Skip to content

Bump pipenv from 2024.4.1 to 2025.0.1 in /python/helpers in the pipenv group #12151

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump pipenv from 2024.4.1 to 2025.0.1 in /python/helpers in the pipenv group #12151

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 27, 2025
edited
Loading

Bumps the pipenv group in /python/helpers with 1 update: pipenv.

Updates pipenv from 2024.4.1 to 2025.0.1

Release notes

Sourced from pipenv's releases.

Release v2025.0.1

What's Changed

Full Changelog: pypa/pipenv@v2025.0.0...v2025.0.1

Release v2025.0.0

What's Changed

New Contributors

Full Changelog: pypa/pipenv@v2024.4.1...v2025.0.0

Changelog

Sourced from pipenv's changelog.

2025.0.1 (2025-04-24)

Pipenv 2025.0.1 (2025-04-24)

Bug Fixes

  • Fix for broken import requirements in 2025.0.0 [#6385](https://github.com/pypa/pipenv/issues/6385) <https://github.com/pypa/pipenv/issues/6385>_ 2025.0.0 (2025-04-24) ===================== Pipenv 2025.0.0 (2025-04-24) ============================

Features & Improvements

  • Refactor pythonfinder for improved efficiency and PEP 514 support

    Summary

    This PR completely refactors the pythonfinder module to improve efficiency, reduce logical errors, and fix support for PEP 514 (Python registration in the Windows registry). The refactoring replaces the complex object hierarchy with a more modular, composition-based approach that is easier to maintain and extend.

    Motivation

    The original pythonfinder implementation had several issues:

    • Complex object wrapping with paths as objects, leading to excessive recursion
    • Tight coupling between classes making the code difficult to follow and maintain
    • Broken Windows registry support (PEP 514)
    • Performance issues due to redundant path scanning and inefficient caching

    Changes

    • Architecture: Replaced inheritance-heavy design with a composition-based approach using specialized finders
    • Data Model: Simplified the data model with a clean PythonInfo dataclass
    • Windows Support: Implemented proper PEP 514 support for Windows registry
    • Performance: Improved caching and reduced redundant operations
    • Error Handling: Added more specific exceptions and better error handling

    Features

    The refactored implementation continues to support all required features:

    • System and user PATH searches
    • pyenv installations
    • asdf installations
    • Windows registry (PEP 514) - now working correctly [#6360](https://github.com/pypa/pipenv/issues/6360) <https://github.com/pypa/pipenv/issues/6360>_

  • Almost finished with conversion off click echo/secho to rich console outputs. [#6366](https://github.com/pypa/pipenv/issues/6366) <https://github.com/pypa/pipenv/issues/6366>_

  • Make safety an optional dependency via extras

    • Removed vendored safety package from pipenv/patched
    • Added safety as an optional dependency via pipenv[safety]
    • Modified check.py to prompt for safety installation if not present

... (truncated)

Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies python Dependabot pull requests that update Python code labels Apr 27, 2025
@dependabot dependabot bot requested a review from a team as a code owner April 27, 2025 16:32
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/pipenv-42f05dca32 branch 2 times, most recently from e0b8bc2 to 3c12c79 Compare May 11, 2025 16:34
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/pipenv-42f05dca32 branch 2 times, most recently from ed85a1c to 8c8f251 Compare May 25, 2025 16:42
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/pipenv-42f05dca32 branch from 8c8f251 to 1f19444 Compare June 1, 2025 16:20
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/pipenv-42f05dca32 branch 2 times, most recently from d7be49e to 7cac60c Compare June 15, 2025 16:04
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/pipenv-42f05dca32 branch from 7cac60c to 6a268c8 Compare June 22, 2025 16:14
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/pipenv-42f05dca32 branch 2 times, most recently from bed20d7 to 75756b6 Compare July 6, 2025 16:35
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/pipenv-42f05dca32 branch from 75756b6 to 0b096ee Compare July 13, 2025 16:52
@dependabot
Bump pipenv in /python/helpers in the pipenv group
20a8a66 
Bumps the pipenv group in /python/helpers with 1 update: [pipenv](https://github.com/pypa/pipenv).


Updates `pipenv` from 2024.4.1 to 2025.0.1
- [Release notes](https://github.com/pypa/pipenv/releases)
- [Changelog](https://github.com/pypa/pipenv/blob/main/CHANGELOG.md)
- [Commits](pypa/pipenv@v2024.4.1...v2025.0.1)

---
updated-dependencies:
- dependency-name: pipenv
  dependency-version: 2025.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: pipenv
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/python/helpers/pipenv-42f05dca32 branch from 0b096ee to 20a8a66 Compare July 20, 2025 16:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies L: python python Dependabot pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants