Workflow

Pex

Latest version: v2.3.1

Safety actively analyzes 630052 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 7 of 47

2.1.135

This release brings support for `pex3 venv {inspect,create}` for working
with venvs directly using Pex. Previously, a PEX built with
`--include-tools` (or `--venv`) had the capability of turning itself
into a venv but the new `pex3 venv create` command can do this for any
PEX file with the addition of a few new features:

1. The venv can now be created directly from requirements producing no
intermediate PEX file.
2. The venv can be created either from a PEX file or a lock file. A
subset of either of those can be chosen by also supplying
requirements.
3. Instead of creating a full-fledged venv, just the site-packages can
be exported (without creating an intermediate venv). This "flat"
layout is used by several prominent runtimes - notably AWS Lambda
-and emulates `pip install --target`. This style layout can also be
zipped and prefixed. Additionally, it supports `--platform` and
`--complete-platform` allowing creation of, for example, an AWS
Lambda (or Lambda Layer) deployment zip on a non-Linux host.

Additionally, this release adds support for Pip 23.1.1 and 23.1.2.

* Add Support for Pip 23.1.1. (2133)
* Introduce pex3 venv inspect. (2135)
* Introduce pex3 venv create. (2140)
* Add support for Pip 23.1.2. (2142)

2.1.134

This release fixes `pex3 lock create` gathering of sdist metadata for
PEP-517 build backends with non-trivial `get-requires-for-build-wheel`
requirements.

* Use get_requires_for_build_wheel for metadata prep. (2129)

2.1.133

This release fixes `--venv` mode PEX venv script shebangs for some
scenarios using Python `<=3.7` interpreters.

* Fix venv script shebangs. (2122)

2.1.132

This release brings support for the latest Pip release with
`--pip-version 23.1` or by using new support for pinning to the latest
version of Pip supported by Pex with `--pip-version latest`.

* Add support for Pip 23.1 (2114)
* Add support for `--pip-version latest`. (2116)

2.1.131

This release fixes some inconsistencies in Pex JSON output across the
Python 2/3 boundary and in handling of venv collisions when using the
venv Pex tool.

* Stabilize JSON output format across Python 2/3. (2106)
* Support `--pip` overrides via PEX deps. (2107)

2.1.130

This release fixes a regression locking certain complex cases of direct
and transitive requirement interactions as exemplified in 2098.

* Guard lock analysis against Pip-cached artifacts. (2103)

Page 7 of 47

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.