Remove doctree pickles

This commit removes hidden doctree folder which serves as a cache for
Sphinx when documentation is build. It's useless for user and creates
rpmlint warning hidden-file-or-dir.

7873.patch

@@ -0,0 +1,167 @@
+From e65d560c1c92278085510771a7f696d804081948 Mon Sep 17 00:00:00 2001
+From: Tomas Hrnciar <thrnciar@redhat.com>
+Date: Mon, 20 Apr 2020 14:14:05 +0200
+Subject: [PATCH 1/2] Backport of necessary changes from PR #6770, needed for
+ backport of PR #7872
+
+https://github.com/pypa/pip/pull/6770
+---
+ src/pip/_internal/download.py | 13 ++++++++++++-
+ 1 file changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/src/pip/_internal/download.py b/src/pip/_internal/download.py
+index 2bbe1762..b3bd2414 100644
+--- a/src/pip/_internal/download.py
++++ b/src/pip/_internal/download.py
+@@ -729,9 +729,20 @@ def unpack_file_url(
+ 
+     # If it's a url to a local directory
+     if is_dir_url(link):
++
++        def ignore(d, names):
++            # Pulling in those directories can potentially be very slow,
++            # exclude the following directories if they appear in the top
++            # level dir (and only it).
++            # See discussion at https://github.com/pypa/pip/pull/6770
++            return ['.tox', '.nox'] if d == link_path else []
+         if os.path.isdir(location):
+             rmtree(location)
+-        shutil.copytree(link_path, location, symlinks=True)
++        shutil.copytree(link_path,
++                        location,
++                        symlinks=True,
++                        ignore=ignore)
++
+         if download_dir:
+             logger.info('Link is a directory, ignoring download_dir')
+         return
+-- 
+2.23.0
+
+
+From f4ee6c36a8b37b1a325d2e2d47d6b3684ca5566b Mon Sep 17 00:00:00 2001
+From: Tomas Hrnciar <thrnciar@redhat.com>
+Date: Mon, 20 Apr 2020 14:46:49 +0200
+Subject: [PATCH 2/2] Prevent infinite recursion with pip wheel with $TMPDIR in
+ $PWD
+
+During a build of extension module within `pip wheel` the source directory is
+recursively copied in a temporary directory.
+
+See https://github.com/pypa/pip/issues/7555
+
+When the temporary directory is inside the source directory
+(for example by setting `TMPDIR=$PWD/tmp`) this caused an infinite recursion
+that ended in:
+
+[Errno 36] File name too long
+
+We prevent that buy never copying the target to the target in _copy_source_tree.
+
+Fixes https://github.com/pypa/pip/issues/7872
+
+Avoid a test dependency on a C compiler, skip the test on Windows
+---
+ news/7872.bugfix                     |  1 +
+ src/pip/_internal/download.py        | 23 ++++++++++++++++++-----
+ tests/data/src/extension/extension.c |  0
+ tests/data/src/extension/setup.py    |  4 ++++
+ tests/functional/test_wheel.py       | 17 +++++++++++++++++
+ 5 files changed, 40 insertions(+), 5 deletions(-)
+ create mode 100644 news/7872.bugfix
+ create mode 100644 tests/data/src/extension/extension.c
+ create mode 100644 tests/data/src/extension/setup.py
+
+diff --git a/news/7872.bugfix b/news/7872.bugfix
+new file mode 100644
+index 00000000..3550d573
+--- /dev/null
++++ b/news/7872.bugfix
+@@ -0,0 +1 @@
++Prevent an infinite recursion with ``pip wheel`` when ``$TMPDIR`` is within the source directory.
+diff --git a/src/pip/_internal/download.py b/src/pip/_internal/download.py
+index b3bd2414..80689012 100644
+--- a/src/pip/_internal/download.py
++++ b/src/pip/_internal/download.py
+@@ -729,13 +729,26 @@ def unpack_file_url(
+ 
+     # If it's a url to a local directory
+     if is_dir_url(link):
++        target_abspath = os.path.abspath(location)
++        target_basename = os.path.basename(target_abspath)
++        target_dirname = os.path.dirname(target_abspath)
+ 
+         def ignore(d, names):
+-            # Pulling in those directories can potentially be very slow,
+-            # exclude the following directories if they appear in the top
+-            # level dir (and only it).
+-            # See discussion at https://github.com/pypa/pip/pull/6770
+-            return ['.tox', '.nox'] if d == link_path else []
++            # type: (str, List[str]) -> List[str]
++            skipped = []  # type: List[str]
++            if d == link_path:
++                # Pulling in those directories can potentially be very slow,
++                # exclude the following directories if they appear in the top
++                # level dir (and only it).
++                # See discussion at https://github.com/pypa/pip/pull/6770
++                skipped += ['.tox', '.nox']
++            if os.path.abspath(d) == target_dirname:
++                # Prevent an infinite recursion if the target is in source.
++                # This can happen when TMPDIR is set to ${PWD}/...
++                # and we copy PWD to TMPDIR.
++                skipped += [target_basename]
++            return skipped
++
+         if os.path.isdir(location):
+             rmtree(location)
+         shutil.copytree(link_path,
+diff --git a/tests/data/src/extension/extension.c b/tests/data/src/extension/extension.c
+new file mode 100644
+index 00000000..e69de29b
+diff --git a/tests/data/src/extension/setup.py b/tests/data/src/extension/setup.py
+new file mode 100644
+index 00000000..b26302b0
+--- /dev/null
++++ b/tests/data/src/extension/setup.py
+@@ -0,0 +1,4 @@
++from setuptools import Extension, setup
++
++module = Extension('extension', sources=['extension.c'])
++setup(name='extension', version='0.0.1', ext_modules = [module])
+diff --git a/tests/functional/test_wheel.py b/tests/functional/test_wheel.py
+index 7ab76c13..2a418bf4 100644
+--- a/tests/functional/test_wheel.py
++++ b/tests/functional/test_wheel.py
+@@ -1,5 +1,6 @@
+ """'pip wheel' tests"""
+ import os
++import sys
+ from os.path import exists
+ 
+ import pytest
+@@ -218,6 +219,22 @@ def test_pip_wheel_with_user_set_in_config(script, data, common_wheels):
+     )
+     assert "Successfully built withpyproject" in result.stdout, result.stdout
+ 
++@pytest.mark.skipif(sys.platform.startswith('win'),
++                    reason='The empty extension module does not work on Win')
++def test_pip_wheel_ext_module_with_tmpdir_inside(script, data, common_wheels):
++    tmpdir = data.src / 'extension/tmp'
++    tmpdir.mkdir()
++    script.environ['TMPDIR'] = str(tmpdir)
++
++    # To avoid a test dependency on a C compiler, we set the env vars to "noop"
++    # The .c source is empty anyway
++    script.environ['CC'] = script.environ['LDSHARED'] = str('true')
++
++    result = script.pip(
++        'wheel', data.src / 'extension',
++        '--no-index', '-f', common_wheels
++    )
++    assert "Successfully built extension" in result.stdout, result.stdout
+ 
+ def test_pep517_wheels_are_not_confused_with_other_files(script, tmpdir, data):
+     """Check correct wheels are copied. (#6196)
+-- 
+2.23.0
+

