Pip

Latest version: v24.0

Safety actively analyzes 638452 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 23 of 25

0.6

Not secure
===

- Add ``pip uninstall`` and uninstall-before upgrade (from Carl Meyer).
- Extended configurability with config files and environment variables.
- Allow packages to be upgraded, e.g., ``pip install Package==0.1``
then ``pip install Package==0.2``.
- Allow installing/upgrading to Package==dev (fix "Source version does not
match target version" errors).
- Added command and option completion for bash and zsh.
- Extended integration with virtualenv by providing an option to
automatically use an active virtualenv and an option to warn if no active
virtualenv is found.
- Fixed a bug with pip install --download and editable packages, where
directories were being set with 0000 permissions, now defaults to 755.
- Fixed uninstallation of easy_installed console_scripts.
- Fixed uninstallation on macOS Framework layout installs
- Fixed bug preventing uninstall of editables with source outside venv.
- Creates download cache directory if not existing.

0.5.1

Not secure
=====

- Fixed a couple little bugs, with git and with extensions.

0.5

Not secure
===

- Added ability to override the default log file name (``pip-log.txt``)
with the environmental variable ``$PIP_LOG_FILE``.
- Made the freeze command print installed packages to stdout instead of
writing them to a file. Use simple redirection (e.g.
``pip freeze > stable-req.txt``) to get a file with requirements.
- Fixed problem with freezing editable packages from a Git repository.
- Added support for base URLs using ``<base href='...'>`` when parsing
HTML pages.
- Fixed installing of non-editable packages from version control systems.
- Fixed issue with Bazaar's bzr+ssh scheme.
- Added --download-dir option to the install command to retrieve package
archives. If given an editable package it will create an archive of it.
- Added ability to pass local file and directory paths to ``--find-links``,
e.g. ``--find-links=file:///path/to/my/private/archive``
- Reduced the amount of console log messages when fetching a page to find a
distribution was problematic. The full messages can be found in pip-log.txt.
- Added ``--no-deps`` option to install ignore package dependencies
- Added ``--no-index`` option to ignore the package index (PyPI) temporarily
- Fixed installing editable packages from Git branches.
- Fixes freezing of editable packages from Mercurial repositories.
- Fixed handling read-only attributes of build files, e.g. of Subversion and
Bazaar on Windows.
- When downloading a file from a redirect, use the redirected
location's extension to guess the compression (happens specifically
when redirecting to a bitbucket.org tip.gz file).
- Editable freeze URLs now always use revision hash/id rather than tip or
branch names which could move.
- Fixed comparison of repo URLs so incidental differences such as
presence/absence of final slashes or quoted/unquoted special
characters don't trigger "ignore/switch/wipe/backup" choice.
- Fixed handling of attempt to checkout editable install to a
non-empty, non-repo directory.

0.4

Not secure
===

- Make ``-e`` work better with local hg repositories
- Construct PyPI URLs the exact way easy_install constructs URLs (you
might notice this if you use a custom index that is
slash-sensitive).
- Improvements on Windows (from `Ionel Maries Cristian
<https://ionelmc.wordpress.com/>`_).
- Fixed problem with not being able to install private git repositories.
- Make ``pip zip`` zip all its arguments, not just the first.
- Fix some filename issues on Windows.
- Allow the ``-i`` and ``--extra-index-url`` options in requirements
files.
- Fix the way bundle components are unpacked and moved around, to make
bundles work.
- Adds ``-s`` option to allow the access to the global site-packages if a
virtualenv is to be created.
- Fixed support for Subversion 1.6.

0.3.1

Not secure
=====

- Improved virtualenv restart and various path/cleanup problems on win32.
- Fixed a regression with installing from svn repositories (when not
using ``-e``).
- Fixes when installing editable packages that put their source in a
subdirectory (like ``src/``).
- Improve ``pip -h``

0.3

Not secure
===

- Added support for editable packages created from Git, Mercurial and Bazaar
repositories and ability to freeze them. Refactored support for version
control systems.
- Do not use ``sys.exit()`` from inside the code, instead use a
return. This will make it easier to invoke programmatically.
- Put the install record in ``Package.egg-info/installed-files.txt``
(previously they went in
``site-packages/install-record-Package.txt``).
- Fix a problem with ``pip freeze`` not including ``-e svn+`` when an
svn structure is peculiar.
- Allow ``pip -E`` to work with a virtualenv that uses a different
version of Python than the parent environment.
- Fixed Win32 virtualenv (``-E``) option.
- Search the links passed in with ``-f`` for packages.
- Detect zip files, even when the file doesn't have a ``.zip``
extension and it is served with the wrong Content-Type.
- Installing editable from existing source now works, like ``pip
install -e some/path/`` will install the package in ``some/path/``.
Most importantly, anything that package requires will also be
installed by pip.
- Add a ``--path`` option to ``pip un/zip``, so you can avoid zipping
files that are outside of where you expect.
- Add ``--simulate`` option to ``pip zip``.

Page 23 of 25

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.