8 changed files with 478 additions and 372 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/pip-21.2.3.tar.gz
+SOURCES/pip-23.3.2.tar.gz
--- a/.python-pip.metadata
+++ b/.python-pip.metadata
@ -1 +1 @@
-c899dfeece28336424046e097bc48783a5d4264b SOURCES/pip-21.2.3.tar.gz
+59ca44393b8df2eadc09e8dbf718c51da5ab13c9 SOURCES/pip-23.3.2.tar.gz
--- a/SOURCES/cve-2007-4559-tarfile.patch
+++ b/SOURCES/cve-2007-4559-tarfile.patch
@ -1,9 +1,20 @@
 From 1819805f2019c731bcaefd6b12fd814790f88fcd Mon Sep 17 00:00:00 2001
 From: Lumir Balhar <lbalhar@redhat.com>
 Date: Tue, 19 Mar 2024 12:43:07 +0100
 Subject: [PATCH] cve-2007-4559-tarfile
 Minimal patch for pip
 ---
 src/pip/_internal/utils/unpacking.py |  7 +++++++
 src/pip/_vendor/distlib/util.py      | 13 +++++++++++++
 tests/unit/test_utils_unpacking.py   | 17 +++++++++++++++++
 3 files changed, 37 insertions(+)
-diff -rU3 pip-orig/src/pip/_internal/utils/unpacking.py pip/src/pip/_internal/utils/unpacking.py
+diff --git a/src/pip/_internal/utils/unpacking.py b/src/pip/_internal/utils/unpacking.py
--- pip-orig/src/pip/_internal/utils/unpacking.py	2022-11-05 16:25:43.000000000 +0100
+index 5f63f97..c31542f 100644
-+++ pip/src/pip/_internal/utils/unpacking.py	2023-08-08 13:17:47.705613554 +0200
+--- a/src/pip/_internal/utils/unpacking.py
-@@ -184,6 +184,13 @@
+++ b/src/pip/_internal/utils/unpacking.py
@@ -184,6 +184,13 @@ def untar_file(filename: str, location: str) -> None:
                     "outside target directory ({})"
                 )
                 raise InstallationError(message.format(filename, path, location))
@ -17,15 +28,36 @@ diff -rU3 pip-orig/src/pip/_internal/utils/unpacking.py pip/src/pip/_internal/ut
             if member.isdir():
                 ensure_dir(path)
             elif member.issym():
 diff --git a/src/pip/_vendor/distlib/util.py b/src/pip/_vendor/distlib/util.py
 index 80bfc86..7e0941a 100644
 --- a/src/pip/_vendor/distlib/util.py
 +++ b/src/pip/_vendor/distlib/util.py
@@ -1249,6 +1249,19 @@ def unarchive(archive_filename, dest_dir, format=None, check=True):
             for tarinfo in archive.getmembers():
                 if not isinstance(tarinfo.name, text_type):
                     tarinfo.name = tarinfo.name.decode('utf-8')
 +
 +        # Limit extraction of dangerous items, if this Python
 +        # allows it easily. If not, just trust the input.
 +        # See: https://docs.python.org/3/library/tarfile.html#extraction-filters
 +        def extraction_filter(member, path):
 +            """Run tarfile.tar_fillter, but raise the expected ValueError"""
 +            # This is only called if the current Python has tarfile filters
 +            try:
 +                return tarfile.tar_filter(member, path)
 +            except tarfile.FilterError as exc:
 +                raise ValueError(str(exc))
 +        archive.extraction_filter = extraction_filter
 +
         archive.extractall(dest_dir)
-
+     finally:
-Test from https://github.com/pypa/pip/pull/12214
+diff --git a/tests/unit/test_utils_unpacking.py b/tests/unit/test_utils_unpacking.py
-
+index ccb7a30..05324ad 100644
-diff -rU3 pip-orig/tests/unit/test_utils_unpacking.py pip/tests/unit/test_utils_unpacking.py
+--- a/tests/unit/test_utils_unpacking.py
--- pip-orig/tests/unit/test_utils_unpacking.py	2022-11-05 16:25:43.000000000 +0100
+++ b/tests/unit/test_utils_unpacking.py
-+++ pip/tests/unit/test_utils_unpacking.py	2023-08-08 13:17:35.151540108 +0200
+@@ -171,6 +171,23 @@ class TestUnpackArchives:
-@@ -167,6 +167,23 @@
+         test_tar = self.make_tar_file("test_tar.tar", files)
         test_tar = self.make_tar_file('test_tar.tar', files)
         untar_file(test_tar, self.tempdir)
 +    def test_unpack_tar_filter(self) -> None:
@ -46,33 +78,8 @@ diff -rU3 pip-orig/tests/unit/test_utils_unpacking.py pip/tests/unit/test_utils_
 +
 +
- def test_unpack_tar_unicode(tmpdir):
+ def test_unpack_tar_unicode(tmpdir: Path) -> None:
     test_tar = tmpdir / "test.tar"
 -- 
 2.44.0
 Patch for vendored distlib from https://github.com/pypa/distlib/pull/201
 diff --git a/distlib/util.py b/distlib/util.py
 index e0622e4..4349d0b 100644
 --- a/src/pip/_vendor/distlib/util.py
 +++ b/src/pip/_vendor/distlib/util.py
@@ -1249,6 +1249,19 @@ def check_path(path):
             for tarinfo in archive.getmembers():
                 if not isinstance(tarinfo.name, text_type):
                     tarinfo.name = tarinfo.name.decode('utf-8')
 +
 +        # Limit extraction of dangerous items, if this Python
 +        # allows it easily. If not, just trust the input.
 +        # See: https://docs.python.org/3/library/tarfile.html#extraction-filters
 +        def extraction_filter(member, path):
 +            """Run tarfile.tar_fillter, but raise the expected ValueError"""
 +            # This is only called if the current Python has tarfile filters
 +            try:
 +                return tarfile.tar_filter(member, path)
 +            except tarfile.FilterError as exc:
 +                raise ValueError(str(exc))
 +        archive.extraction_filter = extraction_filter
 +
         archive.extractall(dest_dir)
     finally:
--- a/SOURCES/dummy-certifi.patch
+++ b/SOURCES/dummy-certifi.patch
@ -1,36 +1,128 @@
-From 2c58d7301dd5a47570f782fe2fce7fbb1918f60c Mon Sep 17 00:00:00 2001
+From 09c983fdeabe3fa0b90b73f32ddf84a61e498e09 Mon Sep 17 00:00:00 2001
 From: Karolina Surma <ksurma@redhat.com>
-Date: Mon, 10 May 2021 16:38:50 +0200
+Date: Tue, 15 Nov 2022 09:22:46 +0100
 Subject: [PATCH] Dummy certifi patch
 Co-Authored-By: Tomas Hrnciar <thrnciar@redhat.com>
 ---
- src/pip/_vendor/certifi/core.py | 5 ++---
+ src/pip/_vendor/certifi/core.py | 105 ++------------------------------
- 1 file changed, 2 insertions(+), 3 deletions(-)
+ 1 file changed, 6 insertions(+), 99 deletions(-)
 diff --git a/src/pip/_vendor/certifi/core.py b/src/pip/_vendor/certifi/core.py
-index b8140cf..f1a0b01 100644
+index c3e5466..eb297f7 100644
 --- a/src/pip/_vendor/certifi/core.py
 +++ b/src/pip/_vendor/certifi/core.py
-@@ -14,6 +14,7 @@ class _PipPatchedCertificate(Exception):
+@@ -4,105 +4,12 @@ certifi.py
 This module returns the installation location of cacert.pem or its contents.
 """
 -import sys
- try:
+# The RPM-packaged certifi always uses the system certificates
-+    raise ImportError  # force fallback
+def where() -> str:
     # Return a certificate file on disk for a standalone pip zipapp running in
     # an isolated build environment to use. Passing --cert to the standalone
     # pip does not work since requests calls where() unconditionally on import.
@@ -67,9 +68,7 @@ except ImportError:
     # If we don't have importlib.resources, then we will just do the old logic
     # of assuming we're on the filesystem and munge the path directly.
     def where():
 -        f = os.path.dirname(__file__)
 -
 -        return os.path.join(f, "cacert.pem")
 +    return '/etc/pki/tls/certs/ca-bundle.crt'
 -if sys.version_info >= (3, 11):
 +def contents() -> str:
 +    with open(where(), encoding='utf=8') as data:
 +        return data.read()
- def contents():
+-    from importlib.resources import as_file, files
 -
 -    _CACERT_CTX = None
 -    _CACERT_PATH = None
 -
 -    def where() -> str:
 -        # This is slightly terrible, but we want to delay extracting the file
 -        # in cases where we're inside of a zipimport situation until someone
 -        # actually calls where(), but we don't want to re-extract the file
 -        # on every call of where(), so we'll do it once then store it in a
 -        # global variable.
 -        global _CACERT_CTX
 -        global _CACERT_PATH
 -        if _CACERT_PATH is None:
 -            # This is slightly janky, the importlib.resources API wants you to
 -            # manage the cleanup of this file, so it doesn't actually return a
 -            # path, it returns a context manager that will give you the path
 -            # when you enter it and will do any cleanup when you leave it. In
 -            # the common case of not needing a temporary file, it will just
 -            # return the file system location and the __exit__() is a no-op.
 -            #
 -            # We also have to hold onto the actual context manager, because
 -            # it will do the cleanup whenever it gets garbage collected, so
 -            # we will also store that at the global level as well.
 -            _CACERT_CTX = as_file(files("pip._vendor.certifi").joinpath("cacert.pem"))
 -            _CACERT_PATH = str(_CACERT_CTX.__enter__())
 -
 -        return _CACERT_PATH
 -
 -    def contents() -> str:
 -        return files("pip._vendor.certifi").joinpath("cacert.pem").read_text(encoding="ascii")
 -
 -elif sys.version_info >= (3, 7):
 -
 -    from importlib.resources import path as get_path, read_text
 -
 -    _CACERT_CTX = None
 -    _CACERT_PATH = None
 -
 -    def where() -> str:
 -        # This is slightly terrible, but we want to delay extracting the
 -        # file in cases where we're inside of a zipimport situation until
 -        # someone actually calls where(), but we don't want to re-extract
 -        # the file on every call of where(), so we'll do it once then store
 -        # it in a global variable.
 -        global _CACERT_CTX
 -        global _CACERT_PATH
 -        if _CACERT_PATH is None:
 -            # This is slightly janky, the importlib.resources API wants you
 -            # to manage the cleanup of this file, so it doesn't actually
 -            # return a path, it returns a context manager that will give
 -            # you the path when you enter it and will do any cleanup when
 -            # you leave it. In the common case of not needing a temporary
 -            # file, it will just return the file system location and the
 -            # __exit__() is a no-op.
 -            #
 -            # We also have to hold onto the actual context manager, because
 -            # it will do the cleanup whenever it gets garbage collected, so
 -            # we will also store that at the global level as well.
 -            _CACERT_CTX = get_path("pip._vendor.certifi", "cacert.pem")
 -            _CACERT_PATH = str(_CACERT_CTX.__enter__())
 -
 -        return _CACERT_PATH
 -
 -    def contents() -> str:
 -        return read_text("pip._vendor.certifi", "cacert.pem", encoding="ascii")
 -
 -else:
 -    import os
 -    import types
 -    from typing import Union
 -
 -    Package = Union[types.ModuleType, str]
 -    Resource = Union[str, "os.PathLike"]
 -
 -    # This fallback will work for Python versions prior to 3.7 that lack the
 -    # importlib.resources module but relies on the existing `where` function
 -    # so won't address issues with environments like PyOxidizer that don't set
 -    # __file__ on modules.
 -    def read_text(
 -        package: Package,
 -        resource: Resource,
 -        encoding: str = 'utf-8',
 -        errors: str = 'strict'
 -    ) -> str:
 -        with open(where(), encoding=encoding) as data:
 -            return data.read()
 -
 -    # If we don't have importlib.resources, then we will just do the old logic
 -    # of assuming we're on the filesystem and munge the path directly.
 -    def where() -> str:
 -        f = os.path.dirname(__file__)
 -
 -        return os.path.join(f, "cacert.pem")
 -
 -    def contents() -> str:
 -        return read_text("pip._vendor.certifi", "cacert.pem", encoding="ascii")
 -- 
-2.30.2
+2.37.3
--- a/SOURCES/nowarn-pip._internal.main.patch
+++ b/SOURCES/nowarn-pip._internal.main.patch
@ -1,4 +1,4 @@
-From 619782ad2d181fe2933ddf4edc7127fdc13dd0df Mon Sep 17 00:00:00 2001
+From 8dd3793d1bab226cec9c5c49b01718a9634bc403 Mon Sep 17 00:00:00 2001
 From: Karolina Surma <ksurma@redhat.com>
 Date: Mon, 10 May 2021 16:48:49 +0200
 Subject: [PATCH] Don't warn the user about pip._internal.main() entrypoint
@ -24,11 +24,11 @@ index 6afb5c6..faf25af 100755
 -    return _wrapper(args)
 +    return _wrapper(args, _nowarn=True)
 diff --git a/src/pip/_internal/utils/entrypoints.py b/src/pip/_internal/utils/entrypoints.py
-index 1504a12..07d941b 100644
+index f292c64..2e29a5e 100644
 --- a/src/pip/_internal/utils/entrypoints.py
 +++ b/src/pip/_internal/utils/entrypoints.py
-@@ -4,7 +4,7 @@ from typing import List, Optional
+@@ -20,7 +20,7 @@ if WINDOWS:
- from pip._internal.cli.main import main
+     ]
 -def _wrapper(args: Optional[List[str]] = None) -> int:
@ -36,7 +36,7 @@ index 1504a12..07d941b 100644
     """Central wrapper for all old entrypoints.
     Historically pip has had several entrypoints defined. Because of issues
-@@ -16,12 +16,13 @@ def _wrapper(args: Optional[List[str]] = None) -> int:
+@@ -32,14 +32,15 @@ def _wrapper(args: Optional[List[str]] = None) -> int:
     directing them to an appropriate place for help, we now define all of
     our old entrypoints as wrappers for the current one.
     """
@ -58,11 +58,13 @@ index 1504a12..07d941b 100644
 +            "running pip directly.\n"
 +        )
     return main(args)
 diff --git a/tests/functional/test_cli.py b/tests/functional/test_cli.py
-index e416315..7f57f67 100644
+index 3e85703..f86c392 100644
 --- a/tests/functional/test_cli.py
 +++ b/tests/functional/test_cli.py
-@@ -31,4 +31,5 @@ def test_entrypoints_work(entrypoint, script):
+@@ -43,4 +43,5 @@ def test_entrypoints_work(entrypoint: str, script: PipTestEnvironment) -> None:
     result = script.pip("-V")
     result2 = script.run("fake_pip", "-V", allow_stderr_warning=True)
     assert result.stdout == result2.stdout
@ -70,5 +72,5 @@ index e416315..7f57f67 100644
 +    if entrypoint[0] != "fake_pip = pip._internal:main":
 +        assert "old script wrapper" in result2.stderr
 -- 
-2.32.0
+2.35.3
--- a/SOURCES/pip-allow-different-versions.patch
+++ b/SOURCES/pip-allow-different-versions.patch
@ -1,27 +0,0 @@
 --- /usr/bin/pip3	2019-11-12 17:37:34.793131862 +0100
 +++ pip3	2019-11-12 17:40:42.014107134 +0100
@@ -2,7 +2,23 @@
 # -*- coding: utf-8 -*-
 import re
 import sys
 -from pip._internal.cli.main import main
 +
 +try:
 +    from pip._internal.cli.main import main
 +except ImportError:
 +    try:
 +        from pip._internal.main import main
 +    except ImportError:
 +        try:
 +            # If the user has downgraded pip, the above import will fail.
 +            # Let's try older methods of invoking it:
 +
 +            # pip 19 uses this
 +            from pip._internal import main
 +        except ImportError:
 +            # older pip versions use this
 +            from pip import main
 +
 if __name__ == '__main__':
     sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
     sys.exit(main())
--- a/SOURCES/remove-existing-dist-only-if-path-conflicts.patch
+++ b/SOURCES/remove-existing-dist-only-if-path-conflicts.patch
@ -1,10 +1,11 @@
-From aca0c9df4ef54f70a3fedb07f4faac463f88a331 Mon Sep 17 00:00:00 2001
+From 2c3f3a590ddfc151a456b44a5f96f0f603d178e9 Mon Sep 17 00:00:00 2001
-From: Karolina Surma <ksurma@redhat.com>
+From: Lumir Balhar <lbalhar@redhat.com>
-Date: Mon, 10 May 2021 18:16:20 +0200
+Date: Wed, 16 Feb 2022 08:36:21 +0100
 Subject: [PATCH] Prevent removing of the system packages installed under
- /usr/lib
+ /usr/lib when pip install --upgrade is executed.
-
+MIME-Version: 1.0
-when pip install -U is executed.
+Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Resolves: rhbz#1550368
@ -13,128 +14,102 @@ Co-Authored-By: Victor Stinner <vstinner@redhat.com>
 Co-Authored-By: Petr Viktorin <pviktori@redhat.com>
 Co-Authored-By: Lumir Balhar <lbalhar@redhat.com>
 Co-Authored-By: Miro Hrončok <miro@hroncok.cz>
 Co-Authored-By: Karolina Surma <ksurma@redhat.com>
 ---
- src/pip/_internal/req/req_install.py               |  3 ++-
+ src/pip/_internal/metadata/base.py                 | 12 +++++++++++-
- src/pip/_internal/resolution/legacy/resolver.py    |  5 ++++-
+ src/pip/_internal/req/req_install.py               |  2 +-
- src/pip/_internal/resolution/resolvelib/factory.py | 10 ++++++++++
+ src/pip/_internal/resolution/legacy/resolver.py    |  4 +++-
- src/pip/_internal/utils/misc.py                    | 11 +++++++++++
+ src/pip/_internal/resolution/resolvelib/factory.py | 12 ++++++++++++
- 4 files changed, 27 insertions(+), 2 deletions(-)
+ 4 files changed, 27 insertions(+), 3 deletions(-)
 diff --git a/src/pip/_internal/metadata/base.py b/src/pip/_internal/metadata/base.py
 index 151fd6d..f9109cd 100644
 --- a/src/pip/_internal/metadata/base.py
 +++ b/src/pip/_internal/metadata/base.py
@@ -28,7 +28,7 @@ from pip._vendor.packaging.utils import NormalizedName
 from pip._vendor.packaging.version import LegacyVersion, Version
 from pip._internal.exceptions import NoneMetadataError
 -from pip._internal.locations import site_packages, user_site
 +from pip._internal.locations import get_scheme, site_packages, user_site
 from pip._internal.models.direct_url import (
     DIRECT_URL_METADATA_NAME,
     DirectUrl,
@@ -560,6 +560,16 @@ class BaseDistribution(Protocol):
             for extra in self._iter_egg_info_extras():
                 metadata["Provides-Extra"] = extra
 +    @property
 +    def in_install_path(self) -> bool:
 +        """
 +        Return True if given Distribution is installed in
 +        path matching distutils_scheme layout.
 +        """
 +        norm_path = normalize_path(self.installed_location)
 +        return norm_path.startswith(normalize_path(
 +            get_scheme("").purelib.split('python')[0]))
 +
 class BaseEnvironment:
     """An environment containing distributions to introspect."""
