* Vendor new safety (#5217)
* Closest to correct vendoring of ruamel.
* Fix lint
* New pipenv check with minimal output.
* Remove decode_for_output use in pipenv check functions.
* Use click.secho where is possible.
* Rerun vendoring to get the latest safety version.
* skip this test for now.
Co-authored-by: Yeison Vargas <yeisonvargasjf@gmail.com>
Compiling this file raised a SyntaxError:
*** File "/gnu/store/62ms8p25ilrw7vrz5fn8fjf4pds10b02-pipenv-2022.11.11/lib/python3.9/site-packages/pipenv/vendor/requirementslib/models/metadata.py", line 17
from pipenv.patched.pip._vendor.distlib.metadata import import Metadata
^
SyntaxError: invalid syntax
Found through `python -m compileall /pipenv/source/` when trying to add pipenv to
[Guix](https://guix.gnu.org/).
Also include fix for root cause: wrong replacement in vendoring task.
The class cached_property is available in the Python STL from
version 3.8 onwards. In addition, it is redifend in included libraries
so we can just use it from there.
* Depend on requests and certifi from vendored pip and remove it as explicit vendor dependency.
* Documentation tweak.
* Add a news fragment.
* Update remaining vendor dependencies to point at the pip requests.
* vendoring task needs requests.
* vendor in pip==22.0.4
* updating vendor packaging version
* update pipdeptree to fix pipenv graph with new version of pip.
* Vendoring of pip-shims 0.7.0
* Vendoring of requirementslib 1.6.3
* Update pip index safety restrictions patch for pip==22.0.4
* Update patches
* exclude pyptoject.toml from black to see if that helps.
* Move this part of the hash collection back to the top (like prior implementation) because it affects the outcome of this test now in pip 22.0.4
* Add pytest-cov; Remove code references to pip-tools and refactor method _build_package_list
* Regenerate lock file.
* Add back required typing-extensions, not sure how it got dropped from locking previously.
* Adopt the setup.cfg for coverage config.
* Actually pin to the version of click we have vendored in.
* Do not adopt coverage for CI since it slows everything down. Fix py36 dependency pinning.
* Drop support for 3.6 in this PR.
* No need to exclude the vendor and patched directory from the coverage reprot.
Matt Davis