Release and Version History

2018.11.26 (2018-11-26)

Bug Fixes

Vendored Libraries

  • Update vendored dependencies to resolve resolution output parsing and python finding: - pythonfinder 1.1.9 -> 1.1.10 - requirementslib 1.3.1 -> 1.3.3 - vistir 0.2.3 -> 0.2.5``#3280

2018.11.14 (2018-11-14)

Features & Improvements

  • Improved exceptions and error handling on failures. #1977
  • Added persistent settings for all CLI flags via PIPENV_{FLAG_NAME} environment variables by enabling auto_envvar_prefix=PIPENV in click (implements PEEP-0002). #2200
  • Added improved messaging about available but skipped updates due to dependency conflicts when running pipenv update --outdated. #2411
  • Added environment variable PIPENV_PYUP_API_KEY to add ability to override the bundled pyup.io API key. #2825
  • Added additional output to pipenv update --outdated to indicate that the operation succeded and all packages were already up to date. #2828
  • Updated crayons patch to enable colors on native powershell but swap native blue for magenta. #3020
  • Added support for --bare to pipenv clean, and fixed pipenv sync --bare to actually reduce output. #3041
  • Added windows-compatible spinner via upgraded vistir dependency. #3089
    • Added support for python installations managed by asdf. #3096
  • Improved runtime performance of no-op commands such as pipenv --venv by around 2/3. #3158
  • Do not show error but success for running pipenv uninstall --all in a fresh virtual environment. #3170
  • Improved asynchronous installation and error handling via queued subprocess paralleization. #3217

Bug Fixes

  • Remote non-PyPI artifacts and local wheels and artifacts will now include their own hashes rather than including hashes from PyPI. #2394
  • Non-ascii characters will now be handled correctly when parsed by pipenv’s ToML parsers. #2737
  • Updated pipenv uninstall to respect the --skip-lock argument. #2848
  • Fixed a bug which caused uninstallation to sometimes fail to successfullly remove packages from Pipfiles with comments on preceding or following lines. #2885, #3099
  • Pipenv will no longer fail when encountering python versions on Windows that have been uninstalled. #2983
  • Fixed unnecessary extras are added when translating markers #3026
  • Fixed a virtualenv creation issue which could cause new virtualenvs to inadvertently attempt to read and write to global site packages. #3047
  • Fixed an issue with virtualenv path derivation which could cause errors, particularly for users on WSL bash. #3055
  • Fixed a bug which caused Unexpected EOF errors to be thrown when pip was waiting for input from users who had put login credentials in environment variables. #3088
  • Fixed a bug in requirementslib which prevented successful installation from mercurial repositories. #3090
  • Fixed random resource warnings when using pyenv or any other subprocess calls. #3094
    • Fixed a bug which sometimes prevented cloning and parsing mercurial requirements. #3096
  • Fixed an issue in delegator.py related to subprocess calls when using PopenSpawn to stream output, which sometimes threw unexpected EOF errors. #3102, #3114, #3117
  • Fix the path casing issue that makes pipenv clean fail on Windows #3104
  • Pipenv will avoid leaving build artifacts in the current working directory. #3106
  • Fixed issues with broken subprocess calls leaking resource handles and causing random and sporadic failures. #3109
  • Fixed an issue which caused pipenv clean to sometimes clean packages from the base site-packages folder or fail entirely. #3113
  • Updated pythonfinder to correct an issue with unnesting of nested paths when searching for python versions. #3121
  • Added additional logic for ignoring and replacing non-ascii characters when formatting console output on non-UTF-8 systems. #3131
  • Fix virtual environment discovery when PIPENV_VENV_IN_PROJECT is set, but the in-project .venv is a file. #3134
  • Hashes for remote and local non-PyPI artifacts will now be included in Pipfile.lock during resolution. #3145
  • Fix project path hashing logic in purpose to prevent collisions of virtual environments. #3151
  • Fix package installation when the virtual environment path contains parentheses. #3158
  • Azure Pipelines YAML files are updated to use the latest syntax and product name. #3164
  • Fixed new spinner success message to write only one success message during resolution. #3183
  • Pipenv will now correctly respect the --pre option when used with pipenv install. #3185
  • Fix a bug where exception is raised when run pipenv graph in a project without created virtualenv #3201
  • When sources are missing names, names will now be derived from the supplied URL. #3216

