Workflow

Setuptools

Latest version: v70.1.1

Safety actively analyzes 641872 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 39 of 109

40.9.0

Not secure
=======



Changes
-------
* 1675: Added support for ``setup.cfg``-only projects when using the ``setuptools.build_meta`` backend. Projects that have enabled PEP 517 no longer need to have a ``setup.py`` and can use the purely declarative ``setup.cfg`` configuration file instead.
* 1720: Added support for ``pkg_resources.parse_requirements``-style requirements in ``setup_requires`` when ``setup.py`` is invoked from the ``setuptools.build_meta`` build backend.
* 1664: Added the path to the ``PKG-INFO`` or ``METADATA`` file in the exception
text when the ``Version:`` header can't be found.

Documentation changes
---------------------
* 1705: Removed some placeholder documentation sections referring to deprecated features.

40.8.0

Not secure
=======



Changes
-------
* 1652: Added the ``build_meta:__legacy__`` backend, a "compatibility mode" PEP 517 backend that can be used as the default when ``build-backend`` is left unspecified in ``pyproject.toml``.
* 1635: Resource paths are passed to ``pkg_resources.resource_string`` and similar no longer accept paths that traverse parents, that begin with a leading ``/``. Violations of this expectation raise DeprecationWarnings and will become errors. Additionally, any paths that are absolute on Windows are strictly disallowed and will raise ValueErrors.
* 1536: ``setuptools`` will now automatically include licenses if ``setup.cfg`` contains a ``license_file`` attribute, unless this file is manually excluded inside ``MANIFEST.in``.

40.7.3

Not secure
=======



Changes
-------
* 1670: In package_index, revert to using a copy of splituser from Python 3.8. Attempts to use ``urllib.parse.urlparse`` led to problems as reported in 1663 and 1668. This change serves as an alternative to 1499 and fixes 1668.

40.7.2

Not secure
=======



Changes
-------
* 1666: Restore port in URL handling in package_index.

40.7.1

Not secure
=======



Changes
-------
* 1660: On Python 2, when reading config files, downcast options from text to bytes to satisfy distutils expectations.

40.7.0

Not secure
=======



Breaking Changes
----------------
* 1551: File inputs for the ``license`` field in ``setup.cfg`` files now explicitly raise an error.

Changes
-------
* 1180: Add support for non-ASCII in setup.cfg (1062). Add support for native strings on some parameters (1136).
* 1499: ``setuptools.package_index`` no longer relies on the deprecated ``urllib.parse.splituser`` per Python 27485.
* 1544: Added tests for PackageIndex.download (for git URLs).
* 1625: In PEP 517 build_meta builder, ensure that sdists are built as gztar per the spec.

Page 39 of 109

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.