update with main

.github/workflows/ruff.yml

@@ -12,4 +12,4 @@ jobs:
     steps:
     - uses: actions/checkout@v4
     - run: pip install --user ruff
-    - run: ruff --format=github .
+    - run: ruff --output-format=github .

CHANGELOG.md

@@ -1,8 +1,40 @@
+2023.10.20 (2023-10-20)
+=======================
+
+Features & Improvements
+-----------------------
+
+- Add quiet option to pipenv shell, hiding "Launching subshell in virtual environment..."  `#5966 <https://github.com/pypa/pipenv/issues/5966>`_
+- Vendor in pip==23.3 which includes updates to certifi, urllib3, and  adds truststore among other improvements.  `#5979 <https://github.com/pypa/pipenv/issues/5979>`_
+
+Behavior Changes
+----------------
+
+- Change ``--py`` to use ``print`` preventing insertion of newline characters  `#5969 <https://github.com/pypa/pipenv/issues/5969>`_
+
+Vendored Libraries
+------------------
+
+- Drop pep517 - as it is no longer used.  `#5970 <https://github.com/pypa/pipenv/issues/5970>`_
+
+Removals and Deprecations
+-------------------------
+
+- Drop support for Python 3.7  `#5879 <https://github.com/pypa/pipenv/issues/5879>`_
+
+
+2023.10.3 (2023-10-03)
+======================
+
+Bug Fixes
+---------
+
+- Eveb better handling of vcs branch references that contain special characters.  `#5934 <https://github.com/pypa/pipenv/issues/5934>`_
+- Bump certifi from 2023.5.7 to 2023.7.22 in /examples to address a security vulnerability  `#5941 <https://github.com/pypa/pipenv/issues/5941>`_
+
+
 2023.9.8 (2023-09-08)
 =====================
-Pipenv 2023.9.8 (2023-09-08)
-============================
-
 
 Bug Fixes
 ---------
@@ -12,9 +44,6 @@ Bug Fixes
 
 2023.9.7 (2023-09-07)
 =====================
-Pipenv 2023.9.7 (2023-09-07)
-============================
-
 
 Features & Improvements
 -----------------------

Makefile

@@ -4,7 +4,7 @@ venv_dir := $(get_venv_dir)/pipenv_venv
 venv_file := $(CURDIR)/.test_venv
 get_venv_path =$(file < $(venv_file))
 # This is how we will build tag-specific wheels, e.g. py36 or py37
-PY_VERSIONS:= 3.7 3.8 3.9 3.10 3.11
+PY_VERSIONS:= 3.8 3.9 3.10 3.11
 BACKSLASH = '\\'
 # This is how we will build generic wheels, e.g. py2 or py3
 INSTALL_TARGETS := $(addprefix install-py,$(PY_VERSIONS))
@@ -96,7 +96,7 @@ retest: virtualenv submodules test-install
 
 .PHONY: build
 build: install-virtualenvs.stamp install.stamp
-	PIPENV_PYTHON=3.7 pipenv run python -m build
+	PIPENV_PYTHON=3.8 pipenv run python -m build
 
 .PHONY: update-version
 update-version:

README.md

@@ -327,3 +327,13 @@ Documentation
 ---------------
 
 Documentation resides over at [pipenv.pypa.io](https://pipenv.pypa.io/en/latest/).
+
+## Star History
+
+<a href="https://star-history.com/#pypa/pipenv&Date">
+  <picture>
+    <source media="(prefers-color-scheme: dark)" srcset="https://api.star-history.com/svg?repos=pypa/pipenv&type=Date&theme=dark" />
+    <source media="(prefers-color-scheme: light)" srcset="https://api.star-history.com/svg?repos=pypa/pipenv&type=Date" />
+    <img alt="Star History Chart" src="https://api.star-history.com/svg?repos=pypa/pipenv&type=Date" />
+  </picture>
+</a>

docs/advanced.md

@@ -234,7 +234,7 @@ Example:
 
 Note
 
-Each month, [PyUp.io](https://pyup.io>)updates the `safety` database of insecure Python packages and [makes it available to the open source community for free](https://pyup.io/safety/). Each time you run `pipenv check` to show you vulnerable dependencies,
+Each month, [PyUp.io](https://pyup.io) updates the `safety` database of insecure Python packages and [makes it available to the open source community for free](https://pyup.io/safety/). Each time you run `pipenv check` to show you vulnerable dependencies,
 Pipenv makes an API call to retrieve and use those results.
 