Vendored Libraries

  • Updated pythonfinder to correct an issue with unnesting of nested paths when searching for python versions. #3061, #3121
  • Updated vendored dependencies:
    • certifi 2018.08.24 => 2018.10.15
    • urllib3 1.23 => 1.24
    • requests 2.19.1 => 2.20.0
    • shellingham ``1.2.6 => 1.2.7
    • tomlkit 0.4.4. => 0.4.6
    • vistir 0.1.6 => 0.1.8
    • pythonfinder 0.1.2 => 0.1.3
    • requirementslib 1.1.9 => 1.1.10
    • backports.functools_lru_cache 1.5.0 (new)
    • cursor 1.2.0 (new) #3089
  • Updated vendored dependencies:
    • requests 2.19.1 => 2.20.1
    • tomlkit 0.4.46 => 0.5.2
    • vistir 0.1.6 => 0.2.4
    • pythonfinder 1.1.2 => 1.1.8
    • requirementslib 1.1.10 => 1.3.0 #3096
  • Switch to tomlkit for parsing and writing. Drop prettytoml and contoml from vendors. #3191
  • Updated requirementslib to aid in resolution of local and remote archives. #3196

Improved Documentation

  • Expanded development and testing documentation for contributors to get started. #3074

2018.10.13 (2018-10-13)

Bug Fixes

  • Fixed a bug in pipenv clean which caused global packages to sometimes be inadvertently targeted for cleanup. #2849
  • Fix broken backport imports for vendored vistir. #2950, #2955, #2961
  • Fixed a bug with importing local vendored dependencies when running pipenv graph. #2952
  • Fixed a bug which caused executable discovery to fail when running inside a virtualenv. #2957
  • Fix parsing of outline tables. #2971
  • Fixed a bug which caused verify_ssl to fail to drop through to pip install correctly as trusted-host. #2979
  • Fixed a bug which caused canonicalized package names to fail to resolve against PyPI. #2989
  • Enhanced CI detection to detect Azure Devops builds. #2993
  • Fixed a bug which prevented installing pinned versions which used redirection symbols from the command line. #2998
  • Fixed a bug which prevented installing the local directory in non-editable mode. #3005

Vendored Libraries

  • Updated requirementslib to version 1.1.9. #2989
  • Upgraded pythonfinder => 1.1.1 and vistir => 0.1.7. #3007

2018.10.9 (2018-10-09)

Features & Improvements

  • Added environment variables PIPENV_VERBOSE and PIPENV_QUIET to control output verbosity without needing to pass options. #2527
  • Updated test-pypi addon to better support json-api access (forward compatibility). Improved testing process for new contributors. #2568
  • Greatly enhanced python discovery functionality:
    • Added pep514 (windows launcher/finder) support for python discovery.
    • Introduced architecture discovery for python installations which support different architectures. #2582
  • Added support for pipenv shell on msys and cygwin/mingw/git bash for Windows. #2641
  • Enhanced resolution of editable and VCS dependencies. #2643
  • Deduplicate and refactor CLI to use stateful arguments and object passing. See this issue for reference. #2814

Behavior Changes

  • Virtual environment activation for run is revised to improve interpolation with other Python discovery tools. #2503
  • Improve terminal coloring to display better in Powershell. #2511
  • Invoke virtualenv directly for virtual environment creation, instead of depending on pew. #2518
  • pipenv --help will now include short help descriptions. #2542
  • Add COMSPEC to fallback option (along with SHELL and PYENV_SHELL) if shell detection fails, improving robustness on Windows. #2651
  • Fallback to shell mode if run fails with Windows error 193 to handle non-executable commands. This should improve usability on Windows, where some users run non-executable files without specifying a command, relying on Windows file association to choose the current command. #2718

