github pypa/pipenv v2026.4.0
Release v2026.4.0
on GitHub

5 hours ago

🤖 AI-Generated Changelog

Added

  • --extras CLI option: Specify optional dependency categories directly from the command line
  • --exclude-index flag for requirements command: Exclude index URLs from generated requirements output
  • PIPENV_PYENV_ONLY environment variable: Restrict Python discovery exclusively to pyenv, ignoring other Python installations
  • PIPENV_KEYRING_PROVIDER environment variable: Enable Windows Credential Manager and other keyring backends for private index authentication
  • PEP 440 version specifiers in python_version: Pipfile now accepts full PEP 440 specifiers (e.g., >=3.10) for Python version constraints
  • [build-system] requires support in Pipfile: Define build system requirements directly in Pipfile
  • pipenv sync from pylock.toml: Sync environments using pylock.toml without requiring Pipfile.lock
  • Patch files for pip customizations: Vendored pip customizations are now tracked as patch files for transparency

Changed

  • pipenv sync and install --ignore-pipfile now work without a Pipfile present
  • --system flag support improved across multiple commands
  • --all flag for update and upgrade commands fixed to correctly target all packages
  • PyPI proper_case lookup timeout increased from 0.3s to 3s to reduce failures on slow networks
  • PIPENV_VERSION environment variable is now ignored when running --version flag
  • Fish shell completion now supports file path completion for pipenv run arguments

Fixed

  • Shell detection on Windows: pipenv shell now correctly launches bash or PowerShell instead of defaulting to cmd
  • Shell suspension: pipenv shell now properly suspends with Ctrl+Z (job control restored)
  • Shell startup with interactive prompts: pipenv shell activates correctly even when shell startup scripts produce interactive output
  • PTY echo restore race condition: Fixed synchronization issue in Docker and similar environments
  • Cross-category dependency resolution: Resolved conflicting version pins when resolving dependencies across multiple categories
  • Package name normalization in Pipfile hash: Package names are normalized before computing the Pipfile hash, preventing spurious lockfile invalidation
  • URL-encoded credentials in Pipfile source URLs: Expanded credentials are now URL-encoded to avoid parsing errors
  • sys_platform shorthand markers: Short-form platform markers are now correctly included in pip requirement lines
  • Python version marker evaluation: Fixed resolution failures caused by incorrect python_full_version in marker evaluation, including major-only python_version values
  • Windows py-launcher full-version matching: Correctly matches python_full_version specifiers when using the Windows py launcher
  • Pipfile whitespace and category corruption: Upgrades no longer corrupt unrelated Pipfile sections or strip formatting
  • Symlink preservation: Normalizing the Pipfile path no longer resolves symlinks unexpectedly
  • Transitive PEP 508 file:// URL dependencies: File-scheme dependencies are now correctly recorded during locking
  • Pipfile python_version mismatch with venv: Records the correct Python version when the venv Python and PATH Python disagree
  • Editable local-path handling: Hardened handling of editable installs for local paths
  • distutils missing fallback: Falls back to sysconfig when distutils is unavailable (Python 3.12+)
  • Wheel metadata case preservation: Header install paths now use the wheel metadata package name to preserve original casing
  • pip.conf extra-index hash collection: Hashes from pip.conf extra-index URLs are now collected during locking
  • pip.conf index suppression at install time: Prevents hash mismatch errors caused by pip.conf injecting extra indexes during install
  • Partial updates preserve transitive dependencies: Pinned packages' transitive dependencies are no longer removed during partial updates
  • Private index resolution for dev packages: index_lookup is now populated from all Pipfile sections when locking non-default categories
  • --where exit code: Fixed incorrect exit code for the --where flag
  • _create_builtin_venv_cmd: No longer incorrectly prepends a drive letter to Unix paths when run on Windows
  • venv fallback for alternative interpreters: Falls back to built-in venv when virtualenv fails for non-standard interpreters
  • ResolutionTooDeepError: Fixed excessive recursion caused by incorrect marker evaluation during resolution
  • fix --where exit code: Corrected exit behavior for the requirements --where option

Security

  • Cryptography dependency bumped to 46.0.6
  • Requests dependency bumped to 2.33.0

🔗 Full Changelog: v2026.2.2...v2026.4.0

Check out latest releases or
releases around pypa/pipenv v2026.4.0

Don't miss a new pipenv release

NewReleases is sending notifications on new releases.

Get notifications