 For more up-to-date vulnerability data, you may also use your own safety API key by setting the environment variable `PIPENV_PYUP_API_KEY`.
@@ -269,6 +269,8 @@ Note
 
 The standard `EDITOR` environment variable is used for this. If you're using VS Code, for example, you'll want to `export EDITOR=code` (if you're on macOS you will want to [install the command](https://code.visualstudio.com/docs/setup/mac#_launching-from-the-command-line) on to your `PATH` first).
 
+## ☤ Automatic Python Installation
+
 This is a very fancy feature, and we're very proud of it:
 
     $ cat Pipfile

docs/pipfile.md

@@ -2,14 +2,24 @@
 
 `Pipfile` contains the specification for the project top-level requirements and any desired specifiers.
 This file is managed by the developers invoking pipenv commands.
-The `Pipfile` uses inline tables and the [TOML Spec](https://github.com/toml-lang/toml#user-content-spec>).
+The `Pipfile` uses inline tables and the [TOML Spec](https://toml.io/en/latest#spec).
 
 `Pipfile.lock` replaces the `requirements.txt` file used in most Python projects and adds
 security benefits of tracking the packages hashes that were last locked.
 This file is managed automatically through locking actions.
 
 You should add both `Pipfile` and `Pipfile.lock` to the project's source control.
 
+## `[pipenv]` Directives
+
+`Pipfile` may contain a `[pipenv]` section to control the behaviour of pipenv itself. Some available settings include:
+
+* `allow_prereleases` - Tell pipenv to install pre-release versions of a package -i.e. a version with an alpha/beta/etc. suffix, such as _1.0b1_. Equivalent to passing the `--pre` flag on the command line.
+* `disable_pip_input` - Prevent pipenv from asking for input. Equivalent to the `--no-input` flag.
+* `install_search_all_sources` - Allow installation of packages from an existing `Pipfile.lock` to search all defined indexes for the constrained package version and hash signatures. See [Specifying Package Indexes](indexes.md).
+* `sort_pipfile` - Sort package names alphabetically inside each category. Categories will be sorted and updated on `install` and `uninstall`. This is purely cosmetic to make reading easier for humans, and has no effect on installation order or dependency resolution. Note that `Pipfile.lock` packages are always sorted alphabetically.
+
+
 ## Example Pipfile
 
 Here is a simple example of a `Pipfile` and the resulting `Pipfile.lock`.

docs/requirements.txt

@@ -18,6 +18,6 @@ Sphinx==4.5.0
 sphinx-click==4.4.0
 sphinxcontrib-spelling==7.7.0
 sphinxcontrib-websupport==1.2.4
-urllib3==1.26.14
+urllib3==1.26.18
 virtualenv>=20.20.0
 virtualenv-clone==0.5.7

docs/shell.md

@@ -43,7 +43,7 @@ To prevent pipenv from loading the `.env` file, set the `PIPENV_DONT_LOAD_ENV` e
 
     $ PIPENV_DONT_LOAD_ENV=1 pipenv shell
 
-See [theskumar/python-dotenv](https://github.com/theskumar/python-dotenv>) for more information on `.env` files.
+See [theskumar/python-dotenv](https://github.com/theskumar/python-dotenv) for more information on `.env` files.
 
 ## Shell Completion
 

docs/workflows.md

@@ -13,7 +13,7 @@ Add a package to your project, recalibrating entire lock file using the Pipfile
     $ pipenv install <package>
 
 - Note: This will create a `Pipfile` if one doesn't exist. If one does exist, it will automatically be edited with the new package you provided, the lock file updated and the new dependencies installed.
-- `pipenv install` is fully compatible with `pip install` [package specifiers](https://pip.pypa.io/en/stable/user_guide/#installing-packages>).
+- `pipenv install` is fully compatible with `pip install` [package specifiers](https://pip.pypa.io/en/stable/user_guide/#installing-packages).
 - Additional arguments may be supplied to `pip` by supplying `pipenv` with `--extra-pip-args`.
 
 Update everything (equivalent to `pipenv lock && pipenv sync`):