search

2lambda123 / Ai_trading

0 stars 0 forks source link

Bump scipy from 0.19.1 to 1.10.0 in /quiz/m8 #7

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 11 months ago

Bumps scipy from 0.19.1 to 1.10.0.

Release notes

Sourced from scipy's releases.

SciPy 1.10.0 Release Notes

SciPy 1.10.0 is the culmination of 6 months of hard work. It contains many new features, numerous bug-fixes, improved test coverage and better documentation. There have been a number of deprecations and API changes in this release, which are documented below. All users are encouraged to upgrade to this release, as there are a large number of bug-fixes and optimizations. Before upgrading, we recommend that users check that their own code does not use deprecated SciPy functionality (to do so, run your code with python -Wd and check for DeprecationWarning s). Our development attention will now shift to bug-fix releases on the 1.10.x branch, and on adding new features on the main branch.

This release requires Python 3.8+ and NumPy 1.19.5 or greater.

For running on PyPy, PyPy3 6.0+ is required.

Highlights of this release

  • A new dedicated datasets submodule (scipy.datasets) has been added, and is now preferred over usage of scipy.misc for dataset retrieval.
  • A new scipy.interpolate.make_smoothing_spline function was added. This function constructs a smoothing cubic spline from noisy data, using the generalized cross-validation (GCV) criterion to find the tradeoff between smoothness and proximity to data points.
  • scipy.stats has three new distributions, two new hypothesis tests, three new sample statistics, a class for greater control over calculations involving covariance matrices, and many other enhancements.

New features

scipy.datasets introduction

  • A new dedicated datasets submodule has been added. The submodules is meant for datasets that are relevant to other SciPy submodules ands content (tutorials, examples, tests), as well as contain a curated set of datasets that are of wider interest. As of this release, all the datasets from scipy.misc have been added to scipy.datasets (and deprecated in scipy.misc).
  • The submodule is based on Pooch (a new optional dependency for SciPy), a Python package to simplify fetching data files. This move will, in a subsequent release, facilitate SciPy to trim down the sdist/wheel sizes, by decoupling the data files and moving them out of the SciPy repository, hosting them externally and

... (truncated)

Commits
  • dde5059 REL: 1.10.0 final [wheel build]
  • 7856f28 Merge pull request #17696 from tylerjereddy/treddy_110_final_prep
  • 205b624 DOC: add missing author
  • 1ab9f1b DOC: update 1.10.0 relnotes
  • ac2f45f MAINT: integrate._qmc_quad: mark as private with preceding underscore
  • 3e0ae1a REV: integrate.qmc_quad: delay release to SciPy 1.11.0
  • 34cdf05 MAINT: FFT pybind11 fixups
  • 843500a Merge pull request #17689 from mdhaber/gh17686
  • 089924b REL: integrate.qmc_quad: remove from release notes
  • 3e47110 REL: 1.10.0rc3 unreleased
  • Additional commits viewable in compare view


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/2lambda123/Ai_trading/network/alerts).

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

coderabbitai[bot] commented 11 months ago

[!IMPORTANT]

Auto Review Skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on X ?

Tips ### Chat with CodeRabbit Bot (`@coderabbitai`) - You can reply to a review comment made by CodeRabbit. - You can tag CodeRabbit on specific lines of code or files in the PR by tagging `@coderabbitai` in a comment. - You can tag `@coderabbitai` in a PR comment and ask one-off questions about the PR and the codebase. Use quoted replies to pass the context for follow-up questions. ### CodeRabbit Commands (invoked as PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger a review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai help` to get help. Additionally, you can add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. ### CodeRabbit Configration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - The JSON schema for the configuration file is available [here](https://coderabbit.ai/integrations/coderabbit-overrides.v2.json). - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json`
sweep-ai[bot] commented 11 months ago

Apply Sweep Rules to your PR?

This is an automated message generated by Sweep AI.

guardrails[bot] commented 11 months ago

:warning: We detected 1 security issue in this pull request:

Vulnerable Libraries (1)
Severity | Details :-: | :-- N/A | [pkg:pypi/scipy@1.10.0](https://github.com/2lambda123/Ai_trading/blob/22484bc91e0ba4cd3ead6c2c729a8af6b987aa77/quiz/m8/requirements.txt#L5) upgrade to: *1.11.1* More info on how to fix Vulnerable Libraries in [Python](https://docs.guardrails.io/docs/en/vulnerabilities/python/using_vulnerable_libraries.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

sonarcloud[bot] commented 10 months ago

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud