Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

virtualenv always switch back to embedded wheels after a recent periodic update #2265

Closed
mayeut opened this issue Dec 31, 2021 · 4 comments · Fixed by #2273
Closed

virtualenv always switch back to embedded wheels after a recent periodic update #2265

mayeut opened this issue Dec 31, 2021 · 4 comments · Fixed by #2273
Labels

Comments

@mayeut
Copy link
Member

mayeut commented Dec 31, 2021

Issue

virtualenv always switch back to embedded wheels after a recent periodic update (less than an hour).
Here, always means it does this even if a previous manual / periodic update was valid.
This can lead to outdated pip, setuptools & wheel packages in the created environment (they could have been more recent if the periodic update had not kicked-in less than an hour ago).

Environment

up-to-date main branch: 51408e6

tox -e dev

Reproducer

diff --git a/tests/unit/seed/wheels/test_bundle.py b/tests/unit/seed/wheels/test_bundle.py
index 16ea2fd..beee540 100644
--- a/tests/unit/seed/wheels/test_bundle.py
+++ b/tests/unit/seed/wheels/test_bundle.py
@@ -1,12 +1,14 @@
 from __future__ import absolute_import, unicode_literals
 
 import os
+from datetime import datetime
 
 import pytest
 
 from virtualenv.app_data import AppDataDiskFolder
 from virtualenv.seed.wheels.bundle import from_bundle
 from virtualenv.seed.wheels.embed import get_embed_wheel
+from virtualenv.seed.wheels.periodic_update import dump_datetime
 from virtualenv.seed.wheels.util import Version, Wheel
 from virtualenv.util.path import Path
 
@@ -26,9 +28,9 @@ def app_data(tmp_path_factory, for_py_version, next_pip_wheel):
     app_data_ = AppDataDiskFolder(str(temp_folder))
     app_data_.embed_update_log("pip", for_py_version).write(
         {
-            "completed": "2000-01-01T00:00:00.000000Z",
+            "completed": dump_datetime(datetime.now()),
             "periodic": True,
-            "started": "2000-01-01T00:00:00.000000Z",
+            "started": dump_datetime(datetime.now()),
             "versions": [
                 {
                     "filename": next_pip_wheel.name,
@mayeut mayeut added the bug label Dec 31, 2021
@mayeut mayeut changed the title virtualenv **always** switch back to embedded wheels after a recent periodic update virtualenv always switch back to embedded wheels after a recent periodic update Dec 31, 2021
@gaborbernat
Copy link
Contributor

A pr for this would be welcome.

@mayeut
Copy link
Member Author

mayeut commented Dec 31, 2021

@gaborbernat,

A pr for this would be welcome.

Was going to but when investigating this, I found other issues:

I'm thinking that a PR shall tackle all of these at once. Shall I open an issue for each one and just one PR ?
This will likely lead to the embed JSON format to change.
I guess the 1 in the path {app data}/virtualenv/wheel/3.9/embed/1/setuptools.json is related to versioning of this JSON format.

@gaborbernat
Copy link
Contributor

Yes, the 1 is the file format version 👌

@mayeut
Copy link
Member Author

mayeut commented Dec 31, 2021

PS: the improvement I mentioned on the Discourse channel could probably done more easily with the embed JSON format change I'm thinking about

renefritze added a commit to renefritze/check_reqs that referenced this issue Jan 3, 2022
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p>
<blockquote>
<h2>v20.13.0 (2022-01-02)</h2>
<p>Features - 20.13.0</p>
<pre><code>- Add downloaded wheel information in the relevant JSON embed file to
  prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) &lt;https://github.com/pypa/virtualenv/issues/2268&gt;`_)
<p>Bugfixes - 20.13.0
</code></pre></p>
<ul>
<li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a
Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) &lt;https://github.com/pypa/virtualenv/issues/2269&gt;</code>_)</li>
<li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a
Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) &lt;https://github.com/pypa/virtualenv/issues/2271&gt;</code>_)</li>
</ul>
<h2>v20.12.1 (2022-01-01)</h2>
<p>Bugfixes - 20.12.1</p>
<pre><code>- Try using previous updates of ``pip``, ``setuptools`` &amp; ``wheel``
  when inside an update grace period rather than always falling back
  to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) &lt;https://github.com/pypa/virtualenv/issues/2265&gt;`_)
- New patch versions of ``pip``, ``setuptools`` &amp; ``wheel`` are now
  returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) &lt;https://github.com/pypa/virtualenv/issues/2266&gt;`_)
- Manual upgrades of ``pip``, ``setuptools`` &amp; ``wheel`` are
  not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) &lt;https://github.com/pypa/virtualenv/issues/2267&gt;`_)
<h2>v20.12.0 (2021-12-31)</h2>
<p>Features - 20.12.0
</code></pre></p>
<ul>
<li>Sign the python2 exe on Darwin arm64 - by :user:<code>tmspicer</code>. (<code>[#2233](pypa/virtualenv#2233) &lt;https://github.com/pypa/virtualenv/issues/2233&gt;</code>_)</li>
</ul>
<p>Bugfixes - 20.12.0</p>
<pre><code>- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](pypa/virtualenv#2120) &lt;https://github.com/pypa/virtualenv/issues/2120&gt;`_)
- Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](pypa/virtualenv#2263) &lt;https://github.com/pypa/virtualenv/issues/2263&gt;`_)
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li>
<li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li>
<li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li>
<li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li>
<li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.13.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
bors bot added a commit to ChrisRBe/PP-P2P-Parser that referenced this issue Jan 6, 2022
472: build(deps): bump virtualenv from 20.11.2 to 20.13.0 r=ChrisRBe a=dependabot[bot]

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p>
<blockquote>
<h2>v20.13.0 (2022-01-02)</h2>
<p>Features - 20.13.0</p>
<pre><code>- Add downloaded wheel information in the relevant JSON embed file to
  prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) &lt;https://github.com/pypa/virtualenv/issues/2268&gt;`_)
<p>Bugfixes - 20.13.0
</code></pre></p>
<ul>
<li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a
Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) &lt;https://github.com/pypa/virtualenv/issues/2269&gt;</code>_)</li>
<li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a
Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) &lt;https://github.com/pypa/virtualenv/issues/2271&gt;</code>_)</li>
</ul>
<h2>v20.12.1 (2022-01-01)</h2>
<p>Bugfixes - 20.12.1</p>
<pre><code>- Try using previous updates of ``pip``, ``setuptools`` &amp; ``wheel``
  when inside an update grace period rather than always falling back
  to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) &lt;https://github.com/pypa/virtualenv/issues/2265&gt;`_)
- New patch versions of ``pip``, ``setuptools`` &amp; ``wheel`` are now
  returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) &lt;https://github.com/pypa/virtualenv/issues/2266&gt;`_)
- Manual upgrades of ``pip``, ``setuptools`` &amp; ``wheel`` are
  not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) &lt;https://github.com/pypa/virtualenv/issues/2267&gt;`_)
<h2>v20.12.0 (2021-12-31)</h2>
<p>Features - 20.12.0
</code></pre></p>
<ul>
<li>Sign the python2 exe on Darwin arm64 - by :user:<code>tmspicer</code>. (<code>[#2233](pypa/virtualenv#2233) &lt;https://github.com/pypa/virtualenv/issues/2233&gt;</code>_)</li>
</ul>
<p>Bugfixes - 20.12.0</p>
<pre><code>- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](pypa/virtualenv#2120) &lt;https://github.com/pypa/virtualenv/issues/2120&gt;`_)
- Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](pypa/virtualenv#2263) &lt;https://github.com/pypa/virtualenv/issues/2263&gt;`_)
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li>
<li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li>
<li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li>
<li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li>
<li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.13.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

473: build(deps): bump astroid from 2.9.0 to 2.9.2 r=ChrisRBe a=dependabot[bot]

Bumps [astroid](https://github.com/PyCQA/astroid) from 2.9.0 to 2.9.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/PyCQA/astroid/blob/main/ChangeLog">astroid's changelog</a>.</em></p>
<blockquote>
<h1>What's New in astroid 2.9.2?</h1>
<p>Release date: 2022-01-04</p>
<ul>
<li>Fixed regression in <code>astroid.scoped_nodes</code> where <code>_is_metaclass</code>
was not accessible anymore.</li>
</ul>
<p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1325">#1325</a></p>
<h1>What's New in astroid 2.9.1?</h1>
<p>Release date: 2021-12-31</p>
<ul>
<li>
<p><code>NodeNG.frame()</code> and <code>NodeNG.statement()</code> will start raising <code>ParentMissingError</code>
instead of <code>AttributeError</code> in astroid 3.0. This behaviour can already be triggered
by passing <code>future=True</code> to a <code>frame()</code> or <code>statement()</code> call.</p>
</li>
<li>
<p>Prefer the module loader get_source() method in AstroidBuilder's
module_build() when possible to avoid assumptions about source
code being available on a filesystem.  Otherwise the source cannot
be found and application behavior changes when running within an
embedded hermetic interpreter environment (pyoxidizer, etc.).</p>
</li>
<li>
<p>Require Python 3.6.2 to use astroid.</p>
</li>
<li>
<p>Removed custom <code>distutils</code> handling for resolving paths to submodules.</p>
<p>Ref <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1321">#1321</a></p>
</li>
<li>
<p>Fix <code>deque.insert()</code> signature in <code>collections</code> brain.</p>
<p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1260">#1260</a></p>
</li>
<li>
<p>Fix <code>Module</code> nodes not having a <code>col_offset</code>, <code>end_lineno</code>, and <code>end_col_offset</code>
attributes.</p>
</li>
<li>
<p>Fix typing and update explanation for <code>Arguments.args</code> being <code>None</code>.</p>
</li>
<li>
<p>Fix crash if a variable named <code>type</code> is subscripted in a generator expression.</p>
<p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/pylint/issues/5461">PyCQA/pylint#5461</a></p>
</li>
<li>
<p>Enable inference of dataclass import from marshmallow_dataclass.
This allows the dataclasses brain to recognize dataclasses annotated by marshmallow_dataclass.</p>
</li>
<li>
<p>Resolve symlinks in the import path
Fixes inference error when the import path includes symlinks (e.g. Python
installed on macOS via Homebrew).</p>
<p>Closes <a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/823">#823</a></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/PyCQA/astroid/commit/101aed9d304cae4c3d0d9140f151b852b21c7ddf"><code>101aed9</code></a> Bump astroid to 2.9.2, update changelog</li>
<li><a href="https://github.com/PyCQA/astroid/commit/c44b1de2d5ab17898534ec44db8ee9090eb26f7f"><code>c44b1de</code></a> Fix import astroid.scoped_nodes (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1325">#1325</a>)</li>
<li><a href="https://github.com/PyCQA/astroid/commit/fe51be5cd051cea8699f30b338e85f7763cd2ab7"><code>fe51be5</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1328">#1328</a>)</li>
<li><a href="https://github.com/PyCQA/astroid/commit/21a2983826c903878bdd23e283dbc00545b32daa"><code>21a2983</code></a> Upgrade the version to 2.9.2-dev0 following 2.9.2 release</li>
<li><a href="https://github.com/PyCQA/astroid/commit/e36b4388aebb892c10ed779bafc9c1a07a325b8d"><code>e36b438</code></a> Bump astroid to 2.9.1, update changelog</li>
<li><a href="https://github.com/PyCQA/astroid/commit/51f552cecd15569cb651337fa7f8f9e27eeec579"><code>51f552c</code></a> Remove distutils path patching (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1321">#1321</a>)</li>
<li><a href="https://github.com/PyCQA/astroid/commit/0d1211558670cfefd95b39984b8d5f7f34837f32"><code>0d12115</code></a> Add typing to <code>brain_dataclasses</code> (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1292">#1292</a>)</li>
<li><a href="https://github.com/PyCQA/astroid/commit/aa4f5bed58dc6521a6c2c0927ca0e0da48fd5ea5"><code>aa4f5be</code></a> Add future=True to frame calls (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1305">#1305</a>)</li>
<li><a href="https://github.com/PyCQA/astroid/commit/7afd696520f70a46334adea6d39f7150379198f3"><code>7afd696</code></a> Revert &quot;Revert &quot;Remove useless NoReturn in NodeNG.statement's typing (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1304">#1304</a>)&quot;...</li>
<li><a href="https://github.com/PyCQA/astroid/commit/12e2e8ce8a33b06c9b3d97007ca89120b529c215"><code>12e2e8c</code></a> Fix frame() error on inferred node (<a href="https://github-redirect.dependabot.com/PyCQA/astroid/issues/1263">#1263</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/PyCQA/astroid/compare/v2.9.0...v2.9.2">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=astroid&package-manager=pip&previous-version=2.9.0&new-version=2.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

