Bump the pip group across 5 directories with 18 updates

[dependabot[bot]]

Bumps the pip group with 14 updates in the /RequirementsFiles directory:

Package	From	To
torch	2.5.0	2.5.0+cu124
aiohttp	3.9.5	3.10.2
certifi	2024.2.2	2024.7.4
idna	3.7	3.10
jinja2	3.1.3	3.1.4
nltk	3.8.1	3.9
numpy	1.26.4	2.1.2
onnx	1.16.1	1.17.0
opencv-python	4.10.0.82	4.10.0.84
pillow	10.3.0	11.0.0
scikit-learn	1.4.2	1.5.0
urllib3	2.2.1	2.2.2
zipp	3.18.1	3.19.1
sentry-sdk	2.14.0	2.17.0

Bumps the pip group with 12 updates in the /ThirdPartyRepository/Hotshot-XL directory:

Package	From	To
torch	2.0.1	2.2.0
certifi	2023.7.22	2024.7.4
idna	3.4	3.7
jinja2	3.1.2	3.1.4
numpy	1.26.0	2.1.2
pillow	10.0.1	10.3.0
requests	2.31.0	2.32.2
tqdm	4.66.1	4.66.3
transformers	4.34.0	4.38.0
urllib3	2.0.6	2.2.2
zipp	3.17.0	3.19.1
sentry-sdk	1.31.0	2.8.0

Bumps the pip group with 6 updates in the /ThirdPartyRepository/LivePortrait directory:

Package	From	To
torch	2.3.0	2.5.0+cpu
gradio	4.37.1	5.0.0
numpy	1.26.4	2.1.2
onnx	1.16.1	1.17.0
tqdm	4.66.4	4.66.5
transformers	4.22.0	4.38.0

Bumps the pip group with 4 updates in the /inputs/image/Wav2Lip directory: torch, numpy, opencv-python and tqdm. Bumps the pip group with 5 updates in the /inputs/image/roop directory:

Package	From	To
numpy	1.24.3	2.1.2
onnx	1.14.0	1.16.0
opencv-python	4.8.0.74	4.8.1.78
pillow	10.0.0	10.3.0
tqdm	4.65.0	4.66.3

Updates torch from 2.5.0 to 2.5.0+cu124

Updates aiohttp from 3.9.5 to 3.10.2

Release notes

Sourced from aiohttp's releases.

3.10.2

Bug fixes

• Fixed server checks for circular symbolic links to be compatible with Python 3.13 -- by :user:steverep.

  Related issues and pull requests on GitHub: #8565.

• Fixed request body not being read when ignoring an Upgrade request -- by :user:Dreamsorcerer.

  Related issues and pull requests on GitHub: #8597.

• Fixed an edge case where shutdown would wait for timeout when the handler was already completed -- by :user:Dreamsorcerer.

  Related issues and pull requests on GitHub: #8611.

• Fixed connecting to npipe://, tcp://, and unix:// urls -- by :user:bdraco.

  Related issues and pull requests on GitHub: #8632.

• Fixed WebSocket ping tasks being prematurely garbage collected -- by :user:bdraco.

  There was a small risk that WebSocket ping tasks would be prematurely garbage collected because the event loop only holds a weak reference to the task. The garbage collection risk has been fixed by holding a strong reference to the task. Additionally, the task is now scheduled eagerly with Python 3.12+ to increase the chance it can be completed immediately and avoid having to hold any references to the task.

  Related issues and pull requests on GitHub: #8641.

• Fixed incorrectly following symlinks for compressed file variants -- by :user:steverep.

  Related issues and pull requests on GitHub:

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.10.2 (2024-08-08)

Bug fixes

• Fixed server checks for circular symbolic links to be compatible with Python 3.13 -- by :user:steverep.

  Related issues and pull requests on GitHub: :issue:8565.

• Fixed request body not being read when ignoring an Upgrade request -- by :user:Dreamsorcerer.

  Related issues and pull requests on GitHub: :issue:8597.

• Fixed an edge case where shutdown would wait for timeout when the handler was already completed -- by :user:Dreamsorcerer.

  Related issues and pull requests on GitHub: :issue:8611.

• Fixed connecting to npipe://, tcp://, and unix:// urls -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:8632.

• Fixed WebSocket ping tasks being prematurely garbage collected -- by :user:bdraco.

  There was a small risk that WebSocket ping tasks would be prematurely garbage collected because the event loop only holds a weak reference to the task. The garbage collection risk has been fixed by holding a strong reference to the task. Additionally, the task is now scheduled eagerly with Python 3.12+ to increase the chance it can be completed immediately and avoid having to hold any references to the task.

  Related issues and pull requests on GitHub: :issue:8641.

• Fixed incorrectly following symlinks for compressed file variants -- by :user:steverep.

