import python-pip-21.2.3-3.el9

2021-12-07 13:54:27 -05:00 · 2021-12-07 13:54:27 -05:00 · c2d9a5c7ba
commit c2d9a5c7ba
parent 796daf5ad0
10 changed files with 135 additions and 308 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/pip-21.0.1.tar.gz
+SOURCES/pip-21.2.3.tar.gz
--- a/.python-pip.metadata
+++ b/.python-pip.metadata
@ -1 +1 @@
-ccdc77442a6d5f943cdce39a94459334370e7b8c SOURCES/pip-21.0.1.tar.gz
+c899dfeece28336424046e097bc48783a5d4264b SOURCES/pip-21.2.3.tar.gz
--- a/SOURCES/9760.patch
+++ b/SOURCES/9760.patch
@ -1,111 +0,0 @@
 From 960c01adce491de00ef7a8d02a32fea31b15a1dc Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= <miro@hroncok.cz>
 Date: Fri, 2 Apr 2021 02:39:11 +0200
 Subject: [PATCH] Update urllib3 to 1.26.4 to fix CVE-2021-28363
 ---
 news/CVE-2021-28363.vendor.rst        |  1 +
 src/pip/_vendor/urllib3/_version.py   |  2 +-
 src/pip/_vendor/urllib3/connection.py |  8 ++++++--
 src/pip/_vendor/urllib3/exceptions.py | 12 +++++++++++-
 src/pip/_vendor/urllib3/util/retry.py |  1 +
 src/pip/_vendor/vendor.txt            |  2 +-
 6 files changed, 21 insertions(+), 5 deletions(-)
 create mode 100644 news/CVE-2021-28363.vendor.rst
 diff --git a/news/CVE-2021-28363.vendor.rst b/news/CVE-2021-28363.vendor.rst
 new file mode 100644
 index 00000000000..29700ab7469
 --- /dev/null
 +++ b/news/CVE-2021-28363.vendor.rst
@@ -0,0 +1 @@
 +Update urllib3 to 1.26.4 to fix CVE-2021-28363
 diff --git a/src/pip/_vendor/urllib3/_version.py b/src/pip/_vendor/urllib3/_version.py
 index 2dba29e3fbe..97c983300b0 100644
 --- a/src/pip/_vendor/urllib3/_version.py
 +++ b/src/pip/_vendor/urllib3/_version.py
@@ -1,2 +1,2 @@
 # This file is protected via CODEOWNERS
 -__version__ = "1.26.2"
 +__version__ = "1.26.4"
 diff --git a/src/pip/_vendor/urllib3/connection.py b/src/pip/_vendor/urllib3/connection.py
 index 660d679c361..45580b7e1ea 100644
 --- a/src/pip/_vendor/urllib3/connection.py
 +++ b/src/pip/_vendor/urllib3/connection.py
@@ -67,7 +67,7 @@ class BrokenPipeError(Exception):
 # When it comes time to update this value as a part of regular maintenance
 # (ie test_recent_date is failing) update it to ~6 months before the current date.
 -RECENT_DATE = datetime.date(2019, 1, 1)
 +RECENT_DATE = datetime.date(2020, 7, 1)
 _CONTAINS_CONTROL_CHAR_RE = re.compile(r"[^-!#$%&'*+.^_`|~0-9a-zA-Z]")
@@ -215,7 +215,7 @@ def putrequest(self, method, url, *args, **kwargs):
     def putheader(self, header, *values):
         """"""
 -        if SKIP_HEADER not in values:
 +        if not any(isinstance(v, str) and v == SKIP_HEADER for v in values):
             _HTTPConnection.putheader(self, header, *values)
         elif six.ensure_str(header.lower()) not in SKIPPABLE_HEADERS:
             raise ValueError(
@@ -490,6 +490,10 @@ def _connect_tls_proxy(self, hostname, conn):
             self.ca_cert_dir,
             self.ca_cert_data,
         )
 +        # By default urllib3's SSLContext disables `check_hostname` and uses
 +        # a custom check. For proxies we're good with relying on the default
 +        # verification.
 +        ssl_context.check_hostname = True
         # If no cert was provided, use only the default options for server
         # certificate validation
 diff --git a/src/pip/_vendor/urllib3/exceptions.py b/src/pip/_vendor/urllib3/exceptions.py
 index d69958d5dfc..cba6f3f560f 100644
 --- a/src/pip/_vendor/urllib3/exceptions.py
 +++ b/src/pip/_vendor/urllib3/exceptions.py
@@ -289,7 +289,17 @@ class ProxySchemeUnknown(AssertionError, URLSchemeUnknown):
     # TODO(t-8ch): Stop inheriting from AssertionError in v2.0.
     def __init__(self, scheme):
 -        message = "Not supported proxy scheme %s" % scheme
 +        # 'localhost' is here because our URL parser parses
 +        # localhost:8080 -> scheme=localhost, remove if we fix this.
 +        if scheme == "localhost":
 +            scheme = None
 +        if scheme is None:
 +            message = "Proxy URL had no scheme, should start with http:// or https://"
 +        else:
 +            message = (
 +                "Proxy URL had unsupported scheme %s, should use http:// or https://"
 +                % scheme
 +            )
         super(ProxySchemeUnknown, self).__init__(message)
 diff --git a/src/pip/_vendor/urllib3/util/retry.py b/src/pip/_vendor/urllib3/util/retry.py
 index ee51f922f84..d25a41b42ea 100644
 --- a/src/pip/_vendor/urllib3/util/retry.py
 +++ b/src/pip/_vendor/urllib3/util/retry.py
@@ -253,6 +253,7 @@ def __init__(
                 "Using 'method_whitelist' with Retry is deprecated and "
                 "will be removed in v2.0. Use 'allowed_methods' instead",
                 DeprecationWarning,
 +                stacklevel=2,
             )
             allowed_methods = method_whitelist
         if allowed_methods is _Default:
 diff --git a/src/pip/_vendor/vendor.txt b/src/pip/_vendor/vendor.txt
 index 51a5508479e..868baba6f01 100644
 --- a/src/pip/_vendor/vendor.txt
 +++ b/src/pip/_vendor/vendor.txt
@@ -13,7 +13,7 @@ requests==2.25.1
     certifi==2020.12.05
     chardet==4.0.0
     idna==2.10
 -    urllib3==1.26.2
 +    urllib3==1.26.4
 resolvelib==0.5.4
 retrying==1.3.3
 setuptools==44.0.0
--- a/SOURCES/don-t-split-git-references-on-unicode-separators.patch
+++ b/SOURCES/don-t-split-git-references-on-unicode-separators.patch
@ -1,33 +0,0 @@
 From ca24e4bfa60cec8341ccf40000a41bc9592713df Mon Sep 17 00:00:00 2001
 From: Karolina Surma <ksurma@redhat.com>
 Date: Mon, 17 May 2021 11:34:30 +0200
 Subject: [PATCH] Don't split git references on unicode separators
 ---
 src/pip/_internal/vcs/git.py | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)
 diff --git a/src/pip/_internal/vcs/git.py b/src/pip/_internal/vcs/git.py
 index cc22cd7..308e857 100644
 --- a/src/pip/_internal/vcs/git.py
 +++ b/src/pip/_internal/vcs/git.py
@@ -147,9 +147,15 @@ class Git(VersionControl):
             on_returncode='ignore',
         )
         refs = {}
 -        for line in output.strip().splitlines():
 +        # NOTE: We do not use splitlines here since that would split on other
 +        #       unicode separators, which can be maliciously used to install a
 +        #       different revision.
 +        for line in output.strip().split("\n"):
 +            line = line.rstrip("\r")
 +            if not line:
 +                continue
             try:
 -                sha, ref = line.split()
 +                sha, ref = line.split(" ", maxsplit=2)
             except ValueError:
                 # Include the offending line to simplify troubleshooting if
                 # this error ever occurs.
 --
 2.31.1
--- a/SOURCES/dummy-certifi.patch
+++ b/SOURCES/dummy-certifi.patch
@ -1,25 +1,26 @@
-From cf96ff346639d1b9f5efa3fd0976694e04df3f5f Mon Sep 17 00:00:00 2001
+From 2c58d7301dd5a47570f782fe2fce7fbb1918f60c Mon Sep 17 00:00:00 2001
-From: Tomas Hrnciar <thrnciar@redhat.com>
+From: Karolina Surma <ksurma@redhat.com>
-Date: Sun, 26 Apr 2020 21:38:44 +0200
+Date: Mon, 10 May 2021 16:38:50 +0200
 Subject: [PATCH] Dummy certifi patch
 Co-Authored-By: Tomas Hrnciar <thrnciar@redhat.com>
 ---
 src/pip/_vendor/certifi/core.py | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)
 diff --git a/src/pip/_vendor/certifi/core.py b/src/pip/_vendor/certifi/core.py
-index 8987449..d174ced 100644
+index b8140cf..f1a0b01 100644
 --- a/src/pip/_vendor/certifi/core.py
 +++ b/src/pip/_vendor/certifi/core.py
-@@ -9,6 +9,7 @@ This module returns the installation location of cacert.pem or its contents.
