Skip to content

build(requirements): bump the prod group across 1 directory with 7 updates #812

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

build(requirements): bump the prod group across 1 directory with 7 updates #812

wants to merge 2 commits into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 21, 2025
edited
Loading

Bumps the prod group with 7 updates in the / directory:

Package From To
azure-identity 1.17.1 1.21.0
rich 13.9.2 14.0.0
tqdm 4.66.5 4.67.1
dill 0.3.9 0.4.0
pillow 10.4.0 11.2.1
psutil 6.1.0 7.0.0
scipy 1.14.1 1.15.2

Updates azure-identity from 1.17.1 to 1.21.0

Release notes

Sourced from azure-identity's releases.

azure-identity_1.21.0

1.21.0 (2025-03-11)

Other Changes

  • Updated the asynchronous CertificateCredential to use the PS256 algorithm with PSS padding for certificate authentication in non-ADFS tenants. (#39761)
  • Deprecated UsernamePasswordCredential, as it doesn't support multifactor authentication (MFA). MFA will soon be enforced on all Microsoft Entra tenants. For more details, see Planning for mandatory MFA. (#39785)
Commits

Updates rich from 13.9.2 to 14.0.0

Release notes

Sourced from rich's releases.

The ENVy of all other releases

Mostly updates to Traceback rendering, to add support for features introduced in Python3.11

We also have a new env var that I am proposing to become a standard. TTY_COMPATIBLE=1 tells Rich to write ansi-escape sequences even if it detects it is not writing to a terminal. This is intended for use with GitHub Actions / CI, which can interpret escape sequences, but aren't a terminal.

There is also a change to how NO_COLOR and FORCE_COLOR are interpreted, which is the reason for the major version bump.

[14.0.0] - 2025-03-30

Added

  • Added env var TTY_COMPATIBLE to override auto-detection of TTY support (See console.rst for details). Textualize/rich#3675

Changed

The Faster is Faster release

[13.9.4] - 2024-11-01

Changed

The irregular expression release

Fix a broken regex that resulted in the slow path being chosen for some operations. This fix should result in notable speedups for some operations, such as wrapping text.

[13.9.3] - 2024-10-22

Fixed

Changelog

Sourced from rich's changelog.

[14.0.0] - 2025-03-30

Added

  • Added env var TTY_COMPATIBLE to override auto-detection of TTY support (See console.rst for details). Textualize/rich#3675

Changed

[13.9.4] - 2024-11-01

Changed

[13.9.3] - 2024-10-22

Fixed

Commits

Updates tqdm from 4.66.5 to 4.67.1

Release notes

Sourced from tqdm's releases.

tqdm v4.67.1 stable

  • fix gui (matplotlib syntax) (#1629)
  • misc test & framework updates
    • bump pytest-asyncio (#1630)
    • fix codecov rate limit
    • fix pybuild
    • sync dependencies

tqdm v4.67.0 stable

  • contrib.discord: replace disco-py with requests (#1536)

tqdm v4.66.6 stable

  • cli: zip-safe --manpath, --comppath (#1627)
  • misc framework updates (#1627)
    • fix pytest DeprecationWarning
    • fix snapcraft build
    • fix nbval DeprecationWarning
    • update & tidy workflows
    • bump pre-commit
    • docs: update URLs
Commits

Updates dill from 0.3.9 to 0.4.0

Commits

Updates pillow from 10.4.0 to 11.2.1

Release notes

Sourced from pillow's releases.

11.2.1

https://pillow.readthedocs.io/en/stable/releasenotes/11.2.1.html

Deprecations

Documentation

Dependencies

... (truncated)

Changelog

Sourced from pillow's changelog.