 diff --git a/src/pip/_internal/req/req_install.py b/src/pip/_internal/req/req_install.py
-index 4c58cdb..3570e17 100644
+index a1e376c..ed7facf 100644
 --- a/src/pip/_internal/req/req_install.py
 +++ b/src/pip/_internal/req/req_install.py
-@@ -43,6 +43,7 @@ from pip._internal.utils.misc import (
+@@ -416,7 +416,7 @@ class InstallRequirement:
-     ask_path_exists,
+                         f"lack sys.path precedence to {existing_dist.raw_name} "
-     backup_dir,
+                         f"in {existing_dist.location}"
     display_path,
 +    dist_in_install_path,
     dist_in_site_packages,
     dist_in_usersite,
     get_distribution,
@@ -426,7 +427,7 @@ class InstallRequirement:
                         "lack sys.path precedence to {} in {}".format(
                             existing_dist.project_name, existing_dist.location)
                     )
 -            else:
-+            elif dist_in_install_path(existing_dist):
+            elif existing_dist.in_install_path:
                 self.should_reinstall = True
         else:
             if self.editable:
 diff --git a/src/pip/_internal/resolution/legacy/resolver.py b/src/pip/_internal/resolution/legacy/resolver.py
-index 4df8f7e..dda2292 100644
+index fb49d41..040f2c1 100644
 --- a/src/pip/_internal/resolution/legacy/resolver.py
 +++ b/src/pip/_internal/resolution/legacy/resolver.py
-@@ -42,6 +42,7 @@ from pip._internal.resolution.base import BaseResolver, InstallRequirementProvid
+@@ -325,7 +325,9 @@ class Resolver(BaseResolver):
 from pip._internal.utils.compatibility_tags import get_supported
 from pip._internal.utils.logging import indent_log
 from pip._internal.utils.misc import dist_in_usersite, normalize_version_info
 +from pip._internal.utils.misc import dist_in_install_path
 from pip._internal.utils.packaging import check_requires_python, get_requires_python
 logger = logging.getLogger(__name__)
@@ -194,7 +195,9 @@ class Resolver(BaseResolver):
         """
         # Don't uninstall the conflict if doing a user install and the
         # conflict is not a user install.
-        if not self.use_user_site or dist_in_usersite(req.satisfied_by):
+-        if not self.use_user_site or req.satisfied_by.in_usersite:
 +        if ((not self.use_user_site
-+                or dist_in_usersite(req.satisfied_by))
+                or req.satisfied_by.in_usersite)
-+                and dist_in_install_path(req.satisfied_by)):
+                and req.satisfied_by.in_install_path):
             req.should_reinstall = True
         req.satisfied_by = None
 diff --git a/src/pip/_internal/resolution/resolvelib/factory.py b/src/pip/_internal/resolution/resolvelib/factory.py
-index e7fd344..555e657 100644
+index a4c24b5..e7e2da9 100644
 --- a/src/pip/_internal/resolution/resolvelib/factory.py
 +++ b/src/pip/_internal/resolution/resolvelib/factory.py
-@@ -1,6 +1,7 @@
+@@ -1,6 +1,8 @@
 import contextlib
 import functools
 import logging
 +import sys
 +import sysconfig
 from typing import (
     TYPE_CHECKING,
     Dict,
-@@ -34,6 +35,7 @@ from pip._internal.exceptions import (
+@@ -549,6 +551,16 @@ class Factory:
     UnsupportedWheel,
 )
 from pip._internal.index.package_finder import PackageFinder
 +from pip._internal.locations import get_scheme
 from pip._internal.metadata import BaseDistribution, get_default_environment
 from pip._internal.models.link import Link
 from pip._internal.models.wheel import Wheel
@@ -46,6 +48,7 @@ from pip._internal.req.req_install import (
 from pip._internal.resolution.base import InstallRequirementProvider
 from pip._internal.utils.compatibility_tags import get_supported
 from pip._internal.utils.hashes import Hashes
 +from pip._internal.utils.misc import dist_location
 from pip._internal.utils.virtualenv import running_under_virtualenv
 from .base import Candidate, CandidateVersion, Constraint, Requirement
@@ -525,6 +528,13 @@ class Factory:
         if dist is None:  # Not installed, no uninstallation required.
             return None
 +        # Prevent uninstalling packages from /usr
-+        if dist_location(dist._dist) in (
+        try:
-+                get_scheme('', prefix=sys.base_prefix).purelib,
+            if dist.installed_location in (
-+                get_scheme('', prefix=sys.base_prefix).platlib,
+                    sysconfig.get_path('purelib', scheme='posix_prefix', vars={'base': sys.base_prefix}),
 +                    sysconfig.get_path('platlib', scheme='posix_prefix', vars={'platbase': sys.base_prefix}),
 +            ):
 +                return None
 +        except KeyError:  # this Python doesn't have 'rpm_prefix' scheme yet
 +            pass
 +
         # We're installing into global site. The current installation must
         # be uninstalled, no matter it's in global or user site, because the
         # user site installation has precedence over global.
 diff --git a/src/pip/_internal/utils/misc.py b/src/pip/_internal/utils/misc.py
 index 99ebea3..5901687 100644
 --- a/src/pip/_internal/utils/misc.py
 +++ b/src/pip/_internal/utils/misc.py
@@ -40,6 +40,7 @@ from pip._vendor.tenacity import retry, stop_after_delay, wait_fixed
 from pip import __version__
 from pip._internal.exceptions import CommandError
 from pip._internal.locations import get_major_minor_version, site_packages, user_site
 +from pip._internal.locations import get_scheme
 from pip._internal.utils.compat import WINDOWS, stdlib_pkgs
 from pip._internal.utils.virtualenv import (
     running_under_virtualenv,
@@ -382,6 +383,16 @@ def dist_in_site_packages(dist):
     return dist_location(dist).startswith(normalize_path(site_packages))
 +def dist_in_install_path(dist):
 +    """
 +    Return True if given Distribution is installed in
 +    path matching distutils_scheme layout.
 +    """
 +    norm_path = normalize_path(dist_location(dist))
 +    return norm_path.startswith(normalize_path(
 +        get_scheme("").purelib.split('python')[0]))
 +
 +
 def dist_is_editable(dist):
     # type: (Distribution) -> bool
     """
 -- 
-2.32.0
+2.35.3
--- a/SPECS/python-pip.spec
+++ b/SPECS/python-pip.spec
@ -1,57 +1,62 @@
-# The original RHEL 9 content set is defined by (build)dependencies
+## START: Set by rpmautospec
 ## (rpmautospec version 0.6.1)
 ## RPMAUTOSPEC: autorelease, autochangelog
 %define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
    release_number = 3;
    base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
    print(release_number + base_release_number - 1);
 }%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
 ## END: Set by rpmautospec
 # The original RHEL N+1 content set is defined by (build)dependencies
 # of the packages in Fedora ELN. Hence we disable tests and documentation here
 # to prevent pulling many unwanted packages in.
 # Once the RHEL 9 content set is defined and/or RHEL 9 forks from ELN,
 # the conditional can be removed from the Fedora spec file.
 # We intentionally keep this enabled on EPEL.
-%if 0%{?rhel} >= 9 && !0%{?epel}
+%bcond tests %[%{defined fedora} || %{defined epel}]
-%bcond_with tests
+%bcond doc %[%{defined fedora} || %{defined epel}]
 %bcond_with doc
 %else
 %bcond_without tests
 %bcond_without doc
 %endif
 %global srcname pip
-%global base_version 21.2.3
+%global base_version 23.3.2
 %global upstream_version %{base_version}%{?prerel}
 %global python_wheel_name %{srcname}-%{upstream_version}-py3-none-any.whl
 %global bashcompdir %(pkg-config --variable=completionsdir bash-completion 2>/dev/null)