+@@ -14,6 +14,7 @@ class _PipPatchedCertificate(Exception):
- import os
+
 try:
 +    raise ImportError  # force fallback
-     from importlib.resources import path as get_path, read_text
+     # Return a certificate file on disk for a standalone pip zipapp running in
- 
+     # an isolated build environment to use. Passing --cert to the standalone
-     _CACERT_CTX = None
+     # pip does not work since requests calls where() unconditionally on import.
-@@ -51,9 +52,7 @@ except ImportError:
+@@ -67,9 +68,7 @@ except ImportError:
     # If we don't have importlib.resources, then we will just do the old logic
     # of assuming we're on the filesystem and munge the path directly.
     def where():
@ -31,5 +32,5 @@ index 8987449..d174ced 100644
 def contents():
 --
-2.25.4
+2.30.2
--- a/SOURCES/emit-a-warning-when-running-with-root-privileges.patch
+++ b/SOURCES/emit-a-warning-when-running-with-root-privileges.patch
@ -1,51 +0,0 @@
 From 74bb5d26e232493de43adfa1f4b42b66fd701294 Mon Sep 17 00:00:00 2001
 From: Tomas Hrnciar <thrnciar@redhat.com>
 Date: Sun, 26 Apr 2020 13:52:24 +0200
 Subject: [PATCH] Downstream only patch
 Emit a warning to the user if pip install is run with root privileges
 Issue upstream: https://github.com/pypa/pip/issues/4288
 ---
 src/pip/_internal/commands/install.py | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 diff --git a/src/pip/_internal/commands/install.py b/src/pip/_internal/commands/install.py
 index 70bda2e2..1e750ae1 100644
 --- a/src/pip/_internal/commands/install.py
 +++ b/src/pip/_internal/commands/install.py
@@ -13,6 +13,8 @@ import operator
 import os
 import shutil
 import site
 +import sys
 +from os import path
 from optparse import SUPPRESS_HELP
 from pip._vendor import pkg_resources
@@ -241,6 +243,23 @@ class InstallCommand(RequirementCommand):
             raise CommandError("Can not combine '--user' and '--target'")
         cmdoptions.check_install_build_global(options)
 +
 +        def is_venv():
 +            return (hasattr(sys, 'real_prefix') or
 +                    (hasattr(sys, 'base_prefix') and
 +                     sys.base_prefix != sys.prefix))
 +
 +        # Check whether we have root privileges and aren't in venv/virtualenv
 +        if os.getuid() == 0 and not is_venv() and not options.root_path:
 +            command = path.basename(sys.argv[0])
 +            if command == "__main__.py":
 +                command = path.basename(sys.executable) + " -m pip"
 +            logger.warning(
 +                "Running pip install with root privileges is "
 +                "generally not a good idea. Try `%s install --user` instead."
 +                % command
 +            )
 +
         upgrade_strategy = "to-satisfy-only"
         if options.upgrade:
             upgrade_strategy = options.upgrade_strategy
 -- 
 2.23.0
--- a/SOURCES/no-version-warning.patch
+++ b/SOURCES/no-version-warning.patch
@ -1,7 +1,8 @@
-diff -rU3 pip-20.3-orig/src/pip/_vendor/packaging/version.py pip-20.3/src/pip/_vendor/packaging/version.py
+diff --git a/src/pip/_vendor/packaging/version.py b/src/pip/_vendor/packaging/version.py
--- pip-20.3-orig/src/pip/_vendor/packaging/version.py	2020-11-30 12:58:32.000000000 +0100
+index de9a09a..154e94d 100644
-+++ pip-20.3/src/pip/_vendor/packaging/version.py	2020-12-16 21:25:15.818221608 +0100
+--- a/src/pip/_vendor/packaging/version.py
-@@ -124,11 +124,6 @@
+++ b/src/pip/_vendor/packaging/version.py
@@ -108,11 +108,6 @@ class LegacyVersion(_BaseVersion):
         self._version = str(version)
         self._key = _legacy_cmpkey(self._version)
@ -11,5 +12,5 @@ diff -rU3 pip-20.3-orig/src/pip/_vendor/packaging/version.py pip-20.3/src/pip/_v
 -            DeprecationWarning,
 -        )
-     def __str__(self):
+     def __str__(self) -> str:
-         # type: () -> str
+         return self._version
--- a/SOURCES/nowarn-pip._internal.main.patch
+++ b/SOURCES/nowarn-pip._internal.main.patch
@ -1,10 +1,12 @@
-From 7c36cb21910b415e0eb171d0f6c4dbf72382fdaf Mon Sep 17 00:00:00 2001
+From 619782ad2d181fe2933ddf4edc7127fdc13dd0df Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= <miro@hroncok.cz>
+From: Karolina Surma <ksurma@redhat.com>
-Date: Tue, 10 Mar 2020 11:03:22 +0100
+Date: Mon, 10 May 2021 16:48:49 +0200
 Subject: [PATCH] Don't warn the user about pip._internal.main() entrypoint
 In Fedora, we use that in ensurepip and users cannot do anything about it,
 this warning is juts moot. Also, the warning breaks CPython test suite.