emit-a-warning-when-running-with-root-privileges.patch

@@ -11,7 +11,7 @@ index 1279d4a..aeb9d26 100644
  from optparse import SUPPRESS_HELP
  
  from pip._vendor import pkg_resources
-@@ -217,6 +219,20 @@ class InstallCommand(RequirementCommand):
+@@ -217,6 +219,23 @@ class InstallCommand(RequirementCommand):
  
      def run(self, options, args):
          cmdoptions.check_install_build_global(options)
@@ -23,10 +23,13 @@ index 1279d4a..aeb9d26 100644
 +
 +        # Check whether we have root privileges and aren't in venv/virtualenv
 +        if os.getuid() == 0 and not is_venv():
++            command = path.basename(sys.argv[0])
++            if command == "__main__.py":
++                command = path.basename(sys.executable) + " -m pip"
 +            logger.warning(
 +                "WARNING: Running pip install with root privileges is "
 +                "generally not a good idea. Try `%s install --user` instead."
-+                % path.basename(sys.argv[0])
++                % command
 +            )
 +
          upgrade_strategy = "to-satisfy-only"

pip-allow-different-versions.patch

@@ -1,6 +1,6 @@
 --- /usr/bin/pip3	2018-03-29 15:22:13.000000000 +0200
 +++ pip3	2018-05-04 11:49:08.098821010 +0200
-@@ -4,7 +4,12 @@
+@@ -4,7 +4,16 @@
  import re
  import sys
  