Changelog (Pillow)

11.1.0 and newer

See GitHub Releases:

11.0.0 (2024-10-15)

  • Update licence to MIT-CMU #8460 [hugovk]

  • Conditionally define ImageCms type hint to avoid requiring core #8197 [radarhere]

  • Support writing LONG8 offsets in AppendingTiffWriter #8417 [radarhere]

  • Use ImageFile.MAXBLOCK when saving TIFF images #8461 [radarhere]

  • Do not close provided file handles with libtiff when saving #8458 [radarhere]

  • Support ImageFilter.BuiltinFilter for I;16* images #8438 [radarhere]

  • Use ImagingCore.ptr instead of ImagingCore.id #8341 [homm, radarhere, hugovk]

  • Updated EPS mode when opening images without transparency #8281 [Yay295, radarhere]

  • Use transparency when combining P frames from APNGs #8443 [radarhere]

  • Support all resampling filters when resizing I;16* images #8422 [radarhere]

  • Free memory on early return #8413 [radarhere]

  • Cast int before potentially exceeding INT_MAX #8402 [radarhere]

... (truncated)

Commits

Updates psutil from 6.1.0 to 7.0.0

Changelog

Sourced from psutil's changelog.

7.0.0

2025-02-13

Enhancements

  • 669_, [Windows]: net_if_addrs()_ also returns the broadcast address instead of None.
  • 2480_: Python 2.7 is no longer supported. Latest version supporting Python 2.7 is psutil 6.1.X. Install it with: pip2 install psutil==6.1.*.
  • 2490_: removed long deprecated Process.memory_info_ex() method. It was deprecated in psutil 4.0.0, released 8 years ago. Substitute is Process.memory_full_info().

Bug fixes

  • 2496_, [Linux]: Avoid segfault (a cPython bug) on Process.memory_maps() for processes that use hundreds of GBs of memory.
  • 2502_, [macOS]: virtual_memory()_ now relies on host_statistics64 instead of host_statistics. This is the same approach used by vm_stat CLI tool, and should grant more accurate results.

Compatibility notes

  • 2480_: Python 2.7 is no longer supported.
  • 2490_: removed long deprecated Process.memory_info_ex() method.

6.1.1

2024-12-19

Enhancements

  • 2471_: use Vulture CLI tool to detect dead code.

Bug fixes

  • 2418_, [Linux]: fix race condition in case /proc/PID/stat does not exist, but /proc/PID does, resulting in FileNotFoundError.
  • 2470_, [Linux]: users()_ may return "localhost" instead of the actual IP address of the user logged in.
Commits
  • ea5b556 pre-release
  • d6e28b7 try to fix tests
  • 104bb32 test cpu_times() for process children
  • 16c091b test cpu_times() for process children
  • eee09da [OSX] proc.c: Fix goo.gl link in comment for source reference (#2505)
  • 17e2780 ci: build aarch64 wheel on GHA aarch64 runner (#2503)
  • 1ba8667 pin black version to 24.X, because new 25.X breaks style
  • 9c114a5 [OSX] use host_statistics64 to get memory metrics (#2502)
  • 08d7d43 pin black version to 24.X, because new 25.X breaks style
  • a509e5a 669 windows broadcast addr (#2501)
  • Additional commits viewable in compare view

Updates scipy from 1.14.1 to 1.15.2

Release notes

Sourced from scipy's releases.

SciPy 1.15.2 Release Notes

SciPy 1.15.2 is a bug-fix release with no new features compared to 1.15.1. Free-threaded Python 3.13 wheels for Linux ARM platform are available on PyPI starting with this release.

Authors

  • Name (commits)
  • Peter Bell (1)
  • Charles Bousseau (1) +
  • Jake Bowhay (3)
  • Matthew Brett (1)
  • Ralf Gommers (3)
  • Rohit Goswami (1)
  • Matt Haberland (4)
  • Parth Nobel (1) +
  • Tyler Reddy (33)
  • Daniel Schmitz (2)
  • Dan Schult (5)
  • Scott Shambaugh (2)
  • Edgar Andrés Margffoy Tuay (1)
  • Warren Weckesser (4)

A total of 14 people contributed to this release. People with a "+" by their names contributed a patch for the first time. This list of names is automatically generated, and may not be fully complete.

