diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..ac6b379
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+SOURCES/pip-22.3.1-man.tar.gz
+SOURCES/pip-22.3.1.tar.gz
diff --git a/.python3.11-pip.metadata b/.python3.11-pip.metadata
new file mode 100644
index 0000000..3fb985e
--- /dev/null
+++ b/.python3.11-pip.metadata
@@ -0,0 +1,2 @@
+f04c239feb8bc4d4517f518e2e23a4059446b67d SOURCES/pip-22.3.1-man.tar.gz
+01c1ecbae116f77fb032b81c6f1ee1fb6b4c5233 SOURCES/pip-22.3.1.tar.gz
diff --git a/SOURCES/dummy-certifi.patch b/SOURCES/dummy-certifi.patch
new file mode 100644
index 0000000..8896ce8
--- /dev/null
+++ b/SOURCES/dummy-certifi.patch
@@ -0,0 +1,128 @@
+From 09c983fdeabe3fa0b90b73f32ddf84a61e498e09 Mon Sep 17 00:00:00 2001
+From: Karolina Surma <ksurma@redhat.com>
+Date: Tue, 15 Nov 2022 09:22:46 +0100
+Subject: [PATCH] Dummy certifi patch
+
+---
+ src/pip/_vendor/certifi/core.py | 105 ++------------------------------
+ 1 file changed, 6 insertions(+), 99 deletions(-)
+
+diff --git a/src/pip/_vendor/certifi/core.py b/src/pip/_vendor/certifi/core.py
+index c3e5466..eb297f7 100644
+--- a/src/pip/_vendor/certifi/core.py
++++ b/src/pip/_vendor/certifi/core.py
+@@ -4,105 +4,12 @@ certifi.py
+
+ This module returns the installation location of cacert.pem or its contents.
+ """
+-import sys
+
++# The RPM-packaged certifi always uses the system certificates
++def where() -> str:
++ return '/etc/pki/tls/certs/ca-bundle.crt'
+
+-if sys.version_info >= (3, 11):
++def contents() -> str:
++ with open(where(), encoding='utf=8') as data:
++ return data.read()
+
+- from importlib.resources import as_file, files
+-
+- _CACERT_CTX = None
+- _CACERT_PATH = None
+-
+- def where() -> str:
+- # This is slightly terrible, but we want to delay extracting the file
+- # in cases where we're inside of a zipimport situation until someone
+- # actually calls where(), but we don't want to re-extract the file
+- # on every call of where(), so we'll do it once then store it in a
+- # global variable.
+- global _CACERT_CTX
+- global _CACERT_PATH
+- if _CACERT_PATH is None:
+- # This is slightly janky, the importlib.resources API wants you to
+- # manage the cleanup of this file, so it doesn't actually return a
+- # path, it returns a context manager that will give you the path
+- # when you enter it and will do any cleanup when you leave it. In
+- # the common case of not needing a temporary file, it will just
+- # return the file system location and the __exit__() is a no-op.
+- #
+- # We also have to hold onto the actual context manager, because
+- # it will do the cleanup whenever it gets garbage collected, so
+- # we will also store that at the global level as well.
+- _CACERT_CTX = as_file(files("pip._vendor.certifi").joinpath("cacert.pem"))
+- _CACERT_PATH = str(_CACERT_CTX.__enter__())
+-
+- return _CACERT_PATH
+-
+- def contents() -> str:
+- return files("pip._vendor.certifi").joinpath("cacert.pem").read_text(encoding="ascii")
+-
+-elif sys.version_info >= (3, 7):
+-
+- from importlib.resources import path as get_path, read_text
+-
+- _CACERT_CTX = None
+- _CACERT_PATH = None
+-
+- def where() -> str:
+- # This is slightly terrible, but we want to delay extracting the
+- # file in cases where we're inside of a zipimport situation until
+- # someone actually calls where(), but we don't want to re-extract
+- # the file on every call of where(), so we'll do it once then store
+- # it in a global variable.
+- global _CACERT_CTX
+- global _CACERT_PATH
+- if _CACERT_PATH is None:
+- # This is slightly janky, the importlib.resources API wants you
+- # to manage the cleanup of this file, so it doesn't actually
+- # return a path, it returns a context manager that will give
+- # you the path when you enter it and will do any cleanup when
+- # you leave it. In the common case of not needing a temporary
+- # file, it will just return the file system location and the
+- # __exit__() is a no-op.
+- #
+- # We also have to hold onto the actual context manager, because
+- # it will do the cleanup whenever it gets garbage collected, so
+- # we will also store that at the global level as well.
+- _CACERT_CTX = get_path("pip._vendor.certifi", "cacert.pem")
+- _CACERT_PATH = str(_CACERT_CTX.__enter__())
+-
+- return _CACERT_PATH
+-
+- def contents() -> str:
+- return read_text("pip._vendor.certifi", "cacert.pem", encoding="ascii")
+-
+-else:
+- import os
+- import types
+- from typing import Union
+-
+- Package = Union[types.ModuleType, str]
+- Resource = Union[str, "os.PathLike"]
+-
+- # This fallback will work for Python versions prior to 3.7 that lack the
+- # importlib.resources module but relies on the existing `where` function
+- # so won't address issues with environments like PyOxidizer that don't set
+- # __file__ on modules.
+- def read_text(
+- package: Package,
+- resource: Resource,
+- encoding: str = 'utf-8',
+- errors: str = 'strict'
+- ) -> str:
+- with open(where(), encoding=encoding) as data:
+- return data.read()
+-
+- # If we don't have importlib.resources, then we will just do the old logic
+- # of assuming we're on the filesystem and munge the path directly.
+- def where() -> str:
+- f = os.path.dirname(__file__)
+-
+- return os.path.join(f, "cacert.pem")
+-
+- def contents() -> str:
+- return read_text("pip._vendor.certifi", "cacert.pem", encoding="ascii")
+--
+2.37.3
+
diff --git a/SOURCES/no-version-warning.patch b/SOURCES/no-version-warning.patch
new file mode 100644
index 0000000..6c34bec
--- /dev/null
+++ b/SOURCES/no-version-warning.patch
@@ -0,0 +1,16 @@
+diff --git a/src/pip/_vendor/packaging/version.py b/src/pip/_vendor/packaging/version.py
+index de9a09a..154e94d 100644
+--- a/src/pip/_vendor/packaging/version.py
++++ b/src/pip/_vendor/packaging/version.py
+@@ -108,11 +108,6 @@ class LegacyVersion(_BaseVersion):
+ self._version = str(version)
+ self._key = _legacy_cmpkey(self._version)
+
+- warnings.warn(
+- "Creating a LegacyVersion has been deprecated and will be "
+- "removed in the next major release",
+- DeprecationWarning,
+- )
+
+ def __str__(self) -> str:
+ return self._version
diff --git a/SOURCES/nowarn-pip._internal.main.patch b/SOURCES/nowarn-pip._internal.main.patch
new file mode 100644
index 0000000..68f5971
--- /dev/null
+++ b/SOURCES/nowarn-pip._internal.main.patch
@@ -0,0 +1,76 @@
+From 8dd3793d1bab226cec9c5c49b01718a9634bc403 Mon Sep 17 00:00:00 2001
+From: Karolina Surma <ksurma@redhat.com>
+Date: Mon, 10 May 2021 16:48:49 +0200
+Subject: [PATCH] Don't warn the user about pip._internal.main() entrypoint
+
+In Fedora, we use that in ensurepip and users cannot do anything about it,
+this warning is juts moot. Also, the warning breaks CPython test suite.
+
+Co-Authored-By: =?UTF-8?q?Miro=20Hron=C4=8Dok?= <miro@hroncok.cz>
+---
+ src/pip/_internal/__init__.py | 2 +-
+ src/pip/_internal/utils/entrypoints.py | 19 ++++++++++---------
+ tests/functional/test_cli.py | 3 ++-
+ 3 files changed, 13 insertions(+), 11 deletions(-)
+
+diff --git a/src/pip/_internal/__init__.py b/src/pip/_internal/__init__.py
+index 6afb5c6..faf25af 100755
+--- a/src/pip/_internal/__init__.py
++++ b/src/pip/_internal/__init__.py
+@@ -16,4 +16,4 @@ def main(args: (Optional[List[str]]) = None) -> int:
+ """
+ from pip._internal.utils.entrypoints import _wrapper
+
+- return _wrapper(args)
++ return _wrapper(args, _nowarn=True)
+diff --git a/src/pip/_internal/utils/entrypoints.py b/src/pip/_internal/utils/entrypoints.py
+index f292c64..2e29a5e 100644
+--- a/src/pip/_internal/utils/entrypoints.py
++++ b/src/pip/_internal/utils/entrypoints.py
+@@ -20,7 +20,7 @@ if WINDOWS:
+ ]
+
+
+-def _wrapper(args: Optional[List[str]] = None) -> int:
++def _wrapper(args: Optional[List[str]] = None, _nowarn: bool = False) -> int:
+ """Central wrapper for all old entrypoints.
+
+ Historically pip has had several entrypoints defined. Because of issues
+@@ -32,14 +32,15 @@ def _wrapper(args: Optional[List[str]] = None) -> int:
+ directing them to an appropriate place for help, we now define all of
+ our old entrypoints as wrappers for the current one.
+ """
+- sys.stderr.write(
+- "WARNING: pip is being invoked by an old script wrapper. This will "
+- "fail in a future version of pip.\n"
+- "Please see https://github.com/pypa/pip/issues/5599 for advice on "
+- "fixing the underlying issue.\n"
+- "To avoid this problem you can invoke Python with '-m pip' instead of "
+- "running pip directly.\n"
+- )
++ if not _nowarn:
++ sys.stderr.write(
++ "WARNING: pip is being invoked by an old script wrapper. This will "
++ "fail in a future version of pip.\n"
++ "Please see https://github.com/pypa/pip/issues/5599 for advice on "
++ "fixing the underlying issue.\n"
++ "To avoid this problem you can invoke Python with '-m pip' instead of "
++ "running pip directly.\n"
++ )
+ return main(args)
+
+
+diff --git a/tests/functional/test_cli.py b/tests/functional/test_cli.py
+index 3e85703..f86c392 100644
+--- a/tests/functional/test_cli.py
++++ b/tests/functional/test_cli.py
+@@ -43,4 +43,5 @@ def test_entrypoints_work(entrypoint: str, script: PipTestEnvironment) -> None:
+ result = script.pip("-V")
+ result2 = script.run("fake_pip", "-V", allow_stderr_warning=True)
+ assert result.stdout == result2.stdout
+- assert "old script wrapper" in result2.stderr
++ if entrypoint[0] != "fake_pip = pip._internal:main":
++ assert "old script wrapper" in result2.stderr
+--
+2.35.3
+
diff --git a/SOURCES/pip-allow-different-versions.patch b/SOURCES/pip-allow-different-versions.patch
new file mode 100644
index 0000000..4a11517
--- /dev/null
+++ b/SOURCES/pip-allow-different-versions.patch
@@ -0,0 +1,27 @@
+--- /usr/bin/pip3 2019-11-12 17:37:34.793131862 +0100
++++ pip3 2019-11-12 17:40:42.014107134 +0100
+@@ -2,7 +2,23 @@
+ # -*- coding: utf-8 -*-
+ import re
+ import sys
+-from pip._internal.cli.main import main
++
++try:
++ from pip._internal.cli.main import main
++except ImportError:
++ try:
++ from pip._internal.main import main
++ except ImportError:
++ try:
++ # If the user has downgraded pip, the above import will fail.
++ # Let's try older methods of invoking it:
++
++ # pip 19 uses this
++ from pip._internal import main
++ except ImportError:
++ # older pip versions use this
++ from pip import main
++
+ if __name__ == '__main__':
+ sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
+ sys.exit(main())
diff --git a/SOURCES/remove-existing-dist-only-if-path-conflicts.patch b/SOURCES/remove-existing-dist-only-if-path-conflicts.patch
new file mode 100644
index 0000000..3a9ea25
--- /dev/null
+++ b/SOURCES/remove-existing-dist-only-if-path-conflicts.patch
@@ -0,0 +1,115 @@
+From 2c3f3a590ddfc151a456b44a5f96f0f603d178e9 Mon Sep 17 00:00:00 2001
+From: Lumir Balhar <lbalhar@redhat.com>
+Date: Wed, 16 Feb 2022 08:36:21 +0100
+Subject: [PATCH] Prevent removing of the system packages installed under
+ /usr/lib when pip install --upgrade is executed.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Resolves: rhbz#1550368
+
+Co-Authored-By: Michal Cyprian <m.cyprian@gmail.com>
+Co-Authored-By: Victor Stinner <vstinner@redhat.com>
+Co-Authored-By: Petr Viktorin <pviktori@redhat.com>
+Co-Authored-By: Lumir Balhar <lbalhar@redhat.com>
+Co-Authored-By: Miro Hrončok <miro@hroncok.cz>
+Co-Authored-By: Karolina Surma <ksurma@redhat.com>
+---
+ src/pip/_internal/metadata/base.py | 12 +++++++++++-
+ src/pip/_internal/req/req_install.py | 2 +-
+ src/pip/_internal/resolution/legacy/resolver.py | 4 +++-
+ src/pip/_internal/resolution/resolvelib/factory.py | 12 ++++++++++++
+ 4 files changed, 27 insertions(+), 3 deletions(-)
+
+diff --git a/src/pip/_internal/metadata/base.py b/src/pip/_internal/metadata/base.py
+index 151fd6d..f9109cd 100644
+--- a/src/pip/_internal/metadata/base.py
++++ b/src/pip/_internal/metadata/base.py
+@@ -28,7 +28,7 @@ from pip._vendor.packaging.utils import NormalizedName
+ from pip._vendor.packaging.version import LegacyVersion, Version
+
+ from pip._internal.exceptions import NoneMetadataError
+-from pip._internal.locations import site_packages, user_site
++from pip._internal.locations import get_scheme, site_packages, user_site
+ from pip._internal.models.direct_url import (
+ DIRECT_URL_METADATA_NAME,
+ DirectUrl,
+@@ -560,6 +560,16 @@ class BaseDistribution(Protocol):
+ for extra in self._iter_egg_info_extras():
+ metadata["Provides-Extra"] = extra
+
++ @property
++ def in_install_path(self) -> bool:
++ """
++ Return True if given Distribution is installed in
++ path matching distutils_scheme layout.
++ """
++ norm_path = normalize_path(self.installed_location)
++ return norm_path.startswith(normalize_path(
++ get_scheme("").purelib.split('python')[0]))
++
+
+ class BaseEnvironment:
+ """An environment containing distributions to introspect."""
+diff --git a/src/pip/_internal/req/req_install.py b/src/pip/_internal/req/req_install.py
+index a1e376c..ed7facf 100644
+--- a/src/pip/_internal/req/req_install.py
++++ b/src/pip/_internal/req/req_install.py
+@@ -416,7 +416,7 @@ class InstallRequirement:
+ f"lack sys.path precedence to {existing_dist.raw_name} "
+ f"in {existing_dist.location}"
+ )
+- else:
++ elif existing_dist.in_install_path:
+ self.should_reinstall = True
+ else:
+ if self.editable:
+diff --git a/src/pip/_internal/resolution/legacy/resolver.py b/src/pip/_internal/resolution/legacy/resolver.py
+index fb49d41..040f2c1 100644
+--- a/src/pip/_internal/resolution/legacy/resolver.py
++++ b/src/pip/_internal/resolution/legacy/resolver.py
+@@ -325,7 +325,9 @@ class Resolver(BaseResolver):
+ """
+ # Don't uninstall the conflict if doing a user install and the
+ # conflict is not a user install.
+- if not self.use_user_site or req.satisfied_by.in_usersite:
++ if ((not self.use_user_site
++ or req.satisfied_by.in_usersite)
++ and req.satisfied_by.in_install_path):
+ req.should_reinstall = True
+ req.satisfied_by = None
+
+diff --git a/src/pip/_internal/resolution/resolvelib/factory.py b/src/pip/_internal/resolution/resolvelib/factory.py
+index a4c24b5..e7e2da9 100644
+--- a/src/pip/_internal/resolution/resolvelib/factory.py
++++ b/src/pip/_internal/resolution/resolvelib/factory.py
+@@ -1,6 +1,8 @@
+ import contextlib
+ import functools
+ import logging
++import sys
++import sysconfig
+ from typing import (
+ TYPE_CHECKING,
+ Dict,
+@@ -549,6 +551,16 @@ class Factory:
+ if dist is None: # Not installed, no uninstallation required.
+ return None
+
++ # Prevent uninstalling packages from /usr
++ try:
++ if dist.installed_location in (
++ sysconfig.get_path('purelib', scheme='posix_prefix', vars={'base': sys.base_prefix}),
++ sysconfig.get_path('platlib', scheme='posix_prefix', vars={'platbase': sys.base_prefix}),
++ ):
++ return None
++ except KeyError: # this Python doesn't have 'rpm_prefix' scheme yet
++ pass
++
+ # We're installing into global site. The current installation must
+ # be uninstalled, no matter it's in global or user site, because the
+ # user site installation has precedence over global.
+--
+2.35.3
+
diff --git a/SPECS/python3.11-pip.spec b/SPECS/python3.11-pip.spec
new file mode 100644
index 0000000..8f607fa
--- /dev/null
+++ b/SPECS/python3.11-pip.spec
@@ -0,0 +1,422 @@
+%global __python3 /usr/bin/python3.11
+%global python3_pkgversion 3.11
+
+%bcond_with tests
+
+%global srcname pip
+%global base_version 22.3.1
+%global upstream_version %{base_version}%{?prerel}
+%global python_wheel_name %{srcname}-%{upstream_version}-py3-none-any.whl
+
+%global bashcompdir %(pkg-config --variable=completionsdir bash-completion 2>/dev/null)
+
+Name: python%{python3_pkgversion}-%{srcname}
+Version: %{base_version}%{?prerel:~%{prerel}}
+Release: 2%{?dist}
+Summary: A tool for installing and managing Python packages
+
+# We bundle a lot of libraries with pip, which itself is under MIT license.
