Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the main-dependencies group with 9 updates #593

Closed
wants to merge 1 commit into from
Closed

Bump the main-dependencies group with 9 updates #593

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 11, 2025

Bumps the main-dependencies group with 9 updates:

Package From To
numpy 1.26.3 1.26.4
scipy 1.14.1 1.15.2
astropy 6.0.1 6.1.7
httpx 0.26.0 0.28.1
beautifulsoup4 4.12.1 4.13.3
lxml 5.2.2 5.3.1
more-itertools 10.2.0 10.6.0
tqdm 4.66.5 4.67.1
synphot 1.4.0 1.5.0

Updates numpy from 1.26.3 to 1.26.4

Release notes

Sourced from numpy's releases.

v1.26.4

NumPy 1.26.4 Release Notes

NumPy 1.26.4 is a maintenance release that fixes bugs and regressions discovered after the 1.26.3 release. The Python versions supported by this release are 3.9-3.12. This is the last planned release in the 1.26.x series.

Contributors

A total of 13 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

  • Charles Harris
  • Elliott Sales de Andrade
  • Lucas Colley +
  • Mark Ryan +
  • Matti Picus
  • Nathan Goldbaum
  • Ola x Nilsson +
  • Pieter Eendebak
  • Ralf Gommers
  • Sayed Adel
  • Sebastian Berg
  • Stefan van der Walt
  • Stefano Rivera

Pull requests merged

A total of 19 pull requests were merged for this release.

  • #25323: BUG: Restore missing asstr import
  • #25523: MAINT: prepare 1.26.x for further development
  • #25539: BUG: numpy.array_api: fix linalg.cholesky upper decomp...
  • #25584: CI: Bump azure pipeline timeout to 120 minutes
  • #25585: MAINT, BLD: Fix unused inline functions warnings on clang
  • #25599: BLD: include fix for MinGW platform detection
  • #25618: TST: Fix test_numeric on riscv64
  • #25619: BLD: fix building for windows ARM64
  • #25620: MAINT: add newaxis to __all__ in numpy.array_api
  • #25630: BUG: Use large file fallocate on 32 bit linux platforms
  • #25643: TST: Fix test_warning_calls on Python 3.12
  • #25645: TST: Bump pytz to 2023.3.post1
  • #25658: BUG: Fix AVX512 build flags on Intel Classic Compiler
  • #25670: BLD: fix potential issue with escape sequences in __config__.py
  • #25718: CI: pin cygwin python to 3.9.16-1 and fix typing tests [skip...
  • #25720: MAINT: Bump cibuildwheel to v2.16.4
  • #25748: BLD: unvendor meson-python on 1.26.x and upgrade to meson-python...
  • #25755: MAINT: Include header defining backtrace
  • #25756: BUG: Fix np.quantile([Fraction(2,1)], 0.5) (#24711)

... (truncated)

Commits
  • 9815c16 Merge pull request #25770 from charris/prepare-1.26.4
  • 114ed25 REL: Prepare for the NumPy 1.26.4 release
  • 2fae4d3 Merge pull request #25323 from stefanor/import-asstr
  • ce89a0a Merge pull request #25756 from charris/backport-24711
  • f62dfc6 Merge pull request #25755 from charris/backport-25709
  • fee88ab BUG: Fix np.quantile([Fraction(2,1)], 0.5) (#24711)
  • 659be68 MAINT: Include header defining backtrace
  • 837cd38 Merge pull request #25748 from rgommers/unvendor-mesonpython
  • f984240 CI: upgrade cibuildwheel from 2.16.4 to 2.16.5 [wheel build]
  • 3548f9d BLD: unvendor meson-python [wheel build]
  • Additional commits viewable in compare view

Updates scipy from 1.14.1 to 1.15.2

Release notes

Sourced from scipy's releases.

