Bump the pip group across 1 directory with 5 updates by dependabot[bot] · Pull Request #50 · emilymclean/LemmyModBot

dependabot · 2024-07-06T01:30:01Z

Bumps the pip group with 5 updates in the / directory:

Package	From	To
scikit-learn	`1.4.1.post1`	`1.5.0`
certifi	`2024.2.2`	`2024.7.4`
pillow	`10.3.0`	`10.4.0`
tqdm	`4.66.2`	`4.66.3`
urllib3	`1.26.18`	`1.26.19`

Updates scikit-learn from 1.4.1.post1 to 1.5.0

Release notes

Sourced from scikit-learn's releases.

Scikit-learn 1.5.0

We're happy to announce the 1.5.0 release.

You can read the release highlights under https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_5_0.html and the long version of the change log under https://scikit-learn.org/stable/whats_new/v1.5.html

This version supports Python versions 3.9 to 3.12.

You can upgrade with pip as usual:
pip install -U scikit-learn
The conda-forge builds can be installed using:
conda install -c conda-forge scikit-learn
Scikit-learn 1.4.2

We're happy to announce the 1.4.2 release.

This release only includes support for numpy 2.

This version supports Python versions 3.9 to 3.12.

You can upgrade with pip as usual:
pip install -U scikit-learn

Commits

b51d0c9 trigger whell builder [cd build]
919ae9b MAINT Reoder what's new for 1.5 (#29039)
0ac28ad DOC Release highlights 1.5 (#29007)
729b54d test py3.12 against numpy 2 [cd build]
1e50434 set version
ffbe4ab DOC remove obsolete SVM example (#27108)
4647729 DOC Fix time complexity of MLP (#28592)
9bd7047 FIX convergence criterion of MeanShift (#28951)
b79420f FIX add long long for int32/int64 windows compat in NumPy 2.0 (#29029)
37f544d DOC replace pandas with Polars in examples/gaussian_process/plot_gpr_co2.py (...
Additional commits viewable in compare view

Updates certifi from 2024.2.2 to 2024.7.4

Commits

bd81538 2024.07.04 (#295)
06a2cbf Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294)
13bba02 Bump actions/checkout from 4.1.6 to 4.1.7 (#293)
e8abcd0 Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#292)
124f4ad 2024.06.02 (#291)
c2196ce --- (#290)
fefdeec Bump actions/checkout from 4.1.4 to 4.1.5 (#289)
3c5fb15 Bump actions/download-artifact from 4.1.6 to 4.1.7 (#286)
4a9569a Bump actions/checkout from 4.1.2 to 4.1.4 (#287)
1fc8086 Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#288)
Additional commits viewable in compare view

Updates pillow from 10.3.0 to 10.4.0

Release notes

Sourced from pillow's releases.

10.4.0

https://pillow.readthedocs.io/en/stable/releasenotes/10.4.0.html

Changes

Raise FileNotFoundError if show_file() path does not exist #8178 [@radarhere]

Improved reading 16-bit TGA images with colour #7965 [@Yay295]

Fixed processing multiple JPEG EXIF markers #8127 [@radarhere]

Do not preserve EXIFIFD tag by default when saving TIFF images #8110 [@radarhere]

Added ImageFont.load_default_imagefont() #8086 [@radarhere]

Added Image.WARN_POSSIBLE_FORMATS #8063 [@radarhere]

Do not presume "xmp" info simply because "XML:com.adobe.xmp" info exists #8173 [@radarhere]

Remove zero-byte end padding when parsing any XMP data #8171 [@radarhere]

Do not detect Ultra HDR images as MPO #8056 [@radarhere]

Raise SyntaxError specific to JP2 #8146 [@Yay295]

Do not use first frame duration for other frames when saving APNG images #8104 [@radarhere]

Consider I;16 pixel size when using a 1 mode mask #8112 [@radarhere]

When saving multiple PNG frames, convert to mode rather than raw mode #8087 [@radarhere]

Added byte support to FreeTypeFont #8141 [@radarhere]

Allow float center for rotate operations #8114 [@radarhere]

Do not read layers immediately when opening PSD images #8039 [@radarhere]

Restore original thread state #8065 [@radarhere]

Read IM and TIFF images as RGB, rather than RGBX #7997 [@radarhere]

Only preserve TIFF IPTC_NAA_CHUNK tag if type is BYTE or UNDEFINED #7948 [@radarhere]

Prevent extra EPS header validations #8144 [@Yay295]

Clarify ImageDraw2 error message when size is missing #8165 [@radarhere]

Support unpacking more rawmodes to RGBA palettes #7966 [@radarhere]

Removed support for Qt 5 #8159 [@radarhere]

Improve ImageFont.freetype support for XDG directories on Linux #8135 [@mamg22]

Improved consistency of XMP handling #8069 [@radarhere]

Use pkg-config to help find libwebp and raqm #8142 [@radarhere]

Renamed C transform2 to transform #8113 [@radarhere]

Updated nasm to 2.16.03 #7990 [@radarhere]

[pre-commit.ci] pre-commit autoupdate #8100 [@pre-commit-ci]

Updated ImageCms.createProfile colorTemp default and docstring #8096 [@radarhere]

Added ImageDraw circle() #8085 [@void4]

Don't reuse variable name #8082 [@Yay295]

Use functools.cached_property in GifImagePlugin #8037 [@radarhere]

Add mypy target to Makefile #8077 [@Yay295]

Added Python 3.13 beta wheels #8071 [@radarhere]

Parse _version contents instead of using exec() #8050 [@radarhere]

Lint fixes #8068 [@radarhere]

Fix type errors #8064 [@radarhere]

Added MPEG accept function #7999 [@radarhere]

Added more modes to Image.MODES #7984 [@radarhere]

[pre-commit.ci] pre-commit autoupdate #8044 [@pre-commit-ci]

Do not use percent format in strings #8045 [@radarhere]

Changed string formatting to f-strings #8043 [@mrKazzila]

Removed direct invocation of setup.py #8027 [@radarhere]

Update ExifTags.py #8020 [@CTimmerman]

... (truncated)

Changelog

Sourced from pillow's changelog.

10.4.0 (2024-07-01)

Raise FileNotFoundError if show_file() path does not exist #8178 [radarhere]

Improved reading 16-bit TGA images with colour #7965 [Yay295, radarhere]

Deprecate non-image ImageCms modes #8031 [radarhere]

Fixed processing multiple JPEG EXIF markers #8127 [radarhere]

Do not preserve EXIFIFD tag by default when saving TIFF images #8110 [radarhere]

Added ImageFont.load_default_imagefont() #8086 [radarhere]

Added Image.WARN_POSSIBLE_FORMATS #8063 [radarhere]

Remove zero-byte end padding when parsing any XMP data #8171 [radarhere]

Do not detect Ultra HDR images as MPO #8056 [radarhere]

Raise SyntaxError specific to JP2 #8146 [Yay295, radarhere]

Do not use first frame duration for other frames when saving APNG images #8104 [radarhere]

Consider I;16 pixel size when using a 1 mode mask #8112 [radarhere]

When saving multiple PNG frames, convert to mode rather than raw mode #8087 [radarhere]

Added byte support to FreeTypeFont #8141 [radarhere]

Allow float center for rotate operations #8114 [radarhere]

Do not read layers immediately when opening PSD images #8039 [radarhere]

... (truncated)

Commits

9b4fae7 10.4.0 version bump
b55d74b Update CHANGES.rst [ci skip]
8daf550 Merge pull request #8178 from radarhere/imageshow
c6d8c58 Merge pull request #7965 from Yay295/patch-3
c9ec76a Raise FileNotFoundError if show_file() path does not exist
b48d175 Update CHANGES.rst [ci skip]
4d6dff3 Merge pull request #8031 from radarhere/imagingcms_modes
70b3815 Merge pull request #8127 from radarhere/multiple_exif_markers
88cd6d4 Rearranged comments
41426a6 Merge pull request #8110 from radarhere/exififd
Additional commits viewable in compare view

