CHANGELOG.rst

2018.11.26 (2018-11-26)

Bug Fixes

• Environment variables are expanded correctly before running scripts on POSIX. #3178
• Pipenv will no longer disable user-mode installation when the --system flag is passed in. #3222
• Fixed an issue with attempting to render unicode output in non-unicode locales. #3223
• Fixed a bug which could cause failures to occur when parsing python entries from global pyenv version files. #3224
• Fixed an issue which prevented the parsing of named extras sections from certain setup.py files. #3230
• Correctly detect the virtualenv location inside an activated virtualenv. #3231
• Fixed a bug which caused spinner frames to be written to stdout during locking operations which could cause redirection pipes to fail. #3239
• Fixed a bug that editable pacakges can't be uninstalled correctly. #3240
• Corrected an issue with installation timeouts which caused dependency resolution to fail for longer duration resolution steps. #3244
• Adding normal pep 508 compatible markers is now fully functional when using VCS dependencies. #3249
• Updated requirementslib and pythonfinder for multiple bugfixes. #3254
• Pipenv will now ignore hashes when installing with --skip-lock. #3255
• Fixed an issue where pipenv could crash when multiple pipenv processes attempted to create the same directory. #3257
• Fixed an issue which sometimes prevented successful creation of project pipfiles. #3260
• pipenv install will now unset the PYTHONHOME environment variable when not combined with --system. #3261
• Pipenv will ensure that warnings do not interfere with the resolution process by suppressing warnings' usage of standard output and writing to standard error instead. #3273
• Fixed an issue which prevented variables from the environment, such as PIPENV_DEV or PIPENV_SYSTEM, from being parsed and implemented correctly. #3278
• Clear pythonfinder cache after Python install. #3287
• Fixed a race condition in hash resolution for dependencies for certain dependencies with missing cache entries or fresh Pipenv installs. #3289
• Pipenv will now respect top-level pins over VCS dependency locks. #3296

Vendored Libraries

• Update vendored dependencies to resolve resolution output parsing and python finding:

  • pythonfinder 1.1.9 -> 1.1.10
  • requirementslib 1.3.1 -> 1.3.3
  • vistir 0.2.3 -> 0.2.5 #3280

2018.11.14 (2018-11-14)

Features & Improvements

• Improved exceptions and error handling on failures. #1977
• Added persistent settings for all CLI flags via PIPENV_{FLAG_NAME} environment variables by enabling auto_envvar_prefix=PIPENV in click (implements PEEP-0002). #2200
• Added improved messaging about available but skipped updates due to dependency conflicts when running pipenv update --outdated. #2411
• Added environment variable PIPENV_PYUP_API_KEY to add ability to override the bundled pyup.io API key. #2825
• Added additional output to pipenv update --outdated to indicate that the operation succeded and all packages were already up to date. #2828
• Updated crayons patch to enable colors on native powershell but swap native blue for magenta. #3020
• Added support for --bare to pipenv clean, and fixed pipenv sync --bare to actually reduce output. #3041
• Added windows-compatible spinner via upgraded vistir dependency. #3089
• • Added support for python installations managed by asdf. #3096
• Improved runtime performance of no-op commands such as pipenv --venv by around 2/3. #3158
• Do not show error but success for running pipenv uninstall --all in a fresh virtual environment. #3170
• Improved asynchronous installation and error handling via queued subprocess paralleization. #3217

