Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the pip group across 1 directory with 5 updates #24

Closed
wants to merge 1 commit into from
Closed

Bump the pip group across 1 directory with 5 updates #24

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Apr 24, 2024

Bumps the pip group with 5 updates in the / directory:

Package From To
lxml 4.4.2 4.9.1
nltk 3.4.5 3.6.6
numpy 1.18.1 1.22.0
scikit-learn 0.19.1 0.23.1
scipy 1.4.1 1.11.1

Updates lxml from 4.4.2 to 4.9.1

Changelog

Sourced from lxml's changelog.

4.9.1 (2022-07-01)

Bugs fixed

  • A crash was resolved when using iterwalk() (or canonicalize()) after parsing certain incorrect input. Note that iterwalk() can crash on valid input parsed with the same parser after failing to parse the incorrect input.

4.9.0 (2022-06-01)

Bugs fixed

  • GH#341: The mixin inheritance order in lxml.html was corrected. Patch by xmo-odoo.

Other changes

  • Built with Cython 0.29.30 to adapt to changes in Python 3.11 and 3.12.

  • Wheels include zlib 1.2.12, libxml2 2.9.14 and libxslt 1.1.35 (libxml2 2.9.12+ and libxslt 1.1.34 on Windows).

  • GH#343: Windows-AArch64 build support in Visual Studio. Patch by Steve Dower.

4.8.0 (2022-02-17)

Features added

  • GH#337: Path-like objects are now supported throughout the API instead of just strings. Patch by Henning Janssen.

  • The ElementMaker now supports QName values as tags, which always override the default namespace of the factory.

Bugs fixed

  • GH#338: In lxml.objectify, the XSI float annotation "nan" and "inf" were spelled in lower case, whereas XML Schema datatypes define them as "NaN" and "INF" respectively.

... (truncated)

Commits
  • d01872c Prevent parse failure in new test from leaking into later test runs.
  • d65e632 Prepare release of lxml 4.9.1.
  • 86368e9 Fix a crash when incorrect parser input occurs together with usages of iterwa...
  • 50c2764 Delete unused Travis CI config and reference in docs (GH-345)
  • 8f0bf2d Try to speed up the musllinux AArch64 build by splitting the different CPytho...
  • b9f7074 Remove debug print from test.
  • b224e0f Try to install 'xz' in wheel builds, if available, since it's now needed to e...
  • 897ebfa Update macOS deployment target version from 10.14 to 10.15 since 10.14 starts...
  • 853c9e9 Prepare release of 4.9.0.
  • d3f77e6 Add a test for https://bugs.launchpad.net/lxml/+bug/1965070 leaving out the a...
  • Additional commits viewable in compare view

Updates nltk from 3.4.5 to 3.6.6

Changelog

Sourced from nltk's changelog.

Version 3.8.1 2023-01-02

  • Resolve RCE vulnerability in localhost WordNet Browser (#3100)
  • Remove unused tool scripts (#3099)
  • Resolve XSS vulnerability in localhost WordNet Browser (#3096)
  • Add Python 3.11 support (#3090)

Thanks to the following contributors to 3.8.1: Francis Bond, John Vandenberg, Tom Aarsen

Version 3.8 2022-12-12

  • Refactor dispersion plot (#3082)
  • Provide type hints for LazyCorpusLoader variables (#3081)
  • Throw warning when LanguageModel is initialized with incorrect vocabulary (#3080)
  • Fix WordNet's all_synsets() function (#3078)
  • Resolve TreebankWordDetokenizer inconsistency with end-of-string contractions (#3070)
  • Support both iso639-3 codes and BCP-47 language tags (#3060)
  • Avoid DeprecationWarning in Regexp tokenizer (#3055)
  • Fix many doctests, add doctests to CI (#3054, #3050, #3048)
  • Fix bool field not being read in VerbNet (#3044)
  • Greatly improve time efficiency of SyllableTokenizer when tokenizing numbers (#3042)
  • Fix encodings of Polish udhr corpus reader (#3038)
  • Allow TweetTokenizer to tokenize emoji flag sequences (#3034)
  • Prevent LazyModule from increasing the size of nltk.dict (#3033)
  • Fix CoreNLPServer non-default port issue (#3031)
  • Add "acion" suffix to the Spanish SnowballStemmer (#3030)
  • Allow loading WordNet without OMW (#3026)
  • Use input() in nltk.chat.chatbot() for Jupyter support (#3022)
  • Fix edit_distance_align() in distance.py (#3017)
  • Tackle performance and accuracy regression of sentence tokenizer since NLTK 3.6.6 (#3014)
  • Add the Iota operator to semantic logic (#3010)
  • Resolve critical errors in WordNet app (#3008)
  • Resolve critical error in CHILDES Corpus (#2998)
  • Make WordNet information_content() accept adjective satellites (#2995)
  • Add "strict=True" parameter to CoreNLP (#2993, #3043)
  • Resolve issue with WordNet's synset_from_sense_key (#2988)
  • Handle WordNet synsets that were lost in mapping (#2985)
  • Resolve TypeError in Boxer (#2979)
  • Add function to retrieve WordNet synonyms (#2978)
  • Warn about nonexistent OMW offsets instead of raising an error (#2974)
  • Fix missing ic argument in res, jcn and lin similarity functions of WordNet (#2970)
  • Add support for the extended OMW (#2946)
  • Fix LC cutoff policy of text tiling (#2936)
  • Optimize ConditionalFreqDist.add performance (#2939)
  • Add Markdown corpus reader (#2902)

Thanks to the following contributors to 3.8: Alexandre Perez-Lebel, David Lukes, Eric Kafe, Fernando Carranza, Heungson Lee,

... (truncated)

Commits
  • 4862b09 updates for 3.6.6
  • 6b60213 Refactor gensim.doctest to work for gensim 4.0.0 and up (#2914)
  • 59aa3fb Fix decode error for bllip parser (#2897)
  • a28d256 Add Precision, Recall, F-measure, Confusion Matrix to Taggers (#2862)
  • 72d9885 Added warnings if .zip files exist without any corresponding .csv files. (#2908)
  • dea7b44 Fix FileNotFoundError when the download_dir is a non-existing nested fold...
  • abbe86b Undo #2909 due to unexpected test failure
  • c075dab Allow commits with /nocache to not use the cache (#2909)
  • d6d513d Renamed omw to omw-1.4 (#2907)
  • 2a50a3e Resolve ReDoS opportunity by fixing incorrectly specified regex (#2906)
  • Additional commits viewable in compare view

Updates numpy from 1.18.1 to 1.22.0

Release notes

Sourced from numpy's releases.

v1.22.0

NumPy 1.22.0 Release Notes

NumPy 1.22.0 is a big release featuring the work of 153 contributors spread over 609 pull requests. There have been many improvements, highlights are:

  • Annotations of the main namespace are essentially complete. Upstream is a moving target, so there will likely be further improvements, but the major work is done. This is probably the most user visible enhancement in this release.
  • A preliminary version of the proposed Array-API is provided. This is a step in creating a standard collection of functions that can be used across application such as CuPy and JAX.
  • NumPy now has a DLPack backend. DLPack provides a common interchange format for array (tensor) data.
  • New methods for quantile, percentile, and related functions. The new methods provide a complete set of the methods commonly found in the literature.
  • A new configurable allocator for use by downstream projects.

These are in addition to the ongoing work to provide SIMD support for commonly used functions, improvements to F2PY, and better documentation.

The Python versions supported in this release are 3.8-3.10, Python 3.7 has been dropped. Note that 32 bit wheels are only provided for Python 3.8 and 3.9 on Windows, all other wheels are 64 bits on account of Ubuntu, Fedora, and other Linux distributions dropping 32 bit support. All 64 bit wheels are also linked with 64 bit integer OpenBLAS, which should fix the occasional problems encountered by folks using truly huge arrays.

Expired deprecations

Deprecated numeric style dtype strings have been removed

Using the strings "Bytes0", "Datetime64", "Str0", "Uint32", and "Uint64" as a dtype will now raise a TypeError.

(gh-19539)

Expired deprecations for loads, ndfromtxt, and mafromtxt in npyio

numpy.loads was deprecated in v1.15, with the recommendation that users use pickle.loads instead. ndfromtxt and mafromtxt were both deprecated in v1.17 - users should use numpy.genfromtxt instead with the appropriate value for the usemask parameter.

(gh-19615)

... (truncated)

Commits

Updates scikit-learn from 0.19.1 to 0.23.1

Release notes

Sourced from scikit-learn's releases.

scikit-learn 0.23.1

We're happy to announce the 0.23.1 release which fixes a few issues affecting many users, namely: K-Means should be faster for small sample sizes, and the representation of third-party estimators was fixed.

You can check this version out using:

    pip install -U scikit-learn

You can see the changelog here: https://scikit-learn.org/stable/whats_new/v0.23.html#version-0-23-1 The conda-forge builds will be available shortly, which you can then install using:

    conda install -c conda-forge scikit-learn

scikit-learn 0.23.0

We're happy to announce the 0.23 release. You can read the release highlights under https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_0_23_0.html and the long version of the change log under https://scikit-learn.org/stable/whats_new/v0.23.html#version-0-23-0

This version supports Python versions 3.6 to 3.8.

Scikit-learn 0.22.2.post1

We're happy to announce the 0.22.2.post1 bugfix release.

The 0.22.2.post1 release includes a packaging fix for the source distribution but the content of the packages is otherwise identical to the content of the wheels with the 0.22.2 version (without the .post1 suffix).

Change log under https://scikit-learn.org/stable/whats_new/v0.22.html#changes-0-22-2.

This version supports Python versions 3.5 to 3.8.

Scikit-learn 0.22.1

We're happy to announce the 0.22.1 bugfix release. Change log under https://scikit-learn.org/stable/whats_new/v0.22.html#changes-0-22-1.