SciPy 1.15.2 Release Notes

SciPy 1.15.2 is a bug-fix release with no new features compared to 1.15.1. Free-threaded Python 3.13 wheels for Linux ARM platform are available on PyPI starting with this release.

Authors

  • Name (commits)
  • Peter Bell (1)
  • Charles Bousseau (1) +
  • Jake Bowhay (3)
  • Matthew Brett (1)
  • Ralf Gommers (3)
  • Rohit Goswami (1)
  • Matt Haberland (4)
  • Parth Nobel (1) +
  • Tyler Reddy (33)
  • Daniel Schmitz (2)
  • Dan Schult (5)
  • Scott Shambaugh (2)
  • Edgar Andrés Margffoy Tuay (1)
  • Warren Weckesser (4)

A total of 14 people contributed to this release. People with a "+" by their names contributed a patch for the first time. This list of names is automatically generated, and may not be fully complete.

SciPy 1.15.1 Release Notes

SciPy 1.15.1 is a bug-fix release with no new features compared to 1.15.0. Importantly, an issue with the import of scipy.optimize breaking other packages has been fixed.

Authors

  • Name (commits)
  • Ralf Gommers (3)
  • Rohit Goswami (1)
  • Matt Haberland (2)
  • Tyler Reddy (7)
  • Daniel Schmitz (1)

... (truncated)

Commits
  • 0f1fd4a REL: 1.15.2 rel commit [wheel build]
  • 7df5cc6 Merge pull request #22471 from tylerjereddy/treddy_backports_1.15.2
  • a046fa0 CI: PR 22471 wheel builds [wheel build]
  • 198aa52 DOC: PR 22471 revisions
  • ba61a58 CI: PR 22471 revisions
  • e0251ee do not check dtype in test_compare_with_GCVSPL
  • fcc68dd MAINT: integrate.cumulative_simpson: bump test tolerance
  • 6d2c059 BUG: wrap median_filter stability (#22402)
  • 59cb7d4 DOC: PR 22471 revisions
  • a60d17f MAINT: pearsonr SIMD-related shim
  • Additional commits viewable in compare view

Updates astropy from 6.0.1 to 6.1.7

Release notes

Sourced from astropy's releases.

v6.1.7

See https://docs.astropy.org/en/v6.1.7/changelog.html

v6.1.5

See https://docs.astropy.org/en/v6.1.5/changelog.html

v6.1.4

See https://docs.astropy.org/en/v6.1.4/changelog.html

v6.1.3

See https://docs.astropy.org/en/v6.1.3/changelog.html

v6.1.2

See https://docs.astropy.org/en/v6.1.2/changelog.html

v6.1.1

See https://docs.astropy.org/en/v6.1.1/changelog.html

v6.1.0

See https://docs.astropy.org/en/v6.1.0/changelog.html

Commits
  • 5692198 Merge pull request #17431 from astrofrog/v6.1.7-changelog
  • 2106f39 Finalizing changelog for v6.1.7
  • 044a150 Merge pull request #17411 from meeseeksmachine/auto-backport-of-pr-17410-on-v...
  • 6d263f8 Backport PR #17410: Add sigma_clip tests for MaskedArray masks
  • 5328b70 Merge pull request #17407 from meeseeksmachine/auto-backport-of-pr-17402-on-v...
  • f5cb2dc Backport PR #17402: Fix loss of mask sigma clipping (issue #17401)
  • 99241d3 Merge pull request #17396 from meeseeksmachine/auto-backport-of-pr-17394-on-v...
  • 9444181 Backport PR #17394: Fix typos in quantity tests
  • d4e571a Merge pull request #17370 from astrofrog/v6.1.6-changelog
  • 5d2ff64 Finalizing changelog for v6.1.6
  • Additional commits viewable in compare view

Updates httpx from 0.26.0 to 0.28.1

Release notes

Sourced from httpx's releases.

Version 0.28.1

0.28.1 (6th December, 2024)

  • Fix SSL case where verify=False together with client side certificates.

Version 0.28.0

0.28.0 (28th November, 2024)

The 0.28 release includes a limited set of deprecations.

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

  • The verify argument as a string argument is now deprecated and will raise warnings.
  • The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

  • The deprecated proxies argument has now been removed.
  • The deprecated app argument has now been removed.
  • JSON request bodies use a compact representation. (#3363)
  • Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
  • Ensure certifi and httpcore are only imported if required. (#3377)
  • Treat socks5h as a valid proxy scheme. (#3178)
  • Cleanup Request() method signature in line with client.request() and httpx.request(). (#3378)
  • Bugfix: When passing params={}, always strictly update rather than merge with an existing querystring. (#3364)

Version 0.27.2

0.27.2 (27th August, 2024)

Fixed

  • Reintroduced supposedly-private URLTypes shortcut. (#2673)

Version 0.27.1

0.27.1 (27th August, 2024)

Added

  • Support for zstd content decoding using the python zstandard package is added. Installable using httpx[zstd]. (#3139)

Fixed

  • Improved error messaging for InvalidURL exceptions. (#3250)
  • Fix app type signature in ASGITransport. (#3109)

... (truncated)

Changelog

Sourced from httpx's changelog.

0.28.1 (6th December, 2024)

  • Fix SSL case where verify=False together with client side certificates.

0.28.0 (28th November, 2024)

Be aware that the default JSON request bodies now use a more compact representation. This is generally considered a prefered style, tho may require updates to test suites.

The 0.28 release includes a limited set of deprecations...

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

  • The verify argument as a string argument is now deprecated and will raise warnings.
  • The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

  • The deprecated proxies argument has now been removed.
  • The deprecated app argument has now been removed.
  • JSON request bodies use a compact representation. (#3363)
  • Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
  • Ensure certifi and httpcore are only imported if required. (#3377)
  • Treat socks5h as a valid proxy scheme. (#3178)
  • Cleanup Request() method signature in line with client.request() and httpx.request(). (#3378)
  • Bugfix: When passing params={}, always strictly update rather than merge with an existing querystring. (#3364)

0.27.2 (27th August, 2024)

Fixed

  • Reintroduced supposedly-private URLTypes shortcut. (#2673)

0.27.1 (27th August, 2024)

Added

  • Support for zstd content decoding using the python zstandard package is added. Installable using httpx[zstd]. (#3139)

Fixed

  • Improved error messaging for InvalidURL exceptions. (#3250)
  • Fix app type signature in ASGITransport. (#3109)

0.27.0 (21st February, 2024)

... (truncated)

Commits

Updates beautifulsoup4 from 4.12.1 to 4.13.3

Updates lxml from 5.2.2 to 5.3.1

Changelog

Sourced from lxml's changelog.

5.3.1 (2025-02-09)

Bugs fixed

  • GH#440: Some tests were adapted for libxml2 2.14.0. Patch by Nick Wellnhofer.

  • LP#2097175: DTD(external_id="…") erroneously required a byte string as ID value.

  • GH#450: iterparse() internally triggered the `DeprecationWarning`` added in lxml 5.3.0 when parsing HTML.

Other changes

  • GH#442: Binary wheels for macOS no longer use the linker flag -flat_namespace.

5.3.0 (2024-08-10)

Features added

  • GH#421: Nested CDATA sections are no longer rejected but split on output to represent ]]> correctly. Patch by Gertjan Klein.

Bugs fixed

  • LP#2060160: Attribute values serialised differently in xmlfile.element() and xmlfile.write().

  • LP#2058177: The ISO-Schematron implementation could fail on unknown prefixes. Patch by David Lakin.

Other changes

  • LP#2067707: The strip_cdata option in HTMLParser() turned out to be useless and is now deprecated.

  • Binary wheels use the library versions libxml2 2.12.9 and libxslt 1.1.42.

  • Windows binary wheels use the library versions libxml2 2.11.8 and libxslt 1.1.39.

  • Built with Cython 3.0.11.

Commits
  • 1dd5001 Update changelog.
  • 7b177e4 CI: Fix dependency issues.
  • 088c9e5 CI: Use older Ubuntu image to fix builds.
  • 58af8b3 CI: Try to get legacy jobs working again.
  • 37cdbb5 Prepare release of lxml 5.3.1.
  • 64ac58f Build/CI: Update cache action from deprecated version.
  • 6b654c9 Buld: Downgrade Ubuntu build image to fix dependency issues.
  • 71fda3f Update changelog.
  • 306041e iterparse: ignore "strip_cdata" when parsing HTML (GH-450)
  • e73c466 Fix DTD(external_id="...") option.
  • Additional commits viewable in compare view

Updates more-itertools from 10.2.0 to 10.6.0

Release notes

Sourced from more-itertools's releases.

Version 10.6.0

  • New functions:

    • is_prime and nth_prime were added (thanks to JamesParrott and rhettinger)
    • loops was added (thanks to rhettinger)

  • Changes to existing functions:

    • factor was optimized to handle larger inputs and use less memory (thanks to rhettinger)
    • spy was optimized to enable nested calls (thanks to rhettinger)
    • polynomial_from_roots was made non-recursive and able to handle larger numbers of roots (thanks to pochmann3 and rhettinger)
    • is_sorted now only relies on less than comparisons (thanks to rhettinger)
    • The docstring for outer_product was improved (thanks to rhettinger)
    • The type annotations for sample were improved (thanks to rhettinger)

  • Other changes:

    • Python 3.13 is officially supported. Python 3.8 is no longer officially supported. (thanks to hugovk, JamesParrott, and stankudrow)
    • mypy checks were fixed (thanks to JamesParrott)

v10.5.0

What's Changed

Full Changelog: more-itertools/more-itertools@v10.4.0...v10.5.0

Version 10.4.0

What's Changed

... (truncated)

Commits

Updates tqdm from 4.66.5 to 4.67.1

Release notes

Sourced from tqdm's releases.

tqdm v4.67.1 stable

  • fix gui (matplotlib syntax) (#1629)
  • misc test & framework updates
    • bump pytest-asyncio (#1630)
    • fix codecov rate limit
    • fix pybuild
    • sync dependencies

tqdm v4.67.0 stable

  • contrib.discord: replace disco-py with requests (#1536)

tqdm v4.66.6 stable

  • cli: zip-safe --manpath, --comppath (#1627)
  • misc framework updates (#1627)
    • fix pytest DeprecationWarning
    • fix snapcraft build
    • fix nbval DeprecationWarning
    • update & tidy workflows
    • bump pre-commit
    • docs: update URLs
Commits

Updates synphot from 1.4.0 to 1.5.0

Release notes

Sourced from synphot's releases.

1.5.0 Release Notes

Also see CHANGES.rst.

What's Changed

Full Changelog: spacetelescope/synphot_refactor@1.4.0...1.5.0

Changelog

Sourced from synphot's changelog.

1.5.0 (2024-11-19)

