Pex

This release fixes several spurious warnings emitted for Python 3.11 and

This release brings support for Python 3.12 and Pip 23.2 which is the
minimum required Pip version for Python 3.12. N.B.: Since Pip 23.2
requires Python 3.7 or newer, multiplatform PEX files and locks that
support Python 3.12 will not also be able to support Python 2.7, 3.5
or 3.6 even though Pex continues to support those versions generally.

In addition, two new options for adding local project source files to
a pex are added: `-P/--package` and `-M/--module`. Importantly, you can
use the options instead of the existing `-D/--sources-directory` when
you have a project with code at the top level (i.e.: not in a `src/`
subdirectory for example) intermixed with other files you prefer not to
include in the PEX. See `pex --help` for more details on using these new
options.

Finally, an internal API is fixed that allows for Lambdex files to
include versions of `attrs` incompatible with Pex's own vendored version.

* Add official support for Python 3.12 / Pip 23.2. (2176)
* Add support for selecting packages and modules. (2181)
* Fix `pex.pex_bootstrapper.bootstrap_pex_env` leak. (2184)

This release brings fixes for two obscure corner cases.

Previously, if you used `--venv` PEXes in the default symlinked
site-packages mode that contained first party code in a namespace
package shared with 3rd-party dependencies the first party code would
contaminate the Pex installed wheel cache for one of the 3rd-party
dependencies in PEX.

Even more obscure (the only known issue was in Pex's own CI), if you
ran the Pex CLI concurrently using two different `--pip-version`
arguments, you may have seen spurious Pip HTTP errors that found an
invalid `Content-Type: Unknown` header.

* Isolate the Pip cache per Pip version. (2164)
* Fix symlinked venv ns-package calcs. (2165)

This release fixes a long-standing bug in lock file creation for exotic
locking scenarios pulling the same project from multiple artifact
sources (any mix of URLs, VCS and local project directories).

* Fix inter-artifact comparisons. (2152)

This release adds the `pex3 lock export-subset` command. This is a
version of `pex3 lock export` that also accepts requirements arguments
allowing just a subset of the lock satisfying the given requirements to
be exported.

* Add `pex3 lock export-subset`. (2145)

This release brings support for `pex3 venv {inspect,create}` for working
with venvs directly using Pex. Previously, a PEX built with
`--include-tools` (or `--venv`) had the capability of turning itself
into a venv but the new `pex3 venv create` command can do this for any
PEX file with the addition of a few new features:

1. The venv can now be created directly from requirements producing no
intermediate PEX file.
2. The venv can be created either from a PEX file or a lock file. A
subset of either of those can be chosen by also supplying
requirements.
3. Instead of creating a full-fledged venv, just the site-packages can
be exported (without creating an intermediate venv). This "flat"
layout is used by several prominent runtimes - notably AWS Lambda
-and emulates `pip install --target`. This style layout can also be
zipped and prefixed. Additionally, it supports `--platform` and
`--complete-platform` allowing creation of, for example, an AWS
Lambda (or Lambda Layer) deployment zip on a non-Linux host.

Additionally, this release adds support for Pip 23.1.1 and 23.1.2.

* Add Support for Pip 23.1.1. (2133)
* Introduce pex3 venv inspect. (2135)
* Introduce pex3 venv create. (2140)
* Add support for Pip 23.1.2. (2142)