SciPy 1.15.1 Release Notes

SciPy 1.15.1 is a bug-fix release with no new features compared to 1.15.0. Importantly, an issue with the import of scipy.optimize breaking other packages has been fixed.

Authors

  • Name (commits)
  • Ralf Gommers (3)
  • Rohit Goswami (1)
  • Matt Haberland (2)
  • Tyler Reddy (7)
  • Daniel Schmitz (1)

... (truncated)

Commits
  • 0f1fd4a REL: 1.15.2 rel commit [wheel build]
  • 7df5cc6 Merge pull request #22471 from tylerjereddy/treddy_backports_1.15.2
  • a046fa0 CI: PR 22471 wheel builds [wheel build]
  • 198aa52 DOC: PR 22471 revisions
  • ba61a58 CI: PR 22471 revisions
  • e0251ee do not check dtype in test_compare_with_GCVSPL
  • fcc68dd MAINT: integrate.cumulative_simpson: bump test tolerance
  • 6d2c059 BUG: wrap median_filter stability (#22402)
  • 59cb7d4 DOC: PR 22471 revisions
  • a60d17f MAINT: pearsonr SIMD-related shim
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

📚 Documentation preview 📚: https://RDAgent--812.org.readthedocs.build/en/812/

@dependabot
build(requirements): bump the prod group across 1 directory with 7 up…
780b99b 
…dates

Bumps the prod group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [azure-identity](https://github.com/Azure/azure-sdk-for-python) | `1.17.1` | `1.21.0` |
| [rich](https://github.com/Textualize/rich) | `13.9.2` | `14.0.0` |
| [tqdm](https://github.com/tqdm/tqdm) | `4.66.5` | `4.67.1` |
| [dill](https://github.com/uqfoundation/dill) | `0.3.9` | `0.4.0` |
| [pillow](https://github.com/python-pillow/Pillow) | `10.4.0` | `11.2.1` |
| [psutil](https://github.com/giampaolo/psutil) | `6.1.0` | `7.0.0` |
| [scipy](https://github.com/scipy/scipy) | `1.14.1` | `1.15.2` |



Updates `azure-identity` from 1.17.1 to 1.21.0
- [Release notes](https://github.com/Azure/azure-sdk-for-python/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md)
- [Commits](Azure/azure-sdk-for-python@azure-identity_1.17.1...azure-identity_1.21.0)

Updates `rich` from 13.9.2 to 14.0.0
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](Textualize/rich@v13.9.2...v14.0.0)

Updates `tqdm` from 4.66.5 to 4.67.1
- [Release notes](https://github.com/tqdm/tqdm/releases)
- [Commits](tqdm/tqdm@v4.66.5...v4.67.1)

Updates `dill` from 0.3.9 to 0.4.0
- [Release notes](https://github.com/uqfoundation/dill/releases)
- [Commits](uqfoundation/dill@0.3.9...0.4.0)

Updates `pillow` from 10.4.0 to 11.2.1
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](python-pillow/Pillow@10.4.0...11.2.1)

Updates `psutil` from 6.1.0 to 7.0.0
- [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst)
- [Commits](giampaolo/psutil@release-6.1.0...release-7.0.0)

Updates `scipy` from 1.14.1 to 1.15.2
- [Release notes](https://github.com/scipy/scipy/releases)
- [Commits](scipy/scipy@v1.14.1...v1.15.2)

---
updated-dependencies:
- dependency-name: azure-identity
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod
- dependency-name: rich
  dependency-version: 14.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod
- dependency-name: tqdm
  dependency-version: 4.67.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod
- dependency-name: dill
  dependency-version: 0.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod
- dependency-name: pillow
  dependency-version: 11.2.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod
- dependency-name: psutil
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod
- dependency-name: scipy
  dependency-version: 1.15.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 21, 2025
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github May 12, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this May 12, 2025
@dependabot dependabot bot deleted the dependabot/pip/prod-2965b3a10e branch May 12, 2025 01:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants