upgrade version to 21.3.1

allow-stripping-given-prefix-from-wheel-RECORD-files.patch

@@ -12,20 +12,20 @@ diff --git a/src/pip/_internal/commands/install.py b/src/pip/_internal/commands/
 index 8c2c32f..674d30c 100644
 --- a/src/pip/_internal/commands/install.py
 +++ b/src/pip/_internal/commands/install.py
-@@ -130,6 +130,13 @@ class InstallCommand(RequirementCommand):
+@@ -134,6 +134,13 @@ class InstallCommand(RequirementCommand):
-             default=None,
+                 "folders are placed"
-             help="Installation prefix where lib, bin and other top-level "
+             ),
-                  "folders are placed")
+         )
 +        self.cmd_opts.add_option(
-+                '--strip-file-prefix',
++            '--strip-file-prefix',
-+                dest='strip_file_prefix',
++            dest='strip_file_prefix',
-+                metavar='prefix',
++            metavar='prefix',
-+                default=None,
++            default=None,
-+                help="Strip given prefix from script paths in wheel RECORD."
++            help="Strip given prefix from script paths in wheel RECORD."
-+                )
++        )
- 
-         self.cmd_opts.add_option(cmdoptions.build_dir())
  
+         self.cmd_opts.add_option(cmdoptions.src())
  
+--
 2.23.0
 

backport-CVE-2021-3572.patch

@@ -1,44 +0,0 @@
-From ca832b2836e0bffa7cf95589acdcd71230f5834e Mon Sep 17 00:00:00 2001
-From: Pradyun Gedam <pradyunsg@users.noreply.github.com>
-Date: Sat, 24 Apr 2021 10:13:15 +0100
-Subject: [PATCH] Don't split git references on unicode separators
-
-Reference:https://github.com/pypa/pip/commit/ca832b2836e0bffa7cf95589acdcd71230f5834e
-
-Previously, maliciously formatted tags could be used to hijack a
-commit-based pin. Using the fact that the split here allowed for
-all of unicode's whitespace characters as separators -- which git allows
-as a part of a tag name -- it is possible to force a different revision
-to be installed; if an attacker gains access to the repository.
-
-This change stops splitting the string on unicode characters, by forcing
-the splits to happen on newlines and ASCII spaces.
----
- src/pip/_internal/vcs/git.py | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/src/pip/_internal/vcs/git.py b/src/pip/_internal/vcs/git.py
-index 1831aed..37be66c 100644
---- a/src/pip/_internal/vcs/git.py
-+++ b/src/pip/_internal/vcs/git.py
-@@ -143,9 +143,15 @@ class Git(VersionControl):
-             pass
- 
-         refs = {}
--        for line in output.strip().splitlines():
-+        # NOTE: We do not use splitlines here since that would split on other
-+        #       unicode separators, which can be maliciously used to install a
-+        #       different revision.
-+        for line in output.strip().split("\n"):
-+            line = line.rstrip("\r")
-+            if not line:
-+                continue
-             try:
--                sha, ref = line.split()
-+                sha, ref = line.split(" ", maxsplit=2)
-             except ValueError:
-                 # Include the offending line to simplify troubleshooting if
-                 # this error ever occurs.
--- 
-1.8.3.1
-

dummy-certifi.patch

@@ -11,15 +11,15 @@ diff --git a/src/pip/_vendor/certifi/core.py b/src/pip/_vendor/certifi/core.py
 index 8987449..568d078 100644
 --- a/src/pip/_vendor/certifi/core.py
 +++ b/src/pip/_vendor/certifi/core.py
-@@ -9,6 +9,7 @@ This module returns the installation location of cacert.pem or its contents.
+@@ -23,6 +23,7 @@ try:
- import os
+             return _PIP_STANDALONE_CERT
+         raise _PipPatchedCertificate()
  
- try:
 +    raise ImportError # force fallback
      from importlib.resources import path as get_path, read_text
  
      _CACERT_CTX = None
-@@ -51,9 +52,7 @@ except ImportError:
+@@ -67,9 +68,7 @@ except ImportError:
      # If we don't have importlib.resources, then we will just do the old logic
      # of assuming we're on the filesystem and munge the path directly.
      def where():

emit-a-warning-when-running-with-root-privileges.patch

@@ -19,9 +19,9 @@ index 70bda2e2..1e750ae1 100644
  import site
 +import sys
 +from os import path
- from optparse import SUPPRESS_HELP
+ from optparse import SUPPRESS_HELP, Values
+ from typing import Iterable, List, Optional
  
- from pip._vendor import pkg_resources
 @@ -241,6 +243,23 @@ class InstallCommand(RequirementCommand):
              raise CommandError("Can not combine '--user' and '--target'")
  

python-pip.spec

@@ -1,12 +1,12 @@
 %global srcname pip
-%global python_wheelname %{srcname}-%{version}-py2.py3-none-any.whl
+%global python_wheelname %{srcname}-%{version}-py3-none-any.whl
 %global python_wheeldir %{_datadir}/python-wheels
 %global _description \
 pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes.
 %global bashcompdir %(b=$(pkg-config --variable=completionsdir bash-completion 2>/dev/null); echo ${b:-%{_sysconfdir}/bash_completion.d})
 Name:           python-%{srcname}
-Version:        20.3.3
+Version:        21.3.1
-Release:        5
+Release:        1
 Summary:        A tool for installing and managing Python packages
 License:        MIT and Python and ASL 2.0 and BSD and ISC and LGPLv2 and MPLv2.0 and (ASL 2.0 or BSD)
 URL:            http://www.pip-installer.org
@@ -14,9 +14,7 @@ Source0:        %{pypi_source}
 BuildArch:      noarch
 Patch1:         allow-stripping-given-prefix-from-wheel-RECORD-files.patch
 Patch2:         emit-a-warning-when-running-with-root-privileges.patch
-Patch3:         remove-existing-dist-only-if-path-conflicts.patch
 Patch6000:      dummy-certifi.patch
-Patch6001:      backport-CVE-2021-3572.patch
 