 Co-Authored-By: =?UTF-8?q?Miro=20Hron=C4=8Dok?= <miro@hroncok.cz>
 ---
 src/pip/_internal/__init__.py          |  2 +-
 src/pip/_internal/utils/entrypoints.py | 19 ++++++++++---------
@ -12,29 +14,29 @@ this warning is juts moot. Also, the warning breaks CPython test suite.
 3 files changed, 13 insertions(+), 11 deletions(-)
 diff --git a/src/pip/_internal/__init__.py b/src/pip/_internal/__init__.py
-index 3aa8a46..0ec017b 100755
+index 6afb5c6..faf25af 100755
 --- a/src/pip/_internal/__init__.py
 +++ b/src/pip/_internal/__init__.py
-@@ -15,4 +15,4 @@ def main(args=None):
+@@ -16,4 +16,4 @@ def main(args: (Optional[List[str]]) = None) -> int:
     """
     from pip._internal.utils.entrypoints import _wrapper
 -    return _wrapper(args)
 +    return _wrapper(args, _nowarn=True)
 diff --git a/src/pip/_internal/utils/entrypoints.py b/src/pip/_internal/utils/entrypoints.py
-index befd01c..d6f3632 100644
+index 1504a12..07d941b 100644
 --- a/src/pip/_internal/utils/entrypoints.py
 +++ b/src/pip/_internal/utils/entrypoints.py
-@@ -7,7 +7,7 @@ if MYPY_CHECK_RUNNING:
+@@ -4,7 +4,7 @@ from typing import List, Optional
-     from typing import List, Optional
+ from pip._internal.cli.main import main
-def _wrapper(args=None):
+-def _wrapper(args: Optional[List[str]] = None) -> int:
-+def _wrapper(args=None, _nowarn=False):
+def _wrapper(args: Optional[List[str]] = None, _nowarn: bool = False) -> int:
     # type: (Optional[List[str]]) -> int
     """Central wrapper for all old entrypoints.
-@@ -20,12 +20,13 @@ def _wrapper(args=None):
+     Historically pip has had several entrypoints defined. Because of issues
@@ -16,12 +16,13 @@ def _wrapper(args: Optional[List[str]] = None) -> int:
     directing them to an appropriate place for help, we now define all of
     our old entrypoints as wrappers for the current one.
     """
@ -68,5 +70,5 @@ index e416315..7f57f67 100644
 +    if entrypoint[0] != "fake_pip = pip._internal:main":
 +        assert "old script wrapper" in result2.stderr
 -- 
-2.24.1
+2.32.0
--- a/SOURCES/remove-existing-dist-only-if-path-conflicts.patch
+++ b/SOURCES/remove-existing-dist-only-if-path-conflicts.patch
@ -1,6 +1,6 @@
-From f83eacf40f1506418e74d747906b8f108401f91d Mon Sep 17 00:00:00 2001
+From aca0c9df4ef54f70a3fedb07f4faac463f88a331 Mon Sep 17 00:00:00 2001
-From: Lumir Balhar <lbalhar@redhat.com>
+From: Karolina Surma <ksurma@redhat.com>
-Date: Tue, 26 Jan 2021 09:05:07 +0100
+Date: Mon, 10 May 2021 18:16:20 +0200
 Subject: [PATCH] Prevent removing of the system packages installed under
 /usr/lib
@ -11,6 +11,8 @@ Resolves: rhbz#1550368
 Co-Authored-By: Michal Cyprian <m.cyprian@gmail.com>
 Co-Authored-By: Victor Stinner <vstinner@redhat.com>
 Co-Authored-By: Petr Viktorin <pviktori@redhat.com>
 Co-Authored-By: Lumir Balhar <lbalhar@redhat.com>
 Co-Authored-By: Miro Hrončok <miro@hroncok.cz>
 ---
 src/pip/_internal/req/req_install.py               |  3 ++-
 src/pip/_internal/resolution/legacy/resolver.py    |  5 ++++-
@ -19,10 +21,10 @@ Co-Authored-By: Petr Viktorin <pviktori@redhat.com>
 4 files changed, 27 insertions(+), 2 deletions(-)
 diff --git a/src/pip/_internal/req/req_install.py b/src/pip/_internal/req/req_install.py
-index 6d0aa30..0a5f8ed 100644
+index 4c58cdb..3570e17 100644
 --- a/src/pip/_internal/req/req_install.py
 +++ b/src/pip/_internal/req/req_install.py
-@@ -39,6 +39,7 @@ from pip._internal.utils.misc import (
+@@ -43,6 +43,7 @@ from pip._internal.utils.misc import (
     ask_path_exists,
     backup_dir,
     display_path,
@ -30,7 +32,7 @@ index 6d0aa30..0a5f8ed 100644
     dist_in_site_packages,
     dist_in_usersite,
     get_distribution,
-@@ -445,7 +446,7 @@ class InstallRequirement:
+@@ -426,7 +427,7 @@ class InstallRequirement:
                         "lack sys.path precedence to {} in {}".format(
                             existing_dist.project_name, existing_dist.location)
                     )
@ -40,18 +42,18 @@ index 6d0aa30..0a5f8ed 100644
         else:
             if self.editable:
 diff --git a/src/pip/_internal/resolution/legacy/resolver.py b/src/pip/_internal/resolution/legacy/resolver.py
-index 665dba1..a219e63 100644
+index 4df8f7e..dda2292 100644
 --- a/src/pip/_internal/resolution/legacy/resolver.py
 +++ b/src/pip/_internal/resolution/legacy/resolver.py
-@@ -34,6 +34,7 @@ from pip._internal.resolution.base import BaseResolver
+@@ -42,6 +42,7 @@ from pip._internal.resolution.base import BaseResolver, InstallRequirementProvid
 from pip._internal.utils.compatibility_tags import get_supported
 from pip._internal.utils.logging import indent_log
 from pip._internal.utils.misc import dist_in_usersite, normalize_version_info
 +from pip._internal.utils.misc import dist_in_install_path
 from pip._internal.utils.packaging import check_requires_python, get_requires_python
 from pip._internal.utils.typing import MYPY_CHECK_RUNNING
-@@ -204,7 +205,9 @@ class Resolver(BaseResolver):
+ logger = logging.getLogger(__name__)
@@ -194,7 +195,9 @@ class Resolver(BaseResolver):
         """
         # Don't uninstall the conflict if doing a user install and the
         # conflict is not a user install.
@ -63,34 +65,41 @@ index 665dba1..a219e63 100644
         req.satisfied_by = None
 diff --git a/src/pip/_internal/resolution/resolvelib/factory.py b/src/pip/_internal/resolution/resolvelib/factory.py
-index be0729e..bc2912b 100644
+index e7fd344..555e657 100644
 --- a/src/pip/_internal/resolution/resolvelib/factory.py
 +++ b/src/pip/_internal/resolution/resolvelib/factory.py
-@@ -1,5 +1,6 @@
+@@ -1,6 +1,7 @@
 import contextlib
 import functools
 import logging
 +import sys
- 
+ from typing import (
- from pip._vendor.packaging.utils import canonicalize_name
+     TYPE_CHECKING,
- 
+     Dict,
-@@ -19,7 +20,9 @@ from pip._internal.utils.misc import (
+@@ -34,6 +35,7 @@ from pip._internal.exceptions import (
-     dist_in_site_packages,
+     UnsupportedWheel,
     dist_in_usersite,
     get_installed_distributions,
 +    dist_location,
 )
-+from pip._internal.locations import distutils_scheme
+ from pip._internal.index.package_finder import PackageFinder
- from pip._internal.utils.typing import MYPY_CHECK_RUNNING
+from pip._internal.locations import get_scheme
 from pip._internal.metadata import BaseDistribution, get_default_environment
 from pip._internal.models.link import Link
 from pip._internal.models.wheel import Wheel
@@ -46,6 +48,7 @@ from pip._internal.req.req_install import (
 from pip._internal.resolution.base import InstallRequirementProvider
 from pip._internal.utils.compatibility_tags import get_supported
 from pip._internal.utils.hashes import Hashes
 +from pip._internal.utils.misc import dist_location
 from pip._internal.utils.virtualenv import running_under_virtualenv
-@@ -362,6 +365,13 @@ class Factory:
+ from .base import Candidate, CandidateVersion, Constraint, Requirement
@@ -525,6 +528,13 @@ class Factory:
         if dist is None:  # Not installed, no uninstallation required.
             return None
 +        # Prevent uninstalling packages from /usr
-+        if dist_location(dist) in (
+        if dist_location(dist._dist) in (
-+                distutils_scheme('', prefix=sys.base_prefix)['purelib'],
+                get_scheme('', prefix=sys.base_prefix).purelib,
-+                distutils_scheme('', prefix=sys.base_prefix)['platlib'],
+                get_scheme('', prefix=sys.base_prefix).platlib,
 +            ):
 +            return None
 +
@ -98,18 +107,18 @@ index be0729e..bc2912b 100644
         # be uninstalled, no matter it's in global or user site, because the
         # user site installation has precedence over global.
 diff --git a/src/pip/_internal/utils/misc.py b/src/pip/_internal/utils/misc.py
-index 6dd94e2..7925518 100644
+index 99ebea3..5901687 100644
 --- a/src/pip/_internal/utils/misc.py
 +++ b/src/pip/_internal/utils/misc.py
-@@ -27,6 +27,7 @@ from pip._vendor.retrying import retry  # type: ignore
+@@ -40,6 +40,7 @@ from pip._vendor.tenacity import retry, stop_after_delay, wait_fixed
 from pip import __version__
 from pip._internal.exceptions import CommandError
 from pip._internal.locations import get_major_minor_version, site_packages, user_site
-+from pip._internal.locations import distutils_scheme, get_major_minor_version, site_packages, user_site
+from pip._internal.locations import get_scheme
 from pip._internal.utils.compat import WINDOWS, stdlib_pkgs
 from pip._internal.utils.typing import MYPY_CHECK_RUNNING, cast
 from pip._internal.utils.virtualenv import (
-@@ -398,6 +399,16 @@ def dist_in_site_packages(dist):
+     running_under_virtualenv,
@@ -382,6 +383,16 @@ def dist_in_site_packages(dist):
     return dist_location(dist).startswith(normalize_path(site_packages))
@ -120,12 +129,12 @@ index 6dd94e2..7925518 100644
 +    """
 +    norm_path = normalize_path(dist_location(dist))
 +    return norm_path.startswith(normalize_path(
-+        distutils_scheme("")['purelib'].split('python')[0]))
+        get_scheme("").purelib.split('python')[0]))
 +
 +
 def dist_is_editable(dist):
     # type: (Distribution) -> bool
     """
 -- 
-2.29.2
+2.32.0
--- a/SPECS/python-pip.spec
+++ b/SPECS/python-pip.spec
@ -13,7 +13,7 @@
 %endif
 %global srcname pip
-%global base_version 21.0.1
+%global base_version 21.2.3
 %global upstream_version %{base_version}%{?prerel}
 %global python_wheelname %{srcname}-%{upstream_version}-py3-none-any.whl
 %global python_wheeldir %{_datadir}/python-wheels
@ -22,7 +22,7 @@
 Name:           python-%{srcname}
 Version:        %{base_version}%{?prerel:~%{prerel}}
-Release:        6%{?dist}
+Release:        3%{?dist}
 Summary:        A tool for installing and managing Python packages
 # We bundle a lot of libraries with pip, which itself is under MIT license.
@ -33,7 +33,6 @@ Summary:        A tool for installing and managing Python packages
 # chardet: LGPLv2
 # colorama: BSD
 # CacheControl: ASL 2.0
 # contextlib2: Python
 # distlib: Python
 # distro: ASL 2.0
 # html5lib: MIT
@ -46,10 +45,10 @@ Summary:        A tool for installing and managing Python packages
 # pyparsing: MIT
 # requests: ASL 2.0
 # resolvelib: ISC
 # retrying: ASL 2.0
 # setuptools: MIT
 # six: MIT
-# toml: MIT
+# tenacity: ASL 2.0
 # tomli: MIT
 # urllib3: MIT
 # webencodings: BSD
@ -68,12 +67,6 @@ BuildRequires:  python-setuptools-wheel
 BuildRequires:  python-wheel-wheel
 %endif
 # Downstream only patch
 # Emit a warning to the user if pip install is run with root privileges
 # Upstream discussion:
 #  https://discuss.python.org/t/playing-nice-with-external-package-managers/1968/20
 Patch1:         emit-a-warning-when-running-with-root-privileges.patch
 # Prevent removing of the system packages installed under /usr/lib
 # when pip install -U is executed.
 # https://bugzilla.redhat.com/show_bug.cgi?id=1550368#c24
@ -93,17 +86,6 @@ Patch5:         nowarn-pip._internal.main.patch
 # Upstream issue: https://github.com/pypa/packaging/issues/368
 Patch6:         no-version-warning.patch
 # Update vendored urrlib3 to 1.26.4 to fix CVE-2021-28363
 # Security patch backported from pip 21.1
 Patch7:         https://github.com/pypa/pip/pull/9760.patch
 # Don't split git references on unicode separators,
 # which could be maliciously used to install a different revision on the
 # repository.
 # Security patch backported from pip 21.1.1
 # Upstream PR: https://github.com/pypa/pip/pull/9827
 Patch8:         don-t-split-git-references-on-unicode-separators.patch
 # Downstream only patch
 # Users might have local installations of pip from using
 # `pip install --user --upgrade pip` on older/newer versions.
@ -141,26 +123,25 @@ Packages" or "Pip Installs Python".
 %global bundled() %{expand:
 Provides: bundled(python%{1}dist(appdirs)) = 1.4.4
 Provides: bundled(python%{1}dist(cachecontrol)) = 0.12.6
-Provides: bundled(python%{1}dist(certifi)) = 2020.12.5
+Provides: bundled(python%{1}dist(certifi)) = 2021.5.30
 Provides: bundled(python%{1}dist(chardet)) = 4
 Provides: bundled(python%{1}dist(colorama)) = 0.4.4
-Provides: bundled(python%{1}dist(contextlib2)) = 0.6^post1
+Provides: bundled(python%{1}dist(distlib)) = 0.3.2
 Provides: bundled(python%{1}dist(distlib)) = 0.3.1
 Provides: bundled(python%{1}dist(distro)) = 1.5
 Provides: bundled(python%{1}dist(html5lib)) = 1.1
-Provides: bundled(python%{1}dist(idna)) = 2.10
+Provides: bundled(python%{1}dist(idna)) = 3.2
 Provides: bundled(python%{1}dist(msgpack)) = 1.0.2
-Provides: bundled(python%{1}dist(packaging)) = 20.9
+Provides: bundled(python%{1}dist(packaging)) = 21
-Provides: bundled(python%{1}dist(pep517)) = 0.9.1
+Provides: bundled(python%{1}dist(pep517)) = 0.11
 Provides: bundled(python%{1}dist(progress)) = 1.5
 Provides: bundled(python%{1}dist(pyparsing)) = 2.4.7
-Provides: bundled(python%{1}dist(requests)) = 2.25.1
+Provides: bundled(python%{1}dist(requests)) = 2.26
-Provides: bundled(python%{1}dist(resolvelib)) = 0.5.4
+Provides: bundled(python%{1}dist(resolvelib)) = 0.7.1
 Provides: bundled(python%{1}dist(retrying)) = 1.3.3
 Provides: bundled(python%{1}dist(setuptools)) = 44
-Provides: bundled(python%{1}dist(six)) = 1.15
+Provides: bundled(python%{1}dist(six)) = 1.16
-Provides: bundled(python%{1}dist(toml)) = 0.10.2
+Provides: bundled(python%{1}dist(tenacity)) = 8.0.1
-Provides: bundled(python%{1}dist(urllib3)) = 1.26.4
+Provides: bundled(python%{1}dist(tomli)) = 1.0.3
 Provides: bundled(python%{1}dist(urllib3)) = 1.26.6
 Provides: bundled(python%{1}dist(webencodings)) = 0.5.1
 }
@ -239,6 +220,8 @@ Summary:        A documentation for a tool for installing and managing Python pa
 BuildRequires:  python%{python3_pkgversion}-sphinx
 BuildRequires:  python%{python3_pkgversion}-sphinx-inline-tabs
 BuildRequires:  python%{python3_pkgversion}-sphinx-copybutton
 BuildRequires:  python%{python3_pkgversion}-myst-parser
 %description doc
 A documentation for a tool for installing and managing Python packages
@ -268,7 +251,7 @@ rm src/pip/_vendor/certifi/*.pem
 sed -i '/html_theme = "furo"/d' docs/html/conf.py
 # towncrier extension for Sphinx is not yet available in Fedora
-sed -i "/'sphinxcontrib.towncrier',/d" docs/html/conf.py
+sed -i '/"sphinxcontrib.towncrier",/d' docs/html/conf.py
 # tests expect wheels in here
 ln -s %{python_wheeldir} tests/data/common_wheels
@ -276,6 +259,9 @@ ln -s %{python_wheeldir} tests/data/common_wheels
 # Remove shebang from files in bundled chardet
 grep -lr "^#\!/usr/bin/env python" src/pip/_vendor/chardet/ | xargs sed -i "1d"
 # Remove windows executable binaries
 rm -v src/pip/_vendor/distlib/*.exe
 sed -i '/\.exe/d' setup.py
 %build
 %py3_build_wheel
@ -290,16 +276,20 @@ rm -rf docs/build/html/{.doctrees,.buildinfo}
 %install
-# The following is similar to %%py3_install_wheel, but we don't have
+# The following is similar to %%pyproject_install, but we don't have
 # /usr/bin/pip yet, so we install using the wheel directly.
 # (This is not standard wheel usage, but the pip wheel supports it -- see
 #  pip/__main__.py)
-%{__python3} dist/%{python_wheelname}/pip install \
+%{python3} dist/%{python_wheelname}/pip install \
    --root %{buildroot} \
    --no-deps \
-    --no-cache-dir \
+    --disable-pip-version-check \
-    --no-index \
+    --progress-bar off \
    --verbose \
    --ignore-installed \
    --no-warn-script-location \
    --no-index \
    --no-cache-dir \
    --find-links dist \
    'pip==%{upstream_version}'
@ -355,8 +345,6 @@ install -p dist/%{python_wheelname} -t %{buildroot}%{python_wheeldir}
 # needs unaltered sys.path and we cannot do that in %%check
 #     test_pep517_and_build_options
 #     test_config_file_venv_option
 # TODO investigate failures
 #     test_uninstall_non_local_distutils
 # Incompatible with the latest virtualenv
 #     test_from_link_vcs_with_source_dir_obtains_commit_id
 #     test_from_link_vcs_without_source_dir
@ -364,7 +352,6 @@ install -p dist/%{python_wheelname} -t %{buildroot}%{python_wheeldir}
 pytest_k='not completion and
          not test_pep517_and_build_options and
          not test_config_file_venv_option and
          not test_uninstall_non_local_distutils and
          not test_from_link_vcs_with_source_dir_obtains_commit_id and
          not test_from_link_vcs_without_source_dir and
          not test_should_cache_git_sha'
@ -379,8 +366,8 @@ pytest_k='not completion and
 %files -n python%{python3_pkgversion}-%{srcname}
 %license LICENSE.txt
 %doc README.rst
 %license %{python3_sitelib}/pip-%{upstream_version}.dist-info/LICENSE.txt
 %if %{with doc}
 %{_mandir}/man1/pip.*
 %{_mandir}/man1/pip-*.*
@ -410,6 +397,28 @@ pytest_k='not completion and
 %{python_wheeldir}/%{python_wheelname}
 %changelog
 * Wed Oct 06 2021 Charalampos Stratakis <cstratak@redhat.com> - 21.2.3-3
 - Remove bundled windows executables
 - Resolves: rhbz#2006795
 * Mon Sep 13 2021 Miro Hrončok <mhroncok@redhat.com> - 21.2.3-2
 - Fix broken uninstallation by a bogus downstream patch
 * Mon Sep 13 2021 Miro Hrončok <mhroncok@redhat.com> - 21.2.3-1
 - Update to 21.2.3
 - Resolves: rhbz#1985635
 * Mon Sep 13 2021 Lumír Balhar <lbalhar@redhat.com> - 21.1.3-1
 - Update to 21.1.3
 Resolves: rhbz#1976449
 * Mon Sep 13 2021 Karolina Surma <ksurma@redhat.com> - 21.1.2-1
 - Update to 21.1.2
 Resolves: rhbz#1963433
 * Mon Sep 13 2021 Karolina Surma <ksurma@redhat.com> - 21.1.1-1
 - Update to 21.1.1
 * Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 21.0.1-6
 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
  Related: rhbz#1991688
`@ -1 +1 @@`
	`SOURCES/pip-21.0.1.tar.gz`	`SOURCES/pip-21.2.3.tar.gz`
`@ -1 +1 @@`
	`ccdc77442a6d5f943cdce39a94459334370e7b8c SOURCES/pip-21.0.1.tar.gz`	`c899dfeece28336424046e097bc48783a5d4264b SOURCES/pip-21.2.3.tar.gz`