -Support expanding environment variables in requirement URLs. \fI\%#3516\fP -.IP \(bu 2 -Show warning message when a dependency is skipped in locking due to the mismatch of its markers. \fI\%#4346\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fix a bug that executable scripts with leading backslash can\(aqt be executed via \fBpipenv run\fP\&. \fI\%#4368\fP -.IP \(bu 2 -Fix a bug that VCS dependencies always satisfy even if the ref has changed. \fI\%#4387\fP -.IP \(bu 2 -Restrict the acceptable hash type to SHA256 only. \fI\%#4517\fP -.IP \(bu 2 -Fix the output of \fBpipenv scripts\fP under Windows platform. \fI\%#4523\fP -.IP \(bu 2 -Fix a bug that the resolver takes wrong section to validate constraints. \fI\%#4527\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -.INDENT 2.0 -.TP -.B Update vendored dependencies: -.INDENT 7.0 -.IP \(bu 2 -\fBcolorama\fP from \fB0.4.3\fP to \fB0.4.4\fP -.IP \(bu 2 -\fBpython\-dotenv\fP from \fB0.10.3\fP to \fB0.15.0\fP -.IP \(bu 2 -\fBfirst\fP from \fB2.0.1\fP to \fB2.0.2\fP -.IP \(bu 2 -\fBiso8601\fP from \fB0.1.12\fP to \fB0.1.13\fP -.IP \(bu 2 -\fBparse\fP from \fB1.15.0\fP to \fB1.18.0\fP -.IP \(bu 2 -\fBpipdeptree\fP from \fB0.13.2\fP to \fB1.0.0\fP -.IP \(bu 2 -\fBrequests\fP from \fB2.23.0\fP to \fB2.25.0\fP -.IP \(bu 2 -\fBidna\fP from \fB2.9\fP to \fB2.10\fP -.IP \(bu 2 -\fBurllib3\fP from \fB1.25.9\fP to \fB1.26.1\fP -.IP \(bu 2 -\fBcertifi\fP from \fB2020.4.5.1\fP to \fB2020.11.8\fP -.IP \(bu 2 -\fBrequirementslib\fP from \fB1.5.15\fP to \fB1.5.16\fP -.IP \(bu 2 -\fBattrs\fP from \fB19.3.0\fP to \fB20.3.0\fP -.IP \(bu 2 -\fBdistlib\fP from \fB0.3.0\fP to \fB0.3.1\fP -.IP \(bu 2 -\fBpackaging\fP from \fB20.3\fP to \fB20.4\fP -.IP \(bu 2 -\fBsix\fP from \fB1.14.0\fP to \fB1.15.0\fP -.IP \(bu 2 -\fBsemver\fP from \fB2.9.0\fP to \fB2.13.0\fP -.IP \(bu 2 -\fBtoml\fP from \fB0.10.1\fP to \fB0.10.2\fP -.IP \(bu 2 -\fBcached\-property\fP from \fB1.5.1\fP to \fB1.5.2\fP -.IP \(bu 2 -\fByaspin\fP from \fB0.14.3\fP to \fB1.2.0\fP -.IP \(bu 2 -\fBresolvelib\fP from \fB0.3.0\fP to \fB0.5.2\fP -.IP \(bu 2 -\fBpep517\fP from \fB0.8.2\fP to \fB0.9.1\fP -.IP \(bu 2 -\fBzipp\fP from \fB0.6.0\fP to \fB1.2.0\fP -.IP \(bu 2 -\fBimportlib\-metadata\fP from \fB1.6.0\fP to \fB2.0.0\fP -.IP \(bu 2 -\fBimportlib\-resources\fP from \fB1.5.0\fP to \fB3.3.0\fP \fI\%#4533\fP -.UNINDENT -.UNINDENT -.UNINDENT -.SS Improved Documentation -.INDENT 0.0 -.IP \(bu 2 -Fix suggested pyenv setup to avoid using shimmed interpreter \fI\%#4534\fP -.UNINDENT -.SS 2020.11.4 (2020\-11\-04) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -Add a new command \fBpipenv scripts\fP to display shortcuts from Pipfile. \fI\%#3686\fP -.IP \(bu 2 -Retrieve package file hash from URL to accelerate the locking process. \fI\%#3827\fP -.IP \(bu 2 -Add the missing \fB\-\-system\fP option to \fBpipenv sync\fP\&. \fI\%#4441\fP -.IP \(bu 2 -Add a new option pair \fB\-\-header/\-\-no\-header\fP to \fBpipenv lock\fP command, -which adds a header to the generated requirements.txt \fI\%#4443\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fix a bug that percent encoded characters will be unquoted incorrectly in the file URL. \fI\%#4089\fP -.IP \(bu 2 -Fix a bug where setting PIPENV_PYTHON to file path breaks environment name \fI\%#4225\fP -.IP \(bu 2 -Fix a bug that paths are not normalized before comparison. \fI\%#4330\fP -.IP \(bu 2 -Handle Python major and minor versions correctly in Pipfile creation. \fI\%#4379\fP -.IP \(bu 2 -Fix a bug that non\-wheel file requirements can be resolved successfully. \fI\%#4386\fP -.IP \(bu 2 -Fix a bug that \fBpexept.exceptions.TIMEOUT\fP is not caught correctly because of the wrong import path. \fI\%#4424\fP -.IP \(bu 2 -Fix a bug that compound TOML table is not parsed correctly. \fI\%#4433\fP -.IP \(bu 2 -Fix a bug that invalid Python paths from Windows registry break \fBpipenv install\fP\&. \fI\%#4436\fP -.IP \(bu 2 -Fix a bug that function calls in \fBsetup.py\fP can\(aqt be parsed rightly. \fI\%#4446\fP -.IP \(bu 2 -Fix a bug that dist\-info inside \fBvenv\fP directory will be mistaken as the editable package\(aqs metadata. \fI\%#4480\fP -.IP \(bu 2 -Make the order of hashes in resolution result stable. \fI\%#4513\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Update \fBtomlkit\fP from \fB0.5.11\fP to \fB0.7.0\fP\&. \fI\%#4433\fP -.IP \(bu 2 -Update \fBrequirementslib\fP from \fB1.5.13\fP to \fB1.5.14\fP\&. \fI\%#4480\fP -.UNINDENT -.SS Improved Documentation -.INDENT 0.0 -.IP \(bu 2 -Discourage homebrew installation in installation guides. \fI\%#4013\fP -.UNINDENT -.SS 2020.8.13 (2020\-08\-13) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fixed behaviour of \fBpipenv uninstall \-\-all\-dev\fP\&. -From now on it does not uninstall regular packages. \fI\%#3722\fP -.IP \(bu 2 -Fix a bug that incorrect Python path will be used when \fB\-\-system\fP flag is on. \fI\%#4315\fP -.IP \(bu 2 -Fix falsely flagging a Homebrew installed Python as a virtual environment \fI\%#4316\fP -.IP \(bu 2 -Fix a bug that \fBpipenv uninstall\fP throws an exception that does not exist. \fI\%#4321\fP -.IP \(bu 2 -Fix a bug that Pipenv can\(aqt locate the correct file of special directives in \fBsetup.cfg\fP of an editable package. \fI\%#4335\fP -.IP \(bu 2 -Fix a bug that \fBsetup.py\fP can\(aqt be parsed correctly when the assignment is type\-annotated. \fI\%#4342\fP -.IP \(bu 2 -Fix a bug that \fBpipenv graph\fP throws an exception that PipenvCmdError(cmd_string, c.out, c.err, return_code). \fI\%#4388\fP -.IP \(bu 2 -Do not copy the whole directory tree of local file package. \fI\%#4403\fP -.IP \(bu 2 -Correctly detect whether Pipenv in run under an activated virtualenv. \fI\%#4412\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Update \fBrequirementslib\fP to \fB1.5.12\fP\&. \fI\%#4385\fP -.IP \(bu 2 -.INDENT 2.0 -.IP \(bu 2 -Update \fBrequirements\fP to \fB1.5.13\fP\&. -.IP \(bu 2 -Update \fBpip\-shims\fP to \fB0.5.3\fP\&. \fI\%#4421\fP -.UNINDENT -.UNINDENT -.SS 2020.6.2 (2020\-06\-02) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -Pipenv will now detect existing \fBvenv\fP and \fBvirtualenv\fP based virtual environments more robustly. \fI\%#4276\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -\fB+\fP signs in URL authentication fragments will no longer be incorrectly replaced with space ( \(ga\(ga \(ga\(ga ) characters. \fI\%#4271\fP -.IP \(bu 2 -Fixed a regression which caused Pipenv to fail when running under \fB/\fP\&. \fI\%#4273\fP -.IP \(bu 2 -\fBsetup.py\fP files with \fBversion\fP variables read from \fBos.environ\fP are now able to be parsed successfully. \fI\%#4274\fP -.IP \(bu 2 -Fixed a bug which caused Pipenv to fail to install packages in a virtual environment if those packages were already present in the system global environment. \fI\%#4276\fP -.IP \(bu 2 -Fix a bug that caused non\-specific versions to be pinned in \fBPipfile.lock\fP\&. \fI\%#4278\fP -.IP \(bu 2 -Corrected a missing exception import and invalid function call invocations in \fBpipenv.cli.command\fP\&. \fI\%#4286\fP -.IP \(bu 2 -Fixed an issue with resolving packages with names defined by function calls in \fBsetup.py\fP\&. \fI\%#4292\fP -.IP \(bu 2 -Fixed a regression with installing the current directory, or \fB\&.\fP, inside a \fBvenv\fP based virtual environment. \fI\%#4295\fP -.IP \(bu 2 -Fixed a bug with the discovery of python paths on Windows which could prevent installation of environments during \fBpipenv install\fP\&. \fI\%#4296\fP -.IP \(bu 2 -Fixed an issue in the \fBrequirementslib\fP AST parser which prevented parsing of \fBsetup.py\fP files for dependency metadata. \fI\%#4298\fP -.IP \(bu 2 -Fix a bug where Pipenv doesn\(aqt realize the session is interactive \fI\%#4305\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Updated requirementslib to version \fB1.5.11\fP\&. \fI\%#4292\fP -.IP \(bu 2 -.INDENT 2.0 -.TP -.B Updated vendored dependencies: -.INDENT 7.0 -.IP \(bu 2 -\fBpythonfinder\fP: \fB1.2.2\fP => \fB1.2.4\fP -.IP \(bu 2 -\fBrequirementslib\fP: \fB1.5.9\fP => \fB1.5.10\fP \fI\%#4302\fP -.UNINDENT -.UNINDENT -.UNINDENT -.SS 2020.5.28 (2020\-05\-28) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -\fBpipenv install\fP and \fBpipenv sync\fP will no longer attempt to install satisfied dependencies during installation. \fI\%#3057\fP, -\fI\%#3506\fP -.IP \(bu 2 -Added support for resolution of direct\-url dependencies in \fBsetup.py\fP files to respect \fBPEP\-508\fP style URL dependencies. \fI\%#3148\fP -.IP \(bu 2 -Added full support for resolution of all dependency types including direct URLs, zip archives, tarballs, etc. -.INDENT 2.0 -.IP \(bu 2 -Improved error handling and formatting. -.IP \(bu 2 -Introduced improved cross platform stream wrappers for better \fBstdout\fP and \fBstderr\fP consistency. \fI\%#3298\fP -.UNINDENT -.IP \(bu 2 -For consistency with other commands and the \fB\-\-dev\fP option -description, \fBpipenv lock \-\-requirements \-\-dev\fP now emits -both default and development dependencies. -The new \fB\-\-dev\-only\fP option requests the previous -behaviour (e.g. to generate a \fBdev\-requirements.txt\fP file). \fI\%#3316\fP -.IP \(bu 2 -Pipenv will now successfully recursively lock VCS sub\-dependencies. \fI\%#3328\fP -.IP \(bu 2 -Added support for \fB\-\-verbose\fP output to \fBpipenv run\fP\&. \fI\%#3348\fP -.IP \(bu 2 -Pipenv will now discover and resolve the intrinsic dependencies of \fBall\fP VCS dependencies, whether they are editable or not, to prevent resolution conflicts. \fI\%#3368\fP -.IP \(bu 2 -Added a new environment variable, \fBPIPENV_RESOLVE_VCS\fP, to toggle dependency resolution off for non\-editable VCS, file, and URL based dependencies. \fI\%#3577\fP -.IP \(bu 2 -Added the ability for Windows users to enable emojis by setting \fBPIPENV_HIDE_EMOJIS=0\fP\&. \fI\%#3595\fP -.IP \(bu 2 -Allow overriding PIPENV_INSTALL_TIMEOUT environment variable (in seconds). \fI\%#3652\fP -.IP \(bu 2 -Allow overriding PIP_EXISTS_ACTION evironment variable (value is passed to pip install). -Possible values here: \fI\%https://pip.pypa.io/en/stable/reference/pip/#exists\-action\-option\fP -Useful when you need to \fBPIP_EXISTS_ACTION=i\fP (ignore existing packages) \- great for CI environments, where you need really fast setup. \fI\%#3738\fP -.IP \(bu 2 -Pipenv will no longer forcibly override \fBPIP_NO_DEPS\fP on all vcs and file dependencies as resolution happens on these in a pre\-lock step. \fI\%#3763\fP -.IP \(bu 2 -Improved verbose logging output during \fBpipenv lock\fP will now stream output to the console while maintaining a spinner. \fI\%#3810\fP -.IP \(bu 2 -Added support for automatic python installs via \fBasdf\fP and associated \fBPIPENV_DONT_USE_ASDF\fP environment variable. \fI\%#4018\fP -.IP \(bu 2 -Pyenv/asdf can now be used whether or not they are available on PATH. Setting PYENV_ROOT/ASDF_DIR in a Pipenv\(aqs .env allows Pipenv to install an interpreter without any shell customizations, so long as pyenv/asdf is installed. \fI\%#4245\fP -.IP \(bu 2 -Added \fB\-\-key\fP command line parameter for including personal PyUp.io API tokens when running \fBpipenv check\fP\&. \fI\%#4257\fP -.UNINDENT -.SS Behavior Changes -.INDENT 0.0 -.IP \(bu 2 -Make conservative checks of known exceptions when subprocess returns output, so user won\(aqt see the whole traceback \- just the error. \fI\%#2553\fP -.IP \(bu 2 -Do not touch Pipfile early and rely on it so that one can do \fBpipenv sync\fP without a Pipfile. \fI\%#3386\fP -.IP \(bu 2 -Re\-enable \fB\-\-help\fP option for \fBpipenv run\fP command. \fI\%#3844\fP -.IP \(bu 2 -Make sure \fBpipenv lock \-r \-\-pypi\-mirror {MIRROR_URL}\fP will respect the pypi\-mirror in requirements output. \fI\%#4199\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Raise \fBPipenvUsageError\fP when [[source]] does not contain url field. \fI\%#2373\fP -.IP \(bu 2 -Fixed a bug which caused editable package resolution to sometimes fail with an unhelpful setuptools\-related error message. \fI\%#2722\fP -.IP \(bu 2 -Fixed an issue which caused errors due to reliance on the system utilities \fBwhich\fP and \fBwhere\fP which may not always exist on some systems. -\- Fixed a bug which caused periodic failures in python discovery when executables named \fBpython\fP were not present on the target \fB$PATH\fP\&. \fI\%#2783\fP -.IP \(bu 2 -Dependency resolution now writes hashes for local and remote files to the lockfile. \fI\%#3053\fP -.IP \(bu 2 -Fixed a bug which prevented \fBpipenv graph\fP from correctly showing all dependencies when running from within \fBpipenv shell\fP\&. \fI\%#3071\fP -.IP \(bu 2 -Fixed resolution of direct\-url dependencies in \fBsetup.py\fP files to respect \fBPEP\-508\fP style URL dependencies. \fI\%#3148\fP -.IP \(bu 2 -Fixed a bug which caused failures in warning reporting when running pipenv inside a virtualenv under some circumstances. -.INDENT 2.0 -.IP \(bu 2 -Fixed a bug with package discovery when running \fBpipenv clean\fP\&. \fI\%#3298\fP -.UNINDENT -.IP \(bu 2 -Quote command arguments with carets (\fB^\fP) on Windows to work around unintended shell escapes. \fI\%#3307\fP -.IP \(bu 2 -Handle alternate names for UTF\-8 encoding. \fI\%#3313\fP -.IP \(bu 2 -Abort pipenv before adding the non\-exist package to Pipfile. \fI\%#3318\fP -.IP \(bu 2 -Don\(aqt normalize the package name user passes in. \fI\%#3324\fP -.IP \(bu 2 -Fix a bug where custom virtualenv can not be activated with pipenv shell \fI\%#3339\fP -.IP \(bu 2 -Fix a bug that \fB\-\-site\-packages\fP flag is not recognized. \fI\%#3351\fP -.IP \(bu 2 -Fix a bug where pipenv \-\-clear is not working \fI\%#3353\fP -.IP \(bu 2 -Fix unhashable type error during \fB$ pipenv install \-\-selective\-upgrade\fP \fI\%#3384\fP -.IP \(bu 2 -Dependencies with direct \fBPEP508\fP compliant VCS URLs specified in their \fBinstall_requires\fP will now be successfully locked during the resolution process. \fI\%#3396\fP -.IP \(bu 2 -Fixed a keyerror which could occur when locking VCS dependencies in some cases. \fI\%#3404\fP -.IP \(bu 2 -Fixed a bug that \fBValidationError\fP is thrown when some fields are missing in source section. \fI\%#3427\fP -.IP \(bu 2 -Updated the index names in lock file when source name in Pipfile is changed. \fI\%#3449\fP -.IP \(bu 2 -Fixed an issue which caused \fBpipenv install \-\-help\fP to show duplicate entries for \fB\-\-pre\fP\&. \fI\%#3479\fP -.IP \(bu 2 -Fix bug causing \fB[SSL: CERTIFICATE_VERIFY_FAILED]\fP when Pipfile \fB[[source]]\fP has verify_ssl=false and url with custom port. \fI\%#3502\fP -.IP \(bu 2 -Fix \fBsync \-\-sequential\fP ignoring \fBpip install\fP errors and logs. \fI\%#3537\fP -.IP \(bu 2 -Fix the issue that lock file can\(aqt be created when \fBPIPENV_PIPFILE\fP is not under working directory. \fI\%#3584\fP -.IP \(bu 2 -Pipenv will no longer inadvertently set \fBeditable=True\fP on all vcs dependencies. \fI\%#3647\fP -.IP \(bu 2 -The \fB\-\-keep\-outdated\fP argument to \fBpipenv install\fP and \fBpipenv lock\fP will now drop specifier constraints when encountering editable dependencies. -\- In addition, \fB\-\-keep\-outdated\fP will retain specifiers that would otherwise be dropped from any entries that have not been updated. \fI\%#3656\fP -.IP \(bu 2 -Fixed a bug which sometimes caused pipenv to fail to respect the \fB\-\-site\-packages\fP flag when passed with \fBpipenv install\fP\&. \fI\%#3718\fP -.IP \(bu 2 -Normalize the package names to lowercase when comparing used and in\-Pipfile packages. \fI\%#3745\fP -.IP \(bu 2 -\fBpipenv update \-\-outdated\fP will now correctly handle comparisons between pre/post\-releases and normal releases. \fI\%#3766\fP -.IP \(bu 2 -Fixed a \fBKeyError\fP which could occur when pinning outdated VCS dependencies via \fBpipenv lock \-\-keep\-outdated\fP\&. \fI\%#3768\fP -.IP \(bu 2 -Resolved an issue which caused resolution to fail when encountering poorly formatted \fBpython_version\fP markers in \fBsetup.py\fP and \fBsetup.cfg\fP files. \fI\%#3786\fP -.IP \(bu 2 -Fix a bug that installation errors are displayed as a list. \fI\%#3794\fP -.IP \(bu 2 -Update \fBpythonfinder\fP to fix a problem that \fBpython.exe\fP will be mistakenly chosen for -virtualenv creation under WSL. \fI\%#3807\fP -.IP \(bu 2 -Fixed several bugs which could prevent editable VCS dependencies from being installed into target environments, even when reporting successful installation. \fI\%#3809\fP -.IP \(bu 2 -\fBpipenv check \-\-system\fP should find the correct Python interpreter when \fBpython\fP does not exist on the system. \fI\%#3819\fP -.IP \(bu 2 -Resolve the symlinks when the path is absolute. \fI\%#3842\fP -.IP \(bu 2 -Pass \fB\-\-pre\fP and \fB\-\-clear\fP options to \fBpipenv update \-\-outdated\fP\&. \fI\%#3879\fP -.IP \(bu 2 -Fixed a bug which prevented resolution of direct URL dependencies which have PEP508 style direct url VCS sub\-dependencies with subdirectories. \fI\%#3976\fP -.IP \(bu 2 -Honor PIPENV_SPINNER environment variable \fI\%#4045\fP -.IP \(bu 2 -Fixed an issue with \fBpipenv check\fP failing due to an invalid API key from \fBpyup.io\fP\&. \fI\%#4188\fP -.IP \(bu 2 -Fixed a bug which caused versions from VCS dependencies to be included in \fBPipfile.lock\fP inadvertently. \fI\%#4217\fP -.IP \(bu 2 -Fixed a bug which caused pipenv to search non\-existent virtual environments for \fBpip\fP when installing using \fB\-\-system\fP\&. \fI\%#4220\fP -.IP \(bu 2 -\fBRequires\-Python\fP values specifying constraint versions of python starting from \fB1.x\fP will now be parsed successfully. \fI\%#4226\fP -.IP \(bu 2 -Fix a bug of \fBpipenv update \-\-outdated\fP that can\(aqt print output correctly. \fI\%#4229\fP -.IP \(bu 2 -Fixed a bug which caused pipenv to prefer source distributions over wheels from \fBPyPI\fP during the dependency resolution phase. -Fixed an issue which prevented proper build isolation using \fBpep517\fP based builders during dependency resolution. \fI\%#4231\fP -.IP \(bu 2 -Don\(aqt fallback to system Python when no matching Python version is found. \fI\%#4232\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Updated vendored dependencies: -.INDENT 2.0 -.INDENT 3.5 -.INDENT 0.0 -.IP \(bu 2 -\fBattrs\fP: \fB18.2.0\fP => \fB19.1.0\fP -.IP \(bu 2 -\fBcertifi\fP: \fB2018.10.15\fP => \fB2019.3.9\fP -.IP \(bu 2 -\fBcached_property\fP: \fB1.4.3\fP => \fB1.5.1\fP -.IP \(bu 2 -\fBcerberus\fP: \fB1.2.0\fP => \fB1.3.1\fP -.IP \(bu 2 -\fBclick\-completion\fP: \fB0.5.0\fP => \fB0.5.1\fP -.IP \(bu 2 -\fBcolorama\fP: \fB0.3.9\fP => \fB0.4.1\fP -.IP \(bu 2 -\fBdistlib\fP: \fB0.2.8\fP => \fB0.2.9\fP -.IP \(bu 2 -\fBidna\fP: \fB2.7\fP => \fB2.8\fP -.IP \(bu 2 -\fBjinja2\fP: \fB2.10.0\fP => \fB2.10.1\fP -.IP \(bu 2 -\fBmarkupsafe\fP: \fB1.0\fP => \fB1.1.1\fP -.IP \(bu 2 -\fBorderedmultidict\fP: \fB(new)\fP => \fB1.0\fP -.IP \(bu 2 -\fBpackaging\fP: \fB18.0\fP => \fB19.0\fP -.IP \(bu 2 -\fBparse\fP: \fB1.9.0\fP => \fB1.12.0\fP -.IP \(bu 2 -\fBpathlib2\fP: \fB2.3.2\fP => \fB2.3.3\fP -.IP \(bu 2 -\fBpep517\fP: \fB(new)\fP => \fB0.5.0\fP -.IP \(bu 2 -\fBpexpect\fP: \fB4.6.0\fP => \fB4.7.0\fP -.IP \(bu 2 -\fBpipdeptree\fP: \fB0.13.0\fP => \fB0.13.2\fP -.IP \(bu 2 -\fBpyparsing\fP: \fB2.2.2\fP => \fB2.3.1\fP -.IP \(bu 2 -\fBpython\-dotenv\fP: \fB0.9.1\fP => \fB0.10.2\fP -.IP \(bu 2 -\fBpythonfinder\fP: \fB1.1.10\fP => \fB1.2.1\fP -.IP \(bu 2 -\fBpytoml\fP: \fB(new)\fP => \fB0.1.20\fP -.IP \(bu 2 -\fBrequests\fP: \fB2.20.1\fP => \fB2.21.0\fP -.IP \(bu 2 -\fBrequirementslib\fP: \fB1.3.3\fP => \fB1.5.0\fP -.IP \(bu 2 -\fBscandir\fP: \fB1.9.0\fP => \fB1.10.0\fP -.IP \(bu 2 -\fBshellingham\fP: \fB1.2.7\fP => \fB1.3.1\fP -.IP \(bu 2 -\fBsix\fP: \fB1.11.0\fP => \fB1.12.0\fP -.IP \(bu 2 -\fBtomlkit\fP: \fB0.5.2\fP => \fB0.5.3\fP -.IP \(bu 2 -\fBurllib3\fP: \fB1.24\fP => \fB1.25.2\fP -.IP \(bu 2 -\fBvistir\fP: \fB0.3.0\fP => \fB0.4.1\fP -.IP \(bu 2 -\fByaspin\fP: \fB0.14.0\fP => \fB0.14.3\fP -.UNINDENT -.UNINDENT -.UNINDENT -.INDENT 2.0 -.IP \(bu 2 -Removed vendored dependency \fBcursor\fP\&. \fI\%#3298\fP -.UNINDENT -.IP \(bu 2 -Updated \fBpip_shims\fP to support \fB\-\-outdated\fP with new pip versions. \fI\%#3766\fP -.IP \(bu 2 -Update vendored dependencies and invocations -.INDENT 2.0 -.IP \(bu 2 -Update vendored and patched dependencies -\- Update patches on \fBpiptools\fP, \fBpip\fP, \fBpip\-shims\fP, -.nf -\(ga\(ga -.fi -tomlkit\(ga -.IP \(bu 2 -Fix invocations of dependencies -\- Fix custom -.nf -\(ga\(ga -.fi -InstallCommand\(ga instantiation -\- Update -.nf -\(ga\(ga -.fi -PackageFinder\(ga usage -\- Fix -.nf -\(ga\(ga -.fi -Bool\(ga stringify attempts from -.nf -\(ga\(ga -.fi -tomlkit\(ga -.UNINDENT -.INDENT 2.0 -.TP -.B Updated vendored dependencies: -.INDENT 7.0 -.IP \(bu 2 -\fBattrs\fP: \fB\(ga18.2.0\fP => \fB\(ga19.1.0\fP -.IP \(bu 2 -\fBcertifi\fP: \fB\(ga2018.10.15\fP => \fB\(ga2019.3.9\fP -.IP \(bu 2 -\fBcached_property\fP: \fB\(ga1.4.3\fP => \fB\(ga1.5.1\fP -.IP \(bu 2 -\fBcerberus\fP: \fB\(ga1.2.0\fP => \fB\(ga1.3.1\fP -.IP \(bu 2 -\fBclick\fP: \fB\(ga7.0.0\fP => \fB\(ga7.1.1\fP -.IP \(bu 2 -\fBclick\-completion\fP: \fB\(ga0.5.0\fP => \fB\(ga0.5.1\fP -.IP \(bu 2 -\fBcolorama\fP: \fB\(ga0.3.9\fP => \fB\(ga0.4.3\fP -.IP \(bu 2 -\fBcontextlib2\fP: \fB\(ga(new)\fP => \fB\(ga0.6.0.post1\fP -.IP \(bu 2 -\fBdistlib\fP: \fB\(ga0.2.8\fP => \fB\(ga0.2.9\fP -.IP \(bu 2 -\fBfuncsigs\fP: \fB\(ga(new)\fP => \fB\(ga1.0.2\fP -.IP \(bu 2 -\fBimportlib_metadata\fP \fB\(ga1.3.0\fP => \fB\(ga1.5.1\fP -.IP \(bu 2 -\fBimportlib\-resources\fP: \fB\(ga(new)\fP => \fB\(ga1.4.0\fP -.IP \(bu 2 -\fBidna\fP: \fB\(ga2.7\fP => \fB\(ga2.9\fP -.IP \(bu 2 -\fBjinja2\fP: \fB\(ga2.10.0\fP => \fB\(ga2.11.1\fP -.IP \(bu 2 -\fBmarkupsafe\fP: \fB\(ga1.0\fP => \fB\(ga1.1.1\fP -.IP \(bu 2 -\fBmore\-itertools\fP: \fB\(ga(new)\fP => \fB\(ga5.0.0\fP -.IP \(bu 2 -\fBorderedmultidict\fP: \fB\(ga(new)\fP => \fB\(ga1.0\fP -.IP \(bu 2 -\fBpackaging\fP: \fB\(ga18.0\fP => \fB\(ga19.0\fP -.IP \(bu 2 -\fBparse\fP: \fB\(ga1.9.0\fP => \fB\(ga1.15.0\fP -.IP \(bu 2 -\fBpathlib2\fP: \fB\(ga2.3.2\fP => \fB\(ga2.3.3\fP -.IP \(bu 2 -\fBpep517\fP: \fB\(ga(new)\fP => \fB\(ga0.5.0\fP -.IP \(bu 2 -\fBpexpect\fP: \fB\(ga4.6.0\fP => \fB\(ga4.8.0\fP -.IP \(bu 2 -\fBpip\-shims\fP: \fB\(ga0.2.0\fP => \fB\(ga0.5.1\fP -.IP \(bu 2 -\fBpipdeptree\fP: \fB\(ga0.13.0\fP => \fB\(ga0.13.2\fP -.IP \(bu 2 -\fBpyparsing\fP: \fB\(ga2.2.2\fP => \fB\(ga2.4.6\fP -.IP \(bu 2 -\fBpython\-dotenv\fP: \fB\(ga0.9.1\fP => \fB\(ga0.10.2\fP -.IP \(bu 2 -\fBpythonfinder\fP: \fB\(ga1.1.10\fP => \fB\(ga1.2.2\fP -.IP \(bu 2 -\fBpytoml\fP: \fB\(ga(new)\fP => \fB\(ga0.1.20\fP -.IP \(bu 2 -\fBrequests\fP: \fB\(ga2.20.1\fP => \fB\(ga2.23.0\fP -.IP \(bu 2 -\fBrequirementslib\fP: \fB\(ga1.3.3\fP => \fB\(ga1.5.4\fP -.IP \(bu 2 -\fBscandir\fP: \fB\(ga1.9.0\fP => \fB\(ga1.10.0\fP -.IP \(bu 2 -\fBshellingham\fP: \fB\(ga1.2.7\fP => \fB\(ga1.3.2\fP -.IP \(bu 2 -\fBsix\fP: \fB\(ga1.11.0\fP => \fB\(ga1.14.0\fP -.IP \(bu 2 -\fBtomlkit\fP: \fB\(ga0.5.2\fP => \fB\(ga0.5.11\fP -.IP \(bu 2 -\fBurllib3\fP: \fB\(ga1.24\fP => \fB\(ga1.25.8\fP -.IP \(bu 2 -\fBvistir\fP: \fB\(ga0.3.0\fP => \fB\(ga0.5.0\fP -.IP \(bu 2 -\fByaspin\fP: \fB\(ga0.14.0\fP => \fB\(ga0.14.3\fP -.IP \(bu 2 -\fBzipp\fP: \fB\(ga0.6.0\fP -.UNINDENT -.UNINDENT -.INDENT 2.0 -.IP \(bu 2 -Removed vendored dependency \fBcursor\fP\&. \fI\%#4169\fP -.UNINDENT -.IP \(bu 2 -Add and update vendored dependencies to accommodate \fBsafety\fP vendoring: -\- \fBsafety\fP \fB(none)\fP => \fB1.8.7\fP -\- \fBdparse\fP \fB(none)\fP => \fB0.5.0\fP -\- \fBpyyaml\fP \fB(none)\fP => \fB5.3.1\fP -\- \fBurllib3\fP \fB1.25.8\fP => \fB1.25.9\fP -\- \fBcertifi\fP \fB2019.11.28\fP => \fB2020.4.5.1\fP -\- \fBpyparsing\fP \fB2.4.6\fP => \fB2.4.7\fP -\- \fBresolvelib\fP \fB0.2.2\fP => \fB0.3.0\fP -\- \fBimportlib\-metadata\fP \fB1.5.1\fP => \fB1.6.0\fP -\- \fBpip\-shims\fP \fB0.5.1\fP => \fB0.5.2\fP -\- \fBrequirementslib\fP \fB1.5.5\fP => \fB1.5.6\fP \fI\%#4188\fP -.IP \(bu 2 -Updated vendored \fBpip\fP => \fB20.0.2\fP and \fBpip\-tools\fP => \fB5.0.0\fP\&. \fI\%#4215\fP -.IP \(bu 2 -Updated vendored dependencies to latest versions for security and bug fixes: -.INDENT 2.0 -.IP \(bu 2 -\fBrequirementslib\fP \fB1.5.8\fP => \fB1.5.9\fP -.IP \(bu 2 -\fBvistir\fP \fB0.5.0\fP => \fB0.5.1\fP -.IP \(bu 2 -\fBjinja2\fP \fB2.11.1\fP => \fB2.11.2\fP -.IP \(bu 2 -\fBclick\fP \fB7.1.1\fP => \fB7.1.2\fP -.IP \(bu 2 -\fBdateutil\fP \fB(none)\fP => \fB2.8.1\fP -.IP \(bu 2 -\fBbackports.functools_lru_cache\fP \fB1.5.0\fP => \fB1.6.1\fP -.IP \(bu 2 -\fBenum34\fP \fB1.1.6\fP => \fB1.1.10\fP -.IP \(bu 2 -\fBtoml\fP \fB0.10.0\fP => \fB0.10.1\fP -.IP \(bu 2 -\fBimportlib_resources\fP \fB1.4.0\fP => \fB1.5.0\fP \fI\%#4226\fP -.UNINDENT -.IP \(bu 2 -Changed attrs import path in vendored dependencies to always import from \fBpipenv.vendor\fP\&. \fI\%#4267\fP -.UNINDENT -.SS Improved Documentation -.INDENT 0.0 -.IP \(bu 2 -Added documenation about variable expansion in \fBPipfile\fP entries. \fI\%#2317\fP -.IP \(bu 2 -Consolidate all contributing docs in the rst file \fI\%#3120\fP -.IP \(bu 2 -Update the out\-dated manual page. \fI\%#3246\fP -.IP \(bu 2 -Move CLI docs to its own page. \fI\%#3346\fP -.IP \(bu 2 -Replace (non\-existant) video on docs index.rst with equivalent gif. \fI\%#3499\fP -.IP \(bu 2 -Clarify wording in Basic Usage example on using double quotes to escape shell redirection \fI\%#3522\fP -.IP \(bu 2 -Ensure docs show navigation on small\-screen devices \fI\%#3527\fP -.IP \(bu 2 -Added a link to the TOML Spec under General Recommendations & Version Control to clarify how Pipfiles should be written. \fI\%#3629\fP -.IP \(bu 2 -Updated the documentation with the new \fBpytest\fP entrypoint. \fI\%#3759\fP -.IP \(bu 2 -Fix link to GIF in README.md demonstrating Pipenv\(aqs usage, and add descriptive alt text. \fI\%#3911\fP -.IP \(bu 2 -Added a line describing potential issues in fancy extension. \fI\%#3912\fP -.IP \(bu 2 -Documental description of how Pipfile works and association with Pipenv. \fI\%#3913\fP -.IP \(bu 2 -Clarify the proper value of \fBpython_version\fP and \fBpython_full_version\fP\&. \fI\%#3914\fP -.IP \(bu 2 -Write description for \-\-deploy extension and few extensions differences. \fI\%#3915\fP -.IP \(bu 2 -More documentation for \fB\&.env\fP files \fI\%#4100\fP -.IP \(bu 2 -Updated documentation to point to working links. \fI\%#4137\fP -.IP \(bu 2 -Replace docs.pipenv.org with pipenv.pypa.io \fI\%#4167\fP -.IP \(bu 2 -Added functionality to check spelling in documentation and cleaned up existing typographical issues. \fI\%#4209\fP -.UNINDENT -.SS 2018.11.26 (2018\-11\-26) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Environment variables are expanded correctly before running scripts on POSIX. \fI\%#3178\fP -.IP \(bu 2 -Pipenv will no longer disable user\-mode installation when the \fB\-\-system\fP flag is passed in. \fI\%#3222\fP -.IP \(bu 2 -Fixed an issue with attempting to render unicode output in non\-unicode locales. \fI\%#3223\fP -.IP \(bu 2 -Fixed a bug which could cause failures to occur when parsing python entries from global pyenv version files. \fI\%#3224\fP -.IP \(bu 2 -Fixed an issue which prevented the parsing of named extras sections from certain \fBsetup.py\fP files. \fI\%#3230\fP -.IP \(bu 2 -Correctly detect the virtualenv location inside an activated virtualenv. \fI\%#3231\fP -.IP \(bu 2 -Fixed a bug which caused spinner frames to be written to standard output during locking operations which could cause redirection pipes to fail. \fI\%#3239\fP -.IP \(bu 2 -Fixed a bug that editable packages can\(aqt be uninstalled correctly. \fI\%#3240\fP -.IP \(bu 2 -Corrected an issue with installation timeouts which caused dependency resolution to fail for longer duration resolution steps. \fI\%#3244\fP -.IP \(bu 2 -Adding normal pep 508 compatible markers is now fully functional when using VCS dependencies. \fI\%#3249\fP -.IP \(bu 2 -Updated \fBrequirementslib\fP and \fBpythonfinder\fP for multiple bug fixes. \fI\%#3254\fP -.IP \(bu 2 -Pipenv will now ignore hashes when installing with \fB\-\-skip\-lock\fP\&. \fI\%#3255\fP -.IP \(bu 2 -Fixed an issue where pipenv could crash when multiple pipenv processes attempted to create the same directory. \fI\%#3257\fP -.IP \(bu 2 -Fixed an issue which sometimes prevented successful creation of a project Pipfile. \fI\%#3260\fP -.IP \(bu 2 -\fBpipenv install\fP will now unset the \fBPYTHONHOME\fP environment variable when not combined with \fB\-\-system\fP\&. \fI\%#3261\fP -.IP \(bu 2 -Pipenv will ensure that warnings do not interfere with the resolution process by suppressing warnings\(aq usage of standard output and writing to standard error instead. \fI\%#3273\fP -.IP \(bu 2 -Fixed an issue which prevented variables from the environment, such as \fBPIPENV_DEV\fP or \fBPIPENV_SYSTEM\fP, from being parsed and implemented correctly. \fI\%#3278\fP -.IP \(bu 2 -Clear pythonfinder cache after Python install. \fI\%#3287\fP -.IP \(bu 2 -Fixed a race condition in hash resolution for dependencies for certain dependencies with missing cache entries or fresh Pipenv installs. \fI\%#3289\fP -.IP \(bu 2 -Pipenv will now respect top\-level pins over VCS dependency locks. \fI\%#3296\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -.INDENT 2.0 -.TP -.B Update vendored dependencies to resolve resolution output parsing and python finding: -.INDENT 7.0 -.IP \(bu 2 -\fBpythonfinder 1.1.9 \-> 1.1.10\fP -.IP \(bu 2 -\fBrequirementslib 1.3.1 \-> 1.3.3\fP -.IP \(bu 2 -\fBvistir 0.2.3 \-> 0.2.5\fP \fI\%#3280\fP -.UNINDENT -.UNINDENT -.UNINDENT -.SS 2018.11.14 (2018\-11\-14) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -Improved exceptions and error handling on failures. \fI\%#1977\fP -.IP \(bu 2 -Added persistent settings for all CLI flags via \fBPIPENV_{FLAG_NAME}\fP environment variables by enabling \fBauto_envvar_prefix=PIPENV\fP in click (implements PEEP\-0002). \fI\%#2200\fP -.IP \(bu 2 -Added improved messaging about available but skipped updates due to dependency conflicts when running \fBpipenv update \-\-outdated\fP\&. \fI\%#2411\fP -.IP \(bu 2 -Added environment variable \fBPIPENV_PYUP_API_KEY\fP to add ability -to override the bundled PyUP.io API key. \fI\%#2825\fP -.IP \(bu 2 -Added additional output to \fBpipenv update \-\-outdated\fP to indicate that the operation succeeded and all packages were already up to date. \fI\%#2828\fP -.IP \(bu 2 -Updated \fBcrayons\fP patch to enable colors on native powershell but swap native blue for magenta. \fI\%#3020\fP -.IP \(bu 2 -Added support for \fB\-\-bare\fP to \fBpipenv clean\fP, and fixed \fBpipenv sync \-\-bare\fP to actually reduce output. \fI\%#3041\fP -.IP \(bu 2 -Added windows\-compatible spinner via upgraded \fBvistir\fP dependency. \fI\%#3089\fP -.IP \(bu 2 -.INDENT 2.0 -.IP \(bu 2 -Added support for python installations managed by \fBasdf\fP\&. \fI\%#3096\fP -.UNINDENT -.IP \(bu 2 -Improved runtime performance of no\-op commands such as \fBpipenv \-\-venv\fP by around 2/3. \fI\%#3158\fP -.IP \(bu 2 -Do not show error but success for running \fBpipenv uninstall \-\-all\fP in a fresh virtual environment. \fI\%#3170\fP -.IP \(bu 2 -Improved asynchronous installation and error handling via queued subprocess parallelization. \fI\%#3217\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Remote non\-PyPI artifacts and local wheels and artifacts will now include their own hashes rather than including hashes from \fBPyPI\fP\&. \fI\%#2394\fP -.IP \(bu 2 -Non\-ascii characters will now be handled correctly when parsed by pipenv\(aqs \fBToML\fP parsers. \fI\%#2737\fP -.IP \(bu 2 -Updated \fBpipenv uninstall\fP to respect the \fB\-\-skip\-lock\fP argument. \fI\%#2848\fP -.IP \(bu 2 -Fixed a bug which caused uninstallation to sometimes fail to successfully remove packages from \fBPipfiles\fP with comments on preceding or following lines. \fI\%#2885\fP, -\fI\%#3099\fP -.IP \(bu 2 -Pipenv will no longer fail when encountering python versions on Windows that have been uninstalled. \fI\%#2983\fP -.IP \(bu 2 -Fixed unnecessary extras are added when translating markers \fI\%#3026\fP -.IP \(bu 2 -Fixed a virtualenv creation issue which could cause new virtualenvs to inadvertently attempt to read and write to global site packages. \fI\%#3047\fP -.IP \(bu 2 -Fixed an issue with virtualenv path derivation which could cause errors, particularly for users on WSL bash. \fI\%#3055\fP -.IP \(bu 2 -Fixed a bug which caused \fBUnexpected EOF\fP errors to be thrown when \fBpip\fP was waiting for input from users who had put login credentials in environment variables. \fI\%#3088\fP -.IP \(bu 2 -Fixed a bug in \fBrequirementslib\fP which prevented successful installation from mercurial repositories. \fI\%#3090\fP -.IP \(bu 2 -Fixed random resource warnings when using pyenv or any other subprocess calls. \fI\%#3094\fP -.IP \(bu 2 -.INDENT 2.0 -.IP \(bu 2 -Fixed a bug which sometimes prevented cloning and parsing \fBmercurial\fP requirements. \fI\%#3096\fP -.UNINDENT -.IP \(bu 2 -Fixed an issue in \fBdelegator.py\fP related to subprocess calls when using \fBPopenSpawn\fP to stream output, which sometimes threw unexpected \fBEOF\fP errors. \fI\%#3102\fP, -\fI\%#3114\fP, -\fI\%#3117\fP -.IP \(bu 2 -Fix the path casing issue that makes \fBpipenv clean\fP fail on Windows \fI\%#3104\fP -.IP \(bu 2 -Pipenv will avoid leaving build artifacts in the current working directory. \fI\%#3106\fP -.IP \(bu 2 -Fixed issues with broken subprocess calls leaking resource handles and causing random and sporadic failures. \fI\%#3109\fP -.IP \(bu 2 -Fixed an issue which caused \fBpipenv clean\fP to sometimes clean packages from the base \fBsite\-packages\fP folder or fail entirely. \fI\%#3113\fP -.IP \(bu 2 -Updated \fBpythonfinder\fP to correct an issue with unnesting of nested paths when searching for python versions. \fI\%#3121\fP -.IP \(bu 2 -Added additional logic for ignoring and replacing non\-ascii characters when formatting console output on non\-UTF\-8 systems. \fI\%#3131\fP -.IP \(bu 2 -Fix virtual environment discovery when \fBPIPENV_VENV_IN_PROJECT\fP is set, but the in\-project \fB\&.venv\fP is a file. \fI\%#3134\fP -.IP \(bu 2 -Hashes for remote and local non\-PyPI artifacts will now be included in \fBPipfile.lock\fP during resolution. \fI\%#3145\fP -.IP \(bu 2 -Fix project path hashing logic in purpose to prevent collisions of virtual environments. \fI\%#3151\fP -.IP \(bu 2 -Fix package installation when the virtual environment path contains parentheses. \fI\%#3158\fP -.IP \(bu 2 -Azure Pipelines YAML files are updated to use the latest syntax and product name. \fI\%#3164\fP -.IP \(bu 2 -Fixed new spinner success message to write only one success message during resolution. \fI\%#3183\fP -.IP \(bu 2 -Pipenv will now correctly respect the \fB\-\-pre\fP option when used with \fBpipenv install\fP\&. \fI\%#3185\fP -.IP \(bu 2 -Fix a bug where exception is raised when run pipenv graph in a project without created virtualenv \fI\%#3201\fP -.IP \(bu 2 -When sources are missing names, names will now be derived from the supplied URL. \fI\%#3216\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Updated \fBpythonfinder\fP to correct an issue with unnesting of nested paths when searching for python versions. \fI\%#3061\fP, -\fI\%#3121\fP -.IP \(bu 2 -.INDENT 2.0 -.TP -.B Updated vendored dependencies: -.INDENT 7.0 -.IP \(bu 2 -\fBcertifi 2018.08.24 => 2018.10.15\fP -.IP \(bu 2 -\fBurllib3 1.23 => 1.24\fP -.IP \(bu 2 -\fBrequests 2.19.1 => 2.20.0\fP -.IP \(bu 2 -\fBshellingham \(ga\(ga1.2.6 => 1.2.7\fP -.IP \(bu 2 -\fBtomlkit 0.4.4. => 0.4.6\fP -.IP \(bu 2 -\fBvistir 0.1.6 => 0.1.8\fP -.IP \(bu 2 -\fBpythonfinder 0.1.2 => 0.1.3\fP -.IP \(bu 2 -\fBrequirementslib 1.1.9 => 1.1.10\fP -.IP \(bu 2 -\fBbackports.functools_lru_cache 1.5.0 (new)\fP -.IP \(bu 2 -\fBcursor 1.2.0 (new)\fP \fI\%#3089\fP -.UNINDENT -.UNINDENT -.IP \(bu 2 -.INDENT 2.0 -.TP -.B Updated vendored dependencies: -.INDENT 7.0 -.IP \(bu 2 -\fBrequests 2.19.1 => 2.20.1\fP -.IP \(bu 2 -\fBtomlkit 0.4.46 => 0.5.2\fP -.IP \(bu 2 -\fBvistir 0.1.6 => 0.2.4\fP -.IP \(bu 2 -\fBpythonfinder 1.1.2 => 1.1.8\fP -.IP \(bu 2 -\fBrequirementslib 1.1.10 => 1.3.0\fP \fI\%#3096\fP -.UNINDENT -.UNINDENT -.IP \(bu 2 -Switch to \fBtomlkit\fP for parsing and writing. Drop \fBprettytoml\fP and \fBcontoml\fP from vendors. \fI\%#3191\fP -.IP \(bu 2 -Updated \fBrequirementslib\fP to aid in resolution of local and remote archives. \fI\%#3196\fP -.UNINDENT -.SS Improved Documentation -.INDENT 0.0 -.IP \(bu 2 -Expanded development and testing documentation for contributors to get started. \fI\%#3074\fP -.UNINDENT -.SS 2018.10.13 (2018\-10\-13) -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fixed a bug in \fBpipenv clean\fP which caused global packages to sometimes be inadvertently targeted for cleanup. \fI\%#2849\fP -.IP \(bu 2 -Fix broken backport imports for vendored vistir. \fI\%#2950\fP, -\fI\%#2955\fP, -\fI\%#2961\fP -.IP \(bu 2 -Fixed a bug with importing local vendored dependencies when running \fBpipenv graph\fP\&. \fI\%#2952\fP -.IP \(bu 2 -Fixed a bug which caused executable discovery to fail when running inside a virtualenv. \fI\%#2957\fP -.IP \(bu 2 -Fix parsing of outline tables. \fI\%#2971\fP -.IP \(bu 2 -Fixed a bug which caused \fBverify_ssl\fP to fail to drop through to \fBpip install\fP correctly as \fBtrusted\-host\fP\&. \fI\%#2979\fP -.IP \(bu 2 -Fixed a bug which caused canonicalized package names to fail to resolve against PyPI. \fI\%#2989\fP -.IP \(bu 2 -Enhanced CI detection to detect Azure Devops builds. \fI\%#2993\fP -.IP \(bu 2 -Fixed a bug which prevented installing pinned versions which used redirection symbols from the command line. \fI\%#2998\fP -.IP \(bu 2 -Fixed a bug which prevented installing the local directory in non\-editable mode. \fI\%#3005\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Updated \fBrequirementslib\fP to version \fB1.1.9\fP\&. \fI\%#2989\fP -.IP \(bu 2 -Upgraded \fBpythonfinder => 1.1.1\fP and \fBvistir => 0.1.7\fP\&. \fI\%#3007\fP -.UNINDENT -.SS 2018.10.9 (2018\-10\-09) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -Added environment variables \fBPIPENV_VERBOSE\fP and \fBPIPENV_QUIET\fP to control -output verbosity without needing to pass options. \fI\%#2527\fP -.IP \(bu 2 -Updated test\-PyPI add\-on to better support json\-API access (forward compatibility). -Improved testing process for new contributors. \fI\%#2568\fP -.IP \(bu 2 -Greatly enhanced python discovery functionality: -.INDENT 2.0 -.IP \(bu 2 -Added pep514 (windows launcher/finder) support for python discovery. -.IP \(bu 2 -Introduced architecture discovery for python installations which support different architectures. \fI\%#2582\fP -.UNINDENT -.IP \(bu 2 -Added support for \fBpipenv shell\fP on msys and cygwin/mingw/git bash for Windows. \fI\%#2641\fP -.IP \(bu 2 -Enhanced resolution of editable and VCS dependencies. \fI\%#2643\fP -.IP \(bu 2 -Deduplicate and refactor CLI to use stateful arguments and object passing. See \fI\%this issue\fP for reference. \fI\%#2814\fP -.UNINDENT -.SS Behavior Changes -.INDENT 0.0 -.IP \(bu 2 -Virtual environment activation for \fBrun\fP is revised to improve interpolation -with other Python discovery tools. \fI\%#2503\fP -.IP \(bu 2 -Improve terminal coloring to display better in Powershell. \fI\%#2511\fP -.IP \(bu 2 -Invoke \fBvirtualenv\fP directly for virtual environment creation, instead of depending on \fBpew\fP\&. \fI\%#2518\fP -.IP \(bu 2 -\fBpipenv \-\-help\fP will now include short help descriptions. \fI\%#2542\fP -.IP \(bu 2 -Add \fBCOMSPEC\fP to fallback option (along with \fBSHELL\fP and \fBPYENV_SHELL\fP) -if shell detection fails, improving robustness on Windows. \fI\%#2651\fP -.IP \(bu 2 -Fallback to shell mode if \fBrun\fP fails with Windows error 193 to handle non\-executable commands. This should improve usability on Windows, where some users run non\-executable files without specifying a command, relying on Windows file association to choose the current command. \fI\%#2718\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fixed a bug which prevented installation of editable requirements using \fBssh://\fP style URLs \fI\%#1393\fP -.IP \(bu 2 -VCS Refs for locked local editable dependencies will now update appropriately to the latest hash when running \fBpipenv update\fP\&. \fI\%#1690\fP -.IP \(bu 2 -\fB\&.tar.gz\fP and \fB\&.zip\fP artifacts will now have dependencies installed even when they are missing from the Lockfile. \fI\%#2173\fP -.IP \(bu 2 -The command line parser will now handle multiple \fB\-e/\-\-editable\fP dependencies properly via click\(aqs option parser to help mitigate future parsing issues. \fI\%#2279\fP -.IP \(bu 2 -Fixed the ability of pipenv to parse \fBdependency_links\fP from \fBsetup.py\fP when \fBPIP_PROCESS_DEPENDENCY_LINKS\fP is enabled. \fI\%#2434\fP -.IP \(bu 2 -Fixed a bug which could cause \fB\-i/\-\-index\fP arguments to sometimes be incorrectly picked up in packages. This is now handled in the command line parser. \fI\%#2494\fP -.IP \(bu 2 -Fixed non\-deterministic resolution issues related to changes to the internal package finder in \fBpip 10\fP\&. \fI\%#2499\fP, -\fI\%#2529\fP, -\fI\%#2589\fP, -\fI\%#2666\fP, -\fI\%#2767\fP, -\fI\%#2785\fP, -\fI\%#2795\fP, -\fI\%#2801\fP, -\fI\%#2824\fP, -\fI\%#2862\fP, -\fI\%#2879\fP, -\fI\%#2894\fP, -\fI\%#2933\fP -.IP \(bu 2 -Fix subshell invocation on Windows for Python 2. \fI\%#2515\fP -.IP \(bu 2 -Fixed a bug which sometimes caused pipenv to throw a \fBTypeError\fP or to run into encoding issues when writing a Lockfile on python 2. \fI\%#2561\fP -.IP \(bu 2 -Improve quoting logic for \fBpipenv run\fP so it works better with Windows -built\-in commands. \fI\%#2563\fP -.IP \(bu 2 -Fixed a bug related to parsing VCS requirements with both extras and subdirectory fragments. -Corrected an issue in the \fBrequirementslib\fP parser which led to some markers being discarded rather than evaluated. \fI\%#2564\fP -.IP \(bu 2 -Fixed multiple issues with finding the correct system python locations. \fI\%#2582\fP -.IP \(bu 2 -Catch JSON decoding error to prevent exception when the lock file is of -invalid format. \fI\%#2607\fP -.IP \(bu 2 -Fixed a rare bug which could sometimes cause errors when installing packages with custom sources. \fI\%#2610\fP -.IP \(bu 2 -Update requirementslib to fix a bug which could raise an \fBUnboundLocalError\fP when parsing malformed VCS URIs. \fI\%#2617\fP -.IP \(bu 2 -Fixed an issue which prevented passing multiple \fB\-\-ignore\fP parameters to \fBpipenv check\fP\&. \fI\%#2632\fP -.IP \(bu 2 -Fixed a bug which caused attempted hashing of \fBssh://\fP style URIs which could cause failures during installation of private ssh repositories. -\- Corrected path conversion issues which caused certain editable VCS paths to be converted to \fBssh://\fP URIs improperly. \fI\%#2639\fP -.IP \(bu 2 -Fixed a bug which caused paths to be formatted incorrectly when using \fBpipenv shell\fP in bash for windows. \fI\%#2641\fP -.IP \(bu 2 -Dependency links to private repositories defined via \fBssh://\fP schemes will now install correctly and skip hashing as long as \fBPIP_PROCESS_DEPENDENCY_LINKS=1\fP\&. \fI\%#2643\fP -.IP \(bu 2 -Fixed a bug which sometimes caused pipenv to parse the \fBtrusted_host\fP argument to pip incorrectly when parsing source URLs which specify \fBverify_ssl = false\fP\&. \fI\%#2656\fP -.IP \(bu 2 -Prevent crashing when a virtual environment in \fBWORKON_HOME\fP is faulty. \fI\%#2676\fP -.IP \(bu 2 -Fixed virtualenv creation failure when a .venv file is present in the project root. \fI\%#2680\fP -.IP \(bu 2 -Fixed a bug which could cause the \fB\-e/\-\-editable\fP argument on a dependency to be accidentally parsed as a dependency itself. \fI\%#2714\fP -.IP \(bu 2 -Correctly pass \fBverbose\fP and \fBdebug\fP flags to the resolver subprocess so it generates appropriate output. This also resolves a bug introduced by the fix to #2527. \fI\%#2732\fP -.IP \(bu 2 -All markers are now included in \fBpipenv lock \-\-requirements\fP output. \fI\%#2748\fP -.IP \(bu 2 -Fixed a bug in marker resolution which could cause duplicate and non\-deterministic markers. \fI\%#2760\fP -.IP \(bu 2 -Fixed a bug in the dependency resolver which caused regular issues when handling \fBsetup.py\fP based dependency resolution. \fI\%#2766\fP -.IP \(bu 2 -.INDENT 2.0 -.TP -.B Updated vendored dependencies: -.INDENT 7.0 -.IP \(bu 2 -\fBpip\-tools\fP (updated and patched to latest w/ \fBpip 18.0\fP compatibility) -.IP \(bu 2 -\fBpip 10.0.1 => 18.0\fP -.IP \(bu 2 -\fBclick 6.7 => 7.0\fP -.IP \(bu 2 -\fBtoml 0.9.4 => 0.10.0\fP -.IP \(bu 2 -\fBpyparsing 2.2.0 => 2.2.2\fP -.IP \(bu 2 -\fBdelegator 0.1.0 => 0.1.1\fP -.IP \(bu 2 -\fBattrs 18.1.0 => 18.2.0\fP -.IP \(bu 2 -\fBdistlib 0.2.7 => 0.2.8\fP -.IP \(bu 2 -\fBpackaging 17.1.0 => 18.0\fP -.IP \(bu 2 -\fBpassa 0.2.0 => 0.3.1\fP -.IP \(bu 2 -\fBpip_shims 0.1.2 => 0.3.1\fP -.IP \(bu 2 -\fBplette 0.1.1 => 0.2.2\fP -.IP \(bu 2 -\fBpythonfinder 1.0.2 => 1.1.0\fP -.IP \(bu 2 -\fBpytoml 0.1.18 => 0.1.19\fP -.IP \(bu 2 -\fBrequirementslib 1.1.16 => 1.1.17\fP -.IP \(bu 2 -\fBshellingham 1.2.4 => 1.2.6\fP -.IP \(bu 2 -\fBtomlkit 0.4.2 => 0.4.4\fP -.IP \(bu 2 -\fBvistir 0.1.4 => 0.1.6\fP \fI\%#2802\fP, -.UNINDENT -.UNINDENT -.sp -\fI\%#2867\fP, -\fI\%#2880\fP -.IP \(bu 2 -Fixed a bug where \fBpipenv\fP crashes when the \fBWORKON_HOME\fP directory does not exist. \fI\%#2877\fP -.IP \(bu 2 -Fixed pip is not loaded from pipenv\(aqs patched one but the system one \fI\%#2912\fP -.IP \(bu 2 -Fixed various bugs related to \fBpip 18.1\fP release which prevented locking, installation, and syncing, and dumping to a \fBrequirements.txt\fP file. \fI\%#2924\fP -.UNINDENT -.SS Vendored Libraries +The main commands are: .INDENT 0.0 .IP \(bu 2 -Pew is no longer vendored. Entry point \fBpewtwo\fP, packages \fBpipenv.pew\fP and -\fBpipenv.patched.pew\fP are removed. \fI\%#2521\fP -.IP \(bu 2 -Update \fBpythonfinder\fP to major release \fB1.0.0\fP for integration. \fI\%#2582\fP -.IP \(bu 2 -Update requirementslib to fix a bug which could raise an \fBUnboundLocalError\fP when parsing malformed VCS URIs. \fI\%#2617\fP -.IP \(bu 2 -.INDENT 2.0 -.IP \(bu 2 -Vendored new libraries \fBvistir\fP and \fBpip\-shims\fP, \fBtomlkit\fP, \fBmodutil\fP, and \fBplette\fP\&. -.IP \(bu 2 -Update vendored libraries: -\- \fBscandir\fP to \fB1.9.0\fP -\- \fBclick\-completion\fP to \fB0.4.1\fP -\- \fBsemver\fP to \fB2.8.1\fP -\- \fBshellingham\fP to \fB1.2.4\fP -\- \fBpytoml\fP to \fB0.1.18\fP -\- \fBcertifi\fP to \fB2018.8.24\fP -\- \fBptyprocess\fP to \fB0.6.0\fP -\- \fBrequirementslib\fP to \fB1.1.5\fP -\- \fBpythonfinder\fP to \fB1.0.2\fP -\- \fBpipdeptree\fP to \fB0.13.0\fP -\- \fBpython\-dotenv\fP to \fB0.9.1\fP \fI\%#2639\fP -.UNINDENT -.IP \(bu 2 -.INDENT 2.0 -.TP -.B Updated vendored dependencies: -.INDENT 7.0 -.IP \(bu 2 -\fBpip\-tools\fP (updated and patched to latest w/ \fBpip 18.0\fP compatibility) -.IP \(bu 2 -\fBpip 10.0.1 => 18.0\fP -.IP \(bu 2 -\fBclick 6.7 => 7.0\fP -.IP \(bu 2 -\fBtoml 0.9.4 => 0.10.0\fP -.IP \(bu 2 -\fBpyparsing 2.2.0 => 2.2.2\fP -.IP \(bu 2 -\fBdelegator 0.1.0 => 0.1.1\fP -.IP \(bu 2 -\fBattrs 18.1.0 => 18.2.0\fP -.IP \(bu 2 -\fBdistlib 0.2.7 => 0.2.8\fP -.IP \(bu 2 -\fBpackaging 17.1.0 => 18.0\fP -.IP \(bu 2 -\fBpassa 0.2.0 => 0.3.1\fP -.IP \(bu 2 -\fBpip_shims 0.1.2 => 0.3.1\fP -.IP \(bu 2 -\fBplette 0.1.1 => 0.2.2\fP -.IP \(bu 2 -\fBpythonfinder 1.0.2 => 1.1.0\fP -.IP \(bu 2 -\fBpytoml 0.1.18 => 0.1.19\fP -.IP \(bu 2 -\fBrequirementslib 1.1.16 => 1.1.17\fP -.IP \(bu 2 -\fBshellingham 1.2.4 => 1.2.6\fP -.IP \(bu 2 -\fBtomlkit 0.4.2 => 0.4.4\fP -.IP \(bu 2 -\fBvistir 0.1.4 => 0.1.6\fP \fI\%#2902\fP, -.UNINDENT -.UNINDENT +\fBinstall\fP \- .sp -\fI\%#2935\fP -.UNINDENT -.SS Improved Documentation -.INDENT 0.0 -.IP \(bu 2 -Simplified the test configuration process. \fI\%#2568\fP -.IP \(bu 2 -Updated documentation to use working fortune cookie add\-on. \fI\%#2644\fP +Will create a virtual env and install dependencies (if it does not exist already) +The dependencies will be installed inside. .IP \(bu 2 -Added additional information about troubleshooting \fBpipenv shell\fP by using the the \fB$PIPENV_SHELL\fP environment variable. \fI\%#2671\fP -.IP \(bu 2 -Added a link to \fBPEP\-440\fP version specifiers in the documentation for additional detail. \fI\%#2674\fP -.IP \(bu 2 -Added simple example to README.md for installing from git. \fI\%#2685\fP -.IP \(bu 2 -Stopped recommending \fB\-\-system\fP for Docker contexts. \fI\%#2762\fP -.IP \(bu 2 -Fixed the example url for doing "pipenv install \-e -some\-repository\-url#egg=something", it was missing the "egg=" in the fragment -identifier. \fI\%#2792\fP -.IP \(bu 2 -Fixed link to the "be cordial" essay in the contribution documentation. \fI\%#2793\fP -.IP \(bu 2 -Clarify \fBpipenv install\fP documentation \fI\%#2844\fP -.IP \(bu 2 -Replace reference to uservoice with PEEP\-000 \fI\%#2909\fP -.UNINDENT -.SS 2018.7.1 (2018\-07\-01) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -All calls to \fBpipenv shell\fP are now implemented from the ground up using \fI\%shellingham\fP, a custom library which was purpose built to handle edge cases and shell detection. \fI\%#2371\fP -.IP \(bu 2 -Added support for python 3.7 via a few small compatibility / bug fixes. \fI\%#2427\fP, -\fI\%#2434\fP, -\fI\%#2436\fP -.IP \(bu 2 -Added new flag \fBpipenv \-\-support\fP to replace the diagnostic command \fBpython \-m pipenv.help\fP\&. \fI\%#2477\fP, -\fI\%#2478\fP -.IP \(bu 2 -Improved import times and CLI run times with minor tweaks. \fI\%#2485\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Fixed an ongoing bug which sometimes resolved incompatible versions into the project Lockfile. \fI\%#1901\fP -.IP \(bu 2 -Fixed a bug which caused errors when creating virtualenvs which contained leading dash characters. \fI\%#2415\fP -.IP \(bu 2 -Fixed a logic error which caused \fB\-\-deploy \-\-system\fP to overwrite editable vcs packages in the Pipfile before installing, which caused any installation to fail by default. \fI\%#2417\fP -.IP \(bu 2 -Updated requirementslib to fix an issue with properly quoting markers in VCS requirements. \fI\%#2419\fP -.IP \(bu 2 -Installed new vendored jinja2 templates for \fBclick\-completion\fP which were causing template errors for users with completion enabled. \fI\%#2422\fP -.IP \(bu 2 -Added support for python 3.7 via a few small compatibility / bug fixes. \fI\%#2427\fP -.IP \(bu 2 -Fixed an issue reading package names from \fBsetup.py\fP files in projects which imported utilities such as \fBversioneer\fP\&. \fI\%#2433\fP -.IP \(bu 2 -Pipenv will now ensure that its internal package names registry files are written with unicode strings. \fI\%#2450\fP -.IP \(bu 2 -Fixed a bug causing requirements input as relative paths to be output as absolute paths or URIs. -Fixed a bug affecting normalization of \fBgit+git@host\fP URLs. \fI\%#2453\fP -.IP \(bu 2 -Pipenv will now always use \fBpathlib2\fP for \fBPath\fP based filesystem interactions by default on \fBpython<3.5\fP\&. \fI\%#2454\fP -.IP \(bu 2 -Fixed a bug which prevented passing proxy PyPI indexes set with \fB\-\-pypi\-mirror\fP from being passed to pip during virtualenv creation, which could cause the creation to freeze in some cases. \fI\%#2462\fP -.IP \(bu 2 -Using the \fBpython \-m pipenv.help\fP command will now use proper encoding for the host filesystem to avoid encoding issues. \fI\%#2466\fP -.IP \(bu 2 -The new \fBjinja2\fP templates for \fBclick_completion\fP will now be included in pipenv source distributions. \fI\%#2479\fP -.IP \(bu 2 -Resolved a long\-standing issue with re\-using previously generated \fBInstallRequirement\fP objects for resolution which could cause \fBPKG\-INFO\fP file information to be deleted, raising a \fBTypeError\fP\&. \fI\%#2480\fP -.IP \(bu 2 -Resolved an issue parsing usernames from private PyPI URIs in \fBPipfiles\fP by updating \fBrequirementslib\fP\&. \fI\%#2484\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -All calls to \fBpipenv shell\fP are now implemented from the ground up using \fI\%shellingham\fP, a custom library which was purpose built to handle edge cases and shell detection. \fI\%#2371\fP -.IP \(bu 2 -Updated requirementslib to fix an issue with properly quoting markers in VCS requirements. \fI\%#2419\fP -.IP \(bu 2 -Installed new vendored jinja2 templates for \fBclick\-completion\fP which were causing template errors for users with completion enabled. \fI\%#2422\fP -.IP \(bu 2 -Add patch to \fBprettytoml\fP to support Python 3.7. \fI\%#2426\fP -.IP \(bu 2 -Patched \fBprettytoml.AbstractTable._enumerate_items\fP to handle \fBStopIteration\fP errors in preparation of release of python 3.7. \fI\%#2427\fP -.IP \(bu 2 -Fixed an issue reading package names from \fBsetup.py\fP files in projects which imported utilities such as \fBversioneer\fP\&. \fI\%#2433\fP -.IP \(bu 2 -Updated \fBrequirementslib\fP to version \fB1.0.9\fP \fI\%#2453\fP -.IP \(bu 2 -Unraveled a lot of old, unnecessary patches to \fBpip\-tools\fP which were causing non\-deterministic resolution errors. \fI\%#2480\fP -.IP \(bu 2 -Resolved an issue parsing usernames from private PyPI URIs in \fBPipfiles\fP by updating \fBrequirementslib\fP\&. \fI\%#2484\fP -.UNINDENT -.SS Improved Documentation -.INDENT 0.0 -.IP \(bu 2 -Added instructions for installing using Fedora\(aqs official repositories. \fI\%#2404\fP -.UNINDENT -.SS 2018.6.25 (2018\-06\-25) -.SS Features & Improvements -.INDENT 0.0 -.IP \(bu 2 -Pipenv\-created virtualenvs will now be associated with a \fB\&.project\fP folder -(features can be implemented on top of this later or users may choose to use -\fBpipenv\-pipes\fP to take full advantage of this.) \fI\%#1861\fP -.IP \(bu 2 -Virtualenv names will now appear in prompts for most Windows users. \fI\%#2167\fP -.IP \(bu 2 -Added support for cmder shell paths with spaces. \fI\%#2168\fP -.IP \(bu 2 -Added nested JSON output to the \fBpipenv graph\fP command. \fI\%#2199\fP -.IP \(bu 2 -Dropped vendored pip 9 and vendored, patched, and migrated to pip 10. Updated -patched piptools version. \fI\%#2255\fP -.IP \(bu 2 -PyPI mirror URLs can now be set to override instances of PyPI URLs by passing -the \fB\-\-pypi\-mirror\fP argument from the command line or setting the -\fBPIPENV_PYPI_MIRROR\fP environment variable. \fI\%#2281\fP -.IP \(bu 2 -Virtualenv activation lines will now avoid being written to some shell -history files. \fI\%#2287\fP -.IP \(bu 2 -Pipenv will now only search for \fBrequirements.txt\fP files when creating new -projects, and during that time only if the user doesn\(aqt specify packages to -pass in. \fI\%#2309\fP -.IP \(bu 2 -Added support for mounted drives via UNC paths. \fI\%#2331\fP -.IP \(bu 2 -Added support for Windows Subsystem for Linux bash shell detection. \fI\%#2363\fP -.IP \(bu 2 -Pipenv will now generate hashes much more quickly by resolving them in a -single pass during locking. \fI\%#2384\fP -.IP \(bu 2 -\fBpipenv run\fP will now avoid spawning additional \fBCOMSPEC\fP instances to -run commands in when possible. \fI\%#2385\fP -.IP \(bu 2 -Massive internal improvements to requirements parsing codebase, resolver, and -error messaging. \fI\%#2388\fP -.IP \(bu 2 -\fBpipenv check\fP now may take multiple of the additional argument -\fB\-\-ignore\fP which takes a parameter \fBcve_id\fP for the purpose of ignoring -specific CVEs. \fI\%#2408\fP -.UNINDENT -.SS Behavior Changes -.INDENT 0.0 -.IP \(bu 2 -Pipenv will now parse & capitalize \fBplatform_python_implementation\fP markers -\&.. warning:: This could cause an issue if you have an out of date \fBPipfile\fP -which lower\-cases the comparison value (e.g. \fBcpython\fP instead of -\fBCPython\fP). \fI\%#2123\fP -.IP \(bu 2 -Pipenv will now only search for \fBrequirements.txt\fP files when creating new -projects, and during that time only if the user doesn\(aqt specify packages to -pass in. \fI\%#2309\fP -.UNINDENT -.SS Bug Fixes -.INDENT 0.0 -.IP \(bu 2 -Massive internal improvements to requirements parsing codebase, resolver, and -error messaging. \fI\%#1962\fP, -\fI\%#2186\fP, -\fI\%#2263\fP, -\fI\%#2312\fP -.IP \(bu 2 -Pipenv will now parse & capitalize \fBplatform_python_implementation\fP -markers. \fI\%#2123\fP -.IP \(bu 2 -Fixed a bug with parsing and grouping old\-style \fBsetup.py\fP extras during -resolution \fI\%#2142\fP -.IP \(bu 2 -Fixed a bug causing pipenv graph to throw unhelpful exceptions when running -against empty or non\-existent environments. \fI\%#2161\fP -.IP \(bu 2 -Fixed a bug which caused \fB\-\-system\fP to incorrectly abort when users were in -a virtualenv. \fI\%#2181\fP -.IP \(bu 2 -Removed vendored \fBcacert.pem\fP which could cause issues for some users with -custom certificate settings. \fI\%#2193\fP -.IP \(bu 2 -Fixed a regression which led to direct invocations of \fBvirtualenv\fP, rather -than calling it by module. \fI\%#2198\fP -.IP \(bu 2 -Locking will now pin the correct VCS ref during \fBpipenv update\fP runs. -Running \fBpipenv update\fP with a new vcs ref specified in the \fBPipfile\fP -will now properly obtain, resolve, and install the specified dependency at -the specified ref. \fI\%#2209\fP -.IP \(bu 2 -\fBpipenv clean\fP will now correctly ignore comments from \fBpip freeze\fP when -cleaning the environment. \fI\%#2262\fP -.IP \(bu 2 -Resolution bugs causing packages for incompatible python versions to be -locked have been fixed. \fI\%#2267\fP -.IP \(bu 2 -Fixed a bug causing pipenv graph to fail to display sometimes. \fI\%#2268\fP -.IP \(bu 2 -Updated \fBrequirementslib\fP to fix a bug in Pipfile parsing affecting -relative path conversions. \fI\%#2269\fP -.IP \(bu 2 -Windows executable discovery now leverages \fBos.pathext\fP\&. \fI\%#2298\fP -.IP \(bu 2 -Fixed a bug which caused \fB\-\-deploy \-\-system\fP to inadvertently create a -virtualenv before failing. \fI\%#2301\fP -.IP \(bu 2 -Fixed an issue which led to a failure to unquote special characters in file -and wheel paths. \fI\%#2302\fP -.IP \(bu 2 -VCS dependencies are now manually obtained only if they do not match the -requested ref. \fI\%#2304\fP -.IP \(bu 2 -Added error handling functionality to properly cope with single\-digit -\fBRequires\-Python\fP metadata with no specifiers. \fI\%#2377\fP -.IP \(bu 2 -\fBpipenv update\fP will now always run the resolver and lock before ensuring -dependencies are in sync with project Lockfile. \fI\%#2379\fP -.IP \(bu 2 -Resolved a bug in our patched resolvers which could cause nondeterministic -resolution failures in certain conditions. Running \fBpipenv install\fP with no -arguments in a project with only a \fBPipfile\fP will now correctly lock first -for dependency resolution before installing. \fI\%#2384\fP -.IP \(bu 2 -Patched \fBpython\-dotenv\fP to ensure that environment variables always get -encoded to the filesystem encoding. \fI\%#2386\fP -.UNINDENT -.SS Improved Documentation -.INDENT 0.0 -.IP \(bu 2 -Update documentation wording to clarify Pipenv\(aqs overall role in the packaging ecosystem. \fI\%#2194\fP -.IP \(bu 2 -Added contribution documentation and guidelines. \fI\%#2205\fP -.IP \(bu 2 -Added instructions for supervisord compatibility. \fI\%#2215\fP -.IP \(bu 2 -Fixed broken links to development philosophy and contribution documentation. \fI\%#2248\fP -.UNINDENT -.SS Vendored Libraries -.INDENT 0.0 -.IP \(bu 2 -Removed vendored \fBcacert.pem\fP which could cause issues for some users with -custom certificate settings. \fI\%#2193\fP -.IP \(bu 2 -Dropped vendored pip 9 and vendored, patched, and migrated to pip 10. Updated -patched piptools version. \fI\%#2255\fP -.IP \(bu 2 -Updated \fBrequirementslib\fP to fix a bug in Pipfile parsing affecting -relative path conversions. \fI\%#2269\fP -.IP \(bu 2 -Added custom shell detection library \fBshellingham\fP, a port of our changes -to \fBpew\fP\&. \fI\%#2363\fP -.IP \(bu 2 -Patched \fBpython\-dotenv\fP to ensure that environment variables always get -encoded to the filesystem encoding. \fI\%#2386\fP -.IP \(bu 2 -Updated vendored libraries. The following vendored libraries were updated: -.INDENT 2.0 -.IP \(bu 2 -distlib from version \fB0.2.6\fP to \fB0.2.7\fP\&. -.IP \(bu 2 -jinja2 from version \fB2.9.5\fP to \fB2.10\fP\&. -.IP \(bu 2 -pathlib2 from version \fB2.1.0\fP to \fB2.3.2\fP\&. -.IP \(bu 2 -parse from version \fB2.8.0\fP to \fB2.8.4\fP\&. -.IP \(bu 2 -pexpect from version \fB2.5.2\fP to \fB2.6.0\fP\&. -.IP \(bu 2 -requests from version \fB2.18.4\fP to \fB2.19.1\fP\&. -.IP \(bu 2 -idna from version \fB2.6\fP to \fB2.7\fP\&. -.IP \(bu 2 -certifi from version \fB2018.1.16\fP to \fB2018.4.16\fP\&. -.IP \(bu 2 -packaging from version \fB16.8\fP to \fB17.1\fP\&. -.IP \(bu 2 -six from version \fB1.10.0\fP to \fB1.11.0\fP\&. -.IP \(bu 2 -requirementslib from version \fB0.2.0\fP to \fB1.0.1\fP\&. -.UNINDENT +\fBinstall package==0.2\fP \- .sp -In addition, scandir was vendored and patched to avoid importing host system binaries when falling back to pathlib2. \fI\%#2368\fP -.UNINDENT -.SH USER TESTIMONIALS -.INDENT 0.0 -.TP -\fBDavid Gang\fP— -\fIThis package manager is really awesome. For the first time I know exactly what my dependencies are which I installed and what the transitive dependencies are. Combined with the fact that installs are deterministic, makes this package manager first class, like cargo\fP\&. -.TP -\fBJustin Myles Holmes\fP— -\fIPipenv is finally an abstraction meant to engage the mind instead of merely the filesystem.\fP -.UNINDENT -.SH ☤ PIPENV FEATURES -.INDENT 0.0 -.IP \(bu 2 -Enables truly \fIdeterministic builds\fP, while easily specifying \fIonly what you want\fP\&. -.IP \(bu 2 -Generates and checks file hashes for locked dependencies. -.IP \(bu 2 -Automatically install required Pythons, if \fBpyenv\fP is available. -.IP \(bu 2 -Automatically finds your project home, recursively, by looking for a \fBPipfile\fP\&. +Will add the package in version 0.2 to the virtual environment and +to \fBPipfile\fP and \fBPipfile.lock\fP .IP \(bu 2 -Automatically generates a \fBPipfile\fP, if one doesn\(aqt exist. +\fBuninstall\fP \- Will remove the dependency .IP \(bu 2 -Automatically creates a virtualenv in a standard location. -.IP \(bu 2 -Automatically adds/removes packages to a \fBPipfile\fP when they are installed or uninstalled. -.IP \(bu 2 -Automatically loads \fB\&.env\fP files, if they exist. +\fBlock\fP \- Regenarate \fBPipfile.lock\fP and updates the dependencies inside it. .UNINDENT .sp -The main commands are \fBinstall\fP, \fBuninstall\fP, and \fBlock\fP, which generates a \fBPipfile.lock\fP\&. These are intended to replace \fB$ pip install\fP usage, as well as manual virtualenv management (to activate a virtualenv, run \fB$ pipenv shell\fP). -.SS Basic Concepts -.INDENT 0.0 -.IP \(bu 2 -A virtualenv will automatically be created, when one doesn\(aqt exist. -.IP \(bu 2 -When no parameters are passed to \fBinstall\fP, all packages \fB[packages]\fP specified will be installed. -.IP \(bu 2 -To initialize a Python 3 virtual environment, run \fB$ pipenv \-\-three\fP\&. -.IP \(bu 2 -Otherwise, whatever virtualenv defaults to will be the default. -.UNINDENT -.SS Other Commands +These are intended to replace \fB$ pip install\fP usage, as well as manual virtualenv management. .INDENT 0.0 .IP \(bu 2 \fBgraph\fP will show you a dependency graph of your installed dependencies. @@ -2630,2863 +64,6 @@ Otherwise, whatever virtualenv defaults to will be the default. .IP \(bu 2 \fBcheck\fP checks for security vulnerabilities and asserts that \fI\%PEP 508\fP requirements are being met by the current environment. .UNINDENT -.SH FURTHER DOCUMENTATION GUIDES -.SS Basic Usage of Pipenv -[image] -.sp -This document covers some of Pipenv\(aqs more basic features. -.SS ☤ Example Pipfile & Pipfile.lock -.sp -Pipfiles contain information for the dependencies of the project, and supersedes -the requirements.txt file used in most Python projects. You should add a Pipfile in the -Git repository. The only thing required for users who clone the repository would be -installing Pipenv in the machine and typing \fBpipenv install\fP\&. Pipenv is a reference -implementation for using Pipfile. -.sp -Here is a simple example of a \fBPipfile\fP and the resulting \fBPipfile.lock\fP\&. -.SS Example Pipfile -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[[source]] -url = "https://pypi.python.org/simple" -verify_ssl = true -name = "pypi" - -[packages] -requests = "*" - - -[dev\-packages] -pytest = "*" -.ft P -.fi -.UNINDENT -.UNINDENT -.SS Example Pipfile.lock -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -{ - "_meta": { - "hash": { - "sha256": "8d14434df45e0ef884d6c3f6e8048ba72335637a8631cc44792f52fd20b6f97a" - }, - "host\-environment\-markers": { - "implementation_name": "cpython", - "implementation_version": "3.6.1", - "os_name": "posix", - "platform_machine": "x86_64", - "platform_python_implementation": "CPython", - "platform_release": "16.7.0", - "platform_system": "Darwin", - "platform_version": "Darwin Kernel Version 16.7.0: Thu Jun 15 17:36:27 PDT 2017; root:xnu\-3789.70.16~2/RELEASE_X86_64", - "python_full_version": "3.6.1", - "python_version": "3.6", - "sys_platform": "darwin" - }, - "pipfile\-spec": 5, - "requires": {}, - "sources": [ - { - "name": "pypi", - "url": "https://pypi.python.org/simple", - "verify_ssl": true - } - ] - }, - "default": { - "certifi": { - "hashes": [ - "sha256:54a07c09c586b0e4c619f02a5e94e36619da8e2b053e20f594348c0611803704", - "sha256:40523d2efb60523e113b44602298f0960e900388cf3bb6043f645cf57ea9e3f5" - ], - "version": "==2017.7.27.1" - }, - "chardet": { - "hashes": [ - "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691", - "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae" - ], - "version": "==3.0.4" - }, - "idna": { - "hashes": [ - "sha256:8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4", - "sha256:2c6a5de3089009e3da7c5dde64a141dbc8551d5b7f6cf4ed7c2568d0cc520a8f" - ], - "version": "==2.6" - }, - "requests": { - "hashes": [ - "sha256:6a1b267aa90cac58ac3a765d067950e7dbbf75b1da07e895d1f594193a40a38b", - "sha256:9c443e7324ba5b85070c4a818ade28bfabedf16ea10206da1132edaa6dda237e" - ], - "version": "==2.18.4" - }, - "urllib3": { - "hashes": [ - "sha256:06330f386d6e4b195fbfc736b297f58c5a892e4440e54d294d7004e3a9bbea1b", - "sha256:cc44da8e1145637334317feebd728bd869a35285b93cbb4cca2577da7e62db4f" - ], - "version": "==1.22" - } - }, - "develop": { - "py": { - "hashes": [ - "sha256:2ccb79b01769d99115aa600d7eed99f524bf752bba8f041dc1c184853514655a", - "sha256:0f2d585d22050e90c7d293b6451c83db097df77871974d90efd5a30dc12fcde3" - ], - "version": "==1.4.34" - }, - "pytest": { - "hashes": [ - "sha256:b84f554f8ddc23add65c411bf112b2d88e2489fd45f753b1cae5936358bdf314", - "sha256:f46e49e0340a532764991c498244a60e3a37d7424a532b3ff1a6a7653f1a403a" - ], - "version": "==3.2.2" - } - } -} -.ft P -.fi -.UNINDENT -.UNINDENT -.SS ☤ General Recommendations & Version Control -.INDENT 0.0 -.IP \(bu 2 -Generally, keep both \fBPipfile\fP and \fBPipfile.lock\fP in version control. -.IP \(bu 2 -Do not keep \fBPipfile.lock\fP in version control if multiple versions of Python are being targeted. -.IP \(bu 2 -Specify your target Python version in your \fBPipfile\fP\(aqs \fB[requires]\fP section. Ideally, you should only have one target Python version, as this is a deployment tool. \fBpython_version\fP should be in the format \fBX.Y\fP (or \fBX\fP) and \fBpython_full_version\fP should be in \fBX.Y.Z\fP format. -.IP \(bu 2 -\fBpipenv install\fP is fully compatible with \fBpip install\fP syntax, for which the full documentation can be found \fI\%here\fP\&. -.IP \(bu 2 -Note that the \fBPipfile\fP uses the \fI\%TOML Spec\fP\&. -.UNINDENT -.SS ☤ Example Pipenv Workflow -.sp -Clone / create project repository: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ cd myproject -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Install from Pipfile, if there is one: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Or, add a package to your new project: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -This will create a \fBPipfile\fP if one doesn\(aqt exist. If one does exist, it will automatically be edited with the new package you provided. -.sp -Next, activate the Pipenv shell: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv shell -$ python \-\-version -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -This will spawn a new shell subprocess, which can be deactivated by using \fBexit\fP\&. -.SS ☤ Example Pipenv Upgrade Workflow -.INDENT 0.0 -.IP \(bu 2 -Find out what\(aqs changed upstream: \fB$ pipenv update \-\-outdated\fP\&. -.IP \(bu 2 -.INDENT 2.0 -.TP -.B Upgrade packages, two options: -.INDENT 7.0 -.IP a. 3 -Want to upgrade everything? Just do \fB$ pipenv update\fP\&. -.IP b. 3 -Want to upgrade packages one\-at\-a\-time? \fB$ pipenv update \fP for each outdated package. -.UNINDENT -.UNINDENT -.UNINDENT -.SS ☤ Importing from requirements.txt -.sp -If you only have a \fBrequirements.txt\fP file available when running \fBpipenv install\fP, -pipenv will automatically import the contents of this file and create a \fBPipfile\fP for you. -.sp -You can also specify \fB$ pipenv install \-r path/to/requirements.txt\fP to import a requirements file. -.sp -If your requirements file has version numbers pinned, you\(aqll likely want to edit the new \fBPipfile\fP -to remove those, and let \fBpipenv\fP keep track of pinning. If you want to keep the pinned versions -in your \fBPipfile.lock\fP for now, run \fBpipenv lock \-\-keep\-outdated\fP\&. Make sure to -\fI\%upgrade\fP soon! -.SS ☤ Specifying Versions of a Package -.sp -You can specify versions of a package using the \fI\%Semantic Versioning scheme\fP -(i.e. \fBmajor.minor.micro\fP). -.sp -For example, to install requests you can use: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install requests~=1.2 -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Pipenv will install version \fB1.2\fP and any minor update, but not \fB2.0\fP\&. -.sp -This will update your \fBPipfile\fP to reflect this requirement, automatically. -.sp -In general, Pipenv uses the same specifier format as pip. However, note that according to \fI\%PEP 440\fP , you can\(aqt use versions containing a hyphen or a plus sign. -.sp -To make inclusive or exclusive version comparisons you can use: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install "requests>=1.4" # will install a version equal or larger than 1.4.0 -$ pipenv install "requests<=2.13" # will install a version equal or lower than 2.13.0 -$ pipenv install "requests>2.19" # will install 2.19.1 but not 2.19.0 -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -The use of double quotes around the package and version specification (i.e. \fB"requests>2.19"\fP) is highly recommended -to avoid issues with \fI\%Input and output redirection\fP -in Unix\-based operating systems. -.UNINDENT -.UNINDENT -.sp -The use of \fB~=\fP is preferred over the \fB==\fP identifier as the latter prevents pipenv from updating the packages: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install "requests~=2.2" # locks the major version of the package (this is equivalent to using >=2.2, ==2.*) -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -To avoid installing a specific version you can use the \fB!=\fP identifier. -.sp -For an in depth explanation of the valid identifiers and more complex use cases check \fI\%the relevant section of PEP\-440\fP\&. -.SS ☤ Specifying Versions of Python -.sp -To create a new virtualenv, using a specific version of Python you have installed (and -on your \fBPATH\fP), use the \fB\-\-python VERSION\fP flag, like so: -.sp -Use Python 3: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv \-\-python 3 -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Use Python3.6: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv \-\-python 3.6 -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Use Python 2.7.14: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv \-\-python 2.7.14 -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -When given a Python version, like this, Pipenv will automatically scan your system for a Python that matches that given version. -.sp -If a \fBPipfile\fP hasn\(aqt been created yet, one will be created for you, that looks like this: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[[source]] -url = "https://pypi.python.org/simple" -verify_ssl = true - -[dev\-packages] - -[packages] - -[requires] -python_version = "3.6" -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -The inclusion of \fB[requires] python_version = "3.6"\fP specifies that your application requires this version -of Python, and will be used automatically when running \fBpipenv install\fP against this \fBPipfile\fP in the future -(e.g. on other machines). If this is not true, feel free to simply remove this section. -.UNINDENT -.UNINDENT -.sp -If you don\(aqt specify a Python version on the command–line, either the \fB[requires]\fP \fBpython_full_version\fP or \fBpython_version\fP will be selected -automatically, falling back to whatever your system\(aqs default \fBpython\fP installation is, at time of execution. -.SS ☤ Editable Dependencies (e.g. \fB\-e .\fP ) -.sp -You can tell Pipenv to install a path as editable — often this is useful for -the current working directory when working on packages: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install \-\-dev \-e . - -$ cat Pipfile -\&... -[dev\-packages] -"e1839a8" = {path = ".", editable = true} -\&... -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -All sub\-dependencies will get added to the \fBPipfile.lock\fP as well. Sub\-dependencies are \fBnot\fP added to the -\fBPipfile.lock\fP if you leave the \fB\-e\fP option out. -.UNINDENT -.UNINDENT -.SS ☤ Specifying Package Categories -.sp -Originally pipenv supported only two package groups: \fBpackages\fP and \fBdev\-packages\fP in the \fBPipfile\fP which mapped to \fBdefault\fP and \fBdevelop\fP in the \fBPipfile.lock\fP\&. Support for additional named categories has been added such that arbitrary named groups can utilized across the available pipenv commands. -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -The name will be the same between \fBPipfile\fP and lock file, however to support the legacy naming convention it is not possible to have an additional group named \fBdefault\fP or \fBdevelop\fP in the \fBPipfile\fP\&. -.UNINDENT -.UNINDENT -.sp -By default \fBpipenv lock\fP will lock all known package categorises; to specify locking only specific groups use the \fB\-\-categories\fP argument. -The command should process the package groups in the order specified. -.sp -Example usages: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -# single category -pipenv install six \-\-catetgories prereq - -# multiple categories -pipenv sync \-\-categories="prereq packages" - -# lock and uninstall examples -pipenv lock \-\-categories="prereq dev\-packages" -pipenv uninstall six \-\-categories prereq -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -The \fBpackages\fP/\fBdefault\fP specifiers are used to constrain all other categories just as they have done for \fBdev\-packages\fP/\fBdevelop\fP category. However this is the only way constraints are applied \-\- the presence of other named groups do not constraint each other, which means it is possible to define conflicting package versions across groups. This may be desired in some use cases where users only are installing groups specific to their system platform. -.UNINDENT -.UNINDENT -.SS ☤ Environment Management with Pipenv -.sp -The three primary commands you\(aqll use in managing your pipenv environment are -\fB$ pipenv install\fP, \fB$ pipenv uninstall\fP, and \fB$ pipenv lock\fP\&. -.SS $ pipenv install -.sp -\fB$ pipenv install\fP is used for installing packages into the pipenv virtual environment -and updating your Pipfile. -.sp -Along with the basic install command, which takes the form: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install [package names] -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -The user can provide these additional parameters: -.INDENT 0.0 -.INDENT 3.5 -.INDENT 0.0 -.IP \(bu 2 -\fB\-\-three\fP — Performs the installation in a virtualenv using the system \fBpython3\fP link. -.IP \(bu 2 -\fB\-\-python\fP — Performs the installation in a virtualenv using the provided Python interpreter. -.UNINDENT -.sp -\fBWARNING:\fP -.INDENT 0.0 -.INDENT 3.5 -None of the above commands should be used together. They are also -\fBdestructive\fP and will delete your current virtualenv before replacing -it with an appropriately versioned one. -.UNINDENT -.UNINDENT -.INDENT 0.0 -.IP \(bu 2 -\fB\-\-dev\fP — Install both \fBdevelop\fP and \fBdefault\fP packages from \fBPipfile\fP\&. -.IP \(bu 2 -\fB\-\-system\fP — Use the system \fBpip\fP command rather than the one from your virtualenv. -.IP \(bu 2 -\fB\-\-deploy\fP — Make sure the packages are properly locked in Pipfile.lock, and abort if the lock file is out\-of\-date. -.IP \(bu 2 -\fB\-\-ignore\-pipfile\fP — Ignore the \fBPipfile\fP and install from the \fBPipfile.lock\fP\&. -.IP \(bu 2 -\fB\-\-skip\-lock\fP — Ignore the \fBPipfile.lock\fP and install from the \fBPipfile\fP\&. In addition, do not write out a \fBPipfile.lock\fP reflecting changes to the \fBPipfile\fP\&. -.UNINDENT -.UNINDENT -.UNINDENT -.SS $ pipenv uninstall -.sp -\fB$ pipenv uninstall\fP supports all of the parameters in \fI\%pipenv install\fP, -as well as two additional options, \fB\-\-all\fP and \fB\-\-all\-dev\fP\&. -.INDENT 0.0 -.INDENT 3.5 -.INDENT 0.0 -.IP \(bu 2 -\fB\-\-all\fP — This parameter will purge all files from the virtual environment, -but leave the Pipfile untouched. -.IP \(bu 2 -\fB\-\-all\-dev\fP — This parameter will remove all of the development packages from -the virtual environment, and remove them from the Pipfile. -.UNINDENT -.UNINDENT -.UNINDENT -.SS $ pipenv lock -.sp -\fB$ pipenv lock\fP is used to create a \fBPipfile.lock\fP, which declares \fBall\fP dependencies (and sub\-dependencies) of your project, their latest available versions, and the current hashes for the downloaded files. This ensures repeatable, and most importantly \fIdeterministic\fP, builds. -.SS ☤ About Shell Configuration -.sp -Shells are typically misconfigured for subshell use, so \fB$ pipenv shell \-\-fancy\fP may produce unexpected results. If this is the case, try \fB$ pipenv shell\fP, which uses "compatibility mode", and will attempt to spawn a subshell despite misconfiguration. -.sp -A proper shell configuration only sets environment variables like \fBPATH\fP during a login session, not during every subshell spawn (as they are typically configured to do). In fish, this looks like this: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -if status \-\-is\-login - set \-gx PATH /usr/local/bin $PATH -end -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -You should do this for your shell too, in your \fB~/.profile\fP or \fB~/.bashrc\fP or wherever appropriate. -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -The shell launched in interactive mode. This means that if your shell reads its configuration from a specific file for interactive mode (e.g. bash by default looks for a \fB~/.bashrc\fP configuration file for interactive mode), then you\(aqll need to modify (or create) this file. -.UNINDENT -.UNINDENT -.sp -If you experience issues with \fB$ pipenv shell\fP, just check the \fBPIPENV_SHELL\fP environment variable, which \fB$ pipenv shell\fP will use if available. For detail, see \fI\%☤ Configuration With Environment Variables\fP\&. -.SS ☤ A Note about VCS Dependencies -.sp -You can install packages with pipenv from git and other version control systems using URLs formatted according to the following rule: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -+:////@#egg= -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -The only optional section is the \fB@\fP section. When using git over SSH, you may use the shorthand vcs and scheme alias \fBgit+git@:/@#egg=\fP\&. Note that this is translated to \fBgit+ssh://git@\fP when parsed. -.sp -Note that it is \fBstrongly recommended\fP that you install any version\-controlled dependencies in editable mode, using \fBpipenv install \-e\fP, in order to ensure that dependency resolution can be performed with an up\-to\-date copy of the repository each time it is performed, and that it includes all known dependencies. -.sp -Below is an example usage which installs the git repository located at \fBhttps://github.com/requests/requests.git\fP from tag \fBv2.20.1\fP as package name \fBrequests\fP: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install \-e git+https://github.com/requests/requests.git@v2.20.1#egg=requests -Creating a Pipfile for this project... -Installing \-e git+https://github.com/requests/requests.git@v2.20.1#egg=requests... -[...snipped...] -Adding \-e git+https://github.com/requests/requests.git@v2.20.1#egg=requests to Pipfile\(aqs [packages]... -[...] - -$ cat Pipfile -[packages] -requests = {git = "https://github.com/requests/requests.git", editable = true, ref = "v2.20.1"} -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Valid values for \fB\fP include \fBgit\fP, \fBbzr\fP, \fBsvn\fP, and \fBhg\fP\&. Valid values for \fB\fP include \fBhttp\fP, \fBhttps\fP, \fBssh\fP, and \fBfile\fP\&. In specific cases you also have access to other schemes: \fBsvn\fP may be combined with \fBsvn\fP as a scheme, and \fBbzr\fP can be combined with \fBsftp\fP and \fBlp\fP\&. -.sp -You can read more about pip\(aqs implementation of VCS support \fI\%here\fP\&. For more information about other options available when specifying VCS dependencies, please check the \fI\%Pipfile spec\fP\&. -.SS ☤ Pipfile.lock Security Features -.sp -\fBPipfile.lock\fP takes advantage of some great new security improvements in \fBpip\fP\&. -By default, the \fBPipfile.lock\fP will be generated with the sha256 hashes of each downloaded -package. This will allow \fBpip\fP to guarantee you\(aqre installing what you intend to when -on a compromised network, or downloading dependencies from an untrusted PyPI endpoint. -.sp -We highly recommend approaching deployments with promoting projects from a development -environment into production. You can use \fBpipenv lock\fP to compile your dependencies on -your development environment and deploy the compiled \fBPipfile.lock\fP to all of your -production environments for reproducible builds. -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -If you\(aqd like a \fBrequirements.txt\fP output of the lockfile, run \fB$ pipenv requirements\fP\&. -.UNINDENT -.UNINDENT -.SS ☤ Pipenv and Docker Containers -.sp -In general, you should not have Pipenv inside a linux container image, since -it is a build tool. If you want to use it to build, and install the run time -dependencies for your application, you can use a multistage build for creating -a virtual environment with your dependencies. In this approach, -Pipenv in installed in the base layer, it is then used to create the virtual -environment. In a later stage, in a \fBruntime\fP layer the virtual environment -is copied from the base layer, the layer containing pipenv and other build -dependencies is discarded. -This results in a smaller image, which can still run your application. -Here is an example \fBDockerfile\fP, which you can use as a starting point for -doing a multistage build for your application: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -FROM docker.io/python:3.9 AS builder - -RUN pip install \-\-user pipenv - -# Tell pipenv to create venv in the current directory -ENV PIPENV_VENV_IN_PROJECT=1 - -# Pipfile contains requests -ADD Pipfile.lock Pipfile /usr/src/ - -WORKDIR /usr/src - -# NOTE: If you install binary packages required for a python module, you need -# to install them again in the runtime. For example, if you need to install pycurl -# you need to have pycurl build dependencies libcurl4\-gnutls\-dev and libcurl3\-gnutls -# In the runtime container you need only libcurl3\-gnutls - -# RUN apt install \-y libcurl3\-gnutls libcurl4\-gnutls\-dev - -RUN /root/.local/bin/pipenv sync - -RUN /usr/src/.venv/bin/python \-c "import requests; print(requests.__version__)" - -FROM docker.io/python:3.9 AS runtime - -RUN mkdir \-v /usr/src/.venv - -COPY \-\-from=builder /usr/src/.venv/ /usr/src/.venv/ - -RUN /usr/src/.venv/bin/python \-c "import requests; print(requests.__version__)" - -# HERE GOES ANY CODE YOU NEED TO ADD TO CREATE YOUR APPLICATION\(aqS IMAGE -# For example -# RUN apt install \-y libcurl3\-gnutls -# RUN adduser \-\-uid 123123 coolio -# ADD run.py /usr/src/ - -WORKDIR /usr/src/ - -USER coolio - -CMD ["./.venv/bin/python", "\-m", "run.py"] -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -Pipenv is not meant to run as root. However, in the multistage build above -it is done nevertheless. A calculated risk, since the intermediate image -is discarded. -The runtime image later shows that you should create a user and user it to -run your application. -\fBOnce again, you should not run pipenv as root (or Admin on Windows) normally. -This could lead to breakage of your Python installation, or even your complete -OS.\fP -.UNINDENT -.UNINDENT -.sp -When you build an image with this example (assuming requests is found in Pipfile), you -will see that \fBrequests\fP is installed in the \fBruntime\fP image: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ sudo docker build \-\-no\-cache \-t oz/123:0.1 . -Sending build context to Docker daemon 1.122MB -Step 1/12 : FROM docker.io/python:3.9 AS builder - \-\-\-> 81f391f1a7d7 -Step 2/12 : RUN pip install \-\-user pipenv - \-\-\-> Running in b83ed3c28448 - ... trimmed ... - \-\-\-> 848743eb8c65 -Step 4/12 : ENV PIPENV_VENV_IN_PROJECT=1 - \-\-\-> Running in 814e6f5fec5b -Removing intermediate container 814e6f5fec5b - \-\-\-> 20167b4a13e1 -Step 5/12 : ADD Pipfile.lock Pipfile /usr/src/ - \-\-\-> c7632cb3d5bd -Step 6/12 : WORKDIR /usr/src - \-\-\-> Running in 1d75c6cfce10 -Removing intermediate container 1d75c6cfce10 - \-\-\-> 2dcae54cc2e5 -Step 7/12 : RUN /root/.local/bin/pipenv sync - \-\-\-> Running in 1a00b326b1ee -Creating a virtualenv for this project... -\&... trimmed ... -✔ Successfully created virtual environment! -Virtualenv location: /usr/src/.venv -Installing dependencies from Pipfile.lock (fe5a22)... -\&... trimmed ... -Step 8/12 : RUN /usr/src/.venv/bin/python \-c "import requests; print(requests.__version__)" - \-\-\-> Running in 3a66e3ce4a11 -2.27.1 -Removing intermediate container 3a66e3ce4a11 - \-\-\-> 1db657d0ac17 -Step 9/12 : FROM docker.io/python:3.9 AS runtime -\&... trimmed ... -Step 12/12 : RUN /usr/src/venv/bin/python \-c "import requests; print(requests.__version__)" - \-\-\-> Running in fa39ba4080c5 -2.27.1 -Removing intermediate container fa39ba4080c5 - \-\-\-> 2b1c90fd414e -Successfully built 2b1c90fd414e -Successfully tagged oz/123:0.1 -.ft P -.fi -.UNINDENT -.UNINDENT -.SS Advanced Usage of Pipenv -[image] -.sp -This document covers some of Pipenv\(aqs more glorious and advanced features. -.SS ☤ Caveats -.INDENT 0.0 -.IP \(bu 2 -Dependencies of wheels provided in a \fBPipfile\fP will not be captured by \fB$ pipenv lock\fP\&. -.IP \(bu 2 -There are some known issues with using private indexes, related to hashing. We\(aqre actively working to solve this problem. You may have great luck with this, however. -.IP \(bu 2 -Installation is intended to be as deterministic as possible. -.UNINDENT -.SS ☤ Specifying Package Indexes -.sp -Starting in release \fB2022.3.23\fP all packages are mapped only to a single package index for security reasons. -All unspecified packages are resolved using the default index source; the default package index is PyPI. -.sp -For a specific package to be installed from an alternate package index, you must match the name of the index as in the following example: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[[source]] -url = "https://pypi.org/simple" -verify_ssl = true -name = "pypi" - -[[source]] -url = "https://download.pytorch.org/whl/cu113/" -verify_ssl = false -name = "pytorch" - -[dev\-packages] - -[packages] -torch = {version="*", index="pytorch"} -numpy = {version="*"} -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -You may install a package such as the example \fBtorch\fP from the named index \fBpytorch\fP using the CLI by running -the following command: -.sp -\fBpipenv install \-\-index=pytorch torch\fP -.sp -Alternatively the index may be specified by full url, and it will be added to the \fBPipfile\fP with a generated name -unless it already exists in which case the existing name with be reused when pinning the package index. -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -In prior versions of \fBpipenv\fP you could specify \fB\-\-extra\-index\-urls\fP to the \fBpip\fP resolver and avoid -specifically matching the expected index by name. That functionality was deprecated in favor of index restricted -packages, which is a simplifying assumption that is more security mindful. The pip documentation has the following -warning around the \fB\-\-extra\-index\-urls\fP option: -.sp -\fIUsing this option to search for packages which are not in the main repository (such as private packages) is unsafe, -per a security vulnerability called dependency confusion: an attacker can claim the package on the public repository -in a way that will ensure it gets chosen over the private package.\fP -.UNINDENT -.UNINDENT -.sp -Should you wish to use an alternative default index other than PyPI: simply do not specify PyPI as one of the -sources in your \fBPipfile\fP\&. When PyPI is omitted, then any public packages required either directly or -as sub\-dependencies must be mirrored onto your private index or they will not resolve properly. This matches the -standard recommendation of \fBpip\fP maintainers: "To correctly make a private project installable is to point -\-\-index\-url to an index that contains both PyPI and their private projects—which is our recommended best practice." -.sp -The above documentation holds true for both \fBlock\fP resolution and \fBsync\fP of packages. It was suggested that -once the resolution and the lock file are updated, it is theoretically possible to safely scan multiple indexes -for these packages when running \fBpipenv sync\fP or \fBpipenv install \-\-deploy\fP since it will verify the package -hashes match the allowed hashes that were already captured from a safe locking cycle. -To enable this non\-default behavior, add \fBinstall_search_all_sources = true\fP option -to your \fBPipfile\fP in the \fBpipenv\fP section: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[pipenv] -install_search_all_sources = true -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -\fBNote:\fP The locking cycle will still requires that each package be resolved from a single index. This feature was -requested as a workaround in order to support organizations where not everyone has access to the package sources. -.SS ☤ Using a PyPI Mirror -.sp -Should you wish to override the default PyPI index URLs with the URL for a PyPI mirror, you can do the following: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install \-\-pypi\-mirror - -$ pipenv update \-\-pypi\-mirror - -$ pipenv sync \-\-pypi\-mirror - -$ pipenv lock \-\-pypi\-mirror - -$ pipenv uninstall \-\-pypi\-mirror -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Alternatively, setting the \fBPIPENV_PYPI_MIRROR\fP environment variable is equivalent to passing \fB\-\-pypi\-mirror \fP\&. -.SS ☤ Injecting credentials into Pipfile via environment variables -.sp -Pipenv will expand environment variables (if defined) in your Pipfile. Quite -useful if you need to authenticate to a private PyPI: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[[source]] -url = "https://$USERNAME:${PASSWORD}@mypypi.example.com/simple" -verify_ssl = true -name = "pypi" -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Luckily \- pipenv will hash your Pipfile \fIbefore\fP expanding environment -variables (and, helpfully, will substitute the environment variables again when -you install from the lock file \- so no need to commit any secrets! Woo!) -.sp -If your credentials contain special characters, make sure they are URL\-encoded as specified in \fI\%rfc3986\fP\&. -.sp -Environment variables may be specified as \fB${MY_ENVAR}\fP or \fB$MY_ENVAR\fP\&. -.sp -On Windows, \fB%MY_ENVAR%\fP is supported in addition to \fB${MY_ENVAR}\fP or \fB$MY_ENVAR\fP\&. -.sp -Environment variables in the URL part of requirement specifiers can also be expanded, where the variable must be in the form of \fB${VAR_NAME}\fP\&. Neither \fB$VAR_NAME\fP nor \fB%VAR_NAME%\fP is acceptable: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[[package]] -requests = {git = "git://${USERNAME}:${PASSWORD}@private.git.com/psf/requests.git", ref = "2.22.0"} -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Keep in mind that environment variables are expanded in runtime, leaving the entries in \fBPipfile\fP or \fBPipfile.lock\fP untouched. This is to avoid the accidental leakage of credentials in the source code. -.SS ☤ Injecting credentials through keychain support -.sp -Private registries on Google Cloud, Azure and AWS support dynamic credentials using -the keychain implementation. Due to the way the keychain is structured, it might ask -the user for input. Asking the user for input is disabled. This will disable the keychain -support completely, unfortunately. -.sp -If you want to work with private registries that use the keychain for authentication, you -can disable the "enforcement of no input". -.sp -\fBNote:\fP Please be sure that the keychain will really not ask for -input. Otherwise the process will hang forever!: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[[source]] -url = "https://pypi.org/simple" -verify_ssl = true -name = "pypi" - -[[source]] -url = "https://europe\-python.pkg.dev/my\-project/python/simple" -verify_ssl = true -name = "private\-gcp" - -[packages] -flask = "*" -private\-test\-package = {version = "*", index = "private\-gcp"} - -[pipenv] -disable_pip_input = false -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Above example will install \fBflask\fP and a private package \fBprivate\-test\-package\fP from GCP. -.SS ☤ Supplying additional arguments to pip -.sp -There may be cases where you wish to supply additional arguments to pip to be used during the install phase. -For example, you may want to enable the pip feature for using -\fI\%system certificate stores\fP -.sp -In this case you can supply these additional arguments to \fBpipenv sync\fP or \fBpipenv install\fP by passing additional -argument \fB\-\-extra\-pip\-args="\-\-use\-feature=truststore"\fP\&. It is possible to supply multiple arguments in the \fB\-\-extra\-pip\-args\fP\&. -Example usage: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv sync \-\-extra\-pip\-args="\-\-use\-feature=truststore \-\-proxy=127.0.0.1" -.ft P -.fi -.UNINDENT -.UNINDENT -.SS ☤ Specifying Basically Anything -.sp -If you\(aqd like to specify that a specific package only be installed on certain systems, -you can use \fI\%PEP 508 specifiers\fP to accomplish this. -.sp -Here\(aqs an example \fBPipfile\fP, which will only install \fBpywinusb\fP on Windows systems: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[[source]] -url = "https://pypi.python.org/simple" -verify_ssl = true -name = "pypi" - -[packages] -requests = "*" -pywinusb = {version = "*", sys_platform = "== \(aqwin32\(aq"} -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Voilà! -.sp -Here\(aqs a more complex example: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[[source]] -url = "https://pypi.python.org/simple" -verify_ssl = true - -[packages] -unittest2 = {version = ">=1.0,<3.0", markers="python_version < \(aq2.7.9\(aq or (python_version >= \(aq3.0\(aq and python_version < \(aq3.4\(aq)"} -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Magic. Pure, unadulterated magic. -.SS ☤ Using pipenv for Deployments -.sp -You may want to use \fBpipenv\fP as part of a deployment process. -.sp -You can enforce that your \fBPipfile.lock\fP is up to date using the \fB\-\-deploy\fP flag: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install \-\-deploy -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -This will fail a build if the \fBPipfile.lock\fP is out–of–date, instead of generating a new one. -.sp -Or you can install packages exactly as specified in \fBPipfile.lock\fP using the \fBsync\fP command: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv sync -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -\fBpipenv install \-\-ignore\-pipfile\fP is nearly equivalent to \fBpipenv sync\fP, but \fBpipenv sync\fP will \fInever\fP attempt to re\-lock your dependencies as it is considered an atomic operation. \fBpipenv install\fP by default does attempt to re\-lock unless using the \fB\-\-deploy\fP flag. -.UNINDENT -.UNINDENT -.sp -You may only wish to verify your \fBPipfile.lock\fP is up\-to\-date with dependencies specified in the \fBPipfile\fP, without installing: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv verify -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -The command will perform a verification, and return an exit code \fB1\fP when dependency locking is needed. This may be useful for cases when the \fBPipfile.lock\fP file is subject to version control, so this command can be used within your CI/CD pipelines. -.SS Deploying System Dependencies -.sp -You can tell Pipenv to install a Pipfile\(aqs contents into its parent system with the \fB\-\-system\fP flag: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install \-\-system -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -This is useful for managing the system Python, and deployment infrastructure (e.g. Heroku does this). -.SS ☤ Pipenv and Other Python Distributions -.sp -To use Pipenv with a third\-party Python distribution (e.g. Anaconda), you simply provide the path to the Python binary: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install \-\-python=/path/to/python -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Anaconda uses Conda to manage packages. To reuse Conda–installed Python packages, use the \fB\-\-site\-packages\fP flag: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv \-\-python=/path/to/python \-\-site\-packages -.ft P -.fi -.UNINDENT -.UNINDENT -.SS ☤ Generating a \fBrequirements.txt\fP -.sp -Sometimes, you would want to generate a requirements file based on your current -environment, for example to include tooling that only supports requirements.txt. -You can convert a \fBPipfile.lock\fP into a \fBrequirements.txt\fP -file very easily. -.sp -Let\(aqs take this \fBPipfile\fP: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[[source]] -url = "https://pypi.python.org/simple" -verify_ssl = true -name = "pypi" - -[packages] -requests = {version="==2.18.4"} - -[dev\-packages] -pytest = {version="==3.2.3"} -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Which generates a \fBPipfile.lock\fP upon completion of running \fBpipenv lock\(ga\fP similar to: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -{ - "_meta": { - "hash": { - "sha256": "4b81df812babd4e54ba5a4086714d7d303c1c3f00d725c76e38dd58cbd360f4e" - }, - "pipfile\-spec": 6, - "requires": {}, - "sources": [ - { - "name": "pypi", - "url": "https://pypi.python.org/simple", - "verify_ssl": true - } - ] - }, - "default": { - ... snipped ... - "requests": { - "hashes": [ - "sha256:6a1b267aa90cac58ac3a765d067950e7dbbf75b1da07e895d1f594193a40a38b", - "sha256:9c443e7324ba5b85070c4a818ade28bfabedf16ea10206da1132edaa6dda237e" - ], - "index": "pypi", - "version": "==2.18.4" - }, - ... snipped ... - }, - "develop": { - ... snipped ... - "pytest": { - "hashes": [ - "sha256:27fa6617efc2869d3e969a3e75ec060375bfb28831ade8b5cdd68da3a741dc3c", - "sha256:81a25f36a97da3313e1125fce9e7bbbba565bc7fec3c5beb14c262ddab238ac1" - ], - "index": "pypi", - "version": "==3.2.3" - } - ... snipped ... -} -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Given the \fBPipfile.lock\fP exists, you may generate a set of requirements out of it with the default dependencies: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv requirements -\-i https://pypi.python.org/simple -certifi==2022.9.24 ; python_version >= \(aq3.6\(aq -chardet==3.0.4 -idna==2.6 -requests==2.18.4 -urllib3==1.22 -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -As with other commands, passing \fB\-\-dev\fP will include both the default and -development dependencies: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv requirements \-\-dev -\-i https://pypi.python.org/simple -colorama==0.4.5 ; sys_platform == \(aqwin32\(aq -py==1.11.0 ; python_version >= \(aq2.7\(aq and python_version not in \(aq3.0, 3.1, 3.2, 3.3, 3.4\(aq -pytest==3.2.3 -setuptools==65.4.1 ; python_version >= \(aq3.7\(aq -certifi==2022.9.24 ; python_version >= \(aq3.6\(aq -chardet==3.0.4 -idna==2.6 -requests==2.18.4 -urllib3==1.22 -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -If you wish to generate a requirements file with only the -development requirements you can do that too, using the \fB\-\-dev\-only\fP -flag: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv requirements \-\-dev\-only -\-i https://pypi.python.org/simple -colorama==0.4.5 ; sys_platform == \(aqwin32\(aq -py==1.11.0 ; python_version >= \(aq2.7\(aq and python_version not in \(aq3.0, 3.1, 3.2, 3.3, 3.4\(aq -pytest==3.2.3 -setuptools==65.4.1 ; python_version >= \(aq3.7\(aq -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Adding the \fB\-\-hash\fP flag adds package hashes to the output for extra security. -Adding the \fB\-\-exclude\-markers\fP flag excludes the markers from the output. -.sp -The locked requirements are written to stdout, with shell output redirection -used to write them to a file: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv requirements > requirements.txt -$ pipenv requirements \-\-dev\-only > dev\-requirements.txt -$ cat requirements.txt -\-i https://pypi.python.org/simple -certifi==2022.9.24 ; python_version >= \(aq3.6\(aq -chardet==3.0.4 -idna==2.6 -requests==2.18.4 -urllib3==1.22 -$ cat dev\-requirements.txt -\-i https://pypi.python.org/simple -colorama==0.4.5 ; sys_platform == \(aqwin32\(aq -py==1.11.0 ; python_version >= \(aq2.7\(aq and python_version not in \(aq3.0, 3.1, 3.2, 3.3, 3.4\(aq -pytest==3.2.3 -setuptools==65.4.1 ; python_version >= \(aq3.7\(aq -.ft P -.fi -.UNINDENT -.UNINDENT -.SS ☤ Detection of Security Vulnerabilities -.sp -Pipenv includes the \fI\%safety\fP package, and will use it to scan your dependency graph -for known security vulnerabilities! -.sp -Example: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ cat Pipfile -[packages] -django = "==1.10.1" - -$ pipenv check -Checking PEP 508 requirements... -Passed! -Checking installed package safety... - -33075: django >=1.10,<1.10.3 resolved (1.10.1 installed)! -Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS. - -33076: django >=1.10,<1.10.3 resolved (1.10.1 installed)! -Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually specify a password in the database settings TEST dictionary. - -33300: django >=1.10,<1.10.7 resolved (1.10.1 installed)! -CVE\-2017\-7233: Open redirect and possible XSS attack via user\-supplied numeric redirect URLs -============================================================================================ - -Django relies on user input in some cases (e.g. -:func:\(gadjango.contrib.auth.views.login\(ga and :doc:\(gai18n \(ga) -to redirect the user to an "on success" URL. The security check for these -redirects (namely \(ga\(gadjango.utils.http.is_safe_url()\(ga\(ga) considered some numeric -URLs (e.g. \(ga\(gahttp:999999999\(ga\(ga) "safe" when they shouldn\(aqt be. - -Also, if a developer relies on \(ga\(gais_safe_url()\(ga\(ga to provide safe redirect -targets and puts such a URL into a link, they could suffer from an XSS attack. - -CVE\-2017\-7234: Open redirect vulnerability in \(ga\(gadjango.views.static.serve()\(ga\(ga -============================================================================= - -A maliciously crafted URL to a Django site using the -:func:\(ga~django.views.static.serve\(ga view could redirect to any other domain. The -view no longer does any redirects as they don\(aqt provide any known, useful -functionality. - -Note, however, that this view has always carried a warning that it is not -hardened for production use and should be used only as a development aid. -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -✨🍰✨ -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -Each month, \fI\%PyUp.io\fP updates the \fBsafety\fP database of -insecure Python packages and \fI\%makes it available to the -community for free\fP\&. Pipenv -makes an API call to retrieve those results and use them -each time you run \fBpipenv check\fP to show you vulnerable -dependencies. -.sp -For more up\-to\-date vulnerability data, you may also use your own safety -API key by setting the environment variable \fBPIPENV_PYUP_API_KEY\fP\&. -.UNINDENT -.UNINDENT -.SS ☤ Community Integrations -.sp -There are a range of community\-maintained plugins and extensions available for a range of editors and IDEs, as well as -different products which integrate with Pipenv projects: -.INDENT 0.0 -.IP \(bu 2 -\fI\%Heroku\fP (Cloud Hosting) -.IP \(bu 2 -\fI\%Platform.sh\fP (Cloud Hosting) -.IP \(bu 2 -\fI\%PyUp\fP (Security Notification) -.IP \(bu 2 -\fI\%Emacs\fP (Editor Integration) -.IP \(bu 2 -\fI\%Fish Shell\fP (Automatic \fB$ pipenv shell\fP!) -.IP \(bu 2 -\fI\%VS Code\fP (Editor Integration) -.IP \(bu 2 -\fI\%PyCharm\fP (Editor Integration) -.UNINDENT -.sp -Works in progress: -.INDENT 0.0 -.IP \(bu 2 -\fI\%Sublime Text\fP (Editor Integration) -.IP \(bu 2 -Mysterious upcoming Google Cloud product (Cloud Hosting) -.UNINDENT -.SS ☤ Open a Module in Your Editor -.sp -Pipenv allows you to open any Python module that is installed (including ones in your codebase), with the \fB$ pipenv open\fP command: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install \-e git+https://github.com/kennethreitz/background.git#egg=background -Installing \-e git+https://github.com/kennethreitz/background.git#egg=background... -\&... -Updated Pipfile.lock! - -$ pipenv open background -Opening \(aq/Users/kennethreitz/.local/share/virtualenvs/hmm\-mGOawwm_/src/background/background.py\(aq in your EDITOR. -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -This allows you to easily read the code you\(aqre consuming, instead of looking it up on GitHub. -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -The standard \fBEDITOR\fP environment variable is used for this. If you\(aqre using VS Code, for example, you\(aqll want to \fBexport EDITOR=code\fP (if you\(aqre on macOS you will want to \fI\%install the command\fP on to your \fBPATH\fP first). -.UNINDENT -.UNINDENT -.SS ☤ Automatic Python Installation -.sp -If you have \fI\%pyenv\fP installed and configured, Pipenv will automatically ask you if you want to install a required version of Python if you don\(aqt already have it available. -.sp -This is a very fancy feature, and we\(aqre very proud of it: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ cat Pipfile -[[source]] -url = "https://pypi.python.org/simple" -verify_ssl = true - -[dev\-packages] - -[packages] -requests = "*" - -[requires] -python_version = "3.6" - -$ pipenv install -Warning: Python 3.6 was not found on your system... -Would you like us to install latest CPython 3.6 with pyenv? [Y/n]: y -Installing CPython 3.6.2 with pyenv (this may take a few minutes)... -\&... -Making Python installation global... -Creating a virtualenv for this project... -Using /Users/kennethreitz/.pyenv/shims/python3 to create virtualenv... -\&... -No package provided, installing all dependencies. -\&... -Installing dependencies from Pipfile.lock... -🐍 ❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒ 5/5 — 00:00:03 -To activate this project\(aqs virtualenv, run the following: - $ pipenv shell -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Pipenv automatically honors both the \fBpython_full_version\fP and \fBpython_version\fP \fI\%PEP 508\fP specifiers. -.sp -💫✨🍰✨💫 -.SS ☤ Automatic Loading of \fB\&.env\fP -.sp -If a \fB\&.env\fP file is present in your project, \fB$ pipenv shell\fP and \fB$ pipenv run\fP will automatically load it, for you: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ cat .env -HELLO=WORLD⏎ - -$ pipenv run python -Loading .env environment variables... -Python 2.7.13 (default, Jul 18 2017, 09:17:00) -[GCC 4.2.1 Compatible Apple LLVM 8.1.0 (clang\-802.0.42)] on darwin -Type "help", "copyright", "credits" or "license" for more information. ->>> import os ->>> os.environ[\(aqHELLO\(aq] -\(aqWORLD\(aq -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Shell like variable expansion is available in \fB\&.env\fP files using \fB${VARNAME}\fP syntax.: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ cat .env -CONFIG_PATH=${HOME}/.config/foo - -$ pipenv run python -Loading .env environment variables... -Python 3.7.6 (default, Dec 19 2019, 22:52:49) -[GCC 9.2.1 20190827 (Red Hat 9.2.1\-1)] on linux -Type "help", "copyright", "credits" or "license" for more information. ->>> import os ->>> os.environ[\(aqCONFIG_PATH\(aq] -\(aq/home/kennethreitz/.config/foo\(aq -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -This is very useful for keeping production credentials out of your codebase. -We do not recommend committing \fB\&.env\fP files into source control! -.sp -If your \fB\&.env\fP file is located in a different path or has a different name you may set the \fBPIPENV_DOTENV_LOCATION\fP environment variable: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ PIPENV_DOTENV_LOCATION=/path/to/.env pipenv shell -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -To prevent pipenv from loading the \fB\&.env\fP file, set the \fBPIPENV_DONT_LOAD_ENV\fP environment variable: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ PIPENV_DONT_LOAD_ENV=1 pipenv shell -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -See \fI\%theskumar/python\-dotenv\fP for more information on \fB\&.env\fP files. -.SS ☤ Custom Script Shortcuts -.sp -Pipenv supports creating custom shortcuts in the (optional) \fB[scripts]\fP section of your Pipfile. -.sp -You can then run \fBpipenv run \fP in your terminal to run the command in the -context of your pipenv virtual environment even if you have not activated the pipenv shell first. -.sp -For example, in your Pipfile: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[scripts] -printspam = "python \-c \e"print(\(aqI am a silly example, no one would need to do this\(aq)\e"" -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -And then in your terminal: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv run printspam -I am a silly example, no one would need to do this -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Commands that expect arguments will also work. -For example: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[scripts] -echospam = "echo I am really a very silly example" -.ft P -.fi -.UNINDENT -.UNINDENT -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv run echospam "indeed" -I am really a very silly example indeed -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -You can also specify pacakge functions as callables such as: \fB:\fP\&. These can also take arguments. -For exaple: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[scripts] -my_func_with_args = {call = "package.module:func(\(aqarg1\(aq, \(aqarg2\(aq)"} -my_func_no_args = {call = "package.module:func()"} -.ft P -.fi -.UNINDENT -.UNINDENT -.INDENT 0.0 -.TP -.B :: -$ pipenv run my_func_with_args -$ pipenv run my_func_no_args -.UNINDENT -.sp -You can display the names and commands of your shortcuts by running \fBpipenv scripts\fP in your terminal. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv scripts -command script -echospam echo I am really a very silly example -.ft P -.fi -.UNINDENT -.UNINDENT -.SS ☤ Configuration With Environment Variables -.sp -Pipenv comes with a handful of options that can be enabled via shell environment -variables. To activate them, simply create the variable in your shell and pipenv -will detect it. -.INDENT 0.0 -.TP -.B pipenv.environments.PIPENV_HIDE_EMOJIS = False -Disable emojis in output. -.sp -Default is to show emojis. This is automatically set on Windows. -.UNINDENT -.INDENT 0.0 -.TP -.B class pipenv.environments.Setting -Control various settings of pipenv via environment variables. -.INDENT 7.0 -.TP -.B PIPENV_CACHE_DIR -Location for Pipenv to store it\(aqs package cache. -Default is to use appdir\(aqs user cache directory. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_CUSTOM_VENV_NAME -Tells Pipenv whether to name the venv something other than the default dir name. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_DEFAULT_PYTHON_VERSION -Use this Python version when creating new virtual environments by default. -.sp -This can be set to a version string, e.g. \fB3.9\fP, or a path. Default is to use -whatever Python Pipenv is installed under (i.e. \fBsys.executable\fP). Command -line flags (e.g. \fB\-\-python\fP and \fB\-\-three\fP) are prioritized over -this configuration. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_DONT_LOAD_ENV -If set, Pipenv does not load the \fB\&.env\fP file. -.sp -Default is to load \fB\&.env\fP for \fBrun\fP and \fBshell\fP commands. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_DONT_USE_ASDF -If set, Pipenv does not attempt to install Python with asdf. -.sp -Default is to install Python automatically via asdf when needed, if possible. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_DONT_USE_PYENV -If set, Pipenv does not attempt to install Python with pyenv. -.sp -Default is to install Python automatically via pyenv when needed, if possible. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_DOTENV_LOCATION -If set, Pipenv loads the \fB\&.env\fP file at the specified location. -.sp -Default is to load \fB\&.env\fP from the project root, if found. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_EMULATOR -If set, the terminal emulator\(aqs name for \fBpipenv shell\fP to use. -.sp -Default is to detect emulators automatically. This should be set if your -emulator, e.g. Cmder, cannot be detected correctly. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_IGNORE_VIRTUALENVS -If set, Pipenv will always assign a virtual environment for this project. -.sp -By default, Pipenv tries to detect whether it is run inside a virtual -environment, and reuses it if possible. This is usually the desired behavior, -and enables the user to use any user\-built environments with Pipenv. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_INSTALL_TIMEOUT -Max number of seconds to wait for package installation. -.sp -Defaults to 900 (15 minutes), a very long arbitrary time. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_MAX_DEPTH -Maximum number of directories to recursively search for a Pipfile. -.sp -Default is 3. See also \fBPIPENV_NO_INHERIT\fP\&. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_MAX_RETRIES -Specify how many retries Pipenv should attempt for network requests. -.sp -Default is 0. Automatically set to 1 on CI environments for robust testing. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_NOSPIN -If set, disable terminal spinner. -.sp -This can make the logs cleaner. Automatically set on Windows, and in CI -environments. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_NO_INHERIT -Tell Pipenv not to inherit parent directories. -.sp -This is useful for deployment to avoid using the wrong current directory. -Overwrites \fBPIPENV_MAX_DEPTH\fP\&. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_PIPFILE -If set, this specifies a custom Pipfile location. -.sp -When running pipenv from a location other than the same directory where the -Pipfile is located, instruct pipenv to find the Pipfile in the location -specified by this environment variable. -.sp -Default is to find Pipfile automatically in the current and parent directories. -See also \fBPIPENV_MAX_DEPTH\fP\&. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_PYPI_MIRROR -If set, tells pipenv to override PyPI index urls with a mirror. -.sp -Default is to not mirror PyPI, i.e. use the real one, pypi.org. The -\fB\-\-pypi\-mirror\fP command line flag overwrites this. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_QUIET -If set, makes Pipenv quieter. -.sp -Default is unset, for normal verbosity. \fBPIPENV_VERBOSE\fP overrides this. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_RESOLVE_VCS -Tells Pipenv whether to resolve all VCS dependencies in full. -.sp -As of Pipenv 2018.11.26, only editable VCS dependencies were resolved in full. -To retain this behavior and avoid handling any conflicts that arise from the new -approach, you may set this to \(aq0\(aq, \(aqoff\(aq, or \(aqfalse\(aq. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_SHELL_EXPLICIT -An absolute path to the preferred shell for \fBpipenv shell\fP\&. -.sp -Default is to detect automatically what shell is currently in use. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_SHELL_FANCY -If set, always use fancy mode when invoking \fBpipenv shell\fP\&. -.sp -Default is to use the compatibility shell if possible. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_SKIP_LOCK -If set, Pipenv won\(aqt lock dependencies automatically. -.sp -This might be desirable if a project has large number of dependencies, -because locking is an inherently slow operation. -.sp -Default is to lock dependencies and update \fBPipfile.lock\fP on each run. -.sp -Usage: \fIexport PIPENV_SKIP_LOCK=true\fP OR \fIexport PIPENV_SKIP_LOCK=1\fP to skip automatic locking -.sp -NOTE: This only affects the \fBinstall\fP and \fBuninstall\fP commands. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_SPINNER -Sets the default spinner type. -.sp -Spinners are identical to the \fBnode.js\fP spinners and can be found at -\fI\%https://github.com/sindresorhus/cli\-spinners\fP -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_TIMEOUT -Max number of seconds Pipenv will wait for virtualenv creation to complete. -.sp -Default is 120 seconds, an arbitrary number that seems to work. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_VERBOSE -If set, makes Pipenv more wordy. -.sp -Default is unset, for normal verbosity. This takes precedence over -\fBPIPENV_QUIET\fP\&. -.UNINDENT -.INDENT 7.0 -.TP -.B PIPENV_YES -If set, Pipenv automatically assumes "yes" at all prompts. -.sp -Default is to prompt the user for an answer if the current command line session -if interactive. -.UNINDENT -.INDENT 7.0 -.TP -.B PIP_EXISTS_ACTION -Specifies the value for pip\(aqs \-\-exists\-action option -.sp -Defaults to \fB(w)ipe\fP -.UNINDENT -.INDENT 7.0 -.TP -.B USING_DEFAULT_PYTHON -Use the default Python -.UNINDENT -.UNINDENT -.INDENT 0.0 -.TP -.B pipenv.environments.get_from_env(arg, prefix=\(aqPIPENV\(aq, check_for_negation=True) -Check the environment for a variable, returning its truthy or stringified value -.sp -For example, setting \fBPIPENV_NO_RESOLVE_VCS=1\fP would mean that -\fBget_from_env("RESOLVE_VCS", prefix="PIPENV")\fP would return \fBFalse\fP\&. -.INDENT 7.0 -.TP -.B Parameters -.INDENT 7.0 -.IP \(bu 2 -\fBarg\fP (\fIstr\fP) \-\- The name of the variable to look for -.IP \(bu 2 -\fBprefix\fP (\fIstr\fP) \-\- The prefix to attach to the variable, defaults to "PIPENV" -.IP \(bu 2 -\fBcheck_for_negation\fP (\fIbool\fP) \-\- Whether to check for \fB_NO_\fP, defaults -to True -.UNINDENT -.TP -.B Returns -The value from the environment if available -.TP -.B Return type -Optional[Union[str, bool]] -.UNINDENT -.UNINDENT -.INDENT 0.0 -.TP -.B pipenv.environments.is_in_virtualenv() -Check virtualenv membership dynamically -.INDENT 7.0 -.TP -.B Returns -True or false depending on whether we are in a regular virtualenv or not -.TP -.B Return type -bool -.UNINDENT -.UNINDENT -.INDENT 0.0 -.TP -.B pipenv.environments.is_using_venv() -> bool -Check for venv\-based virtual environment which sets sys.base_prefix -.UNINDENT -.sp -If you\(aqd like to set these environment variables on a per\-project basis, I recommend utilizing the fantastic \fI\%direnv\fP project, in order to do so. -.sp -Also note that \fI\%pip itself supports environment variables\fP, if you need additional customization. -.sp -For example: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ PIP_INSTALL_OPTION="\-\- \-DCMAKE_BUILD_TYPE=Release" pipenv install \-e . -.ft P -.fi -.UNINDENT -.UNINDENT -.SS ☤ Custom Virtual Environment Location -.sp -Pipenv automatically honors the \fBWORKON_HOME\fP environment variable, if you -have it set —\ so you can tell pipenv to store your virtual environments -wherever you want, e.g.: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -export WORKON_HOME=~/.venvs -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -In addition, you can also have Pipenv stick the virtualenv in \fBproject/.venv\fP by setting the \fBPIPENV_VENV_IN_PROJECT\fP environment variable. -.SS ☤ Virtual Environment Name -.sp -The virtualenv name created by Pipenv may be different from what you were expecting. -Dangerous characters (i.e. \fB$\(ga!*@"\fP as well as space, line feed, carriage return, -and tab) are converted to underscores. Additionally, the full path to the current -folder is encoded into a "slug value" and appended to ensure the virtualenv name -is unique. -.sp -Pipenv supports a arbitrary custom name for the virtual environment set at \fBPIPENV_CUSTOM_VENV_NAME\fP\&. -.sp -The logical place to specify this would be in a user\(aqs \fB\&.env\fP file in the root of the project, which gets loaded by pipenv when it is invoked. -.SS ☤ Testing Projects -.sp -Pipenv is being used in projects like \fI\%Requests\fP for declaring development dependencies and running the test suite. -.sp -We have currently tested deployments with both \fI\%Travis\-CI\fP and \fI\%tox\fP with success. -.SS Travis CI -.sp -An example Travis CI setup can be found in \fI\%Requests\fP\&. The project uses a Makefile to -define common functions such as its \fBinit\fP and \fBtests\fP commands. Here is -a stripped down example \fB\&.travis.yml\fP: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -language: python -python: - \- "2.6" - \- "2.7" - \- "3.3" - \- "3.4" - \- "3.5" - \- "3.6" - \- "3.7\-dev" - -# command to install dependencies -install: "make" - -# command to run tests -script: - \- make test -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -and the corresponding Makefile: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -init: - pip install pipenv - pipenv install \-\-dev - -test: - pipenv run pytest tests -.ft P -.fi -.UNINDENT -.UNINDENT -.SS Tox Automation Project -.sp -Alternatively, you can configure a \fBtox.ini\fP like the one below for both local -and external testing: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[tox] -envlist = flake8\-py3, py26, py27, py33, py34, py35, py36, pypy - -[testenv] -deps = pipenv -commands= - pipenv install \-\-dev - pipenv run pytest tests - -[testenv:flake8\-py3] -basepython = python3.4 -commands= - pipenv install \-\-dev - pipenv run flake8 \-\-version - pipenv run flake8 setup.py docs project test -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Pipenv will automatically use the virtualenv provided by \fBtox\fP\&. If \fBpipenv install \-\-dev\fP installs e.g. \fBpytest\fP, then installed command \fBpytest\fP will be present in given virtualenv and can be called directly by \fBpytest tests\fP instead of \fBpipenv run pytest tests\fP\&. -.sp -You might also want to add \fB\-\-ignore\-pipfile\fP to \fBpipenv install\fP, as to -not accidentally modify the lock\-file on each test run. This causes Pipenv -to ignore changes to the \fBPipfile\fP and (more importantly) prevents it from -adding the current environment to \fBPipfile.lock\fP\&. This might be important as -the current environment (i.e. the virtualenv provisioned by tox) will usually -contain the current project (which may or may not be desired) and additional -dependencies from \fBtox\fP\(aqs \fBdeps\fP directive. The initial provisioning may -alternatively be disabled by adding \fBskip_install = True\fP to tox.ini. -.sp -This method requires you to be explicit about updating the lock\-file, which is -probably a good idea in any case. -.sp -A 3rd party plugin, \fI\%tox\-pipenv\fP is also available to use Pipenv natively with tox. -.SS ☤ Shell Completion -.sp -To enable completion in fish, add this to your configuration: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -eval (env _PIPENV_COMPLETE=fish_source pipenv) -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Alternatively, with zsh, add this to your configuration: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -eval "$(_PIPENV_COMPLETE=zsh_source pipenv)" -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Alternatively, with bash, add this to your configuration: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -eval "$(_PIPENV_COMPLETE=bash_source pipenv)" -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Magic shell completions are now enabled! -.sp -✨🍰✨ -.SS ☤ Working with Platform\-Provided Python Components -.sp -It\(aqs reasonably common for platform specific Python bindings for -operating system interfaces to only be available through the system -package manager, and hence unavailable for installation into virtual -environments with \fBpip\fP\&. In these cases, the virtual environment can -be created with access to the system \fBsite\-packages\fP directory: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv \-\-three \-\-site\-packages -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -To ensure that all \fBpip\fP\-installable components actually are installed -into the virtual environment and system packages are only used for -interfaces that don\(aqt participate in Python\-level dependency resolution -at all, use the \fBPIP_IGNORE_INSTALLED\fP setting: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ PIP_IGNORE_INSTALLED=1 pipenv install \-\-dev -.ft P -.fi -.UNINDENT -.UNINDENT -.SS ☤ Pipfile vs setup.py -.sp -There is a subtle but very important distinction to be made between \fBapplications\fP and \fBlibraries\fP\&. This is a very common source of confusion in the Python community. -.sp -Libraries provide reusable functionality to other libraries and applications (let\(aqs use the umbrella term \fBprojects\fP here). They are required to work alongside other libraries, all with their own set of sub\-dependencies. They define \fBabstract dependencies\fP\&. To avoid version conflicts in sub\-dependencies of different libraries within a project, libraries should never ever pin dependency versions. Although they may specify lower or (less frequently) upper bounds, if they rely on some specific feature/fix/bug. Library dependencies are specified via \fBinstall_requires\fP in \fBsetup.py\fP\&. -.sp -Libraries are ultimately meant to be used in some \fBapplication\fP\&. Applications are different in that they usually are not depended on by other projects. They are meant to be deployed into some specific environment and only then should the exact versions of all their dependencies and sub\-dependencies be made concrete. To make this process easier is currently the main goal of Pipenv. -.sp -To summarize: -.INDENT 0.0 -.IP \(bu 2 -For libraries, define \fBabstract dependencies\fP via \fBinstall_requires\fP in \fBsetup.py\fP\&. The decision of which version exactly to be installed and where to obtain that dependency is not yours to make! -.IP \(bu 2 -For applications, define \fBdependencies and where to get them\fP in the \fBPipfile\fP and use this file to update the set of \fBconcrete dependencies\fP in \fBPipfile.lock\fP\&. This file defines a specific idempotent environment that is known to work for your project. The \fBPipfile.lock\fP is your source of truth. The \fBPipfile\fP is a convenience for you to create that lock\-file, in that it allows you to still remain somewhat vague about the exact version of a dependency to be used. Pipenv is there to help you define a working conflict\-free set of specific dependency\-versions, which would otherwise be a very tedious task. -.IP \(bu 2 -Of course, \fBPipfile\fP and Pipenv are still useful for library developers, as they can be used to define a development or test environment. -.IP \(bu 2 -And, of course, there are projects for which the distinction between library and application isn\(aqt that clear. In that case, use \fBinstall_requires\fP alongside Pipenv and \fBPipfile\fP\&. -.UNINDENT -.sp -You can also do this: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ pipenv install \-e . -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -This will tell Pipenv to lock all your \fBsetup.py\fP–declared dependencies. -.SS ☤ Changing Pipenv\(aqs Cache Location -.sp -You can force Pipenv to use a different cache location by setting the environment variable \fBPIPENV_CACHE_DIR\fP to the location you wish. This is useful in the same situations that you would change \fBPIP_CACHE_DIR\fP to a different directory. -.SS ☤ Changing Default Python Versions -.sp -By default, Pipenv will initialize a project using whatever version of python the system has as default. Besides starting a project with the \fB\-\-python\fP or \fB\-\-three\fP flags, you can also use \fBPIPENV_DEFAULT_PYTHON_VERSION\fP to specify what version to use when starting a project when \fB\-\-python\fP or \fB\-\-three\fP aren\(aqt used. -.SS Pipenv CLI Reference -.SS pipenv -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv [OPTIONS] COMMAND [ARGS]... -.ft P -.fi -.UNINDENT -.UNINDENT -.SS check -.sp -Checks for PyUp Safety security vulnerabilities and against PEP 508 markers provided in Pipfile. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv check [OPTIONS] -.ft P -.fi -.UNINDENT -.UNINDENT -.SS clean -.sp -Uninstalls all packages not specified in Pipfile.lock. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv clean [OPTIONS] -.ft P -.fi -.UNINDENT -.UNINDENT -.SS graph -.sp -Displays currently\-installed dependency graph information. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv graph [OPTIONS] -.ft P -.fi -.UNINDENT -.UNINDENT -.SS install -.sp -Installs provided packages and adds them to Pipfile, or (if no packages are given), installs all packages from Pipfile. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv install [OPTIONS] [PACKAGES]... -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Environment variables -.INDENT 0.0 -.TP -.B PIPENV_SKIP_LOCK -.INDENT 7.0 -.INDENT 3.5 -Provide a default for \fB\-\-skip\-lock\fP -.UNINDENT -.UNINDENT -.UNINDENT -.INDENT 0.0 -.TP -.B PIP_INDEX_URL -.INDENT 7.0 -.INDENT 3.5 -Provide a default for \fB\-i\fP -.UNINDENT -.UNINDENT -.UNINDENT -.SS lock -.sp -Generates Pipfile.lock. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv lock [OPTIONS] -.ft P -.fi -.UNINDENT -.UNINDENT -.SS open -.sp -View a given module in your editor. -.sp -This uses the EDITOR environment variable. You can temporarily override it, -for example: -.INDENT 0.0 -.INDENT 3.5 -EDITOR=atom pipenv open requests -.UNINDENT -.UNINDENT -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv open [OPTIONS] MODULE -.ft P -.fi -.UNINDENT -.UNINDENT -.SS requirements -.sp -Generate a requirements.txt from Pipfile.lock. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv requirements [OPTIONS] -.ft P -.fi -.UNINDENT -.UNINDENT -.SS run -.sp -Spawns a command installed into the virtualenv. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv run [OPTIONS] COMMAND [ARGS]... -.ft P -.fi -.UNINDENT -.UNINDENT -.SS scripts -.sp -Lists scripts in current environment config. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv scripts [OPTIONS] -.ft P -.fi -.UNINDENT -.UNINDENT -.SS shell -.sp -Spawns a shell within the virtualenv. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv shell [OPTIONS] [SHELL_ARGS]... -.ft P -.fi -.UNINDENT -.UNINDENT -.SS sync -.sp -Installs all packages specified in Pipfile.lock. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv sync [OPTIONS] -.ft P -.fi -.UNINDENT -.UNINDENT -.SS uninstall -.sp -Uninstalls a provided package and removes it from Pipfile. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv uninstall [OPTIONS] [PACKAGES]... -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Environment variables -.INDENT 0.0 -.TP -.B PIPENV_SKIP_LOCK -.INDENT 7.0 -.INDENT 3.5 -Provide a default for \fB\-\-skip\-lock\fP -.UNINDENT -.UNINDENT -.UNINDENT -.SS update -.sp -Runs lock, then sync. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv update [OPTIONS] [PACKAGES]... -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Environment variables -.INDENT 0.0 -.TP -.B PIP_INDEX_URL -.INDENT 7.0 -.INDENT 3.5 -Provide a default for \fB\-i\fP -.UNINDENT -.UNINDENT -.UNINDENT -.SS verify -.sp -Verify the hash in Pipfile.lock is up\-to\-date. -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv verify [OPTIONS] -.ft P -.fi -.UNINDENT -.UNINDENT -.SS Frequently Encountered Pipenv Problems -.sp -Pipenv is constantly being improved by volunteers, but is still a very young -project with limited resources, and has some quirks that needs to be dealt -with. We need everyone’s help (including yours!). -.sp -Here are some common questions people have using Pipenv. Please take a look -below and see if they resolve your problem. -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -\fBMake sure you’re running the newest Pipenv version first!\fP -.UNINDENT -.UNINDENT -.SS ☤ Your dependencies could not be resolved -.sp -Make sure your dependencies actually \fIdo\fP resolve. If you’re confident they -are, you may need to clear your resolver cache. Run the following command: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pipenv lock \-\-clear -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -and try again. -.sp -If this does not work, try manually deleting the whole cache directory. It is -usually one of the following locations: -.INDENT 0.0 -.IP \(bu 2 -\fB~/Library/Caches/pipenv\fP (macOS) -.IP \(bu 2 -\fB%LOCALAPPDATA%\epipenv\epipenv\eCache\fP (Windows) -.IP \(bu 2 -\fB~/.cache/pipenv\fP (other operating systems) -.UNINDENT -.sp -Pipenv does not install pre\-releases (i.e. a version with an alpha/beta/etc. -suffix, such as \fI1.0b1\fP) by default. You will need to pass the \fB\-\-pre\fP flag -in your command, or set -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[pipenv] -allow_prereleases = true -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -in your Pipfile. -.SS ☤ No module named -.sp -This is usually a result of mixing Pipenv with system packages. We \fIstrongly\fP -recommend installing Pipenv in an isolated environment. Uninstall all existing -Pipenv installations, and see \fI\%☤ Installing Pipenv\fP to choose one of the -recommended way to install Pipenv instead. -.SS ☤ My pyenv\-installed Python is not found -.sp -Make sure you have \fBPYENV_ROOT\fP set correctly. Pipenv only supports CPython -distributions, with version name like \fB3.6.4\fP or similar. -.SS ☤ Pipenv does not respect pyenv’s global and local Python versions -.sp -Pipenv by default uses the Python it is installed against to create the -virtualenv. You can set the \fB\-\-python\fP option to \fB$(pyenv which python)\fP -to use your current pyenv interpreter. See \fI\%☤ Specifying Versions of a Package\fP for more -information. -.SS ☤ ValueError: unknown locale: UTF\-8 -.sp -macOS has a bug in its locale detection that prevents us from detecting your -shell encoding correctly. This can also be an issue on other systems if the -locale variables do not specify an encoding. -.sp -The workaround is to set the following two environment variables to a standard -localization format: -.INDENT 0.0 -.IP \(bu 2 -\fBLC_ALL\fP -.IP \(bu 2 -\fBLANG\fP -.UNINDENT -.sp -For Bash, for example, you can add the following to your \fB~/.bash_profile\fP: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -export LC_ALL=\(aqen_US.UTF\-8\(aq -export LANG=\(aqen_US.UTF\-8\(aq -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -For Zsh, the file to edit is \fB~/.zshrc\fP\&. -.sp -\fBNOTE:\fP -.INDENT 0.0 -.INDENT 3.5 -You can change both the \fBen_US\fP and \fBUTF\-8\fP part to the -language/locale and encoding you use. -.UNINDENT -.UNINDENT -.SS ☤ /bin/pip: No such file or directory -.sp -This may be related to your locale setting. See \fI\%☤ ValueError: unknown locale: UTF\-8\fP -for a possible solution. -.SS ☤ Pipenv does not respect dependencies in setup.py -.sp -No, it does not, intentionally. Pipfile and setup.py serve different purposes, -and should not consider each other by default. See \fI\%☤ Pipfile vs setup.py\fP -for more information. -.SS ☤ Using \fBpipenv run\fP in Supervisor program -.sp -When you configure a supervisor program\(aqs \fBcommand\fP with \fBpipenv run ...