+# Here is the list of the libraries with corresponding licenses:
+
+# appdirs: MIT
+# certifi: MPLv2.0
+# chardet: LGPLv2
+# colorama: BSD
+# CacheControl: ASL 2.0
+# distlib: Python
+# distro: ASL 2.0
+# html5lib: MIT
+# idna: BSD
+# ipaddress: Python
+# msgpack: ASL 2.0
+# packaging: ASL 2.0 or BSD
+# pep517: MIT
+# progress: ISC
+# pygments: BSD
+# pyparsing: MIT
+# requests: ASL 2.0
+# resolvelib: ISC
+# rich: MIT
+# setuptools: MIT
+# six: MIT
+# tenacity: ASL 2.0
+# tomli: MIT
+# typing-extensions: Python
+# urllib3: MIT
+# webencodings: BSD
+
+License: MIT and Python and ASL 2.0 and BSD and ISC and LGPLv2 and MPLv2.0 and (ASL 2.0 or BSD)
+URL: https://pip.pypa.io/
+Source0: https://github.com/pypa/pip/archive/%{upstream_version}/%{srcname}-%{upstream_version}.tar.gz
+%if 0%{?rhel} == 8
+# To generate the man pages for RHEL8 on a system with Python >= 3.7
+# rhpkg prep
+# cd into the pip folder
+# sed -i '/myst_parser/d;/sphinx_copybutton/d;/sphinx_inline_tabs/d;/sphinxcontrib.towncrier/d' docs/html/conf.py
+# sphinx-build-3 -b man docs/man docs/build/man -c docs/html
+# tar -czf pip-22.3.1-man.tar.gz --exclude=".[^/]*" -v docs/build/man
+# mv pip-22.3.1-man.tar.gz ..
+Source1: pip-%{base_version}-man.tar.gz
+%endif #rhel8
+BuildArch: noarch
+
+# Prevent removing of the system packages installed under /usr/lib
+# when pip install -U is executed.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1550368#c24
+# Could be replaced with https://www.python.org/dev/peps/pep-0668/
+Patch0: remove-existing-dist-only-if-path-conflicts.patch
+
+# Use the system level root certificate instead of the one bundled in certifi
+# https://bugzilla.redhat.com/show_bug.cgi?id=1655253
+# The same patch is a part of the RPM-packaged python-certifi
+Patch1: dummy-certifi.patch
+
+# Don't warn the user about pip._internal.main() entrypoint
+# In Fedora, we use that in ensurepip and users cannot do anything about it,
+# this warning is juts moot. Also, the warning breaks CPython test suite.
+Patch2: nowarn-pip._internal.main.patch
+
+# Don't warn the user about packaging's LegacyVersion being deprecated.
+# (This also breaks Python's test suite when warnings are treated as errors.)
+# Upstream issue: https://github.com/pypa/packaging/issues/368
+Patch3: no-version-warning.patch
+
+# Downstream only patch
+# Users might have local installations of pip from using
+# `pip install --user --upgrade pip` on older/newer versions.
+# If they do that and they run `pip` or `pip3`, the one from /usr/bin is used.
+# However that's the one from this RPM package and the import in there might
+# fail (it tries to import from ~/.local, but older or newer pip is there with
+# a bit different API).
+# We add this patch as a dirty workaround to make /usr/bin/pip* work with
+# both pip10+ (from this RPM) and older or newer (19.3+) pip (from whatever).
+# A proper fix is to put ~/.local/bin in front of /usr/bin in the PATH,
+# however others are against that and we cannot change it for existing
+# installs/user homes anyway.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1569488
+# https://bugzilla.redhat.com/show_bug.cgi?id=1571650
+# https://bugzilla.redhat.com/show_bug.cgi?id=1767212
+# WARNING: /usr/bin/pip* are entrypoints, this cannot be applied in %%prep!
+# %%patch10 doesn't work outside of %%prep, so we add it as a source
+# Note that since pip 20, old main() import paths are preserved for backwards
+# compatibility: https://github.com/pypa/pip/issues/7498
+# Meaning we don't need to update any of the older pips to support 20+
+# We also don't need to update Pythons to use new import path in ensurepip
+Source10: pip-allow-different-versions.patch
+
+
+# Virtual provides for the packages bundled by pip.
+# You can generate it with:
+# %%{_rpmconfigdir}/pythonbundles.py --namespace 'python%%{1}dist' src/pip/_vendor/vendor.txt
+%global bundled() %{expand:
+Provides: bundled(python%{1}dist(cachecontrol)) = 0.12.11
+Provides: bundled(python%{1}dist(certifi)) = 2022.9.24
+Provides: bundled(python%{1}dist(chardet)) = 5
+Provides: bundled(python%{1}dist(colorama)) = 0.4.5
+Provides: bundled(python%{1}dist(distlib)) = 0.3.6
+Provides: bundled(python%{1}dist(distro)) = 1.7
+Provides: bundled(python%{1}dist(idna)) = 3.4
+Provides: bundled(python%{1}dist(msgpack)) = 1.0.4
+Provides: bundled(python%{1}dist(packaging)) = 21.3
+Provides: bundled(python%{1}dist(pep517)) = 0.13
+Provides: bundled(python%{1}dist(platformdirs)) = 2.5.2
+Provides: bundled(python%{1}dist(pygments)) = 2.13
+Provides: bundled(python%{1}dist(pyparsing)) = 3.0.9
+Provides: bundled(python%{1}dist(requests)) = 2.28.1
+Provides: bundled(python%{1}dist(resolvelib)) = 0.8.1
+Provides: bundled(python%{1}dist(rich)) = 12.5.1
+Provides: bundled(python%{1}dist(setuptools)) = 44
+Provides: bundled(python%{1}dist(six)) = 1.16
+Provides: bundled(python%{1}dist(tenacity)) = 8.1
+Provides: bundled(python%{1}dist(tomli)) = 2.0.1
+Provides: bundled(python%{1}dist(typing-extensions)) = 4.4
+Provides: bundled(python%{1}dist(urllib3)) = 1.26.12
+Provides: bundled(python%{1}dist(webencodings)) = 0.5.1
+}
+
+# Some manylinux1 wheels need libcrypt.so.1.