 Name:           python-%{srcname}
 Version:        %{base_version}%{?prerel:~%{prerel}}
-Release:        7%{?dist}.1
+Release:        %autorelease
 Summary:        A tool for installing and managing Python packages
 # We bundle a lot of libraries with pip, which itself is under MIT license.
 # Here is the list of the libraries with corresponding licenses:
 # appdirs: MIT
-# certifi: MPLv2.0
+# certifi: MPL-2.0
-# chardet: LGPLv2
+# chardet: LGPL-2.1-only
-# colorama: BSD
+# colorama: BSD-3-Clause
-# CacheControl: ASL 2.0
+# CacheControl: Apache-2.0
-# distlib: Python
+# distlib: Python-2.0.1
-# distro: ASL 2.0
+# distro: Apache-2.0
 # html5lib: MIT
-# idna: BSD
+# idna: BSD-3-Clause
-# ipaddress: Python
+# ipaddress: Python-2.0.1
-# msgpack: ASL 2.0
+# msgpack: Apache-2.0
-# packaging: ASL 2.0 or BSD
+# packaging: Apache-2.0 OR BSD-2-Clause
 # pep517: MIT
 # progress: ISC
 # pygments: BSD-2-Clause
 # pyparsing: MIT
-# requests: ASL 2.0
+# pyproject-hooks: MIT
 # requests: Apache-2.0
 # resolvelib: ISC
 # rich: MIT
 # setuptools: MIT
 # six: MIT
-# tenacity: ASL 2.0
+# tenacity: Apache-2.0
 # truststore: MIT
 # tomli: MIT
 # typing-extensions: Python-2.0.1
 # urllib3: MIT
-# webencodings: BSD
+# webencodings: BSD-3-Clause
-License:        MIT and Python and ASL 2.0 and BSD and ISC and LGPLv2 and MPLv2.0 and (ASL 2.0 or BSD)
+License:        MIT AND Python-2.0.1 AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND ISC AND LGPL-2.1-only AND MPL-2.0 AND (Apache-2.0 OR BSD-2-Clause)
 URL:            https://pip.pypa.io/
 Source0:        https://github.com/pypa/pip/archive/%{upstream_version}/%{srcname}-%{upstream_version}.tar.gz
@ -69,21 +74,23 @@ BuildRequires:  python-wheel-wheel
 # Prevent removing of the system packages installed under /usr/lib
 # when pip install -U is executed.
 # https://bugzilla.redhat.com/show_bug.cgi?id=1550368#c24
-Patch3:         remove-existing-dist-only-if-path-conflicts.patch
+# Could be replaced with https://www.python.org/dev/peps/pep-0668/
 Patch:          remove-existing-dist-only-if-path-conflicts.patch
 # Use the system level root certificate instead of the one bundled in certifi
 # https://bugzilla.redhat.com/show_bug.cgi?id=1655253
-Patch4:         dummy-certifi.patch
+# The same patch is a part of the RPM-packaged python-certifi
 Patch:          dummy-certifi.patch
 # Don't warn the user about pip._internal.main() entrypoint
 # In Fedora, we use that in ensurepip and users cannot do anything about it,
 # this warning is juts moot. Also, the warning breaks CPython test suite.
-Patch5:         nowarn-pip._internal.main.patch
+Patch:          nowarn-pip._internal.main.patch
 # Don't warn the user about packaging's LegacyVersion being deprecated.
 # (This also breaks Python's test suite when warnings are treated as errors.)
 # Upstream issue: https://github.com/pypa/packaging/issues/368
-Patch6:         no-version-warning.patch
+Patch:          no-version-warning.patch
 # CVE-2007-4559, PEP-721, PEP-706: Use tarfile.data_filter for extracting
 # - Minimal downstream-only patch, to be replaced by upstream solution
@ -91,30 +98,7 @@ Patch6:         no-version-warning.patch
 # - Test patch submitted upstream in the above pull request
 # - Patch for vendored distlib, accepted upstream:
 #   https://github.com/pypa/distlib/pull/201
-Patch7:         cve-2007-4559-tarfile.patch
+Patch:         cve-2007-4559-tarfile.patch
 # Downstream only patch
 # Users might have local installations of pip from using
 # `pip install --user --upgrade pip` on older/newer versions.
 # If they do that and they run `pip` or  `pip3`, the one from /usr/bin is used.
 # However that's the one from this RPM package and the import in there might
 # fail (it tries to import from ~/.local, but older or newer pip is there with
 # a bit different API).
 # We add this patch as a dirty workaround to make /usr/bin/pip* work with
 # both pip10+ (from this RPM) and older or newer (19.3+) pip (from whatever).
 # A proper fix is to put ~/.local/bin in front of /usr/bin in the PATH,
 # however others are against that and we cannot change it for existing
 # installs/user homes anyway.
 # https://bugzilla.redhat.com/show_bug.cgi?id=1569488
 # https://bugzilla.redhat.com/show_bug.cgi?id=1571650
 # https://bugzilla.redhat.com/show_bug.cgi?id=1767212
 # WARNING: /usr/bin/pip* are entrypoints, this cannot be applied in %%prep!
 # %%patch10 doesn't work outside of %%prep, so we add it as a source
 # Note that since pip 20, old main() import paths are preserved for backwards
 # compatibility: https://github.com/pypa/pip/issues/7498
 # Meaning we don't need to update any of the older pips to support 20+
 # We also don't need to update Pythons to use new import path in ensurepip
 Source10:        pip-allow-different-versions.patch
 %description
 pip is a package management system used to install and manage software packages
@ -128,27 +112,29 @@ Packages" or "Pip Installs Python".
 # You can generate it with:
 # %%{_rpmconfigdir}/pythonbundles.py --namespace 'python%%{1}dist' src/pip/_vendor/vendor.txt
 %global bundled() %{expand:
-Provides: bundled(python%{1}dist(appdirs)) = 1.4.4
+Provides: bundled(python%{1}dist(cachecontrol)) = 0.13.1
-Provides: bundled(python%{1}dist(cachecontrol)) = 0.12.6
+Provides: bundled(python%{1}dist(certifi)) = 2023.7.22
-Provides: bundled(python%{1}dist(certifi)) = 2021.5.30
+Provides: bundled(python%{1}dist(chardet)) = 5.1
-Provides: bundled(python%{1}dist(chardet)) = 4
+Provides: bundled(python%{1}dist(colorama)) = 0.4.6
-Provides: bundled(python%{1}dist(colorama)) = 0.4.4
+Provides: bundled(python%{1}dist(distlib)) = 0.3.6
-Provides: bundled(python%{1}dist(distlib)) = 0.3.2
+Provides: bundled(python%{1}dist(distro)) = 1.8
-Provides: bundled(python%{1}dist(distro)) = 1.5
+Provides: bundled(python%{1}dist(idna)) = 3.4
-Provides: bundled(python%{1}dist(html5lib)) = 1.1
+Provides: bundled(python%{1}dist(msgpack)) = 1.0.5
-Provides: bundled(python%{1}dist(idna)) = 3.2
+Provides: bundled(python%{1}dist(packaging)) = 21.3
-Provides: bundled(python%{1}dist(msgpack)) = 1.0.2
+Provides: bundled(python%{1}dist(platformdirs)) = 3.8.1
-Provides: bundled(python%{1}dist(packaging)) = 21
+Provides: bundled(python%{1}dist(pygments)) = 2.15.1
-Provides: bundled(python%{1}dist(pep517)) = 0.11
+Provides: bundled(python%{1}dist(pyparsing)) = 3.1
-Provides: bundled(python%{1}dist(progress)) = 1.5
+Provides: bundled(python%{1}dist(pyproject-hooks)) = 1
-Provides: bundled(python%{1}dist(pyparsing)) = 2.4.7
+Provides: bundled(python%{1}dist(requests)) = 2.31
-Provides: bundled(python%{1}dist(requests)) = 2.26
+Provides: bundled(python%{1}dist(resolvelib)) = 1.0.1
-Provides: bundled(python%{1}dist(resolvelib)) = 0.7.1
+Provides: bundled(python%{1}dist(rich)) = 13.4.2
-Provides: bundled(python%{1}dist(setuptools)) = 44
+Provides: bundled(python%{1}dist(setuptools)) = 68
 Provides: bundled(python%{1}dist(six)) = 1.16
-Provides: bundled(python%{1}dist(tenacity)) = 8.0.1
+Provides: bundled(python%{1}dist(tenacity)) = 8.2.2
-Provides: bundled(python%{1}dist(tomli)) = 1.0.3
+Provides: bundled(python%{1}dist(truststore)) = 0.8
-Provides: bundled(python%{1}dist(urllib3)) = 1.26.6
+Provides: bundled(python%{1}dist(tomli)) = 2.0.1
 Provides: bundled(python%{1}dist(typing-extensions)) = 4.7.1
 Provides: bundled(python%{1}dist(urllib3)) = 1.26.17
 Provides: bundled(python%{1}dist(webencodings)) = 0.5.1
 }
@ -163,6 +149,9 @@ Provides: bundled(python%{1}dist(webencodings)) = 0.5.1
 # a long time until manylinux1 is phased out).
 # See: https://github.com/pypa/manylinux/issues/305
 # Note that manylinux is only applicable to x86 (both 32 and 64 bits)
 # As of Python 3.12, we no longer use this,
 # see https://discuss.python.org/t/29455/
 # However, we keep it around for previous Python versions that use the wheel package.
 %global crypt_compat_recommends() %{expand:
 Recommends: (libcrypt.so.1()(64bit) if python%{1}(x86-64))
 Recommends: (libcrypt.so.1 if python%{1}(x86-32))
@ -180,45 +169,17 @@ BuildRequires:  python%{python3_pkgversion}-devel
 # The minimal version is for bundled provides verification script
 BuildRequires:  python3-rpm-generators >= 11-8
 BuildRequires:  python%{python3_pkgversion}-setuptools
 BuildRequires:  bash-completion
 %if %{with tests}
 BuildRequires:  python%{python3_pkgversion}-cryptography
 BuildRequires:  python%{python3_pkgversion}-mock
 BuildRequires:  python%{python3_pkgversion}-pytest
 BuildRequires:  python%{python3_pkgversion}-pretend
 BuildRequires:  python%{python3_pkgversion}-freezegun
 BuildRequires:  python%{python3_pkgversion}-scripttest
 BuildRequires:  python%{python3_pkgversion}-virtualenv
 BuildRequires:  python%{python3_pkgversion}-werkzeug
 BuildRequires:  python%{python3_pkgversion}-pyyaml
 %endif
 BuildRequires:  python%{python3_pkgversion}-wheel
 BuildRequires:  bash-completion
 BuildRequires:  ca-certificates
 Requires:       ca-certificates
 # pip has to require explicit version of python3 that provides
 # filters in tarfile module (fix for CVE-2007-4559).
 Requires:       python3 >= 3.9.17-2
 # This was previously required and we keep it recommended because a lot of
 # sdists installed via pip will try to import setuptools.
 # But pip doesn't actually require setuptools.
 # It can install wheels without them and it can build wheels in isolation mode
 # (using setuptools/flit/poetry/... installed from PyPI).
 # Side note: pip bundles pkg_resources from setuptools for internal usage.
 Recommends:     python%{python3_pkgversion}-setuptools
 # Virtual provides for the packages bundled by pip:
 %{bundled 3}
 Provides:       pip = %{version}-%{release}
 Conflicts:      python-pip < %{version}-%{release}
 %{crypt_compat_recommends 3}
 # Provide platform-python-pip for backwards compatibility with RHEL 8
 Provides:       platform-python-pip = %{version}-%{release}
 %description -n python%{python3_pkgversion}-%{srcname}
 pip is a package management system used to install and manage software packages
 written in Python. Many packages can be found in the Python Package Index
@ -242,19 +203,19 @@ A documentation for a tool for installing and managing Python packages
 %package -n     %{python_wheel_pkg_prefix}-%{srcname}-wheel
 Summary:        The pip wheel
 Requires:       ca-certificates
 Provides:       %{name}-wheel = %{version}-%{release}
 Obsoletes:      %{name}-wheel < %{version}-%{release}
 # Older versions of python3-libs (< 3.9.9-2) expect Python wheels at the old unversioned
 # location, so we conflict with the old Python versions that wouldn't work with
 # the new wheel location.
 # Moreover, Python older than (3.9.17-2) does not provide tarfile filters (fix for CVE-2007-4559).
 Conflicts:      python3-libs < 3.9.17-2
 # Virtual provides for the packages bundled by pip:
 %{bundled 3}
-%{crypt_compat_recommends 3}
+# This is only relevant for Pythons that are older than 3.12 and don't use their own bundled wheels
 # It is also only relevant when this wheel is shared across multiple Pythons
 %if "%{python_wheel_pkg_prefix}" == "python"
 %{crypt_compat_recommends 3.11}
 %{crypt_compat_recommends 3.10}
 %{crypt_compat_recommends 3.9}
 %{crypt_compat_recommends 3.8}
 %{crypt_compat_recommends 3.7}
 %endif
 %description -n %{python_wheel_pkg_prefix}-%{srcname}-wheel
 A Python wheel of pip to use with venv.
@ -275,13 +236,26 @@ sed -i '/"sphinxcontrib.towncrier",/d' docs/html/conf.py
 # tests expect wheels in here
 ln -s %{python_wheel_dir} tests/data/common_wheels
 # Remove shebang from files in bundled chardet
 grep -lr "^#\!/usr/bin/env python" src/pip/_vendor/chardet/ | xargs sed -i "1d"
 # Remove windows executable binaries
 rm -v src/pip/_vendor/distlib/*.exe
 sed -i '/\.exe/d' setup.py
 # Remove RIGHT-TO-LEFT OVERRIDE from AUTHORS.txt
 # https://github.com/pypa/pip/pull/12046
 %{python3} -c 'from pathlib import Path; p = Path("AUTHORS.txt"); p.write_text("".join(c for c in p.read_text() if c != "\u202e"))'
 # Remove unused test requirements
 sed -Ei '/pytest-(cov|xdist|rerunfailures)/d' tests/requirements.txt
 %if %{with tests}
 %generate_buildrequires
 # we only use this to generate test requires
 # the "pyproject" part is explicitly disabled as it generates a requirement on pip
 %pyproject_buildrequires -N tests/requirements.txt
 %endif
 %build
 %py3_build_wheel
@ -324,20 +298,15 @@ done
 popd
 %endif
-# before we ln -s anything, we apply Source10 patch to all pips:
+mkdir -p %{buildroot}%{bash_completions_dir}
 for PIP in %{buildroot}%{_bindir}/pip*; do
  patch -p1 --no-backup-if-mismatch $PIP < %{SOURCE10}
 done
 mkdir -p %{buildroot}%{bashcompdir}
 PYTHONPATH=%{buildroot}%{python3_sitelib} \
    %{buildroot}%{_bindir}/pip completion --bash \
-    > %{buildroot}%{bashcompdir}/pip3
+    > %{buildroot}%{bash_completions_dir}/pip3
 # Make bash completion apply to all the 5 symlinks we install
 sed -i -e "s/^\\(complete.*\\) pip\$/\\1 pip pip{,-}{3,%{python3_version}}/" \
    -e s/_pip_completion/_pip3_completion/ \
-    %{buildroot}%{bashcompdir}/pip3
+    %{buildroot}%{bash_completions_dir}/pip3
 # Provide symlinks to executables to comply with Fedora guidelines for Python
@ -354,33 +323,26 @@ mkdir -p %{buildroot}%{python_wheel_dir}
 install -p dist/%{python_wheel_name} -t %{buildroot}%{python_wheel_dir}
 %if %{with tests}
 %check
 # Verify bundled provides are up to date
 %{_rpmconfigdir}/pythonbundles.py src/pip/_vendor/vendor.txt --compare-with '%{bundled 3}'
 # Verify we can at least run basic commands without crashing
 %{py3_test_envvars} %{buildroot}%{_bindir}/pip --help
 %{py3_test_envvars} %{buildroot}%{_bindir}/pip list
 %{py3_test_envvars} %{buildroot}%{_bindir}/pip show pip
 %if %{with tests}
 # Upstream tests
 # bash completion tests only work from installed package
-# needs unaltered sys.path and we cannot do that in %%check
+pytest_k='not completion'
 #     test_pep517_and_build_options
 #     test_config_file_venv_option
 # Incompatible with the latest virtualenv
 #     test_from_link_vcs_with_source_dir_obtains_commit_id
 #     test_from_link_vcs_without_source_dir
 #     test_should_cache_git_sha
 pytest_k='not completion and
          not test_pep517_and_build_options and
          not test_config_file_venv_option and
          not test_from_link_vcs_with_source_dir_obtains_commit_id and
          not test_from_link_vcs_without_source_dir and
          not test_should_cache_git_sha'
 # --deselect'ed tests are not compatible with the latest virtualenv
 # These files contain almost 500 tests so we should enable them back
 # as soon as pip will be compatible upstream
 # https://github.com/pypa/pip/pull/8441
 %pytest -m 'not network' -k "$(echo $pytest_k)" \
-    --deselect tests/functional --deselect tests/lib/test_lib.py --deselect tests/unit/test_build_env.py
+    --deselect tests/functional --deselect tests/lib/test_lib.py
 %endif
@ -399,8 +361,8 @@ pytest_k='not completion and
 %{_bindir}/pip%{python3_version}
 %{_bindir}/pip-%{python3_version}
 %{python3_sitelib}/pip*
-%dir %{bashcompdir}
+%dir %{bash_completions_dir}
-%{bashcompdir}/pip3
+%{bash_completions_dir}/pip3
 %if %{with doc}
 %files doc
@ -416,64 +378,158 @@ pytest_k='not completion and
 %{python_wheel_dir}/%{python_wheel_name}
 %changelog
-* Wed Feb 14 2024 Lumír Balhar <lbalhar@redhat.com> - 21.2.3-7.1
+## START: Generated by rpmautospec
- Require Python with tarfile filters
+* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 23.3.2-3
-Resolves: RHEL-25452
+- Bump release for June 2024 mass rebuild
-* Tue Aug 08 2023 Petr Viktorin <pviktori@redhat.com> - 21.2.3-7
+* Tue May 07 2024 Charalampos Stratakis <cstratak@redhat.com> - 23.3.2-2
 - Use tarfile.data_filter for extracting (CVE-2007-4559, PEP-721, PEP-706)
-Resolves: RHBZ#2207997
+- Require Python with tarfile filters
 - Resolves: RHEL-25820
 * Thu Jan 25 2024 Miro Hrončok <miro@hroncok.cz> - 23.3.2-1
 - Update to 23.3.2
 * Mon Jan 22 2024 Miro Hrončok <mhroncok@redhat.com> - 23.3.1-5
 - Switched to autogenerated BuildRequires for test dependencies,
  which removed some that were no longer necessary
 * Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 23.3.1-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
-* Thu Feb 03 2022 Tomas Orsava <torsava@redhat.com> - 21.2.3-6
+* Fri Jan 12 2024 Maxwell G <maxwell@gtmx.me> - 23.3.1-3
- Add automatically generated Obsoletes tag with the python39- prefix
+- Remove unused python3-mock dependency
  for smoother upgrade from RHEL8
 - Related: rhbz#1990421
-* Wed Nov 24 2021 Tomas Orsava <torsava@redhat.com> - 21.2.3-5
+* Wed Jan 03 2024 Maxwell G <maxwell@gtmx.me> - 23.3.1-2
- Conflict with old Python versions that use the old unversioned wheel location
+- Remove weak dependency on python3-setuptools
 - Resolves: rhbz#1982668
-* Fri Nov 5 2021 Tomas Orsava <torsava@redhat.com> - 21.2.3-4
+* Thu Nov 16 2023 Petr Viktorin <pviktori@redhat.com> - 23.3.1-1
- Make the python-pip-wheel subpackage versioned (python3-pip-wheel),
+- Update to 23.3.1
-  and move its contents to a versioned directory /usr/share/python3-wheels