\fP, you -need to set locale environment variables properly to make it work. -.sp -Add this line under \fB[supervisord]\fP section in \fB/etc/supervisor/supervisord.conf\fP: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[supervisord] -environment=LC_ALL=\(aqen_US.UTF\-8\(aq,LANG=\(aqen_US.UTF\-8\(aq -.ft P -.fi -.UNINDENT -.UNINDENT -.SS ☤ An exception is raised during \fBLocking dependencies...\fP -.sp -Run \fBpipenv lock \-\-clear\fP and try again. The lock sequence caches results -to speed up subsequent runs. The cache may contain faulty results if a bug -causes the format to corrupt, even after the bug is fixed. \fB\-\-clear\fP flushes -the cache, and therefore removes the bad results. -.SH CONTRIBUTION GUIDES -.SS Contributing to Pipenv -.sp -If you\(aqre reading this, you\(aqre probably interested in contributing to Pipenv. -Thank you very much! Open source projects live\-and\-die based on the support -they receive from others, and the fact that you\(aqre even considering -contributing to the Pipenv project is \fIvery\fP generous of you. -.sp -This document lays out guidelines and advice for contributing to this project. -If you\(aqre thinking of contributing, please start by reading this document and -getting a feel for how contributing to this project works. -.sp -The guide is split into sections based on the type of contribution you\(aqre -thinking of making, with a section that covers general guidelines for all -contributors. -.SS General Guidelines -.SS Be Cordial -.INDENT 0.0 -.INDENT 3.5 -\fBBe cordial or be on your way\fP\&. \fI—Kenneth Reitz\fP -.UNINDENT -.UNINDENT -.sp -Pipenv has one very important rule governing all forms of contribution, -including reporting bugs or requesting features. This golden rule is -"\fI\%be cordial or be on your way\fP" -.sp -\fBAll contributions are welcome\fP, as long as -everyone involved is treated with respect. -.SS Get Early Feedback -.sp -If you are contributing, do not feel the need to sit on your contribution until -it is perfectly polished and complete. It helps everyone involved for you to -seek feedback as early as you possibly can. Submitting an early, unfinished -version of your contribution for feedback in no way prejudices your chances of -getting that contribution accepted, and can save you from putting a lot of work -into a contribution that is not suitable for the project. -.SS Contribution Suitability -.sp -Our project maintainers have the last word on whether or not a contribution is -suitable for Pipenv. All contributions will be considered carefully, but from -time to time, contributions will be rejected because they do not suit the -current goals or needs of the project. -.sp -If your contribution is rejected, don\(aqt despair! As long as you followed these -guidelines, you will have a much better chance of getting your next -contribution accepted. -.SS Questions -.sp -The GitHub issue tracker is for \fIbug reports\fP and \fIfeature requests\fP\&. Please do -not use it to ask questions about how to use Pipenv. These questions should -instead be directed to \fI\%Stack Overflow\fP\&. Make sure that your question is tagged -with the \fBpipenv\fP tag when asking it on Stack Overflow, to ensure that it is -answered promptly and accurately. -.SS Code Contributions -.SS Steps for Submitting Code -.sp -When contributing code, you\(aqll want to follow this checklist: -.INDENT 0.0 -.IP 1. 3 -Understand our \fI\%development philosophy\fP\&. -.IP 2. 3 -Fork the repository on GitHub. -.IP 3. 3 -Set up your \fI\%Development Setup\fP -.IP 4. 3 -Run the tests (\fI\%Testing\fP) to confirm they all pass on your system. -If they don\(aqt, you\(aqll need to investigate why they fail. If you\(aqre unable -to diagnose this yourself, raise it as a bug report by following the guidelines -in this document: \fI\%Bug Reports\fP\&. -.IP 5. 3 -Write tests that demonstrate your bug or feature. Ensure that they fail. -.IP 6. 3 -Make your change. -.IP 7. 3 -Run the entire test suite again, confirming that all tests pass \fIincluding -the ones you just added\fP\&. -.IP 8. 3 -Send a GitHub Pull Request to the main repository\(aqs \fBmain\fP branch. -GitHub Pull Requests are the expected method of code collaboration on this -project. -.UNINDENT -.sp -The following sub\-sections go into more detail on some of the points above. -.SS Development Setup -.sp -The repository version of Pipenv must be installed over other global versions to -resolve conflicts with the \fBpipenv\fP folder being implicitly added to \fBsys.path\fP\&. -See \fI\%pypa/pipenv#2557\fP for more details. -.sp -Pipenv now uses pre\-commit hooks similar to Pip in order to apply linting and -code formatting automatically! The build now also checks that these linting rules -have been applied to the code before running the tests. -The build will fail when linting changes are detected so be sure to sync dev requirements -and install the pre\-commit hooks locally: -.INDENT 0.0 -.INDENT 3.5 -$ \fBpipenv install \-\-dev\fP -# This will configure running the pre\-commit checks at start of each commit -$ \fBpre\-commit install\fP -# Should you want to check the pre\-commit configuration against all configured project files -$ \fBpre\-commit run \-\-all\-files \-\-verbose\fP -.UNINDENT -.UNINDENT -.SS Testing -.sp -Tests are written in \fBpytest\fP style and can be run very simply: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -pytest -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -However many tests depend on running a private pypi server on localhost:8080. -This can be accomplished by using either the \fBrun\-tests.sh\fP or \fBrun\-tests.bat\(ga -which will start the \(ga\(gapypiserver\fP process ahead of invoking pytest. -.sp -You may also manually perform this step and then invoke pytest as you would normally. Example: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -# Linux or MacOS -pipenv run pypi\-server run \-v \-\-host=0.0.0.0 \-\-port=8080 \-\-hash\-algo=sha256 \-\-disable\-fallback ./tests/pypi/ ./tests/fixtures & - -# Windows -cmd /c start pipenv run pypi\-server run \-v \-\-host=0.0.0.0 \-\-port=8080 \-\-hash\-algo=sha256 \-\-disable\-fallback ./tests/pypi/ ./tests/fixtures -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -This will run all Pipenv tests, which can take awhile. To run a subset of the -tests, the standard pytest filters are available, such as: -.INDENT 0.0 -.IP \(bu 2 -provide a directory or file: \fBpytest tests/unit\fP or \fBpytest tests/unit/test_cmdparse.py\fP -.IP \(bu 2 -provide a keyword expression: \fBpytest \-k test_lock_editable_vcs_without_install\fP -.IP \(bu 2 -provide a nodeid: \fBpytest tests/unit/test_cmdparse.py::test_parse\fP -.IP \(bu 2 -provide a test marker: \fBpytest \-m lock\fP -.UNINDENT -.SS Code Review -.sp -Contributions will not be merged until they have been code reviewed. You should -implement any code review feedback unless you strongly object to it. In the -event that you object to the code review feedback, you should make your case -clearly and calmly. If, after doing so, the feedback is judged to still apply, -you must either apply the feedback or withdraw your contribution. -.SS Package Index -.sp -To speed up testing, tests that rely on a package index for locking and -installing use a local server that contains vendored packages in the -\fBtests/pypi\fP directory. Each vendored package should have it\(aqs own folder -containing the necessary releases. When adding a release for a package, it is -easiest to use either the \fB\&.tar.gz\fP or universal wheels (ex: \fBpy2.py3\-none\fP). If -a \fB\&.tar.gz\fP or universal wheel is not available, add wheels for all available -architectures and platforms. -.SS Documentation Contributions -.sp -Documentation improvements are always welcome! The documentation files live in -the \fBdocs/\fP directory of the codebase. They\(aqre written in -\fI\%reStructuredText\fP, and use \fI\%Sphinx\fP to generate the full suite of -documentation. -.sp -When contributing documentation, please do your best to follow the style of the -documentation files. This means a soft\-limit of 79 characters wide in your text -files and a semi\-formal, yet friendly and approachable, prose style. -.sp -When presenting Python code, use single\-quoted strings (\fB\(aqhello\(aq\fP instead of -\fB"hello"\fP). -.SS Bug Reports -.sp -Bug reports are hugely important! They are recorded as \fI\%GitHub issues\fP\&. Please -be aware of the following things when filing bug reports: -.INDENT 0.0 -.IP 1. 3 -Avoid raising duplicate issues. \fIPlease\fP use the GitHub issue search feature -to check whether your bug report or feature request has been mentioned in -the past. Duplicate bug reports and feature requests are a huge maintenance -burden on the limited resources of the project. If it is clear from your -report that you would have struggled to find the original, that\(aqs okay, but -if searching for a selection of words in your issue title would have found -the duplicate then the issue will likely be closed extremely abruptly. -.IP 2. 3 -When filing bug reports about exceptions or tracebacks, please include the -\fIcomplete\fP traceback. Partial tracebacks, or just the exception text, are -not helpful. Issues that do not contain complete tracebacks may be closed -without warning. -.IP 3. 3 -Make sure you provide a suitable amount of information to work with. This -means you should provide: -.INDENT 3.0 -.IP \(bu 2 -Guidance on \fBhow to reproduce the issue\fP\&. Ideally, this should be a -\fIsmall\fP code sample that can be run immediately by the maintainers. -Failing that, let us know what you\(aqre doing, how often it happens, what -environment you\(aqre using, etc. Be thorough: it prevents us needing to ask -further questions. -.IP \(bu 2 -Tell us \fBwhat you expected to happen\fP\&. When we run your example code, -what are we expecting to happen? What does "success" look like for your -code? -.IP \(bu 2 -Tell us \fBwhat actually happens\fP\&. It\(aqs not helpful for you to say "it -doesn\(aqt work" or "it fails". Tell us \fIhow\fP it fails: do you get an -exception? A hang? The packages installed seem incorrect? -How was the actual result different from your expected result? -.IP \(bu 2 -Tell us \fBwhat version of Pipenv you\(aqre using\fP, and -\fBhow you installed it\fP\&. Different versions of Pipenv behave -differently and have different bugs, and some distributors of Pipenv -ship patches on top of the code we supply. -.UNINDENT -.sp -If you do not provide all of these things, it will take us much longer to -fix your problem. If we ask you to clarify these and you never respond, we -will close your issue without fixing it. -.UNINDENT -.SS Run the tests -.sp -There are a few ways of running the tests: -.INDENT 0.0 -.IP 1. 3 -run\-tests.sh -.UNINDENT -.sp -The scripts for bash or windows: \fB\&./run\-tests.sh\fP and \fBrun\-tests.bat\fP -.sp -Note that, you override the default Python Pipenv will use with -PIPENV_PYTHON and the Python binary name with PYTHON in case it -is not called \fBpython\fP on your system or in case you have many. -Here is an example how you can override both variables (you can -override just one too): -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ PYTHON=python3.8 PIPENV_PYTHON=python3.9 run\-tests.sh -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -You can also do: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ PYTHON=/opt/python/python3.10/python3 run\-tests.sh -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -If you need to change how pytest is invoked, see how to run the -test suite manually. The \fBrun\-tests.sh\fP script does the same -steps the Github CI workflow does, and as such it is recommended -you run it before you open a PR. Taking this second approach, -will allow you, for example, to run a single test case, or -\fBfail fast\fP if you need it. -.INDENT 0.0 -.IP 2. 3 -Manually -.UNINDENT -.sp -This repeats the steps of the scripts above: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ git clone https://github.com/pypa/pipenv.git -$ cd pipenv -$ git submodule sync && git submodule update \-\-init \-\-recursive -$ pipenv install \-\-dev -$ pipenv run pytest [\-\-any optional arguments to pytest] -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -The second options assumes you already have \fBpipenv\fP on your system. -And simply repeats all the steps in the script above. -.sp -Preferably, you should be running your tests in a Linux container -(or FreeBSD Jail or even VM). This will guarantee that you don\(aqt break -stuff, and that the tests run in a pristine environment. -.sp -Consider doing, something like: -.sp -\fB\(ga -$ docker run \-\-rm \-v $(pwd):/usr/src \-it python:3.7 bash -# inside the container -# adduser \-\-disabled\-password debian -# su debian && cd /usr/src/ -# bash run\-tests.sh -\(ga\fP -.INDENT 0.0 -.IP 3. 3 -Using the Makefile: -.UNINDENT -.sp -The Makefile automates all the task as in the script. However, it allows -one more fine grained control on every step. For example: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ make ramdisk # create a ram disk to preserve your SSDs life -$ make ramdisk\-virtualenv -$ make test suite="\-m not cli" # run all tests but cli -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -or -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -$ make tests parallel="" suite="tests/integration/test_cli.py::test_pipenv_check" -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -It is important that your environment is setup correctly, and -this may take some work, for example, on a specific Mac installation, the following -steps may be needed: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -# Make sure the tests can access github -if [ "$SSH_AGENT_PID" = "" ] -then - eval \(ga\(gassh\-agent\(ga\(ga - ssh\-add -fi - -# Use unix like utilities, installed with brew, -# e.g. brew install coreutils -for d in /usr/local/opt/*/libexec/gnubin /usr/local/opt/python/libexec/bin -do - [[ ":$PATH:" != *":$d:"* ]] && PATH="$d:${PATH}" -done - -export PATH - -# PIP_FIND_LINKS currently breaks test_uninstall.py -unset PIP_FIND_LINKS -.ft P -.fi -.UNINDENT -.UNINDENT -.INDENT 0.0 -.IP \(bu 2 -\fI\%Index\fP -.IP \(bu 2 -\fI\%Module Index\fP -.UNINDENT .SH AUTHOR Python Packaging Authority .SH COPYRIGHT diff --git a/pipenv/project.py b/pipenv/project.py index a70a1e25..324ef871 100644 --- a/pipenv/project.py +++ b/pipenv/project.py @@ -50,7 +50,6 @@ except ImportError: # eventually distlib will remove cached property when they drop Python3.7 from pipenv.patched.pip._vendor.distlib.util import cached_property - if is_type_checking(): from typing import Dict, List, Optional, Set, Text, Tuple, Union @@ -421,7 +420,7 @@ class Project: loc = os.sep.join([self.virtualenv_location, "src"]) else: loc = os.sep.join([self.project_directory, "src"]) - vistir.path.mkdir_p(loc) + os.makedirs(loc, exist_ok=True) return loc @property @@ -430,7 +429,7 @@ class Project: loc = os.sep.join([self.virtualenv_location, "downloads"]) self._download_location = loc # Create the directory, if it doesn't exist. - vistir.path.mkdir_p(self._download_location) + os.makedirs(self._download_location, exist_ok=True) return self._download_location @property diff --git a/pipenv/resolver.py b/pipenv/resolver.py index 467742c0..52806049 100644 --- a/pipenv/resolver.py +++ b/pipenv/resolver.py @@ -819,11 +819,11 @@ def main(argv=None): _ensure_modules() import warnings - from pipenv.vendor.vistir.misc import replace_with_text_stream + from pipenv.vendor.click.utils import get_text_stream warnings.simplefilter("ignore", category=ResourceWarning) - replace_with_text_stream("stdout") - replace_with_text_stream("stderr") + sys.stdout = get_text_stream("stdout") + sys.stderr = get_text_stream("stderr") os.environ["PIP_DISABLE_PIP_VERSION_CHECK"] = "1" os.environ["PYTHONIOENCODING"] = "utf-8" os.environ["PYTHONUNBUFFERED"] = "1" diff --git a/pipenv/utils/shell.py b/pipenv/utils/shell.py index f6e39bd0..a8765e29 100644 --- a/pipenv/utils/shell.py +++ b/pipenv/utils/shell.py @@ -73,8 +73,7 @@ def load_path(python): from pathlib import Path python = Path(python).as_posix() - json_dump_commmand = '"import json, sys; print(json.dumps(sys.path));"' - c = subprocess_run([python, "-c", json_dump_commmand]) + c = subprocess_run([python, "-c", "import json, sys; print(json.dumps(sys.path))"]) if c.returncode == 0: return json.loads(c.stdout.strip()) else: @@ -200,7 +199,7 @@ def get_workon_home(): ) # Create directory if it does not already exist expanded_path = Path(os.path.expandvars(workon_home)).expanduser() - mkdir_p(str(expanded_path)) + os.makedirs(expanded_path, exist_ok=True) return expanded_path @@ -239,39 +238,6 @@ def is_virtual_environment(path): return False -def mkdir_p(newdir): - """works the way a good mkdir should :) - - already exists, silently complete - - regular file in the way, raise an exception - - parent directory(ies) does not exist, make them as well - From: http://code.activestate.com/recipes/82465-a-friendly-mkdir/ - """ - if os.path.isdir(newdir): - pass - elif os.path.isfile(newdir): - raise OSError( - "a file with the same name as the desired dir, '{}', already exists.".format( - newdir - ) - ) - - else: - head, tail = os.path.split(newdir) - if head and not os.path.isdir(head): - mkdir_p(head) - if tail: - # Even though we've checked that the directory doesn't exist above, it might exist - # now if some other process has created it between now and the time we checked it. - try: - os.mkdir(newdir) - except OSError as exn: - # If we failed because the directory does exist, that's not a problem - - # that's what we were trying to do anyway. Only re-raise the exception - # if we failed for some other reason. - if exn.errno != errno.EEXIST: - raise - - def find_python(finder, line=None): """ Given a `pythonfinder.Finder` instance and an optional line, find a corresponding python diff --git a/pipenv/vendor/appdirs.LICENSE.txt b/pipenv/vendor/appdirs.LICENSE.txt deleted file mode 100644 index 107c6140..00000000 --- a/pipenv/vendor/appdirs.LICENSE.txt +++ /dev/null @@ -1,23 +0,0 @@ -# This is the MIT license - -Copyright (c) 2010 ActiveState Software Inc. - -Permission is hereby granted, free of charge, to any person obtaining a -copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be included -in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS -OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - diff --git a/pipenv/vendor/appdirs.py b/pipenv/vendor/appdirs.py deleted file mode 100644 index 2acd1deb..00000000 --- a/pipenv/vendor/appdirs.py +++ /dev/null @@ -1,608 +0,0 @@ -#!/usr/bin/env python -# -*- coding: utf-8 -*- -# Copyright (c) 2005-2010 ActiveState Software Inc. -# Copyright (c) 2013 Eddy Petrișor - -"""Utilities for determining application-specific dirs. - -See for details and usage. -""" -# Dev Notes: -# - MSDN on where to store app data files: -# http://support.microsoft.com/default.aspx?scid=kb;en-us;310294#XSLTH3194121123120121120120 -# - Mac OS X: http://developer.apple.com/documentation/MacOSX/Conceptual/BPFileSystem/index.html -# - XDG spec for Un*x: http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html - -__version__ = "1.4.4" -__version_info__ = tuple(int(segment) for segment in __version__.split(".")) - - -import sys -import os - -PY3 = sys.version_info[0] == 3 - -if PY3: - unicode = str - -if sys.platform.startswith('java'): - import platform - os_name = platform.java_ver()[3][0] - if os_name.startswith('Windows'): # "Windows XP", "Windows 7", etc. - system = 'win32' - elif os_name.startswith('Mac'): # "Mac OS X", etc. - system = 'darwin' - else: # "Linux", "SunOS", "FreeBSD", etc. - # Setting this to "linux2" is not ideal, but only Windows or Mac - # are actually checked for and the rest of the module expects - # *sys.platform* style strings. - system = 'linux2' -else: - system = sys.platform - - - -def user_data_dir(appname=None, appauthor=None, version=None, roaming=False): - r"""Return full path to the user-specific data dir for this application. - - "appname" is the name of application. - If None, just the system directory is returned. - "appauthor" (only used on Windows) is the name of the - appauthor or distributing body for this application. Typically - it is the owning company name. This falls back to appname. You may - pass False to disable it. - "version" is an optional version path element to append to the - path. You might want to use this if you want multiple versions - of your app to be able to run independently. If used, this - would typically be ".". - Only applied when appname is present. - "roaming" (boolean, default False) can be set True to use the Windows - roaming appdata directory. That means that for users on a Windows - network setup for roaming profiles, this user data will be - sync'd on login. See - - for a discussion of issues. - - Typical user data directories are: - Mac OS X: ~/Library/Application Support/ - Unix: ~/.local/share/ # or in $XDG_DATA_HOME, if defined - Win XP (not roaming): C:\Documents and Settings\\Application Data\\ - Win XP (roaming): C:\Documents and Settings\\Local Settings\Application Data\\ - Win 7 (not roaming): C:\Users\\AppData\Local\\ - Win 7 (roaming): C:\Users\\AppData\Roaming\\ - - For Unix, we follow the XDG spec and support $XDG_DATA_HOME. - That means, by default "~/.local/share/". - """ - if system == "win32": - if appauthor is None: - appauthor = appname - const = roaming and "CSIDL_APPDATA" or "CSIDL_LOCAL_APPDATA" - path = os.path.normpath(_get_win_folder(const)) - if appname: - if appauthor is not False: - path = os.path.join(path, appauthor, appname) - else: - path = os.path.join(path, appname) - elif system == 'darwin': - path = os.path.expanduser('~/Library/Application Support/') - if appname: - path = os.path.join(path, appname) - else: - path = os.getenv('XDG_DATA_HOME', os.path.expanduser("~/.local/share")) - if appname: - path = os.path.join(path, appname) - if appname and version: - path = os.path.join(path, version) - return path - - -def site_data_dir(appname=None, appauthor=None, version=None, multipath=False): - r"""Return full path to the user-shared data dir for this application. - - "appname" is the name of application. - If None, just the system directory is returned. - "appauthor" (only used on Windows) is the name of the - appauthor or distributing body for this application. Typically - it is the owning company name. This falls back to appname. You may - pass False to disable it. - "version" is an optional version path element to append to the - path. You might want to use this if you want multiple versions - of your app to be able to run independently. If used, this - would typically be ".". - Only applied when appname is present. - "multipath" is an optional parameter only applicable to *nix - which indicates that the entire list of data dirs should be - returned. By default, the first item from XDG_DATA_DIRS is - returned, or '/usr/local/share/', - if XDG_DATA_DIRS is not set - - Typical site data directories are: - Mac OS X: /Library/Application Support/ - Unix: /usr/local/share/ or /usr/share/ - Win XP: C:\Documents and Settings\All Users\Application Data\\ - Vista: (Fail! "C:\ProgramData" is a hidden *system* directory on Vista.) - Win 7: C:\ProgramData\\ # Hidden, but writeable on Win 7. - - For Unix, this is using the $XDG_DATA_DIRS[0] default. - - WARNING: Do not use this on Windows. See the Vista-Fail note above for why. - """ - if system == "win32": - if appauthor is None: - appauthor = appname - path = os.path.normpath(_get_win_folder("CSIDL_COMMON_APPDATA")) - if appname: - if appauthor is not False: - path = os.path.join(path, appauthor, appname) - else: - path = os.path.join(path, appname) - elif system == 'darwin': - path = os.path.expanduser('/Library/Application Support') - if appname: - path = os.path.join(path, appname) - else: - # XDG default for $XDG_DATA_DIRS - # only first, if multipath is False - path = os.getenv('XDG_DATA_DIRS', - os.pathsep.join(['/usr/local/share', '/usr/share'])) - pathlist = [os.path.expanduser(x.rstrip(os.sep)) for x in path.split(os.pathsep)] - if appname: - if version: - appname = os.path.join(appname, version) - pathlist = [os.sep.join([x, appname]) for x in pathlist] - - if multipath: - path = os.pathsep.join(pathlist) - else: - path = pathlist[0] - return path - - if appname and version: - path = os.path.join(path, version) - return path - - -def user_config_dir(appname=None, appauthor=None, version=None, roaming=False): - r"""Return full path to the user-specific config dir for this application. - - "appname" is the name of application. - If None, just the system directory is returned. - "appauthor" (only used on Windows) is the name of the - appauthor or distributing body for this application. Typically - it is the owning company name. This falls back to appname. You may - pass False to disable it. - "version" is an optional version path element to append to the - path. You might want to use this if you want multiple versions - of your app to be able to run independently. If used, this - would typically be ".". - Only applied when appname is present. - "roaming" (boolean, default False) can be set True to use the Windows - roaming appdata directory. That means that for users on a Windows - network setup for roaming profiles, this user data will be - sync'd on login. See - - for a discussion of issues. - - Typical user config directories are: - Mac OS X: same as user_data_dir - Unix: ~/.config/ # or in $XDG_CONFIG_HOME, if defined - Win *: same as user_data_dir - - For Unix, we follow the XDG spec and support $XDG_CONFIG_HOME. - That means, by default "~/.config/". - """ - if system in ["win32", "darwin"]: - path = user_data_dir(appname, appauthor, None, roaming) - else: - path = os.getenv('XDG_CONFIG_HOME', os.path.expanduser("~/.config")) - if appname: - path = os.path.join(path, appname) - if appname and version: - path = os.path.join(path, version) - return path - - -def site_config_dir(appname=None, appauthor=None, version=None, multipath=False): - r"""Return full path to the user-shared data dir for this application. - - "appname" is the name of application. - If None, just the system directory is returned. - "appauthor" (only used on Windows) is the name of the - appauthor or distributing body for this application. Typically - it is the owning company name. This falls back to appname. You may - pass False to disable it. - "version" is an optional version path element to append to the - path. You might want to use this if you want multiple versions - of your app to be able to run independently. If used, this - would typically be ".". - Only applied when appname is present. - "multipath" is an optional parameter only applicable to *nix - which indicates that the entire list of config dirs should be - returned. By default, the first item from XDG_CONFIG_DIRS is - returned, or '/etc/xdg/', if XDG_CONFIG_DIRS is not set - - Typical site config directories are: - Mac OS X: same as site_data_dir - Unix: /etc/xdg/ or $XDG_CONFIG_DIRS[i]/ for each value in - $XDG_CONFIG_DIRS - Win *: same as site_data_dir - Vista: (Fail! "C:\ProgramData" is a hidden *system* directory on Vista.) - - For Unix, this is using the $XDG_CONFIG_DIRS[0] default, if multipath=False - - WARNING: Do not use this on Windows. See the Vista-Fail note above for why. - """ - if system in ["win32", "darwin"]: - path = site_data_dir(appname, appauthor) - if appname and version: - path = os.path.join(path, version) - else: - # XDG default for $XDG_CONFIG_DIRS - # only first, if multipath is False - path = os.getenv('XDG_CONFIG_DIRS', '/etc/xdg') - pathlist = [os.path.expanduser(x.rstrip(os.sep)) for x in path.split(os.pathsep)] - if appname: - if version: - appname = os.path.join(appname, version) - pathlist = [os.sep.join([x, appname]) for x in pathlist] - - if multipath: - path = os.pathsep.join(pathlist) - else: - path = pathlist[0] - return path - - -def user_cache_dir(appname=None, appauthor=None, version=None, opinion=True): - r"""Return full path to the user-specific cache dir for this application. - - "appname" is the name of application. - If None, just the system directory is returned. - "appauthor" (only used on Windows) is the name of the - appauthor or distributing body for this application. Typically - it is the owning company name. This falls back to appname. You may - pass False to disable it. - "version" is an optional version path element to append to the - path. You might want to use this if you want multiple versions - of your app to be able to run independently. If used, this - would typically be ".". - Only applied when appname is present. - "opinion" (boolean) can be False to disable the appending of - "Cache" to the base app data dir for Windows. See - discussion below. - - Typical user cache directories are: - Mac OS X: ~/Library/Caches/ - Unix: ~/.cache/ (XDG default) - Win XP: C:\Documents and Settings\\Local Settings\Application Data\\\Cache - Vista: C:\Users\\AppData\Local\\\Cache - - On Windows the only suggestion in the MSDN docs is that local settings go in - the `CSIDL_LOCAL_APPDATA` directory. This is identical to the non-roaming - app data dir (the default returned by `user_data_dir` above). Apps typically - put cache data somewhere *under* the given dir here. Some examples: - ...\Mozilla\Firefox\Profiles\\Cache - ...\Acme\SuperApp\Cache\1.0 - OPINION: This function appends "Cache" to the `CSIDL_LOCAL_APPDATA` value. - This can be disabled with the `opinion=False` option. - """ - if system == "win32": - if appauthor is None: - appauthor = appname - path = os.path.normpath(_get_win_folder("CSIDL_LOCAL_APPDATA")) - if appname: - if appauthor is not False: - path = os.path.join(path, appauthor, appname) - else: - path = os.path.join(path, appname) - if opinion: - path = os.path.join(path, "Cache") - elif system == 'darwin': - path = os.path.expanduser('~/Library/Caches') - if appname: - path = os.path.join(path, appname) - else: - path = os.getenv('XDG_CACHE_HOME', os.path.expanduser('~/.cache')) - if appname: - path = os.path.join(path, appname) - if appname and version: - path = os.path.join(path, version) - return path - - -def user_state_dir(appname=None, appauthor=None, version=None, roaming=False): - r"""Return full path to the user-specific state dir for this application. - - "appname" is the name of application. - If None, just the system directory is returned. - "appauthor" (only used on Windows) is the name of the - appauthor or distributing body for this application. Typically - it is the owning company name. This falls back to appname. You may - pass False to disable it. - "version" is an optional version path element to append to the - path. You might want to use this if you want multiple versions - of your app to be able to run independently. If used, this - would typically be ".". - Only applied when appname is present. - "roaming" (boolean, default False) can be set True to use the Windows - roaming appdata directory. That means that for users on a Windows - network setup for roaming profiles, this user data will be - sync'd on login. See - - for a discussion of issues. - - Typical user state directories are: - Mac OS X: same as user_data_dir - Unix: ~/.local/state/ # or in $XDG_STATE_HOME, if defined - Win *: same as user_data_dir - - For Unix, we follow this Debian proposal - to extend the XDG spec and support $XDG_STATE_HOME. - - That means, by default "~/.local/state/". - """ - if system in ["win32", "darwin"]: - path = user_data_dir(appname, appauthor, None, roaming) - else: - path = os.getenv('XDG_STATE_HOME', os.path.expanduser("~/.local/state")) - if appname: - path = os.path.join(path, appname) - if appname and version: - path = os.path.join(path, version) - return path - - -def user_log_dir(appname=None, appauthor=None, version=None, opinion=True): - r"""Return full path to the user-specific log dir for this application. - - "appname" is the name of application. - If None, just the system directory is returned. - "appauthor" (only used on Windows) is the name of the - appauthor or distributing body for this application. Typically - it is the owning company name. This falls back to appname. You may - pass False to disable it. - "version" is an optional version path element to append to the - path. You might want to use this if you want multiple versions - of your app to be able to run independently. If used, this - would typically be ".". - Only applied when appname is present. - "opinion" (boolean) can be False to disable the appending of - "Logs" to the base app data dir for Windows, and "log" to the - base cache dir for Unix. See discussion below. - - Typical user log directories are: - Mac OS X: ~/Library/Logs/ - Unix: ~/.cache//log # or under $XDG_CACHE_HOME if defined - Win XP: C:\Documents and Settings\\Local Settings\Application Data\\\Logs - Vista: C:\Users\\AppData\Local\\\Logs - - On Windows the only suggestion in the MSDN docs is that local settings - go in the `CSIDL_LOCAL_APPDATA` directory. (Note: I'm interested in - examples of what some windows apps use for a logs dir.) - - OPINION: This function appends "Logs" to the `CSIDL_LOCAL_APPDATA` - value for Windows and appends "log" to the user cache dir for Unix. - This can be disabled with the `opinion=False` option. - """ - if system == "darwin": - path = os.path.join( - os.path.expanduser('~/Library/Logs'), - appname) - elif system == "win32": - path = user_data_dir(appname, appauthor, version) - version = False - if opinion: - path = os.path.join(path, "Logs") - else: - path = user_cache_dir(appname, appauthor, version) - version = False - if opinion: - path = os.path.join(path, "log") - if appname and version: - path = os.path.join(path, version) - return path - - -class AppDirs(object): - """Convenience wrapper for getting application dirs.""" - def __init__(self, appname=None, appauthor=None, version=None, - roaming=False, multipath=False): - self.appname = appname - self.appauthor = appauthor - self.version = version - self.roaming = roaming - self.multipath = multipath - - @property - def user_data_dir(self): - return user_data_dir(self.appname, self.appauthor, - version=self.version, roaming=self.roaming) - - @property - def site_data_dir(self): - return site_data_dir(self.appname, self.appauthor, - version=self.version, multipath=self.multipath) - - @property - def user_config_dir(self): - return user_config_dir(self.appname, self.appauthor, - version=self.version, roaming=self.roaming) - - @property - def site_config_dir(self): - return site_config_dir(self.appname, self.appauthor, - version=self.version, multipath=self.multipath) - - @property - def user_cache_dir(self): - return user_cache_dir(self.appname, self.appauthor, - version=self.version) - - @property - def user_state_dir(self): - return user_state_dir(self.appname, self.appauthor, - version=self.version) - - @property - def user_log_dir(self): - return user_log_dir(self.appname, self.appauthor, - version=self.version) - - -#---- internal support stuff - -def _get_win_folder_from_registry(csidl_name): - """This is a fallback technique at best. I'm not sure if using the - registry for this guarantees us the correct answer for all CSIDL_* - names. - """ - if PY3: - import winreg as _winreg - else: - import _winreg - - shell_folder_name = { - "CSIDL_APPDATA": "AppData", - "CSIDL_COMMON_APPDATA": "Common AppData", - "CSIDL_LOCAL_APPDATA": "Local AppData", - }[csidl_name] - - key = _winreg.OpenKey( - _winreg.HKEY_CURRENT_USER, - r"Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" - ) - dir, type = _winreg.QueryValueEx(key, shell_folder_name) - return dir - - -def _get_win_folder_with_pywin32(csidl_name): - from win32com.shell import shellcon, shell - dir = shell.SHGetFolderPath(0, getattr(shellcon, csidl_name), 0, 0) - # Try to make this a unicode path because SHGetFolderPath does - # not return unicode strings when there is unicode data in the - # path. - try: - dir = unicode(dir) - - # Downgrade to short path name if have highbit chars. See - # . - has_high_char = False - for c in dir: - if ord(c) > 255: - has_high_char = True - break - if has_high_char: - try: - import win32api - dir = win32api.GetShortPathName(dir) - except ImportError: - pass - except UnicodeError: - pass - return dir - - -def _get_win_folder_with_ctypes(csidl_name): - import ctypes - - csidl_const = { - "CSIDL_APPDATA": 26, - "CSIDL_COMMON_APPDATA": 35, - "CSIDL_LOCAL_APPDATA": 28, - }[csidl_name] - - buf = ctypes.create_unicode_buffer(1024) - ctypes.windll.shell32.SHGetFolderPathW(None, csidl_const, None, 0, buf) - - # Downgrade to short path name if have highbit chars. See - # . - has_high_char = False - for c in buf: - if ord(c) > 255: - has_high_char = True - break - if has_high_char: - buf2 = ctypes.create_unicode_buffer(1024) - if ctypes.windll.kernel32.GetShortPathNameW(buf.value, buf2, 1024): - buf = buf2 - - return buf.value - -def _get_win_folder_with_jna(csidl_name): - import array - from com.sun import jna - from com.sun.jna.platform import win32 - - buf_size = win32.WinDef.MAX_PATH * 2 - buf = array.zeros('c', buf_size) - shell = win32.Shell32.INSTANCE - shell.SHGetFolderPath(None, getattr(win32.ShlObj, csidl_name), None, win32.ShlObj.SHGFP_TYPE_CURRENT, buf) - dir = jna.Native.toString(buf.tostring()).rstrip("\0") - - # Downgrade to short path name if have highbit chars. See - # . - has_high_char = False - for c in dir: - if ord(c) > 255: - has_high_char = True - break - if has_high_char: - buf = array.zeros('c', buf_size) - kernel = win32.Kernel32.INSTANCE - if kernel.GetShortPathName(dir, buf, buf_size): - dir = jna.Native.toString(buf.tostring()).rstrip("\0") - - return dir - -if system == "win32": - try: - import win32com.shell - _get_win_folder = _get_win_folder_with_pywin32 - except ImportError: - try: - from ctypes import windll - _get_win_folder = _get_win_folder_with_ctypes - except ImportError: - try: - import com.sun.jna - _get_win_folder = _get_win_folder_with_jna - except ImportError: - _get_win_folder = _get_win_folder_from_registry - - -#---- self test code - -if __name__ == "__main__": - appname = "MyApp" - appauthor = "MyCompany" - - props = ("user_data_dir", - "user_config_dir", - "user_cache_dir", - "user_state_dir", - "user_log_dir", - "site_data_dir", - "site_config_dir") - - print("-- app dirs %s --" % __version__) - - print("-- app dirs (with optional 'version')") - dirs = AppDirs(appname, appauthor, version="1.0") - for prop in props: - print("%s: %s" % (prop, getattr(dirs, prop))) - - print("\n-- app dirs (without optional 'version')") - dirs = AppDirs(appname, appauthor) - for prop in props: - print("%s: %s" % (prop, getattr(dirs, prop))) - - print("\n-- app dirs (without optional 'appauthor')") - dirs = AppDirs(appname) - for prop in props: - print("%s: %s" % (prop, getattr(dirs, prop))) - - print("\n-- app dirs (with disabled 'appauthor')") - dirs = AppDirs(appname, appauthor=False) - for prop in props: - print("%s: %s" % (prop, getattr(dirs, prop))) diff --git a/pipenv/vendor/vendor.txt b/pipenv/vendor/vendor.txt index 5d82d854..8541e791 100644 --- a/pipenv/vendor/vendor.txt +++ b/pipenv/vendor/vendor.txt @@ -1,4 +1,3 @@ -appdirs==1.4.4 attrs==21.2.0 cerberus==1.3.4 click-didyoumean==0.0.3 diff --git a/tasks/vendoring/__init__.py b/tasks/vendoring/__init__.py index c7703f49..efd60819 100644 --- a/tasks/vendoring/__init__.py +++ b/tasks/vendoring/__init__.py @@ -49,7 +49,6 @@ FILE_WHITE_LIST = ( "__init__.py", "README.rst", "README.md", - "appdirs.py", "safety.zip", "cacert.pem", "vendor_pip.txt", diff --git a/tests/integration/conftest.py b/tests/integration/conftest.py index 84dfecb3..66156cf2 100644 --- a/tests/integration/conftest.py +++ b/tests/integration/conftest.py @@ -23,7 +23,7 @@ from pipenv.vendor import toml, tomlkit from pipenv.vendor.vistir.contextmanagers import temp_environ from pipenv.vendor.vistir.misc import run from pipenv.vendor.vistir.path import ( - create_tracked_tempdir, handle_remove_readonly, mkdir_p + create_tracked_tempdir, handle_remove_readonly ) from pytest_pypi.app import prepare_fixtures @@ -186,7 +186,7 @@ def isolate(create_tmpdir): # Create a directory to use as our home location. home_dir = os.path.join(str(create_tmpdir()), "home") os.makedirs(home_dir) - mkdir_p(os.path.join(home_dir, ".config", "git")) + os.makedirs(os.path.join(home_dir, ".config", "git"), exist_ok=True) git_config_file = os.path.join(home_dir, ".config", "git", "config") with open(git_config_file, "wb") as fp: fp.write( @@ -199,7 +199,7 @@ def isolate(create_tmpdir): workon_home = create_tmpdir() os.environ["WORKON_HOME"] = str(workon_home) os.environ["HOME"] = os.path.abspath(home_dir) - mkdir_p(os.path.join(home_dir, "projects")) + os.makedirs(os.path.join(home_dir, "projects"), exist_ok=True) # Ignore PIPENV_ACTIVE so that it works as under a bare environment. os.environ.pop("PIPENV_ACTIVE", None) os.environ.pop("VIRTUAL_ENV", None) diff --git a/tests/integration/test_install_twists.py b/tests/integration/test_install_twists.py index 04d7cbf1..f3e88a41 100644 --- a/tests/integration/test_install_twists.py +++ b/tests/integration/test_install_twists.py @@ -1,11 +1,10 @@ import os import shutil import sys -from pathlib import Path import pytest -from pipenv.utils.shell import mkdir_p, temp_environ +from pipenv.utils.shell import temp_environ @pytest.mark.extras @@ -187,7 +186,7 @@ def test_install_local_uri_special_character(pipenv_instance_private_pypi, tests with pipenv_instance_private_pypi() as p: artifact_dir = "artifacts" artifact_path = os.path.join(p.path, artifact_dir) - mkdir_p(artifact_path) + os.makedirs(artifact_path, exist_ok=True) shutil.copy(source_path, os.path.join(artifact_path, file_name)) with open(p.pipfile_path, "w") as f: contents = """ diff --git a/tests/integration/test_requirements.py b/tests/integration/test_requirements.py index 3ad1e978..31ea8d54 100644 --- a/tests/integration/test_requirements.py +++ b/tests/integration/test_requirements.py @@ -72,6 +72,47 @@ def test_requirements_generates_requirements_from_lockfile_multiple_sources(pipe assert '--extra-index-url https://some_other_source.org' in c.stdout +@pytest.mark.requirements +def test_requirements_generates_requirements_from_lockfile_from_categories(pipenv_instance_private_pypi): + with pipenv_instance_private_pypi(chdir=True) as p: + packages = ('six', '1.12.0') + dev_packages = ('itsdangerous', '1.1.0') + test_packages = ('pytest', '7.1.3') + doc_packages = ('docutils', '0.19') + + with open(p.pipfile_path, 'w') as f: + contents = f""" + [[source]] + name = "pypi" + url = "https://pypi.org/simple" + verify_ssl = true + [packages] + {packages[0]}= "=={packages[1]}" + [dev-packages] + {dev_packages[0]}= "=={dev_packages[1]}" + [test] + {test_packages[0]}= "=={test_packages[1]}" + [doc] + {doc_packages[0]}= "=={doc_packages[1]}" + """.strip() + f.write(contents) + l = p.pipenv('lock') + assert l.returncode == 0 + + c = p.pipenv('requirements --dev-only') + assert c.returncode == 0 + assert f'{packages[0]}=={packages[1]}' not in c.stdout + assert f'{test_packages[0]}=={test_packages[1]}' not in c.stdout + assert f'{doc_packages[0]}=={doc_packages[1]}' not in c.stdout + assert f'{dev_packages[0]}=={dev_packages[1]}' in c.stdout + + d = p.pipenv('requirements --categories="test, doc"') + assert d.returncode == 0 + assert f'{packages[0]}=={packages[1]}' not in d.stdout + assert f'{dev_packages[0]}=={dev_packages[1]}' not in d.stdout + assert f'{test_packages[0]}=={test_packages[1]}' in d.stdout + assert f'{doc_packages[0]}=={doc_packages[1]}' in d.stdout + @pytest.mark.requirements def test_requirements_with_git_requirements(pipenv_instance_pypi): req_name, req_hash = 'example-repo', 'cc858e89f19bc0dbd70983f86b811ab625dc9292' diff --git a/tests/integration/test_run.py b/tests/integration/test_run.py index e5c890f7..31f6de63 100644 --- a/tests/integration/test_run.py +++ b/tests/integration/test_run.py @@ -4,7 +4,6 @@ import pytest from pipenv.project import Project from pipenv.utils.shell import subprocess_run, temp_environ -from pipenv.utils.shell import mkdir_p @pytest.mark.run @@ -69,7 +68,7 @@ def test_scripts_with_package_functions(pipenv_instance_pypi): with pipenv_instance_pypi(chdir=True) as p: p.pipenv('install') pkg_path = os.path.join(p.path, "pkg") - mkdir_p(pkg_path) + os.makedirs(pkg_path, exist_ok=True) file_path = os.path.join(pkg_path, "mod.py") with open(file_path, "w+") as f: f.write("""