This version supports Python versions 3.5 to 3.8.

Scikit-learn 0.22.0

We're happy to announce the 0.22 release. You can read the release highlights under https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_0_22_0.html and the long version of the change log under https://scikit-learn.org/stable/whats_new/v0.22.html#changes-0-22.

This version supports Python versions 3.5 to 3.8.

Scikit-learn 0.21.3

A bug fix and documentation release, fixing regressions and other issues released in version 0.21. See change log at https://scikit-learn.org/0.21/whats_new/v0.21.html

Scikit-learn 0.21.2

This version fixes a few bugs released in 0.21.1.

Scikit-learn version 0.21.1

... (truncated)

Commits

Updates scipy from 1.4.1 to 1.11.1

Release notes

Sourced from scipy's releases.

SciPy 1.11.1 Release Notes

SciPy 1.11.1 is a bug-fix release with no new features compared to 1.11.0. In particular, a licensing issue discovered after the release of 1.11.0 has been addressed.

Authors

  • Name (commits)
  • h-vetinari (1)
  • Robert Kern (1)
  • Ilhan Polat (4)
  • Tyler Reddy (8)

A total of 4 people contributed to this release. People with a "+" by their names contributed a patch for the first time. This list of names is automatically generated, and may not be fully complete.

SciPy 1.11.0 Release Notes

SciPy 1.11.0 is the culmination of 6 months of hard work. It contains many new features, numerous bug-fixes, improved test coverage and better documentation. There have been a number of deprecations and API changes in this release, which are documented below. All users are encouraged to upgrade to this release, as there are a large number of bug-fixes and optimizations. Before upgrading, we recommend that users check that their own code does not use deprecated SciPy functionality (to do so, run your code with python -Wd and check for DeprecationWarning s). Our development attention will now shift to bug-fix releases on the 1.11.x branch, and on adding new features on the main branch.

This release requires Python 3.9+ and NumPy 1.21.6 or greater.

For running on PyPy, PyPy3 6.0+ is required.

Highlights of this release

  • Several scipy.sparse array API improvements, including sparse.sparray, a new public base class distinct from the older sparse.spmatrix class, proper 64-bit index support, and numerous deprecations paving the way to a modern sparse array experience.
  • scipy.stats added tools for survival analysis, multiple hypothesis testing, sensitivity analysis, and working with censored data.

... (truncated)

Commits
  • cfe8011 REL: 1.11.1 rel commit [wheel build]
  • 450d8aa Merge pull request #18779 from tylerjereddy/treddy_1_11_1_prep
  • 6f942e8 DOC: update 1.11.1 relnotes
  • 145cec5 MAINT: fix unuran licensing
  • 0760bab MAINT:linalg.det:Return scalars for singleton inputs (#18763)
  • a1c6f99 MAINT:linalg:Use only NumPy types in lu
  • 5cdc2fe MAINT:linalg:Remove memcpy from lu
  • d9ac3f3 FIX:linalg:Guard against possible permute_l out of bound behavior
  • 7ec5010 BUG: fix handling for factorial(..., exact=False) for 0-dim array inputs (#...
  • 90415c6 BUG: Fix work array construction for various weight shapes. (#18741)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the pip group across 1 directory with 5 updates
b659c04 
Bumps the pip group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [lxml](https://github.com/lxml/lxml) | `4.4.2` | `4.9.1` |
| [nltk](https://github.com/nltk/nltk) | `3.4.5` | `3.6.6` |
| [numpy](https://github.com/numpy/numpy) | `1.18.1` | `1.22.0` |
| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `0.19.1` | `0.23.1` |
| [scipy](https://github.com/scipy/scipy) | `1.4.1` | `1.11.1` |



Updates `lxml` from 4.4.2 to 4.9.1
- [Release notes](https://github.com/lxml/lxml/releases)
- [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt)
- [Commits](lxml/lxml@lxml-4.4.2...lxml-4.9.1)

Updates `nltk` from 3.4.5 to 3.6.6
- [Changelog](https://github.com/nltk/nltk/blob/develop/ChangeLog)
- [Commits](nltk/nltk@3.4.5...3.6.6)

Updates `numpy` from 1.18.1 to 1.22.0
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](numpy/numpy@v1.18.1...v1.22.0)

Updates `scikit-learn` from 0.19.1 to 0.23.1
- [Release notes](https://github.com/scikit-learn/scikit-learn/releases)
- [Commits](scikit-learn/scikit-learn@0.19.1...0.23.1)

Updates `scipy` from 1.4.1 to 1.11.1
- [Release notes](https://github.com/scipy/scipy/releases)
- [Commits](scipy/scipy@v1.4.1...v1.11.1)

---
updated-dependencies:
- dependency-name: lxml
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: nltk
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: numpy
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: scikit-learn
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: scipy
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 24, 2024
@lopuhin lopuhin closed this Apr 24, 2024
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Apr 24, 2024

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot bot deleted the dependabot/pip/pip-d47fdb0d58 branch April 24, 2024 09:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@lopuhin