+Resolves: rhbz#2244306
 - Resolves: rhbz#1982668
-* Wed Oct 06 2021 Charalampos Stratakis <cstratak@redhat.com> - 21.2.3-3
+* Fri Aug 04 2023 Miro Hrončok <mhroncok@redhat.com> - 23.2.1-1
 - Update to 23.2.1
 Resolves: rhbz#2223082
 * Fri Aug 04 2023 Miro Hrončok <mhroncok@redhat.com> - 23.1.2-7
 - Actually run the tests and build the docs when building this package
 * Wed Jul 26 2023 Miro Hrončok <mhroncok@redhat.com> - 23.1.2-6
 - Drop no-longer-needed custom changes to /usr/bin/pip*
 - Stop Recommending libcrypt.so.1 on Python 3.12+
 Resolves: rhbz#2150373
 * Tue Jul 25 2023 Python Maint <python-maint@redhat.com> - 23.1.2-5
 - Rebuilt for Python 3.12
 * Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 23.1.2-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
 * Thu Jul 20 2023 Python Maint <python-maint@redhat.com> - 23.1.2-3
 - Rebuilt for Python 3.12
 * Tue Jun 13 2023 Python Maint <python-maint@redhat.com> - 23.1.2-2
 - Bootstrap for Python 3.12
 * Fri May 19 2023 Miro Hrončok <mhroncok@redhat.com> - 23.1.2-1
 - Update to 23.1.2
 Resolves: rhbz#2186979
 * Mon Mar 27 2023 Karolina Surma <ksurma@redhat.com> - 23.0.1-2
 - Fix compatibility with Sphinx 6+
 Resolves: rhbz#2180479
 * Mon Feb 20 2023 Tomáš Hrnčiar <thrnciar@redhat.com> - 23.0.1-1
 - Update to 23.0.1
 Resolves: rhbz#2165760
 * Fri Jan 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 22.3.1-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
 * Mon Nov 14 2022 Karolina Surma <ksurma@redhat.com> - 22.3.1-1
 - Update to 22.3.1
 Resolves: rhbz#2135044
 * Mon Sep 05 2022 Python Maint <python-maint@redhat.com> - 22.2.2-2
 - Fix crash when an empty dist-info/egg-info is present
 Resolves: rhbz#2115001
 - No longer use the rpm_install prefix to determine RPM-installed packages
 Related: rhbz#2026979
 * Wed Aug 03 2022 Charalampos Stratakis <cstratak@redhat.com> - 22.2.2-1
 - Update to 22.2.2
 Resolves: rhbz#2109468
 * Fri Jul 22 2022 Charalampos Stratakis <cstratak@redhat.com> - 22.2-1
 - Update to 22.2
 Resolves: rhbz#2109468
 * Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 22.0.4-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
 * Wed Jun 15 2022 Python Maint <python-maint@redhat.com> - 22.0.4-4
 - Rebuilt for Python 3.11
 * Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 22.0.4-3
 - Bootstrap for Python 3.11
 * Tue Apr 26 2022 Tomáš Hrnčiar <thrnciar@redhat.com> - 22.0.4-2
 - Fallback to pep517 if setup.py is present and setuptools cannot be imported
 - Fixes: rhbz#2020635
 * Mon Mar 21 2022 Karolina Surma <ksurma@redhat.com> - 22.0.4-1
 - Update to 22.0.4
 Resolves: rhbz#2061262
 * Wed Feb 16 2022 Lumír Balhar <lbalhar@redhat.com> - 22.0.3-1
 - Update to 22.0.3
 Resolves: rhbz#2048243
 * Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 21.3.1-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
 * Mon Oct 25 2021 Miro Hrončok <mhroncok@redhat.com> - 21.3.1-1
 - Update to 21.3.1
 - Resolves: rhbz#2016682
 * Wed Oct 13 2021 Miro Hrončok <mhroncok@redhat.com> - 21.3-1
 - Update to 21.3
 - Resolves: rhbz#2013026
 - Fix incomplete pip-updates in virtual environments
 * Wed Oct 06 2021 Charalampos Stratakis <cstratak@redhat.com> - 21.2.3-4
 - Remove bundled windows executables
- Resolves: rhbz#2006795
+- Resolves: rhbz#2005453
 * Thu Sep 23 2021 Miro Hrončok <mhroncok@redhat.com> - 21.2.3-3
 - Detect paths not to uninstall from via sysconfig's rpm_prefix install scheme
-* Mon Sep 13 2021 Miro Hrončok <mhroncok@redhat.com> - 21.2.3-2
+* Mon Aug 16 2021 Miro Hrončok <mhroncok@redhat.com> - 21.2.3-2
 - Fix broken uninstallation by a bogus downstream patch
-* Mon Sep 13 2021 Miro Hrončok <mhroncok@redhat.com> - 21.2.3-1
+* Mon Aug 09 2021 Miro Hrončok <mhroncok@redhat.com> - 21.2.3-1
 - Update to 21.2.3
 - Resolves: rhbz#1985635
-* Mon Sep 13 2021 Lumír Balhar <lbalhar@redhat.com> - 21.1.3-1
+* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 21.1.3-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
 * Tue Jun 29 2021 Lumír Balhar <lbalhar@redhat.com> - 21.1.3-1
 - Update to 21.1.3
 Resolves: rhbz#1976449
-* Mon Sep 13 2021 Karolina Surma <ksurma@redhat.com> - 21.1.2-1
+* Mon Jun 07 2021 Karolina Surma <ksurma@redhat.com> - 21.1.2-1
 - Update to 21.1.2
 Resolves: rhbz#1963433
-* Mon Sep 13 2021 Karolina Surma <ksurma@redhat.com> - 21.1.1-1
+* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 21.1.1-3
- Update to 21.1.1
+- Rebuilt for Python 3.10
-* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 21.0.1-6
+* Tue Jun 01 2021 Python Maint <python-maint@redhat.com> - 21.1.1-2
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+- Bootstrap for Python 3.10
  Related: rhbz#1991688
-* Wed Jul 28 2021 Tomas Orsava <torsava@redhat.com> - 21.0.1-5
+* Mon May 10 2021 Karolina Surma <ksurma@redhat.com> - 21.1.1-1
- Provide the platform-python-pip name for backwards compatibility
+- Update to 21.1.1
  with RHEL 8
 - Related: rhbz#1891487
 * Mon May 17 2021 Karolina Surma <ksurma@redhat.com> - 21.0.1-4
 - Backport security fixes from pip 21.1.1
 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com>
 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
 * Sat Mar 13 2021 Miro Hrončok <mhroncok@redhat.com> - 21.0.1-2
 - python-pip-wheel: Remove bundled provides and libcrypt recommends for Python 2
@ -831,3 +887,4 @@ Resolves: rhbz#1406922
 * Mon Aug 31 2009 Peter Halliday <phalliday@excelsiorsystems.net> - 0.4-1
 - Initial package
 ## END: Generated by rpmautospec
`@ -1 +1 @@`
	`SOURCES/pip-21.2.3.tar.gz`	`SOURCES/pip-23.3.2.tar.gz`
`@ -1 +1 @@`
	`c899dfeece28336424046e097bc48783a5d4264b SOURCES/pip-21.2.3.tar.gz`	`59ca44393b8df2eadc09e8dbf718c51da5ab13c9 SOURCES/pip-23.3.2.tar.gz`