From 6538ca311af977b12c1e92dd8ce0068c3380599c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 8 Jul 2024 19:17:22 +0200
Subject: [PATCH] Bump pip from 24.1.1 to 24.1.2 (PR #7837)

Bumps [pip](https://github.com/pypa/pip) from 24.1.1 to 24.1.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p>
<blockquote>
<h1>24.1.2 (2024-07-07)</h1>
<h2>Bug Fixes</h2>
<ul>
<li>Fix finding hardlink targets in tar files with an ignored top-level directory. (<code>[#12781](https://github.com/pypa/pip/issues/12781) &lt;https://github.com/pypa/pip/issues/12781&gt;</code>_)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/pypa/pip/commits">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=24.1.1&new-version=24.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
---
 changelogs/unreleased/7837-dependabot.yml | 5 +++++
 requirements.txt                          | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/7837-dependabot.yml

diff --git a/changelogs/unreleased/7837-dependabot.yml b/changelogs/unreleased/7837-dependabot.yml
new file mode 100644
index 0000000000..c43b1be87e
--- /dev/null
+++ b/changelogs/unreleased/7837-dependabot.yml
@@ -0,0 +1,5 @@
+change-type: patch
+description: Bump pip from 24.1.1 to 24.1.2
+destination-branches:
+- master
+sections: {}
diff --git a/requirements.txt b/requirements.txt
index fffe58fbaf..d795cab856 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -12,7 +12,7 @@ importlib_metadata==8.0.0
 jinja2==3.1.4
 more-itertools==10.3.0
 packaging==24.1
-pip==24.1.1
+pip==24.1.2
 ply==3.11
 pydantic==2.8.2
 pyformance==0.4