Ubuntu
python-pip package

[FFe] update python-pip to version 1.3.1

Bug #1167351 reported by Adam Dingle on 2013-04-10

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	python-pip (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

Raring still has python-pip 1.1, which is over a year old now. The latest release is 1.3.1 (2013-03-08); it would be nice to update to that.

Tags:

Related branches

lp:ubuntu/raring-proposed/python-pip

Hans Joachim Desserud (hjd) on 2013-04-11

tags:

added: upgrade-software-version

Revision history for this message

Barry Warsaw (barry) wrote on 2013-04-17:

I'm hijacking this bug for an FFe for python-pip 1.3.1 for Raring.

https://pypi.python.org/pypi/pip/1.3.1

The most important change is that packages are downloaded from PyPI over SSL, greatly enhancing the security of PyPI installed packages.

I'll fill out the rest of this FFe soon.

summary:

- please update python-pip to version 1.3
+ [FFe] update python-pip to version 1.3.1

Revision history for this message

Barry Warsaw (barry) wrote on 2013-04-17:

Download full text (5.1 KiB)

Also note that pip 1.3.1 matches the version bundled with virtualenv 1.9.1 as per FFE LP: #1170003

Upstream changelog since 1.1:

1.3.1 (2013-03-08)
------------------

* Fixed a major backward incompatible change of parsing URLs to externally
hosted packages that got accidentily included in 1.3.

1.3 (2013-03-07)
----------------

* SSL Cert Verification; Make https the default for PyPI access.
Thanks James Cleveland, Giovanni Bajo, Marcus Smith and many others (Pull #789).

* Added "pip list" for listing installed packages and the latest version
available. Thanks Rafael Caricio, Miguel Araujo, Dmitry Gladkov (Pull #752)

* Fixed security issues with pip's use of temp build directories.
Thanks David (d1b) and Thomas Guttler. (Pull #780)

* Improvements to sphinx docs and cli help. (Pull #773)

* Fixed issue #707, dealing with OS X temp dir handling, which was causing
global NumPy installs to fail. (Pull #768)

* Split help output into general vs command-specific option groups.
Thanks Georgi Valkov. (Pull #744; Pull #721 contains preceding refactor)

* Fixed dependency resolution when installing from archives with uppercase
project names. (Pull #724)

* Fixed problem where re-installs always occurred when using file:// find-links.
(Pulls #683/#702)

* "pip install -v" now shows the full download url, not just the archive name.
Thanks Marc Abramowitz (Pull #687)

* Fix to prevent unnecessary PyPI redirects. Thanks Alex Gronholm (Pull #695)

* Fixed issue #670 - install failure under Python 3 when the same version
of a package is found under 2 different URLs. Thanks Paul Moore (Pull #671)

* Fix git submodule recursive updates. Thanks Roey Berman. (Pulls #674)

* Explicitly ignore rel='download' links while looking for html pages.
Thanks Maxime R. (Pull #677)

* --user/--upgrade install options now work together. Thanks 'eevee' for
discovering the problem. (Pull #705)

* Added check in ``install --download`` to prevent re-downloading if the target
file already exists. Thanks Andrey Bulgakov. (Pull #669)

* Added support for bare paths (including relative paths) as argument to
`--find-links`. Thanks Paul Moore for draft patch.

* Added support for --no-index in requirements files.

* Added "pip show" command to get information about an installed package.
Fixes #131. Thanks Kelsey Hightower and Rafael Caricio.

* Added `--root` option for "pip install" to specify root directory. Behaves
like the same option in distutils but also plays nice with pip's egg-info.
Thanks Przemek Wrzos. (Issue #253 / Pull #693)

1.2.1 (2012-09-06)
------------------

* Fixed a regression introduced in 1.2 about raising an exception when
not finding any files to uninstall in the current environment. Thanks for
the fix, Marcus Smith.

1.2 (2012-09-01)
----------------

* **Dropped support for Python 2.4** The minimum supported Python version is
now Python 2.5.

* Fixed issue #605 - pypi mirror support broken on some DNS responses. Thanks
philwhin.

* Fixed issue #355 - pip uninstall removes files it didn't install. Thanks
pjdelport.

* Fixed issues #493, #494, #440, and #573 related to improving support for the
user inst...

Also note that pip 1.3.1 matches the version bundled with virtualenv 1.9.1 as per FFE LP: #1170003

Upstream changelog since 1.1:

1.3.1 (2013-03-08)
------------------

* Fixed a major backward incompatible change of parsing URLs to externally
  hosted packages that got accidentily included in 1.3.

1.3 (2013-03-07)
----------------

* SSL Cert Verification; Make https the default for PyPI access.
  Thanks James Cleveland, Giovanni Bajo, Marcus Smith and many others (Pull #789).

* Added "pip list" for listing installed packages and the latest version
  available. Thanks Rafael Caricio, Miguel Araujo, Dmitry Gladkov (Pull #752)

* Fixed security issues with pip's use of temp build directories.
  Thanks David (d1b) and Thomas Guttler. (Pull #780)

* Improvements to sphinx docs and cli help. (Pull #773)

* Fixed issue #707, dealing with OS X temp dir handling, which was causing
  global NumPy installs to fail. (Pull #768)

* Split help output into general vs command-specific option groups.
  Thanks Georgi Valkov. (Pull #744; Pull #721 contains preceding refactor)

* Fixed dependency resolution when installing from archives with uppercase
  project names. (Pull #724)

* Fixed problem where re-installs always occurred when using file:// find-links.
  (Pulls #683/#702)

* "pip install -v" now shows the full download url, not just the archive name.
  Thanks Marc Abramowitz (Pull #687)

* Fix to prevent unnecessary PyPI redirects. Thanks Alex Gronholm (Pull #695)

* Fixed issue #670 - install failure under Python 3 when the same version
  of a package is found under 2 different URLs.  Thanks Paul Moore (Pull #671)

* Fix git submodule recursive updates.  Thanks Roey Berman. (Pulls #674)

* Explicitly ignore rel='download' links while looking for html pages.
  Thanks Maxime R. (Pull #677)

* --user/--upgrade install options now work together. Thanks 'eevee' for
  discovering the problem. (Pull #705)

* Added check in ``install --download`` to prevent re-downloading if the target
  file already exists. Thanks Andrey Bulgakov. (Pull #669)

* Added support for bare paths (including relative paths) as argument to
  `--find-links`. Thanks Paul Moore for draft patch.

* Added support for --no-index in requirements files.

* Added "pip show" command to get information about an installed package.
  Fixes #131. Thanks Kelsey Hightower and Rafael Caricio.

* Added `--root` option for "pip install" to specify root directory. Behaves
  like the same option in distutils but also plays nice with pip's egg-info.
  Thanks Przemek Wrzos.  (Issue #253 / Pull #693)

1.2.1 (2012-09-06)
------------------

* Fixed a regression introduced in 1.2 about raising an exception when
  not finding any files to uninstall in the current environment. Thanks for
  the fix, Marcus Smith.

1.2 (2012-09-01)
----------------

* **Dropped support for Python 2.4** The minimum supported Python version is
  now Python 2.5.

* Fixed issue #605 - pypi mirror support broken on some DNS responses. Thanks
  philwhin.

* Fixed issue #355 - pip uninstall removes files it didn't install. Thanks
  pjdelport.

* Fixed issues #493, #494, #440, and #573 related to improving support for the
  user installation scheme. Thanks Marcus Smith.

* Write failure log to temp file if default location is not writable. Thanks
  andreigc.

* Pull in submodules for git editable checkouts. Fixes #289 and #421. Thanks
  Hsiaoming Yang and Markus Hametner.

* Use a temporary directory as the default build location outside of a
  virtualenv. Fixes issues #339 and #381. Thanks Ben Rosser.

* Added support for specifying extras with local editables. Thanks Nick
  Stenning.

* Added ``--egg`` flag to request egg-style rather than flat installation. Refs
  issue #3. Thanks Kamal Bin Mustafa.

* Fixed issue #510 - prevent e.g. ``gmpy2-2.0.tar.gz`` from matching a request
  to ``pip install gmpy``; sdist filename must begin with full project name
  followed by a dash. Thanks casevh for the report.

* Fixed issue #504 - allow package URLS to have querystrings. Thanks W.
  Trevor King.

* Fixed issue #58 - pip freeze now falls back to non-editable format rather
  than blowing up if it can't determine the origin repository of an editable.
  Thanks Rory McCann.

* Added a `__main__.py` file to enable `python -m pip` on Python versions
  that support it. Thanks Alexey Luchko.

* Fixed issue #487 - upgrade from VCS url of project that does exist on
  index. Thanks Andrew Knapp for the report.

* Fixed issue #486 - fix upgrade from VCS url of project with no distribution
  on index.  Thanks Andrew Knapp for the report.

* Fixed issue #427 - clearer error message on a malformed VCS url. Thanks
  Thomas Fenzl.

* Added support for using any of the built in guaranteed algorithms in
  ``hashlib`` as a checksum hash.

* Fixed issue #321 - Raise an exception if current working directory can't be
  found or accessed.

* Fixed issue #82 - Removed special casing of the user directory and use the
  Python default instead.

* Fixed #436 - Only warn about version conflicts if there is actually one.
  This re-enables using ``==dev`` in requirements files.

* Moved tests to be run on Travis CI: http://travis-ci.org/pypa/pip

* Added a better help formatter.

Revision history for this message

Barry Warsaw (barry) wrote on 2013-04-17:

d/changelog:

python-pip (1.3.1-0ubuntu1) raring; urgency=low

  * New upstream release.
    - debian/patches/test_urlparse_uses_fragment.patch: Removed; applied
      upstream.

-- Barry Warsaw <email address hidden> Wed, 17 Apr 2013 10:45:19 -0400

Revision history for this message

Adam Conrad (adconrad) wrote on 2013-04-17:

Approved, go ahead and upload, closing this bug in the changelog.

Changed in python-pip (Ubuntu):
status:	New → Triaged

Revision history for this message

Launchpad Janitor (janitor) wrote on 2013-04-17:

This bug was fixed in the package python-pip - 1.3.1-0ubuntu1

---------------
python-pip (1.3.1-0ubuntu1) raring; urgency=low

  * New upstream release. (LP: #1167351)
    - debian/patches/test_urlparse_uses_fragment.patch: Removed; applied
      upstream.
-- Barry Warsaw <email address hidden> Wed, 17 Apr 2013 10:45:19 -0400

Changed in python-pip (Ubuntu):
status:	Triaged → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntupython-pip package

[FFe] update python-pip to version 1.3.1

Bug Description

Related branches

Other bug subscribers

Remote bug watches

Ubuntu
python-pip package