  • Default Vega is now alpha_lyr_stis_011.fits. #400
Commits
  • 352fa71 Merge pull request #400 from pllim/update-ci
  • 262a309 Bump default Vega and update CI
  • 40d6a55 Bump Python versions for RC testing
  • 813583d Merge pull request #398 from spacetelescope/dependabot/github_actions/master/...
  • c070dcd Bump the actions group with 5 updates
  • 8c8daab Merge pull request #397 from spacetelescope/dependabot/github_actions/master/...
  • cb65a6b Bump codecov/codecov-action from 4.5.0 to 4.6.0 in the actions group
  • 5b2e227 Merge pull request #395 from pllim/action-ver-hash
  • 3d4dc1f MNT: Use hash for Action workflow versions and update if needed
  • b85a0c3 DOC: Add nightly wheel instructions
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the main-dependencies group with 9 updates
86da9c9 
Bumps the main-dependencies group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [numpy](https://github.com/numpy/numpy) | `1.26.3` | `1.26.4` |
| [scipy](https://github.com/scipy/scipy) | `1.14.1` | `1.15.2` |
| [astropy](https://github.com/astropy/astropy) | `6.0.1` | `6.1.7` |
| [httpx](https://github.com/encode/httpx) | `0.26.0` | `0.28.1` |
| [beautifulsoup4](https://www.crummy.com/software/BeautifulSoup/bs4/) | `4.12.1` | `4.13.3` |
| [lxml](https://github.com/lxml/lxml) | `5.2.2` | `5.3.1` |
| [more-itertools](https://github.com/more-itertools/more-itertools) | `10.2.0` | `10.6.0` |
| [tqdm](https://github.com/tqdm/tqdm) | `4.66.5` | `4.67.1` |
| [synphot](https://github.com/spacetelescope/synphot_refactor) | `1.4.0` | `1.5.0` |


Updates `numpy` from 1.26.3 to 1.26.4
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](numpy/numpy@v1.26.3...v1.26.4)

Updates `scipy` from 1.14.1 to 1.15.2
- [Release notes](https://github.com/scipy/scipy/releases)
- [Commits](scipy/scipy@v1.14.1...v1.15.2)

Updates `astropy` from 6.0.1 to 6.1.7
- [Release notes](https://github.com/astropy/astropy/releases)
- [Changelog](https://github.com/astropy/astropy/blob/main/docs/changelog.rst)
- [Commits](astropy/astropy@v6.0.1...v6.1.7)

Updates `httpx` from 0.26.0 to 0.28.1
- [Release notes](https://github.com/encode/httpx/releases)
- [Changelog](https://github.com/encode/httpx/blob/master/CHANGELOG.md)
- [Commits](encode/httpx@0.26.0...0.28.1)

Updates `beautifulsoup4` from 4.12.1 to 4.13.3

Updates `lxml` from 5.2.2 to 5.3.1
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](lxml/lxml@lxml-5.2.2...lxml-5.3.1)

Updates `more-itertools` from 10.2.0 to 10.6.0
- [Release notes](https://github.com/more-itertools/more-itertools/releases)
- [Commits](more-itertools/more-itertools@v10.2.0...v10.6.0)

Updates `tqdm` from 4.66.5 to 4.67.1
- [Release notes](https://github.com/tqdm/tqdm/releases)
- [Commits](tqdm/tqdm@v4.66.5...v4.67.1)

Updates `synphot` from 1.4.0 to 1.5.0
- [Release notes](https://github.com/spacetelescope/synphot_refactor/releases)
- [Changelog](https://github.com/spacetelescope/synphot_refactor/blob/master/CHANGES.rst)
- [Commits](spacetelescope/synphot_refactor@1.4.0...1.5.0)

---
updated-dependencies:
- dependency-name: numpy
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: main-dependencies
- dependency-name: scipy
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: main-dependencies
- dependency-name: astropy
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: main-dependencies
- dependency-name: httpx
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: main-dependencies
- dependency-name: beautifulsoup4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: main-dependencies
- dependency-name: lxml
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: main-dependencies
- dependency-name: more-itertools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: main-dependencies
- dependency-name: tqdm
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: main-dependencies
- dependency-name: synphot
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: main-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Related to or updating any dependencies label Mar 11, 2025
@teutoburg teutoburg mentioned this pull request Mar 11, 2025
Closed
@teutoburg
Copy link
Contributor

So that will be the one we're gonna ignore each month. Or something like that...

@teutoburg teutoburg closed this Mar 11, 2025
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 11, 2025

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot bot deleted the dependabot/pip/main-dependencies-6739419931 branch March 11, 2025 23:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Related to or updating any dependencies
Projects
ScopeSim-development
Status: ✅ Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@teutoburg