Bug Fixes

• Remote non-PyPI artifacts and local wheels and artifacts will now include their own hashes rather than including hashes from PyPI. #2394
• Non-ascii characters will now be handled correctly when parsed by pipenv's ToML parsers. #2737
• Updated pipenv uninstall to respect the --skip-lock argument. #2848
• Fixed a bug which caused uninstallation to sometimes fail to successfullly remove packages from Pipfiles with comments on preceding or following lines. #2885, #3099
• Pipenv will no longer fail when encountering python versions on Windows that have been uninstalled. #2983
• Fixed unnecessary extras are added when translating markers #3026
• Fixed a virtualenv creation issue which could cause new virtualenvs to inadvertently attempt to read and write to global site packages. #3047
• Fixed an issue with virtualenv path derivation which could cause errors, particularly for users on WSL bash. #3055
• Fixed a bug which caused Unexpected EOF errors to be thrown when pip was waiting for input from users who had put login credentials in environment variables. #3088
• Fixed a bug in requirementslib which prevented successful installation from mercurial repositories. #3090
• Fixed random resource warnings when using pyenv or any other subprocess calls. #3094
• • Fixed a bug which sometimes prevented cloning and parsing mercurial requirements. #3096
• Fixed an issue in delegator.py related to subprocess calls when using PopenSpawn to stream output, which sometimes threw unexpected EOF errors. #3102, #3114, #3117
• Fix the path casing issue that makes pipenv clean fail on Windows #3104
• Pipenv will avoid leaving build artifacts in the current working directory. #3106
• Fixed issues with broken subprocess calls leaking resource handles and causing random and sporadic failures. #3109
• Fixed an issue which caused pipenv clean to sometimes clean packages from the base site-packages folder or fail entirely. #3113
• Updated pythonfinder to correct an issue with unnesting of nested paths when searching for python versions. #3121
• Added additional logic for ignoring and replacing non-ascii characters when formatting console output on non-UTF-8 systems. #3131
• Fix virtual environment discovery when PIPENV_VENV_IN_PROJECT is set, but the in-project .venv is a file. #3134
• Hashes for remote and local non-PyPI artifacts will now be included in Pipfile.lock during resolution. #3145
• Fix project path hashing logic in purpose to prevent collisions of virtual environments. #3151
• Fix package installation when the virtual environment path contains parentheses. #3158
• Azure Pipelines YAML files are updated to use the latest syntax and product name. #3164
• Fixed new spinner success message to write only one success message during resolution. #3183
• Pipenv will now correctly respect the --pre option when used with pipenv install. #3185
• Fix a bug where exception is raised when run pipenv graph in a project without created virtualenv #3201
• When sources are missing names, names will now be derived from the supplied URL. #3216

Vendored Libraries

• Updated pythonfinder to correct an issue with unnesting of nested paths when searching for python versions. #3061, #3121

• Updated vendored dependencies:

  • certifi 2018.08.24 => 2018.10.15
  • urllib3 1.23 => 1.24
  • requests 2.19.1 => 2.20.0
  • shellingham ``1.2.6 => 1.2.7
  • tomlkit 0.4.4. => 0.4.6
  • vistir 0.1.6 => 0.1.8
  • pythonfinder 0.1.2 => 0.1.3
  • requirementslib 1.1.9 => 1.1.10
  • backports.functools_lru_cache 1.5.0 (new)
  • cursor 1.2.0 (new) #3089

• Updated vendored dependencies:

  • requests 2.19.1 => 2.20.1
  • tomlkit 0.4.46 => 0.5.2
  • vistir 0.1.6 => 0.2.4
  • pythonfinder 1.1.2 => 1.1.8
  • requirementslib 1.1.10 => 1.3.0 #3096

• Switch to tomlkit for parsing and writing. Drop prettytoml and contoml from vendors. #3191
• Updated requirementslib to aid in resolution of local and remote archives. #3196

Improved Documentation

• Expanded development and testing documentation for contributors to get started. #3074

2018.10.13 (2018-10-13)

Bug Fixes

• Fixed a bug in pipenv clean which caused global packages to sometimes be inadvertently targeted for cleanup. #2849
• Fix broken backport imports for vendored vistir. #2950, #2955, #2961
• Fixed a bug with importing local vendored dependencies when running pipenv graph. #2952
• Fixed a bug which caused executable discovery to fail when running inside a virtualenv. #2957
• Fix parsing of outline tables. #2971
• Fixed a bug which caused verify_ssl to fail to drop through to pip install correctly as trusted-host. #2979
• Fixed a bug which caused canonicalized package names to fail to resolve against PyPI. #2989
• Enhanced CI detection to detect Azure Devops builds. #2993
• Fixed a bug which prevented installing pinned versions which used redirection symbols from the command line. #2998
• Fixed a bug which prevented installing the local directory in non-editable mode. #3005

Vendored Libraries

• Updated requirementslib to version 1.1.9. #2989
• Upgraded pythonfinder => 1.1.1 and vistir => 0.1.7. #3007

2018.10.9 (2018-10-09)

Features & Improvements

• Added environment variables PIPENV_VERBOSE and PIPENV_QUIET to control output verbosity without needing to pass options. #2527
• Updated test-pypi addon to better support json-api access (forward compatibility). Improved testing process for new contributors. #2568
• Greatly enhanced python discovery functionality:
  • Added pep514 (windows launcher/finder) support for python discovery.
  • Introduced architecture discovery for python installations which support different architectures. #2582
• Added support for pipenv shell on msys and cygwin/mingw/git bash for Windows. #2641
• Enhanced resolution of editable and VCS dependencies. #2643
• Deduplicate and refactor CLI to use stateful arguments and object passing. See this issue for reference. #2814

Behavior Changes

• Virtual environment activation for run is revised to improve interpolation with other Python discovery tools. #2503
• Improve terminal coloring to display better in Powershell. #2511
• Invoke virtualenv directly for virtual environment creation, instead of depending on pew. #2518
• pipenv --help will now include short help descriptions. #2542
• Add COMSPEC to fallback option (along with SHELL and PYENV_SHELL) if shell detection fails, improving robustness on Windows. #2651
• Fallback to shell mode if run fails with Windows error 193 to handle non-executable commands. This should improve usability on Windows, where some users run non-executable files without specifying a command, relying on Windows file association to choose the current command. #2718

Bug Fixes

• Fixed a bug which prevented installation of editable requirements using ssh:// style urls #1393

• VCS Refs for locked local editable dependencies will now update appropriately to the latest hash when running pipenv update. #1690

• .tar.gz and .zip artifacts will now have dependencies installed even when they are missing from the lockfile. #2173

• The command line parser will now handle multiple -e/--editable dependencies properly via click's option parser to help mitigate future parsing issues. #2279

• Fixed the ability of pipenv to parse dependency_links from setup.py when PIP_PROCESS_DEPENDENCY_LINKS is enabled. #2434

• Fixed a bug which could cause -i/--index arguments to sometimes be incorrectly picked up in packages. This is now handled in the command line parser. #2494

• Fixed non-deterministic resolution issues related to changes to the internal package finder in pip 10. #2499, #2529, #2589, #2666, #2767, #2785, #2795, #2801, #2824, #2862, #2879, #2894, #2933

• Fix subshell invocation on Windows for Python 2. #2515

• Fixed a bug which sometimes caused pipenv to throw a TypeError or to run into encoding issues when writing lockfiles on python 2. #2561

• Improve quoting logic for pipenv run so it works better with Windows built-in commands. #2563

• Fixed a bug related to parsing vcs requirements with both extras and subdirectory fragments. Corrected an issue in the requirementslib parser which led to some markers being discarded rather than evaluated. #2564

• Fixed multiple issues with finding the correct system python locations. #2582

• Catch JSON decoding error to prevent exception when the lock file is of invalid format. #2607

• Fixed a rare bug which could sometimes cause errors when installing packages with custom sources. #2610

• Update requirementslib to fix a bug which could raise an UnboundLocalError when parsing malformed VCS URIs. #2617

• Fixed an issue which prevented passing multiple --ignore parameters to pipenv check. #2632

• Fixed a bug which caused attempted hashing of ssh:// style URIs which could cause failures during installation of private ssh repositories. - Corrected path conversion issues which caused certain editable VCS paths to be converted to ssh:// URIs improperly. #2639

• Fixed a bug which caused paths to be formatted incorrectly when using pipenv shell in bash for windows. #2641

• Dependency links to private repositories defined via ssh:// schemes will now install correctly and skip hashing as long as PIP_PROCESS_DEPENDENCY_LINKS=1. #2643

• Fixed a bug which sometimes caused pipenv to parse the trusted_host argument to pip incorrectly when parsing source URLs which specify verify_ssl = false. #2656

• Prevent crashing when a virtual environment in WORKON_HOME is faulty. #2676

• Fixed virtualenv creation failure when a .venv file is present in the project root. #2680

• Fixed a bug which could cause the -e/--editable argument on a dependency to be accidentally parsed as a dependency itself. #2714

• Correctly pass verbose and debug flags to the resolver subprocess so it generates appropriate output. This also resolves a bug introduced by the fix to #2527. #2732

• All markers are now included in pipenv lock --requirements output. #2748

• Fixed a bug in marker resolution which could cause duplicate and non-deterministic markers. #2760

• Fixed a bug in the dependency resolver which caused regular issues when handling setup.py based dependency resolution. #2766

• Updated vendored dependencies:

  • pip-tools (updated and patched to latest w/ pip 18.0 compatibilty)
  • pip 10.0.1 => 18.0
  • click 6.7 => 7.0
  • toml 0.9.4 => 0.10.0
  • pyparsing 2.2.0 => 2.2.2
  • delegator 0.1.0 => 0.1.1
  • attrs 18.1.0 => 18.2.0
  • distlib 0.2.7 => 0.2.8
  • packaging 17.1.0 => 18.0
  • passa 0.2.0 => 0.3.1
  • pip_shims 0.1.2 => 0.3.1
  • plette 0.1.1 => 0.2.2
  • pythonfinder 1.0.2 => 1.1.0
  • pytoml 0.1.18 => 0.1.19
  • requirementslib 1.1.16 => 1.1.17
  • shellingham 1.2.4 => 1.2.6
  • tomlkit 0.4.2 => 0.4.4
  • vistir 0.1.4 => 0.1.6 #2802,

  #2867, #2880

• Fixed a bug where pipenv crashes when the WORKON_HOME directory does not exist. #2877

• Fixed pip is not loaded from pipenv's patched one but the system one #2912

• Fixed various bugs related to pip 18.1 release which prevented locking, installation, and syncing, and dumping to a requirements.txt file. #2924

Vendored Libraries

• Pew is no longer vendored. Entry point pewtwo, packages pipenv.pew and pipenv.patched.pew are removed. #2521

• Update pythonfinder to major release 1.0.0 for integration. #2582

• Update requirementslib to fix a bug which could raise an UnboundLocalError when parsing malformed VCS URIs. #2617

• • Vendored new libraries vistir and pip-shims, tomlkit, modutil, and plette.
  • Update vendored libraries: - scandir to 1.9.0 - click-completion to 0.4.1 - semver to 2.8.1 - shellingham to 1.2.4 - pytoml to 0.1.18 - certifi to 2018.8.24 - ptyprocess to 0.6.0 - requirementslib to 1.1.5 - pythonfinder to 1.0.2 - pipdeptree to 0.13.0 - python-dotenv to 0.9.1 #2639

• Updated vendored dependencies:

  • pip-tools (updated and patched to latest w/ pip 18.0 compatibilty)
  • pip 10.0.1 => 18.0
  • click 6.7 => 7.0
  • toml 0.9.4 => 0.10.0
  • pyparsing 2.2.0 => 2.2.2
  • delegator 0.1.0 => 0.1.1
  • attrs 18.1.0 => 18.2.0
  • distlib 0.2.7 => 0.2.8
  • packaging 17.1.0 => 18.0
  • passa 0.2.0 => 0.3.1
  • pip_shims 0.1.2 => 0.3.1
  • plette 0.1.1 => 0.2.2
  • pythonfinder 1.0.2 => 1.1.0
  • pytoml 0.1.18 => 0.1.19
  • requirementslib 1.1.16 => 1.1.17
  • shellingham 1.2.4 => 1.2.6
  • tomlkit 0.4.2 => 0.4.4
  • vistir 0.1.4 => 0.1.6 #2902,

  #2935

Improved Documentation

• Simplified the test configuration process. #2568
• Updated documentation to use working fortune cookie addon. #2644
• Added additional information about troubleshooting pipenv shell by using the the $PIPENV_SHELL environment variable. #2671
• Added a link to PEP-440 version specifiers in the documentation for additional detail. #2674
• Added simple example to README.md for installing from git. #2685
• Stopped recommending --system for Docker contexts. #2762
• Fixed the example url for doing "pipenv install -e some-repo-url#egg=something", it was missing the "egg=" in the fragment identifier. #2792
• Fixed link to the "be cordial" essay in the contribution documentation. #2793
• Clarify pipenv install documentation #2844
• Replace reference to uservoice with PEEP-000 #2909

2018.7.1 (2018-07-01)

Features & Improvements

• All calls to pipenv shell are now implemented from the ground up using shellingham, a custom library which was purpose built to handle edge cases and shell detection. #2371
• Added support for python 3.7 via a few small compatibility / bugfixes. #2427, #2434, #2436
• Added new flag pipenv --support to replace the diagnostic command python -m pipenv.help. #2477, #2478
• Improved import times and CLI runtimes with minor tweaks. #2485

Bug Fixes

• Fixed an ongoing bug which sometimes resolved incompatible versions into lockfiles. #1901
• Fixed a bug which caused errors when creating virtualenvs which contained leading dash characters. #2415
• Fixed a logic error which caused --deploy --system to overwrite editable vcs packages in the pipfile before installing, which caused any installation to fail by default. #2417
• Updated requirementslib to fix an issue with properly quoting markers in VCS requirements. #2419
• Installed new vendored jinja2 templates for click-completion which were causing template errors for users with completion enabled. #2422
• Added support for python 3.7 via a few small compatibility / bugfixes. #2427
• Fixed an issue reading package names from setup.py files in projects which imported utilities such as versioneer. #2433
• Pipenv will now ensure that its internal package names registry files are written with unicode strings. #2450
• Fixed a bug causing requirements input as relative paths to be output as absolute paths or URIs. Fixed a bug affecting normalization of git+git@host uris. #2453
• Pipenv will now always use pathlib2 for Path based filesystem interactions by default on python<3.5. #2454
• Fixed a bug which prevented passing proxy PyPI indexes set with --pypi-mirror from being passed to pip during virtualenv creation, which could cause the creation to freeze in some cases. #2462
• Using the python -m pipenv.help command will now use proper encoding for the host filesystem to avoid encoding issues. #2466
• The new jinja2 templates for click_completion will now be included in pipenv source distributions. #2479
• Resolved a long-standing issue with re-using previously generated InstallRequirement objects for resolution which could cause PKG-INFO file information to be deleted, raising a TypeError. #2480
• Resolved an issue parsing usernames from private PyPI URIs in Pipfiles by updating requirementslib. #2484

Vendored Libraries

• All calls to pipenv shell are now implemented from the ground up using shellingham, a custom library which was purpose built to handle edge cases and shell detection. #2371
• Updated requirementslib to fix an issue with properly quoting markers in VCS requirements. #2419
• Installed new vendored jinja2 templates for click-completion which were causing template errors for users with completion enabled. #2422
• Add patch to prettytoml to support Python 3.7. #2426
• Patched prettytoml.AbstractTable._enumerate_items to handle StopIteration errors in preparation of release of python 3.7. #2427
• Fixed an issue reading package names from setup.py files in projects which imported utilities such as versioneer. #2433
• Updated requirementslib to version 1.0.9 #2453
• Unraveled a lot of old, unnecessary patches to pip-tools which were causing non-deterministic resolution errors. #2480
• Resolved an issue parsing usernames from private PyPI URIs in Pipfiles by updating requirementslib. #2484

Improved Documentation

• Added instructions for installing using Fedora's official repositories. #2404

2018.6.25 (2018-06-25)

Features & Improvements

• Pipenv-created virtualenvs will now be associated with a .project folder (features can be implemented on top of this later or users may choose to use pipenv-pipes to take full advantage of this.) #1861
• Virtualenv names will now appear in prompts for most Windows users. #2167
• Added support for cmder shell paths with spaces. #2168
• Added nested JSON output to the pipenv graph command. #2199
• Dropped vendored pip 9 and vendored, patched, and migrated to pip 10. Updated patched piptools version. #2255
• PyPI mirror URLs can now be set to override instances of PyPI urls by passing the --pypi-mirror argument from the command line or setting the PIPENV_PYPI_MIRROR environment variable. #2281
• Virtualenv activation lines will now avoid being written to some shell history files. #2287
• Pipenv will now only search for requirements.txt files when creating new projects, and during that time only if the user doesn't specify packages to pass in. #2309
• Added support for mounted drives via UNC paths. #2331
• Added support for Windows Subsystem for Linux bash shell detection. #2363
• Pipenv will now generate hashes much more quickly by resolving them in a single pass during locking. #2384
• pipenv run will now avoid spawning additional COMSPEC instances to run commands in when possible. #2385
• Massive internal improvements to requirements parsing codebase, resolver, and error messaging. #2388
• pipenv check now may take multiple of the additional argument --ignore which takes a parameter cve_id for the purpose of ignoring specific CVEs. #2408

Behavior Changes

• Pipenv will now parse & capitalize platform_python_implementation markers .. warning:: This could cause an issue if you have an out of date Pipfile which lowercases the comparison value (e.g. cpython instead of CPython). #2123
• Pipenv will now only search for requirements.txt files when creating new projects, and during that time only if the user doesn't specify packages to pass in. #2309

Bug Fixes

• Massive internal improvements to requirements parsing codebase, resolver, and error messaging. #1962, #2186, #2263, #2312
• Pipenv will now parse & capitalize platform_python_implementation markers. #2123
• Fixed a bug with parsing and grouping old-style setup.py extras during resolution #2142
• Fixed a bug causing pipenv graph to throw unhelpful exceptions when running against empty or non-existent environments. #2161
• Fixed a bug which caused --system to incorrectly abort when users were in a virtualenv. #2181
• Removed vendored cacert.pem which could cause issues for some users with custom certificate settings. #2193
• Fixed a regression which led to direct invocations of virtualenv, rather than calling it by module. #2198
• Locking will now pin the correct VCS ref during pipenv update runs. Running pipenv update with a new vcs ref specified in the Pipfile will now properly obtain, resolve, and install the specified dependency at the specified ref. #2209
• pipenv clean will now correctly ignore comments from pip freeze when cleaning the environment. #2262
• Resolution bugs causing packages for incompatible python versions to be locked have been fixed. #2267
• Fixed a bug causing pipenv graph to fail to display sometimes. #2268
• Updated requirementslib to fix a bug in pipfile parsing affecting relative path conversions. #2269
• Windows executable discovery now leverages os.pathext. #2298
• Fixed a bug which caused --deploy --system to inadvertently create a virtualenv before failing. #2301
• Fixed an issue which led to a failure to unquote special characters in file and wheel paths. #2302
• VCS dependencies are now manually obtained only if they do not match the requested ref. #2304
• Added error handling functionality to properly cope with single-digit Requires-Python metatdata with no specifiers. #2377
• pipenv update will now always run the resolver and lock before ensuring your dependencies are in sync with your lockfile. #2379
• Resolved a bug in our patched resolvers which could cause nondeterministic resolution failures in certain conditions. Running pipenv install with no arguments in a project with only a Pipfile will now correctly lock first for dependency resolution before installing. #2384
• Patched python-dotenv to ensure that environment variables always get encoded to the filesystem encoding. #2386

Improved Documentation

• Update documentation wording to clarify Pipenv's overall role in the packaging ecosystem. #2194
• Added contribution documentation and guidelines. #2205
• Added instructions for supervisord compatibility. #2215
• Fixed broken links to development philosophy and contribution documentation. #2248

Vendored Libraries

• Removed vendored cacert.pem which could cause issues for some users with custom certificate settings. #2193

• Dropped vendored pip 9 and vendored, patched, and migrated to pip 10. Updated patched piptools version. #2255

• Updated requirementslib to fix a bug in pipfile parsing affecting relative path conversions. #2269

• Added custom shell detection library shellingham, a port of our changes to pew. #2363

• Patched python-dotenv to ensure that environment variables always get encoded to the filesystem encoding. #2386

• Updated vendored libraries. The following vendored libraries were updated:

  • distlib from version 0.2.6 to 0.2.7.
  • jinja2 from version 2.9.5 to 2.10.
  • pathlib2 from version 2.1.0 to 2.3.2.
  • parse from version 2.8.0 to 2.8.4.
  • pexpect from version 2.5.2 to 2.6.0.
  • requests from version 2.18.4 to 2.19.1.
  • idna from version 2.6 to 2.7.
  • certifi from version 2018.1.16 to 2018.4.16.
  • packaging from version 16.8 to 17.1.
  • six from version 1.10.0 to 1.11.0.
  • requirementslib from version 0.2.0 to 1.0.1.

  In addition, scandir was vendored and patched to avoid importing host system binaries when falling back to pathlib2. #2368