 Source10: 	pip-allow-older-versions.patch
 
@@ -119,6 +117,9 @@ install -p dist/%{python_wheelname} -t %{buildroot}%{python_wheeldir}
 %{python_wheeldir}/%{python_wheelname}
 
 %changelog
+* Mon Dec 20 2021 renhongxun<renhongxun@huawei.com> - 21.3.1-1
+- upgrade version to 21.3.1
+
 * Fri Nov 26 2021 shixuantong<shixuantong@huawei.com> - 20.3.3-5
 - remove python3-pip from BuildRequires
 

remove-existing-dist-only-if-path-conflicts.patch

@@ -1,94 +0,0 @@
-From 854fd7296bb9306d46ba3cc8bb7c6f18a7960ed6 Mon Sep 17 00:00:00 2001
-From: Tomas Hrnciar <thrnciar@redhat.com>
-Date: Sun, 26 Apr 2020 21:19:03 +0200
-Subject: [PATCH] Prevent removing of the system packages installed under
- /usr/lib
- 
-when pip install -U is executed.
- 
-Resolves: rhbz#1550368
- 
-Co-Authored-By: Michal Cyprian <m.cyprian@gmail.com>
-Co-Authored-By: Victor Stinner <vstinner@redhat.com>
----
- src/pip/_internal/req/req_install.py            |  3 ++-
- src/pip/_internal/resolution/legacy/resolver.py |  5 ++++-
- src/pip/_internal/utils/misc.py                 | 11 +++++++++++
- 3 files changed, 17 insertions(+), 2 deletions(-)
- 
-diff --git a/src/pip/_internal/req/req_install.py b/src/pip/_internal/req/req_install.py
-index 4759f4a..2e76e35 100644
---- a/src/pip/_internal/req/req_install.py
-+++ b/src/pip/_internal/req/req_install.py
-@@ -41,6 +41,7 @@ from pip._internal.utils.misc import (
-     ask_path_exists,
-     backup_dir,
-     display_path,
-+    dist_in_install_path,
-     dist_in_site_packages,
-     dist_in_usersite,
-     get_distribution,
-@@ -447,7 +448,7 @@ class InstallRequirement(object):
-                         "lack sys.path precedence to {} in {}".format(
-                             existing_dist.project_name, existing_dist.location)
-                     )
--            else:
-+            elif dist_in_install_path(existing_dist):
-                 self.should_reinstall = True
-         else:
-             if self.editable:
-diff --git a/src/pip/_internal/resolution/legacy/resolver.py b/src/pip/_internal/resolution/legacy/resolver.py
-index c9b4c66..ff361d8 100644
---- a/src/pip/_internal/resolution/legacy/resolver.py
-+++ b/src/pip/_internal/resolution/legacy/resolver.py
-@@ -34,6 +34,7 @@ from pip._internal.resolution.base import BaseResolver
- from pip._internal.utils.compatibility_tags import get_supported
- from pip._internal.utils.logging import indent_log
- from pip._internal.utils.misc import dist_in_usersite, normalize_version_info
-+from pip._internal.utils.misc import dist_in_install_path
- from pip._internal.utils.packaging import check_requires_python, get_requires_python
- from pip._internal.utils.typing import MYPY_CHECK_RUNNING
- 
-@@ -204,7 +205,9 @@ class Resolver(BaseResolver):
-         """
-         # Don't uninstall the conflict if doing a user install and the
-         # conflict is not a user install.
--        if not self.use_user_site or dist_in_usersite(req.satisfied_by):
-+        if ((not self.use_user_site
-+                or dist_in_usersite(req.satisfied_by))
-+                and dist_in_install_path(req.satisfied_by)):
-             req.should_reinstall = True
-         req.satisfied_by = None
- 
-diff --git a/src/pip/_internal/utils/misc.py b/src/pip/_internal/utils/misc.py
-index 24a7455..5fd48d3 100644
---- a/src/pip/_internal/utils/misc.py
-+++ b/src/pip/_internal/utils/misc.py
-@@ -31,7 +31,7 @@ from pip._vendor.six.moves.urllib.parse import unquote as urllib_unquote
- 
- from pip import __version__
- from pip._internal.exceptions import CommandError
--from pip._internal.locations import get_major_minor_version, site_packages, user_site
-+from pip._internal.locations import distutils_scheme, get_major_minor_version, site_packages, user_site
- from pip._internal.utils.compat import WINDOWS, expanduser, stdlib_pkgs, str_to_display
- from pip._internal.utils.typing import MYPY_CHECK_RUNNING, cast
- from pip._internal.utils.virtualenv import (
-@@ -406,6 +406,16 @@ def dist_in_site_packages(dist):
-     return dist_location(dist).startswith(normalize_path(site_packages))
- 
- 
-+def dist_in_install_path(dist):
-+    """
-+    Return True if given Distribution is installed in
-+    path matching distutils_scheme layout.
-+    """
-+    norm_path = normalize_path(dist_location(dist))
-+    return norm_path.startswith(normalize_path(
-+        distutils_scheme("")['purelib'].split('python')[0]))
-+
-+
- def dist_is_editable(dist):
-     # type: (Distribution) -> bool
-     """
--- 
-2.25.4