Pip

Latest version: v24.1

Safety actively analyzes 640549 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 23 of 25

0.6.1

Not secure
=====

- Added support for the ``https`` and ``http-static`` schemes to the
Mercurial and ``ftp`` scheme to the Bazaar backend.
- Fixed uninstallation of scripts installed with easy_install.
- Fixed an issue in the package finder that could result in an
infinite loop while looking for links.
- Fixed issue with ``pip bundle`` and local files (which weren't being
copied into the bundle), from Whit Morriss.

0.6

Not secure
===

- Add ``pip uninstall`` and uninstall-before upgrade (from Carl Meyer).
- Extended configurability with config files and environment variables.
- Allow packages to be upgraded, e.g., ``pip install Package==0.1``
then ``pip install Package==0.2``.
- Allow installing/upgrading to Package==dev (fix "Source version does not
match target version" errors).
- Added command and option completion for bash and zsh.
- Extended integration with virtualenv by providing an option to
automatically use an active virtualenv and an option to warn if no active
virtualenv is found.
- Fixed a bug with pip install --download and editable packages, where
directories were being set with 0000 permissions, now defaults to 755.
- Fixed uninstallation of easy_installed console_scripts.
- Fixed uninstallation on macOS Framework layout installs
- Fixed bug preventing uninstall of editables with source outside venv.
- Creates download cache directory if not existing.

0.5.1

Not secure
=====

- Fixed a couple little bugs, with git and with extensions.

0.5

Not secure
===

- Added ability to override the default log file name (``pip-log.txt``)
with the environmental variable ``$PIP_LOG_FILE``.
- Made the freeze command print installed packages to stdout instead of
writing them to a file. Use simple redirection (e.g.
``pip freeze > stable-req.txt``) to get a file with requirements.
- Fixed problem with freezing editable packages from a Git repository.
- Added support for base URLs using ``<base href='...'>`` when parsing
HTML pages.
- Fixed installing of non-editable packages from version control systems.
- Fixed issue with Bazaar's bzr+ssh scheme.
- Added --download-dir option to the install command to retrieve package
archives. If given an editable package it will create an archive of it.
- Added ability to pass local file and directory paths to ``--find-links``,
e.g. ``--find-links=file:///path/to/my/private/archive``
- Reduced the amount of console log messages when fetching a page to find a
distribution was problematic. The full messages can be found in pip-log.txt.
- Added ``--no-deps`` option to install ignore package dependencies
- Added ``--no-index`` option to ignore the package index (PyPI) temporarily
- Fixed installing editable packages from Git branches.
- Fixes freezing of editable packages from Mercurial repositories.
- Fixed handling read-only attributes of build files, e.g. of Subversion and
Bazaar on Windows.
- When downloading a file from a redirect, use the redirected
location's extension to guess the compression (happens specifically
when redirecting to a bitbucket.org tip.gz file).
- Editable freeze URLs now always use revision hash/id rather than tip or
branch names which could move.
- Fixed comparison of repo URLs so incidental differences such as
presence/absence of final slashes or quoted/unquoted special
characters don't trigger "ignore/switch/wipe/backup" choice.
- Fixed handling of attempt to checkout editable install to a
non-empty, non-repo directory.

0.4

Not secure
===

- Make ``-e`` work better with local hg repositories
- Construct PyPI URLs the exact way easy_install constructs URLs (you
might notice this if you use a custom index that is
slash-sensitive).
- Improvements on Windows (from `Ionel Maries Cristian
<https://ionelmc.wordpress.com/>`_).
- Fixed problem with not being able to install private git repositories.
- Make ``pip zip`` zip all its arguments, not just the first.
- Fix some filename issues on Windows.
- Allow the ``-i`` and ``--extra-index-url`` options in requirements
files.
- Fix the way bundle components are unpacked and moved around, to make
bundles work.
- Adds ``-s`` option to allow the access to the global site-packages if a
virtualenv is to be created.
- Fixed support for Subversion 1.6.

0.3.1

Not secure
=====

- Improved virtualenv restart and various path/cleanup problems on win32.
- Fixed a regression with installing from svn repositories (when not
using ``-e``).
- Fixes when installing editable packages that put their source in a
subdirectory (like ``src/``).
- Improve ``pip -h``

Page 23 of 25

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.