Setuptools

Latest version: v75.8.0

Safety actively analyzes 699709 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 7 of 114

69.3.1

Not secure
=======

Bugfixes
--------

- Remove attempt to canonicalize the version. It's already canonical enough. (4302)

69.3.0

Not secure
=======

Features
--------

- Support PEP 625 by canonicalizing package name and version in filenames
per
`the spec <https://packaging.python.org/en/latest/specifications/source-distribution-format/#source-distribution-file-name>`_.
Projects whose names contain uppercase characters, dashes, or periods will
now see their sdist names normalized to match the standard and the format
previously seen in wheels. For example:

- ``zope.interface`` -> ``zope_interface``
- ``CherryPy`` -> ``cherrypy``
- ``foo-bar_baz`` -> ``foo_bar_baz``

Projects are encouraged to adopt this change to align with standards and
other backend build systems. (3593)

69.2.0

Not secure
=======

Features
--------

- Explicitly use ``encoding="locale"`` for ``.pth`` files whenever possible,
to reduce ``EncodingWarnings``.
This avoid errors with UTF-8 (see discussion in python/cpython77102). (4265)


Bugfixes
--------

- Clarify some `pkg_resources` methods return `bytes`, not `str`. Also return an empty `bytes` in ``EmptyProvider._get`` -- by :user:`Avasam` (4243)
- Return an empty `list` by default in ``pkg_resources.ResourceManager.cleanup_resources`` -- by :user:`Avasam` (4244)
- Made ``pkg_resoursces.NullProvider``'s ``has_metadata`` and ``metadata_isdir`` methods return actual booleans like all other Providers. -- by :user:`Avasam` (4254)


Misc
----

- 4237, 4238, 4241, 4260, 4261, 4263

69.1.1

Not secure
=======

Bugfixes
--------

- Fix argument order of ``--config-settings["--build-option"]`` arguments.
This was broken by <https://github.com/pypa/setuptools/pull/4079>`. (#4217)


Misc
----

- 4231

69.1.0

Not secure
=======

Features
--------

- Updated and removed obsolete Python < 3.8 code and comments. -- by :user:`Avasam` (4096)
- Updated `pkg_resources` to use stdlib `importlib.machinery` instead of ``importlib_machinery`` -- by :user:`Avasam` (4097)


Bugfixes
--------

- In tests, rely on pytest-home for reusable fixture. (4072)
- Explicitely marked as ``Protocol`` and fixed missing ``self`` argument in interfaces ``pkg_resources.IMetadataProvider`` and ``pkg_resources.IResourceProvider`` -- by :user:`Avasam` (4144)
- Restored expectation that egg-link files would be named with dash separators for compatibility with pip prior to version 24. (4167)


Improved Documentation
----------------------

- Updated documentation referencing obsolete Python 3.7 code. -- by :user:`Avasam` (4096)
- Changed ``versionadded`` for "Type information included by default" feature from ``v68.3.0`` to ``v69.0.0`` -- by :user:`Avasam` (4182)
- Described the auto-generated files -- by :user:`VladimirFokow` (4198)
- Updated "Quickstart" to describe the current status of ``setup.cfg`` and ``pyproject.toml`` -- by :user:`VladimirFokow` (4200)

69.0.3

Not secure
=======

Bugfixes
--------

- Retain valid names with underscores in egg_info.

Page 7 of 114

Links

Releases

Has known vulnerabilities

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.