+# Manylinux1, a common (as of 2019) platform tag for binary wheels, relies
+# on a glibc version that included ancient crypto functions, which were
+# moved to libxcrypt and then removed in:
+# https://fedoraproject.org/wiki/Changes/FullyRemoveDeprecatedAndUnsafeFunctionsFromLibcrypt
+# The manylinux1 standard assumed glibc would keep ABI compatibility,
+# but that's only the case if libcrypt.so.1 (libxcrypt-compat) is around.
+# This should be solved in the next manylinux standard (but it may be
+# a long time until manylinux1 is phased out).
+# See: https://github.com/pypa/manylinux/issues/305
+# Note that manylinux is only applicable to x86 (both 32 and 64 bits)
+%global crypt_compat_recommends() %{expand:
+Recommends: (libcrypt.so.1()(64bit) if python%{1}(x86-64))
+Recommends: (libcrypt.so.1 if python%{1}(x86-32))
+}
+
+BuildRequires: python%{python3_pkgversion}-devel
+BuildRequires: python%{python3_pkgversion}-rpm-macros
+# python3 bootstrap: this is rebuilt before the final build of python3, which
+# adds the dependency on python3-rpm-generators, so we require it manually
+# Note that the package prefix is always python3-, even if we build for 3.X
+BuildRequires: python3-rpm-generators
+%if 0%{?rhel} == 9
+# We utilize the main Python's stack sphinx to build the manual pages
+BuildRequires: python3-sphinx
+%endif #rhel9
+BuildRequires: python%{python3_pkgversion}-setuptools
+BuildRequires: bash-completion
+BuildRequires: python%{python3_pkgversion}-wheel
+BuildRequires: ca-certificates
+Requires: ca-certificates
+
+%if %{with tests}
+BuildRequires: /usr/bin/git
+BuildRequires: /usr/bin/hg
+BuildRequires: /usr/bin/bzr
+BuildRequires: /usr/bin/svn
+BuildRequires: python%{python3_pkgversion}-setuptools-wheel
+BuildRequires: python%{python3_pkgversion}-wheel-wheel
+BuildRequires: python%{python3_pkgversion}-cryptography
+BuildRequires: python%{python3_pkgversion}-mock
+BuildRequires: python%{python3_pkgversion}-pytest
+BuildRequires: python%{python3_pkgversion}-pretend
+BuildRequires: python%{python3_pkgversion}-freezegun
+BuildRequires: python%{python3_pkgversion}-scripttest
+BuildRequires: python%{python3_pkgversion}-virtualenv
+BuildRequires: python%{python3_pkgversion}-werkzeug
+BuildRequires: python%{python3_pkgversion}-pyyaml
+BuildRequires: python%{python3_pkgversion}-tomli-w
+BuildRequires: python%{python3_pkgversion}-installer
+%endif
+
+
+# This was previously required and we keep it recommended because a lot of
+# sdists installed via pip will try to import setuptools.
+# But pip doesn't actually require setuptools.
+# It can install wheels without them and it can build wheels in isolation mode
+# (using setuptools/flit/poetry/... installed from PyPI).
+# Side note: pip bundles pkg_resources from setuptools for internal usage.
+Recommends: python%{python3_pkgversion}-setuptools
+
+# Require alternatives version that implements the --keep-foreign flag
+Requires(postun): alternatives >= 1.19.1-1
+
+# python3.11 installs the alternatives master symlink to which we attach a slave
+Requires: python%{python3_pkgversion}
+Requires(post): python%{python3_pkgversion}
+Requires(postun): python%{python3_pkgversion}
+
+# Virtual provides for the packages bundled by pip:
+%{bundled %{python3_pkgversion}}
+
+%{crypt_compat_recommends %{python3_pkgversion}}
+
+%description -n python%{python3_pkgversion}-%{srcname}
+pip is a package management system used to install and manage software packages
+written in Python. Many packages can be found in the Python Package Index
+(PyPI). pip is a recursive acronym that can stand for either "Pip Installs
+Packages" or "Pip Installs Python".
+
+%package -n %{python_wheel_pkg_prefix}-%{srcname}-wheel
+Summary: The pip wheel
+Requires: ca-certificates
+
+# Virtual provides for the packages bundled by pip:
+%{bundled %{python3_pkgversion}}
+
+%{crypt_compat_recommends %{python3_pkgversion}}
+
+%description -n %{python_wheel_pkg_prefix}-%{srcname}-wheel
+A Python wheel of pip to use with venv.
+
+%prep
+%autosetup -p1 -n %{srcname}-%{upstream_version}
+
+# this goes together with patch4
+rm src/pip/_vendor/certifi/*.pem
+
+%if 0%{?rhel} == 9
+# Remove unneeded doc dependencies
+sed -i '/myst_parser/d;/sphinx_copybutton/d;/sphinx_inline_tabs/d;/sphinxcontrib.towncrier/d' docs/html/conf.py
+%endif #rhel9
+
+# tests expect wheels in here
+ln -s %{python_wheel_dir} tests/data/common_wheels
+
+# Remove windows executable binaries
+rm -v src/pip/_vendor/distlib/*.exe
+sed -i '/\.exe/d' setup.py
+
+%build
+%py3_build_wheel
+
+%if 0%{?rhel} == 9
+# Build the man pages
+export PYTHONPATH=./src/
+sphinx-build-3 -b man docs/man docs/build/man -c docs/html
+%endif #rhel9
+
+%install
+# The following is similar to %%pyproject_install, but we don't have
+# /usr/bin/pip yet, so we install using the wheel directly.
+# (This is not standard wheel usage, but the pip wheel supports it -- see
+# pip/__main__.py)
+%{python3} dist/%{python_wheel_name}/pip install \
+ --root %{buildroot} \
+ --no-deps \
+ --disable-pip-version-check \
+ --progress-bar off \
+ --verbose \
+ --ignore-installed \
+ --no-warn-script-location \
+ --no-index \
+ --no-cache-dir \
+ --find-links dist \
+ 'pip==%{upstream_version}'
+
+# Install the man pages
+%if 0%{?rhel} == 8
+tar -xvf %{SOURCE1}
+%endif #rhel8
+pushd docs/build/man
+install -d %{buildroot}%{_mandir}/man1
+for MAN in *1; do
+install -pm0644 $MAN %{buildroot}%{_mandir}/man1/${MAN/pip/pip%{python3_pkgversion}}
+install -pm0644 $MAN %{buildroot}%{_mandir}/man1/${MAN/pip/pip-%{python3_pkgversion}}
+done
+popd
+
+# before we ln -s anything, we apply Source10 patch to all pips:
+for PIP in %{buildroot}%{_bindir}/pip*; do
+ patch -p1 --no-backup-if-mismatch $PIP < %{SOURCE10}
+done
+
+mkdir -p %{buildroot}%{bashcompdir}
+PYTHONPATH=%{buildroot}%{python3_sitelib} \
+ %{buildroot}%{_bindir}/pip completion --bash \
+ > %{buildroot}%{bashcompdir}/pip%{python3_pkgversion}
+
+# Make bash completion apply to all the 5 symlinks we install
+sed -i -e "s/^\\(complete.*\\) pip\$/\\1 pip{,-}%{python3_pkgversion}/" \
+ -e s/_pip_completion/_pip%{python3_pkgversion}_completion/ \
+ %{buildroot}%{bashcompdir}/pip%{python3_pkgversion}
+
+
+# Provide symlinks to executables to comply with Fedora guidelines for Python
+ln -s ./pip%{python3_pkgversion} %{buildroot}%{_bindir}/pip-%{python3_pkgversion}
+
+
+# Make sure the INSTALLER is not pip and remove RECORD
+# %%pyproject macros do this for all packages
+echo rpm > %{buildroot}%{python3_sitelib}/pip-%{upstream_version}.dist-info/INSTALLER
+rm %{buildroot}%{python3_sitelib}/pip-%{upstream_version}.dist-info/RECORD
+
+mkdir -p %{buildroot}%{python_wheel_dir}
+install -p dist/%{python_wheel_name} -t %{buildroot}%{python_wheel_dir}
+
+# RHEL: Remove binaries conflicting with RHEL's main pip
+rm %{buildroot}%{_bindir}/pip
+rm %{buildroot}%{_bindir}/pip3
+
+# All ghost files controlled by alternatives need to exist for the files
+# section check to succeed
+touch %{buildroot}%{_bindir}/pip3
+touch %{buildroot}%{_bindir}/pip-3
+
+%check
+%if 0%{?rhel} == 9
+# Verify bundled provides are up to date
+%{_rpmconfigdir}/pythonbundles.py src/pip/_vendor/vendor.txt --namespace 'python%{python3_pkgversion}dist' \
+ --compare-with '%{bundled %{python3_pkgversion}}'
+%endif #rhel9
+
+%if %{with tests}
+# Upstream tests
+# bash completion tests only work from installed package
+pytest_k='not completion'
+
+# --deselect'ed tests are not compatible with the latest virtualenv
+# These files contain almost 500 tests so we should enable them back
+# as soon as pip will be compatible upstream
+# https://github.com/pypa/pip/pull/8441
+%pytest -m 'not network' -k "$(echo $pytest_k)" \
+ --deselect tests/functional --deselect tests/lib/test_lib.py
+%endif
+
+%post -n python%{python3_pkgversion}-%{srcname}
+alternatives --add-slave python3 %{_bindir}/python%{python3_version} \
+ %{_bindir}/pip3 \
+ pip3 \
+ %{_bindir}/pip%{python3_version}
+alternatives --add-slave python3 %{_bindir}/python%{python3_version} \
+ %{_bindir}/pip-3 \
+ pip-3 \
+ %{_bindir}/pip-%{python3_version}
+
+%postun -n python%{python3_pkgversion}-%{srcname}
+# Do this only during uninstall process (not during update)
+if [ $1 -eq 0 ]; then
+ # Only remove the slave links if the master link for python3 still exists.