Bug Fixes

  • Fixed a bug which prevented installation of editable requirements using ssh:// style urls #1393

  • VCS Refs for locked local editable dependencies will now update appropriately to the latest hash when running pipenv update. #1690

  • .tar.gz and .zip artifacts will now have dependencies installed even when they are missing from the lockfile. #2173

  • The command line parser will now handle multiple -e/--editable dependencies properly via click’s option parser to help mitigate future parsing issues. #2279

  • Fixed the ability of pipenv to parse dependency_links from setup.py when PIP_PROCESS_DEPENDENCY_LINKS is enabled. #2434

  • Fixed a bug which could cause -i/--index arguments to sometimes be incorrectly picked up in packages. This is now handled in the command line parser. #2494

  • Fixed non-deterministic resolution issues related to changes to the internal package finder in pip 10. #2499, #2529, #2589, #2666, #2767, #2785, #2795, #2801, #2824, #2862, #2879, #2894, #2933

  • Fix subshell invocation on Windows for Python 2. #2515

  • Fixed a bug which sometimes caused pipenv to throw a TypeError or to run into encoding issues when writing lockfiles on python 2. #2561

  • Improve quoting logic for pipenv run so it works better with Windows built-in commands. #2563

  • Fixed a bug related to parsing vcs requirements with both extras and subdirectory fragments. Corrected an issue in the requirementslib parser which led to some markers being discarded rather than evaluated. #2564

  • Fixed multiple issues with finding the correct system python locations. #2582

  • Catch JSON decoding error to prevent exception when the lock file is of invalid format. #2607

  • Fixed a rare bug which could sometimes cause errors when installing packages with custom sources. #2610

  • Update requirementslib to fix a bug which could raise an UnboundLocalError when parsing malformed VCS URIs. #2617

  • Fixed an issue which prevented passing multiple --ignore parameters to pipenv check. #2632

  • Fixed a bug which caused attempted hashing of ssh:// style URIs which could cause failures during installation of private ssh repositories. - Corrected path conversion issues which caused certain editable VCS paths to be converted to ssh:// URIs improperly. #2639

  • Fixed a bug which caused paths to be formatted incorrectly when using pipenv shell in bash for windows. #2641

  • Dependency links to private repositories defined via ssh:// schemes will now install correctly and skip hashing as long as PIP_PROCESS_DEPENDENCY_LINKS=1. #2643

  • Fixed a bug which sometimes caused pipenv to parse the trusted_host argument to pip incorrectly when parsing source URLs which specify verify_ssl = false. #2656

  • Prevent crashing when a virtual environment in WORKON_HOME is faulty. #2676

  • Fixed virtualenv creation failure when a .venv file is present in the project root. #2680

  • Fixed a bug which could cause the -e/--editable argument on a dependency to be accidentally parsed as a dependency itself. #2714

  • Correctly pass verbose and debug flags to the resolver subprocess so it generates appropriate output. This also resolves a bug introduced by the fix to #2527. #2732

  • All markers are now included in pipenv lock --requirements output. #2748

  • Fixed a bug in marker resolution which could cause duplicate and non-deterministic markers. #2760

  • Fixed a bug in the dependency resolver which caused regular issues when handling setup.py based dependency resolution. #2766

  • Updated vendored dependencies:
    • pip-tools (updated and patched to latest w/ pip 18.0 compatibilty)
    • pip 10.0.1 => 18.0
    • click 6.7 => 7.0
    • toml 0.9.4 => 0.10.0
    • pyparsing 2.2.0 => 2.2.2
    • delegator 0.1.0 => 0.1.1
    • attrs 18.1.0 => 18.2.0
    • distlib 0.2.7 => 0.2.8
    • packaging 17.1.0 => 18.0
    • passa 0.2.0 => 0.3.1
    • pip_shims 0.1.2 => 0.3.1
    • plette 0.1.1 => 0.2.2
    • pythonfinder 1.0.2 => 1.1.0
    • pytoml 0.1.18 => 0.1.19
    • requirementslib 1.1.16 => 1.1.17
    • shellingham 1.2.4 => 1.2.6
    • tomlkit 0.4.2 => 0.4.4
    • vistir 0.1.4 => 0.1.6 #2802,

    #2867, #2880

  • Fixed a bug where pipenv crashes when the WORKON_HOME directory does not exist. #2877

  • Fixed pip is not loaded from pipenv’s patched one but the system one #2912

  • Fixed various bugs related to pip 18.1 release which prevented locking, installation, and syncing, and dumping to a requirements.txt file. #2924

Vendored Libraries

  • Pew is no longer vendored. Entry point pewtwo, packages pipenv.pew and pipenv.patched.pew are removed. #2521

  • Update pythonfinder to major release 1.0.0 for integration. #2582

  • Update requirementslib to fix a bug which could raise an UnboundLocalError when parsing malformed VCS URIs. #2617

    • Vendored new libraries vistir and pip-shims, tomlkit, modutil, and plette.
    • Update vendored libraries: - scandir to 1.9.0 - click-completion to 0.4.1 - semver to 2.8.1 - shellingham to 1.2.4 - pytoml to 0.1.18 - certifi to 2018.8.24 - ptyprocess to 0.6.0 - requirementslib to 1.1.5 - pythonfinder to 1.0.2 - pipdeptree to 0.13.0 - python-dotenv to 0.9.1 #2639
  • Updated vendored dependencies:
    • pip-tools (updated and patched to latest w/ pip 18.0 compatibilty)
    • pip 10.0.1 => 18.0
    • click 6.7 => 7.0
    • toml 0.9.4 => 0.10.0
    • pyparsing 2.2.0 => 2.2.2
    • delegator 0.1.0 => 0.1.1
    • attrs 18.1.0 => 18.2.0
    • distlib 0.2.7 => 0.2.8
    • packaging 17.1.0 => 18.0
    • passa 0.2.0 => 0.3.1
    • pip_shims 0.1.2 => 0.3.1
    • plette 0.1.1 => 0.2.2
    • pythonfinder 1.0.2 => 1.1.0
    • pytoml 0.1.18 => 0.1.19
    • requirementslib 1.1.16 => 1.1.17
    • shellingham 1.2.4 => 1.2.6
    • tomlkit 0.4.2 => 0.4.4
    • vistir 0.1.4 => 0.1.6 #2902,

    #2935

Improved Documentation

  • Simplified the test configuration process. #2568
  • Updated documentation to use working fortune cookie addon. #2644
  • Added additional information about troubleshooting pipenv shell by using the the $PIPENV_SHELL environment variable. #2671
  • Added a link to PEP-440 version specifiers in the documentation for additional detail. #2674
  • Added simple example to README.md for installing from git. #2685
  • Stopped recommending –system for Docker contexts. #2762
  • Fixed the example url for doing “pipenv install -e some-repo-url#egg=something”, it was missing the “egg=” in the fragment identifier. #2792
  • Fixed link to the “be cordial” essay in the contribution documentation. #2793
  • Clarify pipenv install documentation #2844
  • Replace reference to uservoice with PEEP-000 #2909

2018.7.1 (2018-07-01)

Features & Improvements

  • All calls to pipenv shell are now implemented from the ground up using shellingham, a custom library which was purpose built to handle edge cases and shell detection. #2371
  • Added support for python 3.7 via a few small compatibility / bugfixes. #2427, #2434, #2436
  • Added new flag pipenv --support to replace the diagnostic command python -m pipenv.help. #2477, #2478
  • Improved import times and CLI runtimes with minor tweaks. #2485

Bug Fixes

  • Fixed an ongoing bug which sometimes resolved incompatible versions into lockfiles. #1901
  • Fixed a bug which caused errors when creating virtualenvs which contained leading dash characters. #2415
  • Fixed a logic error which caused --deploy --system to overwrite editable vcs packages in the pipfile before installing, which caused any installation to fail by default. #2417
  • Updated requirementslib to fix an issue with properly quoting markers in VCS requirements. #2419
  • Installed new vendored jinja2 templates for click-completion which were causing template errors for users with completion enabled. #2422
  • Added support for python 3.7 via a few small compatibility / bugfixes. #2427
  • Fixed an issue reading package names from setup.py files in projects which imported utilities such as versioneer. #2433
  • Pipenv will now ensure that its internal package names registry files are written with unicode strings. #2450
  • Fixed a bug causing requirements input as relative paths to be output as absolute paths or URIs. Fixed a bug affecting normalization of git+git@host uris. #2453
  • Pipenv will now always use pathlib2 for Path based filesystem interactions by default on python<3.5. #2454
  • Fixed a bug which prevented passing proxy PyPI indexes set with --pypi-mirror from being passed to pip during virtualenv creation, which could cause the creation to freeze in some cases. #2462
  • Using the python -m pipenv.help command will now use proper encoding for the host filesystem to avoid encoding issues. #2466
  • The new jinja2 templates for click_completion will now be included in pipenv source distributions. #2479
  • Resolved a long-standing issue with re-using previously generated InstallRequirement objects for resolution which could cause PKG-INFO file information to be deleted, raising a TypeError. #2480
  • Resolved an issue parsing usernames from private PyPI URIs in Pipfiles by updating requirementslib. #2484

Vendored Libraries

  • All calls to pipenv shell are now implemented from the ground up using shellingham, a custom library which was purpose built to handle edge cases and shell detection. #2371
  • Updated requirementslib to fix an issue with properly quoting markers in VCS requirements. #2419
  • Installed new vendored jinja2 templates for click-completion which were causing template errors for users with completion enabled. #2422
  • Add patch to prettytoml to support Python 3.7. #2426
  • Patched prettytoml.AbstractTable._enumerate_items to handle StopIteration errors in preparation of release of python 3.7. #2427
  • Fixed an issue reading package names from setup.py files in projects which imported utilities such as versioneer. #2433
  • Updated requirementslib to version 1.0.9 #2453
  • Unraveled a lot of old, unnecessary patches to pip-tools which were causing non-deterministic resolution errors. #2480
  • Resolved an issue parsing usernames from private PyPI URIs in Pipfiles by updating requirementslib. #2484

Improved Documentation

  • Added instructions for installing using Fedora’s official repositories. #2404

2018.6.25 (2018-06-25)

Features & Improvements

  • Pipenv-created virtualenvs will now be associated with a .project folder (features can be implemented on top of this later or users may choose to use pipenv-pipes to take full advantage of this.) #1861
  • Virtualenv names will now appear in prompts for most Windows users. #2167
  • Added support for cmder shell paths with spaces. #2168
  • Added nested JSON output to the pipenv graph command. #2199
  • Dropped vendored pip 9 and vendored, patched, and migrated to pip 10. Updated patched piptools version. #2255
  • PyPI mirror URLs can now be set to override instances of PyPI urls by passing the --pypi-mirror argument from the command line or setting the PIPENV_PYPI_MIRROR environment variable. #2281
  • Virtualenv activation lines will now avoid being written to some shell history files. #2287
  • Pipenv will now only search for requirements.txt files when creating new projects, and during that time only if the user doesn’t specify packages to pass in. #2309
  • Added support for mounted drives via UNC paths. #2331
  • Added support for Windows Subsystem for Linux bash shell detection. #2363
  • Pipenv will now generate hashes much more quickly by resolving them in a single pass during locking. #2384
  • pipenv run will now avoid spawning additional COMSPEC instances to run commands in when possible. #2385
  • Massive internal improvements to requirements parsing codebase, resolver, and error messaging. #2388
  • pipenv check now may take multiple of the additional argument --ignore which takes a parameter cve_id for the purpose of ignoring specific CVEs. #2408

Behavior Changes

  • Pipenv will now parse & capitalize platform_python_implementation markers .. warning:: This could cause an issue if you have an out of date Pipfile which lowercases the comparison value (e.g. cpython instead of CPython). #2123
  • Pipenv will now only search for requirements.txt files when creating new projects, and during that time only if the user doesn’t specify packages to pass in. #2309

Bug Fixes

  • Massive internal improvements to requirements parsing codebase, resolver, and error messaging. #1962, #2186, #2263, #2312
  • Pipenv will now parse & capitalize platform_python_implementation markers. #2123
  • Fixed a bug with parsing and grouping old-style setup.py extras during resolution #2142
  • Fixed a bug causing pipenv graph to throw unhelpful exceptions when running against empty or non-existent environments. #2161
  • Fixed a bug which caused --system to incorrectly abort when users were in a virtualenv. #2181
  • Removed vendored cacert.pem which could cause issues for some users with custom certificate settings. #2193
  • Fixed a regression which led to direct invocations of virtualenv, rather than calling it by module. #2198
  • Locking will now pin the correct VCS ref during pipenv update runs. Running pipenv update with a new vcs ref specified in the Pipfile will now properly obtain, resolve, and install the specified dependency at the specified ref. #2209
  • pipenv clean will now correctly ignore comments from pip freeze when cleaning the environment. #2262
  • Resolution bugs causing packages for incompatible python versions to be locked have been fixed. #2267
  • Fixed a bug causing pipenv graph to fail to display sometimes. #2268
  • Updated requirementslib to fix a bug in pipfile parsing affecting relative path conversions. #2269
  • Windows executable discovery now leverages os.pathext. #2298
  • Fixed a bug which caused --deploy --system to inadvertently create a virtualenv before failing. #2301
  • Fixed an issue which led to a failure to unquote special characters in file and wheel paths. #2302
  • VCS dependencies are now manually obtained only if they do not match the requested ref. #2304
  • Added error handling functionality to properly cope with single-digit Requires-Python metatdata with no specifiers. #2377
  • pipenv update will now always run the resolver and lock before ensuring your dependencies are in sync with your lockfile. #2379
  • Resolved a bug in our patched resolvers which could cause nondeterministic resolution failures in certain conditions. Running pipenv install with no arguments in a project with only a Pipfile will now correctly lock first for dependency resolution before installing. #2384
  • Patched python-dotenv to ensure that environment variables always get encoded to the filesystem encoding. #2386

Improved Documentation

  • Update documentation wording to clarify Pipenv’s overall role in the packaging ecosystem. #2194
  • Added contribution documentation and guidelines. #2205
  • Added instructions for supervisord compatibility. #2215
  • Fixed broken links to development philosophy and contribution documentation. #2248

Vendored Libraries

  • Removed vendored cacert.pem which could cause issues for some users with custom certificate settings. #2193

  • Dropped vendored pip 9 and vendored, patched, and migrated to pip 10. Updated patched piptools version. #2255

  • Updated requirementslib to fix a bug in pipfile parsing affecting relative path conversions. #2269

  • Added custom shell detection library shellingham, a port of our changes to pew. #2363

  • Patched python-dotenv to ensure that environment variables always get encoded to the filesystem encoding. #2386

  • Updated vendored libraries. The following vendored libraries were updated:

    • distlib from version 0.2.6 to 0.2.7.
    • jinja2 from version 2.9.5 to 2.10.
    • pathlib2 from version 2.1.0 to 2.3.2.
    • parse from version 2.8.0 to 2.8.4.
    • pexpect from version 2.5.2 to 2.6.0.
    • requests from version 2.18.4 to 2.19.1.
    • idna from version 2.6 to 2.7.
    • certifi from version 2018.1.16 to 2018.4.16.
    • packaging from version 16.8 to 17.1.
    • six from version 1.10.0 to 1.11.0.
    • requirementslib from version 0.2.0 to 1.0.1.

    In addition, scandir was vendored and patched to avoid importing host system binaries when falling back to pathlib2. #2368