Sourced from pip's changelog.
25.0 (2025-01-26)
Deprecations and Removals
- Deprecate the
no-python-version-warningflag as it has long done nothing since Python 2 support was removed in pip 21.0. ([#13154](https://github.com/pypa/pip/issues/13154) <https://github.com/pypa/pip/issues/13154>_)Features
- Prefer to display :pep:
639License-Expressioninpip showif metadata version is at least 2.4. ([#13112](https://github.com/pypa/pip/issues/13112) <https://github.com/pypa/pip/issues/13112>_)- Support :pep:
639License-ExpressionandLicense-Filemetadata fields in JSON output.pip inspectandpip install --reportnow emitlicense_expressionandlicense_filefields in themetadataobject, if the corresponding fields are present in the installedMETADATAfile. ([#13134](https://github.com/pypa/pip/issues/13134) <https://github.com/pypa/pip/issues/13134>_)- Files in the network cache will inherit the read/write permissions of pip's cache directory (in addition to the current user retaining read/write access). This enables a single cache to be shared among multiple users. (
[#11012](https://github.com/pypa/pip/issues/11012) <https://github.com/pypa/pip/issues/11012>_)- Return the size, along with the number, of files cleared on
pip cache purgeandpip cache remove([#12176](https://github.com/pypa/pip/issues/12176) <https://github.com/pypa/pip/issues/12176>_)- Cache
python-requireschecks while filtering potential installation candidates. ([#13128](https://github.com/pypa/pip/issues/13128) <https://github.com/pypa/pip/issues/13128>_)- Optimize package collection by avoiding unnecessary URL parsing and other processing. (
[#13132](https://github.com/pypa/pip/issues/13132) <https://github.com/pypa/pip/issues/13132>_)Bug Fixes
- Reorder the encoding detection when decoding a requirements file, relying on UTF-8 over the locale encoding by default, matching the documented behaviour. (
[#12771](https://github.com/pypa/pip/issues/12771) <https://github.com/pypa/pip/issues/12771>_)- The pip version self check is disabled on
EXTERNALLY-MANAGEDenvironments. ([#11820](https://github.com/pypa/pip/issues/11820) <https://github.com/pypa/pip/issues/11820>_)- Fix a security bug allowing a specially crafted wheel to execute code during installation. (
[#13079](https://github.com/pypa/pip/issues/13079) <https://github.com/pypa/pip/issues/13079>_)- The inclusion of
packaging24.2 changes how pre-release specifiers with<and>behave. Including a pre-release version with these specifiers now implies accepting pre-releases (e.g.,<2.0devcan include1.0rc1). To avoid implying pre-releases, avoid specifying them (e.g., use<2.0). The exception is!=, which never implies pre-releases. ([#13163](https://github.com/pypa/pip/issues/13163) <https://github.com/pypa/pip/issues/13163>_)- The
--certand--client-certcommand-line options are now respected while installing build dependencies. Consequently, the private_PIP_STANDALONE_CERTenvironment variable is no longer used. ([#5502](https://github.com/pypa/pip/issues/5502) <https://github.com/pypa/pip/issues/5502>_)- The
--proxycommand-line option is now respected while installing build dependencies. ([#6018](https://github.com/pypa/pip/issues/6018) <https://github.com/pypa/pip/issues/6018>_)Vendored Libraries
- Upgrade CacheControl to 0.14.1
- Upgrade idna to 3.10
- Upgrade msgpack to 1.1.0
- Upgrade packaging to 24.2
... (truncated)
f47b587 Bump for release74a7f33 Update AUTHORS.txta008888 Merge pull request #13171 from pypa/dependabot/github_actions/github-actions-...d265fb7 Merge pull request #13174 from ichard26/changelogd35384e Copyedit news entries before 25.0adc4f99 Reorder requirements file decoding (#12795)40c4214 Bump pypa/gh-action-pypi-publish in the github-actions group6b0fb90 Merge pull request #13048 from sbidoul/trusted-publisher-sbic7fb1e1 Merge pull request #13145 from befeleme/pip-show-pep63941c807c Show License-Expression if present in package metadata