+ # Due to a possible bug in yum, python3.11 gets removed before python3.11-pip
+ # even though we have declared Requires(postun): python3.11
+ EXISTS=`alternatives --display python3 | \
+ grep -c "^/usr/bin/python%{python3_version} - priority [0-9]*"`
+
+ if [ $EXISTS -ne 0 ]; then
+ alternatives --keep-foreign --remove-slave python3 %{_bindir}/python%{python3_version} \
+ pip3
+ alternatives --keep-foreign --remove-slave python3 %{_bindir}/python%{python3_version} \
+ pip-3
+ fi
+fi
+
+%files -n python%{python3_pkgversion}-%{srcname}
+%doc README.rst
+%license %{python3_sitelib}/pip-%{upstream_version}.dist-info/LICENSE.txt
+%{_mandir}/man1/pip%{python3_pkgversion}.*
+%{_mandir}/man1/pip%{python3_pkgversion}-*.*
+%{_mandir}/man1/pip-%{python3_pkgversion}.*
+%{_mandir}/man1/pip-%{python3_pkgversion}-*.*
+%{_bindir}/pip%{python3_pkgversion}
+%{_bindir}/pip-%{python3_pkgversion}
+%{python3_sitelib}/pip*
+%dir %{bashcompdir}
+%{bashcompdir}/pip%{python3_pkgversion}
+%ghost %{_bindir}/pip3
+%ghost %{_bindir}/pip-3
+
+%files -n %{python_wheel_pkg_prefix}-%{srcname}-wheel
+%license LICENSE.txt
+# we own the dir for simplicity
+%dir %{python_wheel_dir}/
+%{python_wheel_dir}/%{python_wheel_name}
+
+%changelog
+* Mon Jan 30 2023 Charalampos Stratakis <cstratak@redhat.com> - 22.3.1-2
+- Add BuildRequires on python3.11-rpm-macros
+
+* Wed Aug 03 2022 Charalampos Stratakis <cstratak@redhat.com> - 22.3.1-1
+- Initial package
+- Fedora contributions by:
+ # Bill Nottingham <notting@fedoraproject.org>
+ # Charalampos Stratakis <cstratak@redhat.com>
+ # David Malcolm <dmalcolm@redhat.com>
+ # Dennis Gilmore <dennis@ausil.us>
+ # Jon Ciesla <limburgher@gmail.com>
+ # Karolina Surma <ksurma@redhat.com>
+ # Kevin Fenzi <kevin@fedoraproject.org>
+ # Kevin Kofler <Kevin@tigcc.ticalc.org>
+ # Luke Macken <lmacken@redhat.com>
+ # Lumir Balhar <lbalhar@redhat.com>
+ # Marcel Plch <mplch@redhat.com>
+ # Matej Stuchlik <mstuchli@redhat.com>
+ # Michal Cyprian <m.cyprian@gmail.com>
+ # Miro Hrončok <miro@hroncok.cz>
+ # Orion Poplawski <orion@cora.nwra.com>
+ # Pádraig Brady <P@draigBrady.com>
+ # Peter Halliday <hoangelos@fedoraproject.org>
+ # Petr Viktorin <pviktori@redhat.com>
+ # Robert Kuska <rkuska@redhat.com>
+ # Slavek Kabrda <bkabrda@redhat.com>
+ # Tim Flink <tflink@fedoraproject.org>
+ # Tomáš Hrnčiar <thrnciar@redhat.com>
+ # Tomas Orsava <torsava@redhat.com>
+ # Toshio Kuratomi <toshio@fedoraproject.org>
+ # Ville Skyttä <ville.skytta@iki.fi>