Updates tqdm from 4.66.2 to 4.66.3

Release notes

Sourced from tqdm's releases.

tqdm v4.66.3 stable

cli: eval safety (fixes CVE-2024-34062, GHSA-g7vv-2v7x-gj9p)

Commits

4e613f8 Merge pull request from GHSA-g7vv-2v7x-gj9p
b53348c cli: eval safety
See full diff in compare view

Updates urllib3 from 1.26.18 to 1.26.19

Release notes

Sourced from urllib3's releases.

1.26.19

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

Added the Proxy-Authorization header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect.

Full Changelog: urllib3/urllib3@1.26.18...1.26.19

Note that due to an issue with our release automation, no multiple.intoto.jsonl file is available for this release.

Changelog

Sourced from urllib3's changelog.

1.26.19 (2024-06-17)

Added the Proxy-Authorization header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect.

Fixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS. ([#3405](https://github.com/urllib3/urllib3/issues/3405) <https://github.com/urllib3/urllib3/issues/3405>__)

Commits

d9d85c8 Release 1.26.19
8528b63 [1.26] Fix downstream tests (#3409)
40b6d16 Merge pull request from GHSA-34jh-p97f-mpxf
29cfd02 Fix handling of OpenSSL 3.2.0 new error message "record layer failure" (#3405)
b600643 [1.26] Bump RECENT_DATE (#3404)
7e2d389 [1.26] Fix running CPython 2.7 tests in CI (#3137)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the pip group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.4.1.post1` | `1.5.0` | | [certifi](https://github.com/certifi/python-certifi) | `2024.2.2` | `2024.7.4` | | [pillow](https://github.com/python-pillow/Pillow) | `10.3.0` | `10.4.0` | | [tqdm](https://github.com/tqdm/tqdm) | `4.66.2` | `4.66.3` | | [urllib3](https://github.com/urllib3/urllib3) | `1.26.18` | `1.26.19` | Updates `scikit-learn` from 1.4.1.post1 to 1.5.0 - [Release notes](https://github.com/scikit-learn/scikit-learn/releases) - [Commits](scikit-learn/scikit-learn@1.4.1.post1...1.5.0) Updates `certifi` from 2024.2.2 to 2024.7.4 - [Commits](certifi/python-certifi@2024.02.02...2024.07.04) Updates `pillow` from 10.3.0 to 10.4.0 - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@10.3.0...10.4.0) Updates `tqdm` from 4.66.2 to 4.66.3 - [Release notes](https://github.com/tqdm/tqdm/releases) - [Commits](tqdm/tqdm@v4.66.2...v4.66.3) Updates `urllib3` from 1.26.18 to 1.26.19 - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@1.26.18...1.26.19) --- updated-dependencies: - dependency-name: scikit-learn dependency-type: direct:production dependency-group: pip - dependency-name: certifi dependency-type: direct:production dependency-group: pip - dependency-name: pillow dependency-type: direct:production dependency-group: pip - dependency-name: tqdm dependency-type: direct:production dependency-group: pip - dependency-name: urllib3 dependency-type: direct:production dependency-group: pip ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Jul 6, 2024

dependabot bot mentioned this pull request Jul 6, 2024

Bump the pip group across 1 directory with 3 updates #49

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the pip group across 1 directory with 5 updates#50

Bump the pip group across 1 directory with 5 updates#50
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/pip/pip-7e43dbf030

dependabot bot commented on behalf of github Jul 6, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Jul 6, 2024

Scikit-learn 1.5.0

Scikit-learn 1.4.2

10.4.0

Changes

10.4.0 (2024-07-01)

tqdm v4.66.3 stable

1.26.19

🚀 urllib3 is fundraising for HTTP/2 support

Changes

1.26.19 (2024-06-17)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants