Bump the pip group across 3 directories with 2 updates #571

dependabot · 2024-04-03T21:46:14Z

Bumps the pip group with 1 update in the /examples/ChestXRay/metrics/project directory: scikit-learn.
Bumps the pip group with 1 update in the /examples/SurgMLCube/surg_metrics/project directory: scikit-learn.
Bumps the pip group with 1 update in the /examples/chestxray_tutorial/data_preparator/project directory: pillow.

Updates scikit-learn from 0.24.2 to 1.0.1

Release notes

Sourced from scikit-learn's releases.

scikit-learn 1.0.1

We're happy to announce the 1.0.1 release with several bugfixes:

You can see the changelog here: https://scikit-learn.org/dev/whats_new/v1.0.html#version-1-0-1

You can upgrade with pip as usual:
pip install -U scikit-learn
The conda-forge builds will be available shortly, which you can then install using:
conda install -c conda-forge scikit-learn
scikit-learn 1.0

We're happy to announce the 1.0 release. You can read the release highlights under https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_0_0.html and the long version of the change log under https://scikit-learn.org/stable/whats_new/v1.0.html#changes-1-0

This version supports Python versions 3.7 to 3.9.

Commits

0d37891 Trigger wheel builder workflow: [cd build]
7737cb9 DOC update the News section in website (#21417)
8971a19 DOC Ensures that MultiTaskElasticNetCV passes numpydoc validation (#21405)
d6e24ee DOC Ensures that LabelSpreading passes numpydoc validation (#21414)
14fda2f DOC Ensures that PassiveAggressiveRegressor passes numpydoc validation (#21413)
112ae4e DOC Ensures that OrthogonalMatchingPursuitCV passes numpydoc validation (#21412)
cd927c0 FIX delete feature_names_in_ when refitting on a ndarray (#21389)
ae223ee bumpversion to 1.0.1
9227162 MNT remove 1.1 changelog due to rebase conflict
5d75547 MNT fix changelog 1.0.1 (#21416)
Additional commits viewable in compare view

Updates scikit-learn from 0.24.2 to 1.0.1

Release notes

Sourced from scikit-learn's releases.

scikit-learn 1.0.1

We're happy to announce the 1.0.1 release with several bugfixes:

You can see the changelog here: https://scikit-learn.org/dev/whats_new/v1.0.html#version-1-0-1

You can upgrade with pip as usual:
pip install -U scikit-learn
The conda-forge builds will be available shortly, which you can then install using:
conda install -c conda-forge scikit-learn
scikit-learn 1.0

We're happy to announce the 1.0 release. You can read the release highlights under https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_0_0.html and the long version of the change log under https://scikit-learn.org/stable/whats_new/v1.0.html#changes-1-0

This version supports Python versions 3.7 to 3.9.

Commits

0d37891 Trigger wheel builder workflow: [cd build]
7737cb9 DOC update the News section in website (#21417)
8971a19 DOC Ensures that MultiTaskElasticNetCV passes numpydoc validation (#21405)
d6e24ee DOC Ensures that LabelSpreading passes numpydoc validation (#21414)
14fda2f DOC Ensures that PassiveAggressiveRegressor passes numpydoc validation (#21413)
112ae4e DOC Ensures that OrthogonalMatchingPursuitCV passes numpydoc validation (#21412)
cd927c0 FIX delete feature_names_in_ when refitting on a ndarray (#21389)
ae223ee bumpversion to 1.0.1
9227162 MNT remove 1.1 changelog due to rebase conflict
5d75547 MNT fix changelog 1.0.1 (#21416)
Additional commits viewable in compare view

Updates pillow from 9.5.0 to 10.3.0

Release notes

Sourced from pillow's releases.

10.3.0

https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html

Changes

CVE-2024-28219: Use strncpy to avoid buffer overflow #7928 [@hugovk]

Use functools.lru_cache for hopper() #7912 [@hugovk]

Raise ValueError if seeking to greater than offset-sized integer in TIFF #7883 [@radarhere]

Improve speed of loading QOI images #7925 [@radarhere]

Added RGB to I;16N conversion #7920 [@radarhere]

Add --report argument to main.py to omit supported formats #7818 [@nulano]

Added RGB to I;16, I;16L and I;16B conversion #7918 [@radarhere]

Fix editable installation with custom build backend and configuration options #7658 [@nulano]

Fix putdata() for I;16N on big-endian #7209 [@Yay295]

Determine MPO size from markers, not EXIF data #7884 [@radarhere]

Improved conversion from RGB to RGBa, LA and La #7888 [@radarhere]

Support FITS images with GZIP_1 compression #7894 [@radarhere]

Use I;16 mode for 9-bit JPEG 2000 images #7900 [@scaramallion]

Raise ValueError if kmeans is negative #7891 [@radarhere]

Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893 [@radarhere]

Raise ValueError for negative values when loading P1-P3 PPM images #7882 [@radarhere]

Added reading of JPEG2000 palettes #7870 [@radarhere]

Added alpha_quality argument when saving WebP images #7872 [@radarhere]

Fixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions #7881 [@radarhere]

Removed Python and NumPy pinning on Cygwin #7880 [@radarhere]

Update UnidentifiedImageError and version imports #7644 [@radarhere]

Stop reading EPS image at EOF marker #7753 [@radarhere]

PSD layer co-ordinates may be negative #7706 [@radarhere]

Use subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer #7791 [@radarhere]

When saving GIF frame that restores to background color, do not fill identical pixels #7788 [@radarhere]

Fixed reading PNG iCCP compression method #7823 [@radarhere]

Allow writing IFDRational to UNDEFINED tag #7840 [@radarhere]

Fix logged tag name when loading Exif data #7842 [@radarhere]

Use maximum frame size in IHDR chunk when saving APNG images #7821 [@radarhere]

Prevent opening P TGA images without a palette #7797 [@radarhere]

Use palette when loading ICO images #7798 [@radarhere]

Use consistent arguments for load_read and load_seek #7713 [@radarhere]

Turn off nullability warnings for macOS SDK #7827 [@radarhere]

Fix shift-sign issue in Convert.c #7838 [@r-barnes]

winbuild: Refactor dependency versions into constants #7843 [@hugovk]

Build macOS arm64 wheels natively #7852 [@radarhere]

Fixed typo #7855 [@radarhere]

Open 16-bit grayscale PNGs as I;16 #7849 [@radarhere]

Handle truncated chunks at the end of PNG images #7709 [@lajiyuan]

Match mask size to pasted image size in GifImagePlugin #7779 [@radarhere]

Changed SupportsGetMesh protocol to be public #7841 [@radarhere]

Release GIL while calling WebPAnimDecoderGetNext #7782 [@evanmiller]

Fixed reading FLI/FLC images with a prefix chunk #7804 [@twolife]

Updated package name for Tidelift #7810 [@radarhere]

Removed unused code #7744 [@radarhere]

... (truncated)

Changelog

Sourced from pillow's changelog.

10.3.0 (2024-04-01)

CVE-2024-28219: Use strncpy to avoid buffer overflow #7928 [radarhere, hugovk]

Deprecate eval(), replacing it with lambda_eval() and unsafe_eval() #7927 [radarhere, hugovk]

Raise ValueError if seeking to greater than offset-sized integer in TIFF #7883 [radarhere]

Add --report argument to __main__.py to omit supported formats #7818 [nulano, radarhere, hugovk]

Added RGB to I;16, I;16L, I;16B and I;16N conversion #7918, #7920 [radarhere]

Fix editable installation with custom build backend and configuration options #7658 [nulano, radarhere]

Fix putdata() for I;16N on big-endian #7209 [Yay295, hugovk, radarhere]

Determine MPO size from markers, not EXIF data #7884 [radarhere]

