Pip

Latest version: v24.0

Safety actively analyzes 638430 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 24 of 25

0.2.1

Not secure
=====

- Fixed small problem that prevented using ``pip.py`` without actually
installing pip.
- Fixed ``--upgrade``, which would download and appear to install
upgraded packages, but actually just reinstall the existing package.
- Fixed Windows problem with putting the install record in the right
place, and generating the ``pip`` script with Setuptools.
- Download links that include embedded spaces or other unsafe
characters (those characters get %-encoded).
- Fixed use of URLs in requirement files, and problems with some blank
lines.
- Turn some tar file errors into warnings.

0.2

Not secure
===

- Renamed to ``pip``, and to install you now do ``pip install
PACKAGE``
- Added command ``pip zip PACKAGE`` and ``pip unzip PACKAGE``. This
is particularly intended for Google App Engine to manage libraries
to stay under the 1000-file limit.
- Some fixes to bundles, especially editable packages and when
creating a bundle using unnamed packages (like just an svn
repository without ``egg=Package``).

0.1.4

=====

- Added an option ``--install-option`` to pass options to pass
arguments to ``setup.py install``
- ``.svn/`` directories are no longer included in bundles, as these
directories are specific to a version of svn -- if you build a
bundle on a system with svn 1.5, you can't use the checkout on a
system with svn 1.4. Instead a file ``svn-checkout.txt`` is
included that notes the original location and revision, and the
command you can use to turn it back into an svn checkout. (Probably
unpacking the bundle should, maybe optionally, recreate this
information -- but that is not currently implemented, and it would
require network access.)
- Avoid ambiguities over project name case, where for instance
MyPackage and mypackage would be considered different packages.
This in particular caused problems on Macs, where ``MyPackage/`` and
``mypackage/`` are the same directory.
- Added support for an environmental variable
``$PIP_DOWNLOAD_CACHE`` which will cache package downloads, so
future installations won't require large downloads. Network access
is still required, but just some downloads will be avoided when
using this.

0.1.3

=====

- Always use ``svn checkout`` (not ``export``) so that
``tag_svn_revision`` settings give the revision of the package.
- Don't update checkouts that came from ``.pybundle`` files.

0.1.2

=====

- Improve error text when there are errors fetching HTML pages when
seeking packages.
- Improve bundles: include empty directories, make them work with
editable packages.
- If you use ``-E env`` and the environment ``env/`` doesn't exist, a
new virtual environment will be created.
- Fix ``dependency_links`` for finding packages.

0.1.1

=====

- Fixed a NameError exception when running pip outside of a virtualenv
environment.
- Added HTTP proxy support (from Prabhu Ramachandran)
- Fixed use of ``hashlib.md5`` on python2.5+ (also from Prabhu Ramachandran)

Page 24 of 25

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.