474: build(deps): bump requests from 2.26.0 to 2.27.0 r=ChrisRBe a=dependabot[bot]

Bumps [requests](https://github.com/psf/requests) from 2.26.0 to 2.27.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's changelog</a>.</em></p>
<blockquote>
<h2>2.27.0 (2022-01-03)</h2>
<p><strong>Improvements</strong></p>
<ul>
<li>
<p>Officially added support for Python 3.10. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5928">#5928</a>)</p>
</li>
<li>
<p>Added a <code>requests.exceptions.JSONDecodeError</code> to unify JSON exceptions between
Python 2 and 3. This gets raised in the <code>response.json()</code> method, and is
backwards compatible as it inherits from previously thrown exceptions.
Can be caught from <code>requests.exceptions.RequestException</code> as well. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5856">#5856</a>)</p>
</li>
<li>
<p>Improved error text for misnamed <code>InvalidSchema</code> and <code>MissingSchema</code>
exceptions. This is a temporary fix until exceptions can be renamed
(Schema-&gt;Scheme). (<a href="https://github-redirect.dependabot.com/psf/requests/issues/6017">#6017</a>)</p>
</li>
<li>
<p>Improved proxy parsing for proxy URLs missing a scheme. This will address
recent changes to <code>urlparse</code> in Python 3.9+. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5917">#5917</a>)</p>
</li>
</ul>
<p><strong>Bugfixes</strong></p>
<ul>
<li>
<p>Fixed defect in <code>extract_zipped_paths</code> which could result in an infinite loop
for some paths. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5851">#5851</a>)</p>
</li>
<li>
<p>Fixed handling for <code>AttributeError</code> when calculating length of files obtained
by <code>Tarfile.extractfile()</code>. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5239">#5239</a>)</p>
</li>
<li>
<p>Fixed urllib3 exception leak, wrapping <code>urllib3.exceptions.InvalidHeader</code> with
<code>requests.exceptions.InvalidHeader</code>. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5914">#5914</a>)</p>
</li>
<li>
<p>Fixed bug where two Host headers were sent for chunked requests. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5391">#5391</a>)</p>
</li>
<li>
<p>Fixed regression in Requests 2.26.0 where <code>Proxy-Authorization</code> was
incorrectly stripped from all requests sent with <code>Session.send</code>. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5924">#5924</a>)</p>
</li>
<li>
<p>Fixed performance regression in 2.26.0 for hosts with a large number of
proxies available in the environment. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5924">#5924</a>)</p>
</li>
<li>
<p>Fixed idna exception leak, wrapping <code>UnicodeError</code> with
<code>requests.exceptions.InvalidURL</code> for URLs with a leading dot (.) in the
domain. (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5414">#5414</a>)</p>
</li>
</ul>
<p><strong>Deprecations</strong></p>
<ul>
<li>Requests support for Python 2.7 and 3.6 will be ending in 2022. While we
don't have exact dates, Requests 2.27.x is likely to be the last release
series providing support.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/psf/requests/commit/0192aac24123735b3eaf9b08df46429bb770c283"><code>0192aac</code></a> v2.27.0</li>
<li><a href="https://github.com/psf/requests/commit/e50dc12b0f620ff80a0d2026b5b0a5282894bfd4"><code>e50dc12</code></a> Fix doc link</li>
<li><a href="https://github.com/psf/requests/commit/17e6e27a93131b7295165408e69b4cadb098b0d7"><code>17e6e27</code></a> General cleanup for 2.27.0</li>
<li><a href="https://github.com/psf/requests/commit/ab38e2c72608b95b047b05ccfaca833edb9db1b1"><code>ab38e2c</code></a> Make the <code>data</code> vs <code>json</code> parameters more clear (<a href="https://github-redirect.dependabot.com/psf/requests/issues/5382">#5382</a>)</li>
<li><a href="https://github.com/psf/requests/commit/77d1e9aa3e000b40fdf93cfc355e1fe7cc52b6ac"><code>77d1e9a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/5894">#5894</a> from dbaxa/do-not-re-build-proxies-when-proxies-have...</li>
<li><a href="https://github.com/psf/requests/commit/b0829a869081c2a6180db2cdc41a5676922becd0"><code>b0829a8</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/6020">#6020</a> from nateprewitt/pypy_37</li>
<li><a href="https://github.com/psf/requests/commit/28d537dde33b35c3b7071afd99122eff3538b42c"><code>28d537d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/psf/requests/issues/5917">#5917</a> from nateprewitt/proxy_scheme_unknown_fix</li>
<li><a href="https://github.com/psf/requests/commit/86bbee71b286d6d6e968381a7a49a0831d3ab67b"><code>86bbee7</code></a> Update 3.10-dev to 3.10 and add pypy-3.7</li>
<li><a href="https://github.com/psf/requests/commit/0d5347e6281c85059be176fe650b0aa7128f1dcb"><code>0d5347e</code></a> Only compute should_bypass_proxies if needed</li>
<li><a href="https://github.com/psf/requests/commit/ef59aa0227bf463f0ed3d752b26db9b3acc64afb"><code>ef59aa0</code></a> Move from urlparse to parse_url for prepending schemes</li>
<li>Additional commits viewable in <a href="https://github.com/psf/requests/compare/v2.26.0...v2.27.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=pip&previous-version=2.26.0&new-version=2.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
bors bot added a commit to ChrisRBe/PP-P2P-Parser that referenced this issue Jan 6, 2022
472: build(deps): bump virtualenv from 20.11.2 to 20.13.0 r=ChrisRBe a=dependabot[bot]

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p>
<blockquote>
<h2>v20.13.0 (2022-01-02)</h2>
<p>Features - 20.13.0</p>
<pre><code>- Add downloaded wheel information in the relevant JSON embed file to
  prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) &lt;https://github.com/pypa/virtualenv/issues/2268&gt;`_)
<p>Bugfixes - 20.13.0
</code></pre></p>
<ul>
<li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a
Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) &lt;https://github.com/pypa/virtualenv/issues/2269&gt;</code>_)</li>
<li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a
Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) &lt;https://github.com/pypa/virtualenv/issues/2271&gt;</code>_)</li>
</ul>
<h2>v20.12.1 (2022-01-01)</h2>
<p>Bugfixes - 20.12.1</p>
<pre><code>- Try using previous updates of ``pip``, ``setuptools`` &amp; ``wheel``
  when inside an update grace period rather than always falling back
  to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) &lt;https://github.com/pypa/virtualenv/issues/2265&gt;`_)
- New patch versions of ``pip``, ``setuptools`` &amp; ``wheel`` are now
  returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) &lt;https://github.com/pypa/virtualenv/issues/2266&gt;`_)
- Manual upgrades of ``pip``, ``setuptools`` &amp; ``wheel`` are
  not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) &lt;https://github.com/pypa/virtualenv/issues/2267&gt;`_)
<h2>v20.12.0 (2021-12-31)</h2>
<p>Features - 20.12.0
</code></pre></p>
<ul>
<li>Sign the python2 exe on Darwin arm64 - by :user:<code>tmspicer</code>. (<code>[#2233](pypa/virtualenv#2233) &lt;https://github.com/pypa/virtualenv/issues/2233&gt;</code>_)</li>
</ul>
<p>Bugfixes - 20.12.0</p>
<pre><code>- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](pypa/virtualenv#2120) &lt;https://github.com/pypa/virtualenv/issues/2120&gt;`_)
- Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](pypa/virtualenv#2263) &lt;https://github.com/pypa/virtualenv/issues/2263&gt;`_)
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li>
<li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li>
<li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li>
<li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li>
<li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.13.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
mergify bot pushed a commit to andrewbolster/bolster that referenced this issue Jan 10, 2022
Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.12.0 to 20.13.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p>
<blockquote>
<h2>v20.13.0 (2022-01-02)</h2>
<p>Features - 20.13.0</p>
<pre><code>- Add downloaded wheel information in the relevant JSON embed file to
  prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) &lt;https://github.com/pypa/virtualenv/issues/2268&gt;`_)
<p>Bugfixes - 20.13.0
</code></pre></p>
<ul>
<li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a
Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) &lt;https://github.com/pypa/virtualenv/issues/2269&gt;</code>_)</li>
<li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a
Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) &lt;https://github.com/pypa/virtualenv/issues/2271&gt;</code>_)</li>
</ul>
<h2>v20.12.1 (2022-01-01)</h2>
<p>Bugfixes - 20.12.1</p>
<pre><code>- Try using previous updates of ``pip``, ``setuptools`` &amp; ``wheel``
  when inside an update grace period rather than always falling back
  to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) &lt;https://github.com/pypa/virtualenv/issues/2265&gt;`_)
- New patch versions of ``pip``, ``setuptools`` &amp; ``wheel`` are now
  returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) &lt;https://github.com/pypa/virtualenv/issues/2266&gt;`_)
- Manual upgrades of ``pip``, ``setuptools`` &amp; ``wheel`` are
  not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) &lt;https://github.com/pypa/virtualenv/issues/2267&gt;`_)
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li>
<li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li>
<li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li>
<li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li>
<li>See full diff in <a href="https://github.com/pypa/virtualenv/compare/20.12.0...20.13.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.12.0&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
qujingpengf added a commit to qujingpengf/ChrisRBe that referenced this issue Jan 22, 2022
472: build(deps): bump virtualenv from 20.11.2 to 20.13.0 r=ChrisRBe a=dependabot[bot]

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.11.2 to 20.13.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p>
<blockquote>
<h2>v20.13.0 (2022-01-02)</h2>
<p>Features - 20.13.0</p>
<pre><code>- Add downloaded wheel information in the relevant JSON embed file to
  prevent additional downloads of the same wheel. - by :user:`mayeut`. (`[#2268](pypa/virtualenv#2268) &lt;https://github.com/pypa/virtualenv/issues/2268&gt;`_)
<p>Bugfixes - 20.13.0
</code></pre></p>
<ul>
<li>Fix <code>AttributeError: 'bool' object has no attribute 'error'</code> when creating a
Python 2.x virtualenv on macOS - by <code>moreati</code>. (<code>[#2269](pypa/virtualenv#2269) &lt;https://github.com/pypa/virtualenv/issues/2269&gt;</code>_)</li>
<li>Fix <code>PermissionError: [Errno 1] Operation not permitted</code> when creating a
Python 2.x virtualenv on macOS/arm64 - by <code>moreati</code>. (<code>[#2271](pypa/virtualenv#2271) &lt;https://github.com/pypa/virtualenv/issues/2271&gt;</code>_)</li>
</ul>
<h2>v20.12.1 (2022-01-01)</h2>
<p>Bugfixes - 20.12.1</p>
<pre><code>- Try using previous updates of ``pip``, ``setuptools`` &amp; ``wheel``
  when inside an update grace period rather than always falling back
  to embedded wheels - by :user:`mayeut`. (`[#2265](pypa/virtualenv#2265) &lt;https://github.com/pypa/virtualenv/issues/2265&gt;`_)
- New patch versions of ``pip``, ``setuptools`` &amp; ``wheel`` are now
  returned in the expected timeframe. - by :user:`mayeut`. (`[#2266](pypa/virtualenv#2266) &lt;https://github.com/pypa/virtualenv/issues/2266&gt;`_)
- Manual upgrades of ``pip``, ``setuptools`` &amp; ``wheel`` are
  not discarded by a periodic update - by :user:`mayeut`. (`[#2267](pypa/virtualenv#2267) &lt;https://github.com/pypa/virtualenv/issues/2267&gt;`_)
<h2>v20.12.0 (2021-12-31)</h2>
<p>Features - 20.12.0
</code></pre></p>
<ul>
<li>Sign the python2 exe on Darwin arm64 - by :user:<code>tmspicer</code>. (<code>[#2233](pypa/virtualenv#2233) &lt;https://github.com/pypa/virtualenv/issues/2233&gt;</code>_)</li>
</ul>
<p>Bugfixes - 20.12.0</p>
<pre><code>- Fix ``--download`` option - by :user:`mayeut`. (`[#2120](pypa/virtualenv#2120) &lt;https://github.com/pypa/virtualenv/issues/2120&gt;`_)
- Ugrade embedded setuptools to ``60.2.0`` from ``60.1.1`` - by :user:`gaborbernat`. (`[#2263](pypa/virtualenv#2263) &lt;https://github.com/pypa/virtualenv/issues/2263&gt;`_)
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/virtualenv/commit/568136cd8872e78a266411ca83b0cfc190acc090"><code>568136c</code></a> release 20.13.0</li>
<li><a href="https://github.com/pypa/virtualenv/commit/e813ac1fd3c0a21a7c2a2448650bbe6ac53b8753"><code>e813ac1</code></a> PyPy: glob for required dlls, check they exist (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2274">#2274</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/856933e30fb573f966150d6e2d568a81761b165b"><code>856933e</code></a> fix: Correctly remove bk dir when re-signing macOS Python 2.x executable (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2272">#2272</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/50c5591fe9f01dfbc46ceb5638a10b837514410c"><code>50c5591</code></a> fix: AttributeError on macOS creating a Python 2.x virtualenv (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2270">#2270</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/319a540001f68b60fd7367e31d5d7398dbd3a1ef"><code>319a540</code></a> feature: cache downloaded wheel information (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2276">#2276</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/5f65057501e9e6b86e02fe7d9a26649f65ce9254"><code>5f65057</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2275">#2275</a> from pypa/release-20.12.1</li>
<li><a href="https://github.com/pypa/virtualenv/commit/879926629d8c26856e225ee65b02fc75a72aa186"><code>8799266</code></a> release 20.12.1</li>
<li><a href="https://github.com/pypa/virtualenv/commit/4308ddb276962c6ffdf0285c809a81f6bef8dbb0"><code>4308ddb</code></a> feature: store version update source in embed JSON file (<a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2273">#2273</a>)</li>
<li><a href="https://github.com/pypa/virtualenv/commit/51408e689b3eb28d87cb4d9638b09e6e4d81f618"><code>51408e6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pypa/virtualenv/issues/2264">#2264</a> from pypa/release-20.12.0</li>
<li><a href="https://github.com/pypa/virtualenv/commit/232a0b644471bd26ed3147404df1bc018fc5a097"><code>232a0b6</code></a> release 20.12.0</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.11.2...20.13.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.11.2&new-version=20.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants