Announcement: pip 23.1 release!

On behalf of the PyPA, I am pleased to announce that the pip team has just released pip 23.1.

This is the second release of pip for the year 2023. You can read more about our versioning, deprecation policy, and release process here.

Highlights

  • Further work has been done on removing the “legacy” behaviour of running setup.py install directly. The standard behaviour of building a wheel locally and installing from that wheel is used instead.
  • Legacy options for providing setuptools configuration are being removed in favour of the standard --config-settings option. --install-options is removed, and --build-option and --global-option are deprecated for future removal.
  • Significant improvements in the vendored resolvelib library, which result in much faster resolution times in many previously long-running cases.
  • Keyring support is now managed by a CLI flag, and an option to interact with the keyring via its command line interface has been added.

This release contains many other usability improvements, enhancements, and bugfixes, as well as upgrades to our vendored libraries. You can find the full list in our changelog.

Thanks

As with all pip releases, a significant amount of the work was contributed by pip’s user community. Many thanks to all who have contributed, whether through code, documentation, issue reports and/or discussion. Your help keeps pip improving, and is hugely appreciated.

Cheers,
Paul Moore

28 Likes

Thanks to all pip contributors! From what I could see, you are in position where you can receive a lot of recriminations from users when you change things, due to pip’s central place in the ecosystem, which I guess means your job can feel thankless at times. Open source maintainers are rarely thanked enough for their hard work, so I’ll add my thank you for doing that essential job nevertheless.

9 Likes

w.r.t the improvements to resolvelib I checked all open issues on the Pip issue tracker and attempted to reproduce reports where Pip 23.0.1 got “stuck” backtracking, I found that with these improvements Pip no longer got stuck with any known real-world examples.

Much thanks to the contributors and maintainers of resolvelib for getting those, very non-trivial, improvements landed!

9 Likes

thanks to the entire team! Can confirm performance improvements – I just tested this one of my repos with known backtracking challenges that took ~10 min to install using pip v23.0.1 … reduced down to ~3 min with pip v23.1. YMMV of course - but I’m super thankful for and impressed by the team

6 Likes

Pip 23.1.1 has now been released, with a couple of bugfixes:

  1. We reverted the upgrade of our bundled pkg_resources, as this now issues a deprecation warning, breaking people who test with warnings treated as errors.
  2. We reverted the support for the “base” config location, as it broke use of virtual environments with the Windows Store distribution of Python.

Full details are available in the changelog.

Apologies for any inconvenience caused, and thanks to the people who reported these issues and helped us diagnose them!

5 Likes

And we have now released pip 23.1.2, with the pkg_resources upgrade re-applied, with a fix to suppress the deprecation warning. This was necessary as the latest version includes a change needed to handle the fact that Python 3.12 removes deprecated APIs from the imp stdlib module.

Once again, sorry for the inconvenience caused by the difficulties we’ve had addressing the setuptools/pkg_resources upgrade. Thanks for your patience.

10 Likes

Just to be clear, the pip 23.1.2 release unblocks the branch removing the deprecated imp APIs. I’ve confirmed that it does fix the related failures in my branch, so thank you very much for that! I think the remaining failures in my branch are unrelated, but I’m looking into them now.

2 Likes

And now the imp module is removed in 3.12.

2 Likes