@@ -11,6 +11,10 @@
 +    # user has most probably downgraded pip in their home
 +    # so let them run it anyway until ~/.local/bin makes it in front of the PATH
 +    from pip import main
++else:
++    # user might also upgraded pip...
++    if hasattr(main, 'main'):
++        main = main.main
  
  if __name__ == '__main__':
      sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?$', '', sys.argv[0])

python-pip.rpmlintrc

@@ -0,0 +1,18 @@
+# This is just temporary, when upstream merges PRs it can be removed
+# https://github.com/pypa/pip/pull/7959
+# https://github.com/ActiveState/appdirs/pull/144
+# https://github.com/psf/requests/pull/5410
+# https://github.com/chardet/chardet/pull/192
+addFilter(r'(non-executable-script|wrong-script-interpreter) .+/pip/_internal/__init__.py\b')
+addFilter(r'(non-executable-script|wrong-script-interpreter) .+/pip/_vendor/appdirs.py\b')
+addFilter(r'(non-executable-script|wrong-script-interpreter) .+/pip/_vendor/requests/certs.py\b')
+addFilter(r'(non-executable-script|wrong-script-interpreter) .+/pip/_vendor/chardet/cli/chardetect.py\b')
+
+# Already fixed upstream 
+addFilter(r'(non-executable-script|wrong-script-interpreter) .+/pip/_vendor/certifi/core.py\b')
+
+# We ship README with the main package but not with the wheel
+addFilter(r'python-pip-wheel.noarch: W: no-documentation')
+
+# SPELLING ERRORS
+addFilter(r'W: spelling-error .* venv')

python-pip.spec

@@ -23,7 +23,7 @@ Name:           python-%{srcname}
 # When updating, update the bundled libraries versions bellow!
 # You can use vendor_meta.sh in the dist git repo
 Version:        19.0.3
-Release:        1%{?dist}
+Release:        7%{?dist}
 Summary:        A tool for installing and managing Python packages
 
 # We bundle a lot of libraries with pip, which itself is under MIT license.
@@ -50,12 +50,13 @@ Summary:        A tool for installing and managing Python packages
 # idna: BSD
 # urllib3: MIT
 # certifi: MPLv2.0
+# rfc3986: ASL 2.0
 # setuptools: MIT
 # webencodings: BSD
 
 License:        MIT and Python and ASL 2.0 and BSD and ISC and LGPLv2 and MPLv2.0 and (ASL 2.0 or BSD)
-URL:            http://www.pip-installer.org
-Source0:        %pypi_source
+URL:            https://pip.pypa.io/
+Source0:        https://github.com/pypa/pip/archive/%{version}/%{srcname}-%{version}.tar.gz
 
 BuildArch:      noarch
 
@@ -67,17 +68,10 @@ BuildRequires:  python-setuptools-wheel
 BuildRequires:  python-wheel-wheel
 %endif
 
-# to get tests:
-# git clone https://github.com/pypa/pip && cd pip
-# git checkout $VERSION && tar -czvf ../pip-$VERSION-tests.tar.gz tests/
-%if %{with tests}
-Source1:        pip-%{version}-tests.tar.gz
-%endif
-
 # Themes required to build the docs.
 %if %{with doc}
-Source2:        https://github.com/pypa/pypa-docs-theme/archive/%{pypa_theme_commit_hash}.tar.gz
-Source3:        https://github.com/python/python-docs-theme/archive/2018.2.tar.gz
+Source1:        https://github.com/pypa/pypa-docs-theme/archive/%{pypa_theme_commit_hash}.tar.gz
+Source2:        https://github.com/python/python-docs-theme/archive/2018.2.tar.gz
 %endif
 
 # Patch until the following issue gets implemented upstream:
@@ -101,23 +95,49 @@ Patch3:         remove-existing-dist-only-if-path-conflicts.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=1655253
 Patch4:         dummy-certifi.patch
 
+#Patch5 intentionally skipped, not present in this branch
+
+# Make pip compatible with Python 3.9, backported from pip 19.2+
+# https://github.com/pypa/pip/pull/6728
+Patch6:         python39.patch
+
+# Upgrade urllib3 to 1.25.3
+# This bundles rfc3986
+# https://github.com/pypa/pip/commit/0d620c4a03a8b3765ec45785299244e1a494d750
+# CVE-2019-11324: Certification mishandle when error should be thrown
+# https://bugzilla.redhat.com/show_bug.cgi?id=1774595
+# CVE-2019-11236: CRLF injection due to not encoding the '\r\n' sequence
+# https://bugzilla.redhat.com/show_bug.cgi?id=1775363
+Patch7:         urllib3-1.25.3.patch
+
+# Upgrade requests to 2.22.0 (needed for urllib3 1.25.3)
+# https://github.com/pypa/pip/commit/8e8d28dd8ecc9226ea4e0f75d54151df90f4d78e
+Patch8:         requests-2.22.0.patch
+
+# Allow setting $TMPDIR to $PWD/... during pip wheel
+# This is needed to have proper debugsource packages with pyproject-rpm-macros
+# https://bugzilla.redhat.com/show_bug.cgi?id=1806625
+# Backported from https://github.com/pypa/pip/pull/7873
+Patch9:         7873.patch
+
 # Downstream only patch
 # Users might have local installations of pip from using
-# `pip install --user --upgrade pip` on older versions.
+# `pip install --user --upgrade pip` on older/newer versions.
 # If they do that and they run `pip` or  `pip3`, the one from /usr/bin is used.
-# However that's the one from this RPM package (pip10+) and the import in there
-# fails (it tries to import from ~/.local, but older pip is there with a bit
-# different API).
+# However that's the one from this RPM package and the import in there might
+# fail (it tries to import from ~/.local, but older or newer pip is there with
+# a bit different API).
 # We add this patch as a dirty workaround to make /usr/bin/pip* work with
-# both pip10+ (from this RPM) and older pip (from whatever).
+# both pip10+ (from this RPM) and older or newer (19.3+) pip (from whatever).
 # A proper fix is to put ~/.local/bin in front of /usr/bin in the PATH,
 # however others are against that and we cannot change it for existing
 # installs/user homes anyway.
 # https://bugzilla.redhat.com/show_bug.cgi?id=1569488
 # https://bugzilla.redhat.com/show_bug.cgi?id=1571650
+# https://bugzilla.redhat.com/show_bug.cgi?id=1767212
 # WARNING: /usr/bin/pip* are entrypoints, this cannot be applied in %%prep!
 # %%patch10 doesn't work outside of %%prep, so we add it as a source
-Source10:        pip-allow-older-versions.patch
+Source10:        pip-allow-different-versions.patch
 
 %description
 pip is a package management system used to install and manage software packages
@@ -147,14 +167,31 @@ Provides: bundled(python%{1}dist(pep517)) = 0.5.0
 Provides: bundled(python%{1}dist(progress)) = 1.4
 Provides: bundled(python%{1}dist(pyparsing)) = 2.3.1
 Provides: bundled(python%{1}dist(pytoml)) = 0.1.20
-Provides: bundled(python%{1}dist(requests)) = 2.21.0
+Provides: bundled(python%{1}dist(requests)) = 2.22.0
 Provides: bundled(python%{1}dist(retrying)) = 1.3.3
 Provides: bundled(python%{1}dist(setuptools)) = 40.6.3
 Provides: bundled(python%{1}dist(six)) = 1.12.0
-Provides: bundled(python%{1}dist(urllib3)) = 1.24.1
+Provides: bundled(python%{1}dist(urllib3)) = 1.25.3
+Provides: bundled(python%{1}dist(rfc3986)) = 1.3.2
 Provides: bundled(python%{1}dist(webencodings)) = 0.5.1
 }
 
+# Some manylinux1 wheels need libcrypt.so.1.
+# Manylinux1, a common (as of 2019) platform tag for binary wheels, relies
+# on a glibc version that included ancient crypto functions, which were
+# moved to libxcrypt and then removed in:
+#  https://fedoraproject.org/wiki/Changes/FullyRemoveDeprecatedAndUnsafeFunctionsFromLibcrypt
+# The manylinux1 standard assumed glibc would keep ABI compatibility,
+# but that's only the case if libcrypt.so.1 (libxcrypt-compat) is around.
+# This should be solved in the next manylinux standard (but it may be
+# a long time until manylinux1 is phased out).
+# See: https://github.com/pypa/manylinux/issues/305
+# Note that manylinux is only applicable to x86 (both 32 and 64 bits)
+%global crypt_compat_recommends() %{expand:
+Recommends: (libcrypt.so.1()(64bit) if python%{1}(x86-64))
+Recommends: (libcrypt.so.1 if python%{1}(x86-32))
+}
+
 
 %if %{with python2}
 %package -n python2-%{srcname}
@@ -183,6 +220,8 @@ Requires:       python2-setuptools
 
 %{?python_provide:%python_provide python2-%{srcname}}
 
+%{crypt_compat_recommends 2}
+
 %description -n python2-%{srcname}
 pip is a package management system used to install and manage software packages
 written in Python. Many packages can be found in the Python Package Index
@@ -220,6 +259,8 @@ Requires:  python%{python3_pkgversion}-setuptools
 
 %{?python_provide:%python_provide python%{python3_pkgversion}-%{srcname}}
 
+%{crypt_compat_recommends 3}
+
 %description -n python%{python3_pkgversion}-%{srcname}
 pip is a package management system used to install and manage software packages
 written in Python. Many packages can be found in the Python Package Index
@@ -246,20 +287,21 @@ Requires:       ca-certificates
 %{bundled 2}
 %{bundled 3}
 
+%{crypt_compat_recommends 2}
+%{crypt_compat_recommends 3}
+
 %description wheel
 A Python wheel of pip to use with venv.
 %endif
 
 %prep
 %setup -q -n %{srcname}-%{version}
-%if %{with tests}
-tar -xf %{SOURCE1}
-%endif
+
 %if %{with doc}
 pushd docs/html
-tar -xf %{SOURCE2}
+tar -xf %{SOURCE1}
 mv pypa-docs-theme-%{pypa_theme_commit_hash} pypa
-tar -xf %{SOURCE3}
+tar -xf %{SOURCE2}
 mv python-docs-theme-2018.2 python-docs-theme
 popd
 %endif
@@ -269,15 +311,16 @@ popd
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
 
 # this goes together with patch4
 rm src/pip/_vendor/certifi/*.pem
-sed -i '/\.pem$/d' src/pip.egg-info/SOURCES.txt
 
-%if %{with tests}
 # tests expect wheels in here
 ln -s %{python_wheeldir} tests/data/common_wheels
-%endif
 
 
 %build
@@ -296,7 +339,7 @@ export PYTHONPATH=./src/
 # from tox.ini
 sphinx-build-3 -b html docs/html docs/build/html
 sphinx-build-3 -b man  docs/man  docs/build/man  -c docs/html
-rm docs/build/html/.buildinfo
+rm -rf docs/build/html/{.doctrees,.buildinfo}
 %endif
 
 
@@ -317,9 +360,14 @@ install -d %{buildroot}%{_mandir}/man1
 for MAN in *1; do
 %if %{with python2}
 install -pm0644 $MAN %{buildroot}%{_mandir}/man1/$MAN
-install -pm0644 $MAN %{buildroot}%{_mandir}/man1/${MAN/pip/pip2}
+for pip in "pip2" "pip-2" "pip%{python2_version}" "pip-%{python2_version}"; do
+echo ".so $MAN" > %{buildroot}%{_mandir}/man1/${MAN/pip/$pip}
+done
 %endif
 install -pm0644 $MAN %{buildroot}%{_mandir}/man1/${MAN/pip/pip3}
+for pip in "pip-3" "pip%{python3_version}" "pip-%{python3_version}"; do
+echo ".so ${MAN/pip/pip3}" > %{buildroot}%{_mandir}/man1/${MAN/pip/$pip}
+done
 done
 popd
 %endif # with doc
@@ -441,6 +489,7 @@ ln -sf %{buildroot}%{_bindir}/pip3 _bin/pip
 %if %{with doc}
 %{_mandir}/man1/pip.*
 %{_mandir}/man1/pip2.*
+%{_mandir}/man1/pip-2.*
 %endif
 %{_bindir}/pip
 %{_bindir}/pip2
@@ -461,6 +510,7 @@ ln -sf %{buildroot}%{_bindir}/pip3 _bin/pip
 %doc README.rst
 %if %{with doc}
 %{_mandir}/man1/pip3.*
+%{_mandir}/man1/pip-3.*
 %endif
 %{_bindir}/pip3
 %{_bindir}/pip-3
@@ -489,6 +539,26 @@ ln -sf %{buildroot}%{_bindir}/pip3 _bin/pip
 %endif
 
 %changelog
+* Fri Apr 10 2020 Miro Hrončok <mhroncok@redhat.com> - 19.0.3-7
+- Allow setting $TMPDIR to $PWD/... during pip wheel (#1806625)
+
+* Thu Jan 02 2020 Miro Hrončok <mhroncok@redhat.com> - 19.0.3-6
+- Upgrade urllib3 to 1.25.3, requests to 2.22.0
+- Fix urllib3 CVE-2019-11324 (#1774595)
+- Fix urllib3 CVE-2019-11236 (#1775363)
+
+* Mon Nov 25 2019 Miro Hrončok <mhroncok@redhat.com> - 19.0.3-5
+- Make python-pip-wheel work with Python 3.9
+
+* Mon Nov 11 2019 Miro Hrončok <mhroncok@redhat.com> - 19.0.3-4
+- Make /usr/bin/pip(2|3) work with user-installed pip 19.3+ (#1767212)
+
+* Mon Jul 15 2019 Petr Viktorin <pviktori@redhat.com> - 19.0.3-3
+- Recommend libcrypt.so.1 for manylinux1 compatibility
+
+* Mon Jun 10 2019 Miro Hrončok <mhroncok@redhat.com> - 19.0.3-2
+- Fix root warning when pip is invoked via python -m pip
+
 * Wed Mar 06 2019 Miro Hrončok <mhroncok@redhat.com> - 19.0.3-1
 - Update to 19.0.3 (#1679277)
 

python39.patch

@@ -0,0 +1,45 @@
+From ef7ca1472c1fdd085cffb8183b7ce8abbe9e2800 Mon Sep 17 00:00:00 2001
+From: Chih-Hsuan Yen <yan12125@gmail.com>
+Date: Thu, 18 Jul 2019 12:45:15 +0800
+Subject: [PATCH] Add an html5lib patch for Python 3.9 compatibility
+
+The patch is adapted from https://github.com/html5lib/html5lib-python/commit/4f9235752cea29c5a31721440578b430823a1e69
+
+Closes https://github.com/pypa/pip/issues/6407
+Closes https://github.com/pypa/pip/issues/6237
+---
+ src/pip/_vendor/html5lib/_trie/_base.py      |  5 +++-
+ src/pip/_vendor/html5lib/treebuilders/dom.py |  5 +++-
+ 4 files changed, 40 insertions(+), 2 deletions(-)
+
+diff --git a/src/pip/_vendor/html5lib/_trie/_base.py b/src/pip/_vendor/html5lib/_trie/_base.py
+index a1158bbbf..6b71975f0 100644
+--- a/src/pip/_vendor/html5lib/_trie/_base.py
++++ b/src/pip/_vendor/html5lib/_trie/_base.py
+@@ -1,6 +1,9 @@
+ from __future__ import absolute_import, division, unicode_literals
+ 
+-from collections import Mapping
++try:
++    from collections.abc import Mapping
++except ImportError:  # Python 2.7
++    from collections import Mapping
+ 
+ 
+ class Trie(Mapping):
+diff --git a/src/pip/_vendor/html5lib/treebuilders/dom.py b/src/pip/_vendor/html5lib/treebuilders/dom.py
+index dcfac220b..d8b530046 100644
+--- a/src/pip/_vendor/html5lib/treebuilders/dom.py
++++ b/src/pip/_vendor/html5lib/treebuilders/dom.py
+@@ -1,7 +1,10 @@
+ from __future__ import absolute_import, division, unicode_literals
+ 
+ 
+-from collections import MutableMapping
++try:
++    from collections.abc import MutableMapping
++except ImportError:  # Python 2.7
++    from collections import MutableMapping
+ from xml.dom import minidom, Node
+ import weakref
+ 

requests-2.22.0.patch

@@ -0,0 +1,91 @@
+From 8e8d28dd8ecc9226ea4e0f75d54151df90f4d78e Mon Sep 17 00:00:00 2001
+From: Pradyun Gedam <pradyunsg@gmail.com>
+Date: Sat, 20 Jul 2019 09:31:48 +0530
+Subject: [PATCH] Upgrade requests to 2.22.0
+
+---
+ news/requests.vendor                    | 1 +
+ src/pip/_vendor/requests/__init__.py    | 4 ++--
+ src/pip/_vendor/requests/__version__.py | 6 +++---
+ src/pip/_vendor/requests/api.py         | 4 ++--
+ src/pip/_vendor/vendor.txt              | 1 +
+ 5 files changed, 9 insertions(+), 7 deletions(-)
+ create mode 100644 news/requests.vendor
+
+diff --git a/news/requests.vendor b/news/requests.vendor
+new file mode 100644
+index 0000000000..aac729b0e1
+--- /dev/null
++++ b/news/requests.vendor
+@@ -0,0 +1 @@
++Upgrade requests to 2.22.0
+diff --git a/src/pip/_vendor/requests/__init__.py b/src/pip/_vendor/requests/__init__.py
+index 80c4ce1d21..1d30e3e063 100644
+--- a/src/pip/_vendor/requests/__init__.py
++++ b/src/pip/_vendor/requests/__init__.py
+@@ -57,10 +57,10 @@ def check_compatibility(urllib3_version, chardet_version):
+     # Check urllib3 for compatibility.
+     major, minor, patch = urllib3_version  # noqa: F811
+     major, minor, patch = int(major), int(minor), int(patch)
+-    # urllib3 >= 1.21.1, <= 1.24
++    # urllib3 >= 1.21.1, <= 1.25
+     assert major == 1
+     assert minor >= 21
+-    assert minor <= 24
++    assert minor <= 25
+ 
+     # Check chardet for compatibility.
+     major, minor, patch = chardet_version.split('.')[:3]
+diff --git a/src/pip/_vendor/requests/__version__.py b/src/pip/_vendor/requests/__version__.py
+index f5b5d03671..9844f740ab 100644
+--- a/src/pip/_vendor/requests/__version__.py
++++ b/src/pip/_vendor/requests/__version__.py
+@@ -5,10 +5,10 @@
+ __title__ = 'requests'
+ __description__ = 'Python HTTP for Humans.'
+ __url__ = 'http://python-requests.org'
+-__version__ = '2.21.0'
+-__build__ = 0x022100
++__version__ = '2.22.0'
++__build__ = 0x022200
+ __author__ = 'Kenneth Reitz'
+ __author_email__ = 'me@kennethreitz.org'
+ __license__ = 'Apache 2.0'
+-__copyright__ = 'Copyright 2018 Kenneth Reitz'
++__copyright__ = 'Copyright 2019 Kenneth Reitz'
+ __cake__ = u'\u2728 \U0001f370 \u2728'
+diff --git a/src/pip/_vendor/requests/api.py b/src/pip/_vendor/requests/api.py
+index abada96d46..ef71d0759e 100644
+--- a/src/pip/_vendor/requests/api.py
++++ b/src/pip/_vendor/requests/api.py
+@@ -19,7 +19,7 @@ def request(method, url, **kwargs):
+     :param method: method for the new :class:`Request` object.
+     :param url: URL for the new :class:`Request` object.
+     :param params: (optional) Dictionary, list of tuples or bytes to send
+-        in the body of the :class:`Request`.
++        in the query string for the :class:`Request`.
+     :param data: (optional) Dictionary, list of tuples, bytes, or file-like
+         object to send in the body of the :class:`Request`.
+     :param json: (optional) A JSON serializable Python object to send in the body of the :class:`Request`.
+@@ -65,7 +65,7 @@ def get(url, params=None, **kwargs):
+ 
+     :param url: URL for the new :class:`Request` object.
+     :param params: (optional) Dictionary, list of tuples or bytes to send
+-        in the body of the :class:`Request`.
++        in the query string for the :class:`Request`.
+     :param \*\*kwargs: Optional arguments that ``request`` takes.
+     :return: :class:`Response <Response>` object
+     :rtype: requests.Response
+diff --git a/src/pip/_vendor/vendor.txt b/src/pip/_vendor/vendor.txt
+index bcf579515e..e5542fbc5e 100644
+--- a/src/pip/_vendor/vendor.txt
++++ b/src/pip/_vendor/vendor.txt
+@@ -12,7 +12,7 @@ pep517==0.5.0
+ progress==1.4
+ pyparsing==2.3.1
+ pytoml==0.1.20
+-requests==2.21.0
++requests==2.22.0
+     certifi==2018.11.29
+     chardet==3.0.4
+     idna==2.8

sources

@@ -1,4 +1,3 @@
-SHA512 (pip-19.0.3.tar.gz) = 71562800d5e52e7eb9a49ebb77ac7d2ec2b2a3ef464c9f67a4a76ed1123dce57c59c422ac91dc688f91bf9e84ad13d6547ff3cb61ac4bec54ca9428512b83163
-SHA512 (pip-19.0.3-tests.tar.gz) = 7708661ffa529da3d96734f6659b6a0ae6d53d896ac0513cf18fb153f8bc53737f4548f87f58f27e67633cc5fc521a04bc2f96fa4dd892e12dd7f6109b44d2b8
+SHA512 (pip-19.0.3.tar.gz) = f56df1e2fe18eccc4dcba66b0a93a933eb94d12ed0f31d3923662fb85075192674c98bbc00dd48185b1d87cf28a64a6dc321de524e4ccb39a8877b3d5cf578e1
 SHA512 (d2e63fbfc62af3b7050f619b2f5bb8658985b931.tar.gz) = fc7b11c5cbf6322469ce2eaca2a8d7eb60b17398d316f7465ab5d3d38dabd00ee22a3da7437a28f6312f0115f77f2df0d8bf0abc671e055eef06356c94283409
 SHA512 (2018.2.tar.gz) = 4c09c43a70ecb3ca3bc9445b01bf209eb382e41d9c969145696dea38551992ed88fd9b725a1264380f3dbdf8acdaf5ada3ef86b44255cdfbdbe4a01a1630912d

tests/tests.yml

@@ -7,6 +7,8 @@
     repositories:
     - repo: "https://src.fedoraproject.org/tests/python.git"
       dest: "python"
+    - repo: "https://src.fedoraproject.org/rpms/pyproject-rpm-macros.git"
+      dest: "pyproject-rpm-macros"
     tests:
     - smoke34:
         dir: python/smoke
@@ -46,6 +48,18 @@
         run: VERSION=3.8 METHOD=virtualenv ./venv.sh
     - pipenv:
         run: pipenv --three && pipenv install six
+    - pyproject_pytest:
+        dir: pyproject-rpm-macros/tests
+        run: ./mocktest.sh python-pytest
+    - pyproject_entrypoints:
+        dir: pyproject-rpm-macros/tests
+        run: ./mocktest.sh python-entrypoints
+    - pyproject_pluggy:
+        dir: pyproject-rpm-macros/tests
+        run: ./mocktest.sh python-pluggy
+    - pyproject_clikit:
+        dir: pyproject-rpm-macros/tests
+        run: ./mocktest.sh python-clikit
     required_packages:
     - gcc
     - virtualenv
@@ -60,3 +74,6 @@
     - python3-devel
     - python3-tox
     - pipenv
+    - mock
+    - rpmdevtools
+    - rpm-build