Skip to content

build(requirements): bump the prod group across 1 directory with 8 updates #866

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 12, 2025

Updates the requirements on azure-identity, rich, tqdm, dill, pillow, psutil, scipy and snowballstemmer to permit the latest version.
Updates azure-identity from 1.17.1 to 1.22.0

Release notes

Sourced from azure-identity's releases.

azure-identity_1.22.0

1.22.0 (2025-05-06)

Breaking Changes

  • Previously, if a client_id or identity_config was specified in ManagedIdentityCredential for Service Fabric managed identity, which is not supported, the client_id (or resource_id/object_id specified identity_config) would be silently ignored. Now, an exception will be raised during a token request if a client_id or identity_config is specified for Service Fabric managed identity.

Bugs Fixed

  • Fixed an issue with error handling in MSAL-based credentials when the response content is a string rather than a dictionary. (#40281)

Other Changes

  • Deprecated VisualStudioCodeCredential as the VS Code Azure Account extension on which this credential depends on has been deprecated. See the Azure Account extension deprecation notice. (#40613)
  • Python 3.8 is no longer supported. Please use Python version 3.9 or later.
Commits

Updates rich from 13.9.2 to 14.0.0

Release notes

Sourced from rich's releases.

The ENVy of all other releases

Mostly updates to Traceback rendering, to add support for features introduced in Python3.11

We also have a new env var that I am proposing to become a standard. TTY_COMPATIBLE=1 tells Rich to write ansi-escape sequences even if it detects it is not writing to a terminal. This is intended for use with GitHub Actions / CI, which can interpret escape sequences, but aren't a terminal.

There is also a change to how NO_COLOR and FORCE_COLOR are interpreted, which is the reason for the major version bump.

[14.0.0] - 2025-03-30

Added

  • Added env var TTY_COMPATIBLE to override auto-detection of TTY support (See console.rst for details). Textualize/rich#3675

Changed

The Faster is Faster release

[13.9.4] - 2024-11-01

Changed

The irregular expression release

Fix a broken regex that resulted in the slow path being chosen for some operations. This fix should result in notable speedups for some operations, such as wrapping text.

[13.9.3] - 2024-10-22

Fixed

Changelog

Sourced from rich's changelog.

[14.0.0] - 2025-03-30

Added

  • Added env var TTY_COMPATIBLE to override auto-detection of TTY support (See console.rst for details). Textualize/rich#3675

Changed

[13.9.4] - 2024-11-01

Changed

[13.9.3] - 2024-10-22

Fixed

Commits

Updates tqdm from 4.66.5 to 4.67.1

Release notes

Sourced from tqdm's releases.

tqdm v4.67.1 stable

  • fix gui (matplotlib syntax) (#1629)
  • misc test & framework updates
    • bump pytest-asyncio (#1630)
    • fix codecov rate limit
    • fix pybuild
    • sync dependencies

tqdm v4.67.0 stable

  • contrib.discord: replace disco-py with requests (#1536)

tqdm v4.66.6 stable

  • cli: zip-safe --manpath, --comppath (#1627)
  • misc framework updates (#1627)
    • fix pytest DeprecationWarning
    • fix snapcraft build
    • fix nbval DeprecationWarning
    • update & tidy workflows
    • bump pre-commit
    • docs: update URLs
Commits

Updates dill from 0.3.9 to 0.4.0

Commits

Updates pillow from 10.4.0 to 11.2.1

Release notes

Sourced from pillow's releases.

11.2.1

https://pillow.readthedocs.io/en/stable/releasenotes/11.2.1.html

Deprecations

Documentation

Dependencies

... (truncated)

Changelog

Sourced from pillow's changelog.

Changelog (Pillow)

11.1.0 and newer

See GitHub Releases:

11.0.0 (2024-10-15)

  • Update licence to MIT-CMU #8460 [hugovk]

  • Conditionally define ImageCms type hint to avoid requiring core #8197 [radarhere]

  • Support writing LONG8 offsets in AppendingTiffWriter #8417 [radarhere]

  • Use ImageFile.MAXBLOCK when saving TIFF images #8461 [radarhere]

  • Do not close provided file handles with libtiff when saving #8458 [radarhere]

  • Support ImageFilter.BuiltinFilter for I;16* images #8438 [radarhere]

  • Use ImagingCore.ptr instead of ImagingCore.id #8341 [homm, radarhere, hugovk]

  • Updated EPS mode when opening images without transparency #8281 [Yay295, radarhere]

  • Use transparency when combining P frames from APNGs #8443 [radarhere]

  • Support all resampling filters when resizing I;16* images #8422 [radarhere]

  • Free memory on early return #8413 [radarhere]

  • Cast int before potentially exceeding INT_MAX #8402 [radarhere]

... (truncated)

Commits

Updates psutil from 6.1.0 to 7.0.0

Changelog

Sourced from psutil's changelog.

7.0.0

2025-02-13

Enhancements

  • 669_, [Windows]: net_if_addrs()_ also returns the broadcast address instead of None.
  • 2480_: Python 2.7 is no longer supported. Latest version supporting Python 2.7 is psutil 6.1.X. Install it with: pip2 install psutil==6.1.*.
  • 2490_: removed long deprecated Process.memory_info_ex() method. It was deprecated in psutil 4.0.0, released 8 years ago. Substitute is Process.memory_full_info().

Bug fixes

  • 2496_, [Linux]: Avoid segfault (a cPython bug) on Process.memory_maps() for processes that use hundreds of GBs of memory.
  • 2502_, [macOS]: virtual_memory()_ now relies on host_statistics64 instead of host_statistics. This is the same approach used by vm_stat CLI tool, and should grant more accurate results.

Compatibility notes

  • 2480_: Python 2.7 is no longer supported.
  • 2490_: removed long deprecated Process.memory_info_ex() method.

6.1.1

2024-12-19

Enhancements

  • 2471_: use Vulture CLI tool to detect dead code.

Bug fixes

  • 2418_, [Linux]: fix race condition in case /proc/PID/stat does not exist, but /proc/PID does, resulting in FileNotFoundError.
  • 2470_, [Linux]: users()_ may return "localhost" instead of the actual IP address of the user logged in.
Commits
  • ea5b556 pre-release
  • d6e28b7 try to fix tests
  • 104bb32 test cpu_times() for process children
  • 16c091b test cpu_times() for process children
  • eee09da [OSX] proc.c: Fix goo.gl link in comment for source reference (#2505)
  • 17e2780 ci: build aarch64 wheel on GHA aarch64 runner (#2503)
  • 1ba8667 pin black version to 24.X, because new 25.X breaks style
  • 9c114a5 [OSX] use host_statistics64 to get memory metrics (#2502)
  • 08d7d43 pin black version to 24.X, because new 25.X breaks style
  • a509e5a 669 windows broadcast addr (#2501)
  • Additional commits viewable in compare view

Updates scipy from 1.14.1 to 1.15.3

Release notes

Sourced from scipy's releases.

SciPy 1.15.3 Release Notes

SciPy 1.15.3 is a bug-fix release with no new features compared to 1.15.2.

Authors

  • Name (commits)
  • aiudirog (1) +
  • Nickolai Belakovski (1)
  • Florian Bourgey (1) +
  • Richard Strong Bowen (2) +
  • Jake Bowhay (1)
  • Dietrich Brunn (2)
  • Evgeni Burovski (1)
  • Lucas Colley (1)
  • Ralf Gommers (1)
  • Saarthak Gupta (1) +
  • Matt Haberland (4)
  • Chengyu Han (1) +
  • Lukas Huber (1) +
  • Nick ODell (2)
  • Ilhan Polat (4)
  • Tyler Reddy (52)
  • Neil Schemenauer (1) +
  • Dan Schult (1)
  • sildater (1) +
  • Gagandeep Singh (4)
  • Albert Steppi (2)
  • Matthias Urlichs (1) +
  • David Varela (1) +
  • ਗਗਨਦੀਪ ਸਿੰਘ (Gagandeep Singh) (3)

A total of 24 people contributed to this release. People with a "+" by their names contributed a patch for the first time. This list of names is automatically generated, and may not be fully complete.

SciPy 1.15.2 Release Notes

SciPy 1.15.2 is a bug-fix release with no new features compared to 1.15.1. Free-threaded Python 3.13 wheels for Linux ARM platform are available on PyPI starting with this release.

Authors

... (truncated)

Commits
  • e29dcb6 REL: 1.15.3 rel commit [wheel build]
  • 61e6aa1 Merge pull request #22840 from tylerjereddy/treddy_1.15.3_backports
  • 18c4ca8 MAINT: PR 22840 wheel build [wheel build]
  • bd0f132 MAINT: PR 22840 revisions
  • 033b138 MAINT: PR 22840 revisions
  • 7a283cc DOC: PR 22840 revisions
  • 3d1ea40 BUG: spatial.HalfspaceIntersection: raise on non-feasible half space (#20035)
  • d01b984 BUG: ndimage.median_filter: fix segfault when using mode='mirror' (#22608)
  • 0879108 MAINT: special.logsumexp: fix bug when weight of largest magnitude component ...
  • 9b3b2d8 Merge pull request #22869 from smurfix/main
  • Additional commits viewable in compare view

Updates snowballstemmer to 3.0.1

Changelog

Sourced from snowballstemmer's changelog.

Snowball 3.0.1 (2025-05-09)

Python

  • The init.py in 3.0.0 was incorrectly generated due to a missing build dependency and the list of algorithms was empty. First reported by laymonage. Thanks to Dmitry Shachnev, Henry Schreiner and Adam Turner for diagnosing and fixing. (#229, #230, #231)

  • Add trove classifiers for Armenian and Yiddish which have now been registered with PyPI. Thanks to Henry Schreiner and Dmitry Shachnev. (#228)

  • Update documented details of Python 2 support in old versions.

Snowball 3.0.0 (2025-05-08)

Ada

  • Bug fixes:

    • Fix invalid Ada code generated for Snowball loop (it was partly Pascal!) None of the stemmers shipped in previous releases triggered this bug, but the Turkish stemmer now does.

    • The Ada runtime was not tracking the current length of the string but instead used the current limit value or some other substitute, which manifested as various incorrect behaviours for code inside of setlimit.

    • size was incorrectly returning the difference between the limit and the backwards limit.

    • lenof or sizeof on a string variable generated Ada code that didn't even compile.

    • Fix incorrect preconditions on some methods in the runtime.

    • Fix bug in runtime code used by attach, insert, <- and string variable assignment when a (sub)string was replaced with a larger string. This bug was triggered by code in the Kraaij-Pohlmann Dutch stemmer implementation (which was previously not enabled by default but is now the standard Dutch stemmer).

    • Fix invalid code generated for insert, <- and string variable assignment. This bug was triggered by code in the Kraaij-Pohlmann Dutch stemmer implementation (which was previously not enabled by default but is now the standard Dutch stemmer).

... (truncated)

Commits
  • e4b3efb Update for 3.0.1
  • bbd3319 Protect empty languages dict
  • 298ff9f Update details of Python 2 support in old versions
  • 53fe098 python: Specify correct dependencies for $(python_output_dir)/__init__.py
  • 00a22de Stop excluding classifiers for Armenian and Yiddish
  • abd9adc Update for 3.0.0
  • d23d356 Back out incomplete ESM support for 3.0.0
  • ff42274 Update draft NEWS entry
  • cd61f01 tamil: remove_tense_suffix signals if ending removed
  • edfe576 nepali: Reformat amongs to be clearer
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

📚 Documentation preview 📚: https://RDAgent--866.org.readthedocs.build/en/866/

…dates

Updates the requirements on [azure-identity](https://github.com/Azure/azure-sdk-for-python), [rich](https://github.com/Textualize/rich), [tqdm](https://github.com/tqdm/tqdm), [dill](https://github.com/uqfoundation/dill), [pillow](https://github.com/python-pillow/Pillow), [psutil](https://github.com/giampaolo/psutil), [scipy](https://github.com/scipy/scipy) and [snowballstemmer](https://github.com/snowballstem/snowball) to permit the latest version.

Updates `azure-identity` from 1.17.1 to 1.22.0
- [Release notes](https://github.com/Azure/azure-sdk-for-python/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md)
- [Commits](Azure/azure-sdk-for-python@azure-identity_1.17.1...azure-identity_1.22.0)

Updates `rich` from 13.9.2 to 14.0.0
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](Textualize/rich@v13.9.2...v14.0.0)

Updates `tqdm` from 4.66.5 to 4.67.1
- [Release notes](https://github.com/tqdm/tqdm/releases)
- [Commits](tqdm/tqdm@v4.66.5...v4.67.1)

Updates `dill` from 0.3.9 to 0.4.0
- [Release notes](https://github.com/uqfoundation/dill/releases)
- [Commits](uqfoundation/dill@0.3.9...0.4.0)

Updates `pillow` from 10.4.0 to 11.2.1
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](python-pillow/Pillow@10.4.0...11.2.1)

Updates `psutil` from 6.1.0 to 7.0.0
- [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst)
- [Commits](giampaolo/psutil@release-6.1.0...release-7.0.0)

Updates `scipy` from 1.14.1 to 1.15.3
- [Release notes](https://github.com/scipy/scipy/releases)
- [Commits](scipy/scipy@v1.14.1...v1.15.3)

Updates `snowballstemmer` to 3.0.1
- [Changelog](https://github.com/snowballstem/snowball/blob/master/NEWS)
- [Commits](snowballstem/snowball@v2.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: azure-identity
  dependency-version: 1.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod
- dependency-name: rich
  dependency-version: 14.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod
- dependency-name: tqdm
  dependency-version: 4.67.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod
- dependency-name: dill
  dependency-version: 0.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod
- dependency-name: pillow
  dependency-version: 11.2.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod
- dependency-name: psutil
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod
- dependency-name: scipy
  dependency-version: 1.15.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod
- dependency-name: snowballstemmer
  dependency-version: 3.0.1
  dependency-type: direct:production
  dependency-group: prod
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels May 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants