* 629: When scanning for packages, ``pkg_resources`` now ignores empty egg-info directories and gives precedence to packages whose versions are lexicographically greatest, a rough approximation for preferring the latest available version.
28.5.0
Not secure
=======
* 810: Tests are now invoked with tox and not setup.py test. * 249 and 450 via 764: Avoid scanning the whole tree when building the manifest. Also fixes a long-standing bug where patterns in ``MANIFEST.in`` had implicit wildcard matching. This caused ``global-exclude .foo`` to exclude all ``*.foo`` files, but also ``global-exclude bar.py`` to exclude ``foo_bar.py``.
28.4.0
Not secure
=======
* 732: Now extras with a hyphen are honored per PEP 426. * 811: Update to pyparsing 2.1.10. * Updated ``setuptools.command.sdist`` to re-use most of the functionality directly from ``distutils.command.sdist`` for the ``add_defaults`` method with strategic overrides. See 750 for rationale. * 760 via 762: Look for certificate bundle where SUSE Linux typically presents it. Use ``certifi.where()`` to locate the bundle.
28.3.0
Not secure
=======
* 809: In ``find_packages()``, restore support for excluding a parent package without excluding a child package.
* 805: Disable ``-nspkg.pth`` behavior on Python 3.3+ where PEP-420 functionality is adequate. Fixes pip 1924.