Bump pip from 23.3.2 to 24.0 in /.github/workflows

[dependabot[bot]]

Bumps pip from 23.3.2 to 24.0.

Changelog

Sourced from pip's changelog.

24.0 (2024-02-03)

Features

• Retry on HTTP status code 502 ([#11843](https://github.com/pypa/pip/issues/11843) <https://github.com/pypa/pip/issues/11843>_)
• Automatically use the setuptools PEP 517 build backend when --config-settings is used for projects without pyproject.toml. ([#11915](https://github.com/pypa/pip/issues/11915) <https://github.com/pypa/pip/issues/11915>_)
• Make pip freeze and pip uninstall of legacy editable installs of packages whose name contains _ compatible with setuptools>=69.0.3. ([#12477](https://github.com/pypa/pip/issues/12477) <https://github.com/pypa/pip/issues/12477>_)
• Support per requirement --config-settings for editable installs. ([#12480](https://github.com/pypa/pip/issues/12480) <https://github.com/pypa/pip/issues/12480>_)

Bug Fixes

• Optimized usage of --find-links=<path-to-dir>, by only scanning the relevant directory once, only considering file names that are valid wheel or sdist names, and only considering files in the directory that are related to the install. ([#12327](https://github.com/pypa/pip/issues/12327) <https://github.com/pypa/pip/issues/12327>_)
• Removed wheel from the [build-system].requires list fallback that is used when pyproject.toml is absent. ([#12449](https://github.com/pypa/pip/issues/12449) <https://github.com/pypa/pip/issues/12449>_)

Vendored Libraries

• Upgrade distlib to 0.3.8

Improved Documentation

• Fix explanation of how PIP_CONFIG_FILE works ([#11815](https://github.com/pypa/pip/issues/11815) <https://github.com/pypa/pip/issues/11815>_)
• Fix outdated pip install argument description in documentation. ([#12417](https://github.com/pypa/pip/issues/12417) <https://github.com/pypa/pip/issues/12417>_)
• Replace some links to PEPs with links to the canonical specifications on the :doc:pypug:index ([#12434](https://github.com/pypa/pip/issues/12434) <https://github.com/pypa/pip/issues/12434>_)
• Updated the pyproject.toml document to stop suggesting to depend on wheel as a build dependency directly. ([#12449](https://github.com/pypa/pip/issues/12449) <https://github.com/pypa/pip/issues/12449>_)
• Update supported interpreters in development docs ([#12475](https://github.com/pypa/pip/issues/12475) <https://github.com/pypa/pip/issues/12475>_)

Process

• Most project metadata is now defined statically via pip's pyproject.toml file.

Commits

• ef78c12 Tweak NEWS.rst
• 6681c02 Bump for release
• ef56d47 Update AUTHORS.txt
• 53e5f19 Tweak news before release
• 456db06 Merge pull request #12507 from jeanas/mailmap
• 0b93dfc Add mailmap entry for @​jeanas
• c0801ef Merge pull request #12500 from bdraco/add_502
• aa930c4 Update src/pip/_internal/network/session.py
• 99a82b7 Merge pull request #12494 from sbidoul/pass-config-settings-to-editable-in-re...
• ff30ba8 Merge pull request #12501 from VladimirFokow/fix-small-typo
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)