Improved conversion from RGB to RGBa, LA and La #7888 [radarhere]

Support FITS images with GZIP_1 compression #7894 [radarhere]

Use I;16 mode for 9-bit JPEG 2000 images #7900 [scaramallion, radarhere]

Raise ValueError if kmeans is negative #7891 [radarhere]

Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893 [radarhere]

Raise ValueError for negative values when loading P1-P3 PPM images #7882 [radarhere]

Added reading of JPEG2000 palettes #7870 [radarhere]

Added alpha_quality argument when saving WebP images #7872 [radarhere]

... (truncated)

Commits

5c89d88 10.3.0 version bump
63cbfcf Update CHANGES.rst [ci skip]
2776126 Merge pull request #7928 from python-pillow/lcms
aeb51cb Merge branch 'main' into lcms
5beb0b6 Update CHANGES.rst [ci skip]
cac6ffa Merge pull request #7927 from python-pillow/imagemath
f5eeeac Name as 'options' in lambda_eval and unsafe_eval, but '_dict' in deprecated eval
facf3af Added release notes
2a93aba Use strncpy to avoid buffer overflow
a670597 Update CHANGES.rst [ci skip]
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the pip group with 1 update in the /examples/ChestXRay/metrics/project directory: [scikit-learn](https://github.com/scikit-learn/scikit-learn). Bumps the pip group with 1 update in the /examples/SurgMLCube/surg_metrics/project directory: [scikit-learn](https://github.com/scikit-learn/scikit-learn). Bumps the pip group with 1 update in the /examples/chestxray_tutorial/data_preparator/project directory: [pillow](https://github.com/python-pillow/Pillow). Updates `scikit-learn` from 0.24.2 to 1.0.1 - [Release notes](https://github.com/scikit-learn/scikit-learn/releases) - [Commits](scikit-learn/scikit-learn@0.24.2...1.0.1) Updates `scikit-learn` from 0.24.2 to 1.0.1 - [Release notes](https://github.com/scikit-learn/scikit-learn/releases) - [Commits](scikit-learn/scikit-learn@0.24.2...1.0.1) Updates `pillow` from 9.5.0 to 10.3.0 - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@9.5.0...10.3.0) --- updated-dependencies: - dependency-name: scikit-learn dependency-type: direct:production dependency-group: pip-security-group - dependency-name: scikit-learn dependency-type: direct:production dependency-group: pip-security-group - dependency-name: pillow dependency-type: direct:production dependency-group: pip-security-group ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2024-04-03T21:46:30Z

MLCommons CLA bot All contributors have signed the MLCommons CLA ✍️ ✅

dependabot · 2024-04-17T02:52:10Z

Superseded by #580.

dependabot bot requested a review from a team as a code owner April 3, 2024 21:46

dependabot bot added the component: dependencies issues regarding dependencies label Apr 3, 2024

dependabot bot had a problem deploying to testing-external-code April 3, 2024 21:46 Failure

dependabot bot closed this Apr 17, 2024

dependabot bot deleted the dependabot/pip/examples/ChestXRay/metrics/project/pip-security-group-476f0f1ea8 branch April 17, 2024 02:52

github-actions bot locked and limited conversation to collaborators Apr 17, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the pip group across 3 directories with 2 updates #571

Bump the pip group across 3 directories with 2 updates #571

dependabot bot commented on behalf of github Apr 3, 2024

github-actions bot commented Apr 3, 2024

dependabot bot commented on behalf of github Apr 17, 2024

Bump the pip group across 3 directories with 2 updates #571

Bump the pip group across 3 directories with 2 updates #571

Conversation

dependabot bot commented on behalf of github Apr 3, 2024

scikit-learn 1.0.1

scikit-learn 1.0

scikit-learn 1.0.1

scikit-learn 1.0

10.3.0

Changes

10.3.0 (2024-04-01)

github-actions bot commented Apr 3, 2024

dependabot bot commented on behalf of github Apr 17, 2024