Workflow

Pex

Latest version: v2.33.7

Safety actively analyzes 723963 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 20 of 57

2.1.122

This release fixes posix file locks used by Pex internally and enhances
lock creation to support locking sdist-only C extension projects that do
not build on the current platform. Pex is also updated to support
`--pip-version 22.3.1` and `--pip-version 23.0`, bringing it up to date
with the latest Pip's available.

* Support the latest Pip releases: 22.3.1 & 23.0 (2056)
* Lock sdists with `prepare-metadata-for-build-wheel`. (2053)
* Fix `execute_parallel` "leaking" a thread. (2052)

2.1.121

This release fixes two bugs brought to light trying to interoperate with
Poetry projects.

* Support space separated markers in URL reqs. (2039)
* Handle `file://` URL deps in distributions. (2041)

2.1.120

This release completes the `--complete-platform` fix started in Pex
2.1.116 by 1991. That fix did not work in all cases but now does.

PEXes run in interpreter mode now support command history when the
underlying interpreter being used to run the PEX does; use the
`PEX_INTERPRETER_HISTORY` bool env var to turn this on.

Additionally, PEXes built with the combination
`--layout loose --venv --no-venv-site-packages-copies` are fixed to be
robust to moves of the source loose PEX directory.

* Fix loose `--venv` PEXes to be robust to moves. (2033)
* Fix interpreter resolution when using `--complete-platform` with
`--resolve-local-platforms` (2031)
* Support REPL command history. (2018)

2.1.119

This release brings two new features. The venv pex tool now just warns
when using `--compile` and there is a `*.pyc` compile error instead of
failing to create the venv. Also, a new `PEX_DISABLE_VARIABLES` env var
knob is added to turn off reading all `PEX_*` env vars from the
environment.

* Ignore compile error for `PEX_TOOLS=1` (2002)
* Add `PEX_DISABLE_VARIABLES` to lock down a PEX run. (2014)

2.1.118

This is a very tardy hotfix release for a regression introduced in Pex

2.1.117

This release fixes a bug introduced in Pex 2.1.109 where the released
Pex PEX could not be executed by PyPy interpreters. More generally, any
PEX created with interpreter constraints that did not specify the Python
implementation, e.g.: `==3.8.*`, were interpreted as being CPython
specific, i.e.: `CPython==3.8.*`. This is now fixed, but if the
intention of a constraint like `==3.8.*` was in fact to restrict to
CPython only, interpreter constraints need to say so now and use
`CPython==3.8.*` explicitly.

* Fix interpreter constraint parsing. (1998)

Page 20 of 57

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.