... (truncated)

Commits

• 491106e Release 3.10.2 (#8655)
• ce2e975 [PR #8652/b0536ae6 backport][3.10] Do not follow symlinks for compressed file...
• 6a77806 [PR #8636/51d872e backport][3.10] Remove Request.wait_for_disconnection() met...
• 1f92213 [PR #8642/e4942771 backport][3.10] Fix response to circular symlinks with Pyt...
• 2ef14a6 [PR #8641/0a88bab backport][3.10] Fix WebSocket ping tasks being prematurely ...
• 68e8496 [PR #8608/c4acabc backport][3.10] Fix timer handle churn in websocket heartbe...
• 72f41aa [PR #8632/b2691f2 backport][3.10] Fix connecting to npipe://, tcp://, and uni...
• bf83dbe [PR #8634/c7293e19 backport][3.10] Backport #8620 as improvements to various ...
• 4815765 [PR #8597/c99a1e27 backport][3.10] Fix reading of body when ignoring an upgra...
• 266608d [PR #8611/1fcef940 backport][3.10] Fix handler waiting on shutdown (#8627)
• Additional commits viewable in compare view

Updates certifi from 2024.2.2 to 2024.7.4

Commits

• bd81538 2024.07.04 (#295)
• 06a2cbf Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294)
• 13bba02 Bump actions/checkout from 4.1.6 to 4.1.7 (#293)
• e8abcd0 Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#292)
• 124f4ad 2024.06.02 (#291)
• c2196ce --- (#290)
• fefdeec Bump actions/checkout from 4.1.4 to 4.1.5 (#289)
• 3c5fb15 Bump actions/download-artifact from 4.1.6 to 4.1.7 (#286)
• 4a9569a Bump actions/checkout from 4.1.2 to 4.1.4 (#287)
• 1fc8086 Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#288)
• Additional commits viewable in compare view

Updates idna from 3.7 to 3.10

Release notes

Sourced from idna's releases.

v3.10

No release notes provided.

v3.9

No release notes provided.

v3.8

What's Changed

• Fix regression where IDNAError exception was not being produced for certain inputs.
• Add support for Python 3.13, drop support for Python 3.5 as it is no longer testable.
• Documentation improvements
• Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

Full Changelog: https://github.com/kjd/idna/compare/v3.7...v3.8

Changelog

Sourced from idna's changelog.

3.10 (2024-09-15) +++++++++++++++++

• Reverted to Unicode 15.1.0 data. Unicode 16 has some significant changes to UTS46 processing that will require more work to properly implement.

3.9 (2024-09-13) ++++++++++++++++

• Update to Unicode 16.0.0
• Deprecate setup.cfg in favour of pyproject.toml
• Use ruff for code formatting

Thanks to Waket Zheng for contributions to this release.

3.8 (2024-08-23) ++++++++++++++++

• Fix regression where IDNAError exception was not being produced for certain inputs.
• Add support for Python 3.13, drop support for Python 3.5 as it is no longer testable.
• Documentation improvements
• Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

Commits

• 729225d Release v3.10
• 3eef168 Merge pull request #194 from kjd/revert-unicode-16
• ceca619 Revert Unicode 16.0.0 data updates
• c43ac75 Merge pull request #191 from kjd/release-3.9
• 1b8800a Release v3.9
• a1fd168 Merge pull request #190 from kjd/unicode-16
• 7732c61 Merge branch 'master' into unicode-16
• 4ed183d Refactor membership test
• 762216b Format with ruff
• 580ece9 Implement changes to UTS46 algorithm
• Additional commits viewable in compare view

Updates jinja2 from 3.1.3 to 3.1.4

Release notes

Sourced from jinja2's releases.

3.1.4

This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Jinja2/3.1.4/ Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4

• The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj

Changelog

Sourced from jinja2's changelog.

Version 3.1.4

Released 2024-05-05

• The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. :ghsa:h75v-3vvj-5mfj

Commits

• dd4a8b5 release version 3.1.4
• 0668239 Merge pull request from GHSA-h75v-3vvj-5mfj
• d655030 disallow invalid characters in keys to xmlattr filter
• a7863ba add ghsa links
• b5c98e7 start version 3.1.4
• da3a9f0 update project files (#1968)
• 0ee5eb4 satisfy formatter, linter, and strict mypy
• 20477c6 update project files (#5457)
• e491223 update pyyaml dev dependency
• 36f9885 fix pr link
• Additional commits viewable in compare view

Updates nltk from 3.8.1 to 3.9

Changelog

Sourced from nltk's changelog.

Version 3.9.1 2024-08-19

• Fixed bug that prevented wordnet from loading

Version 3.9 2024-08-18

• Fix security vulnerability CVE-2024-39705 (breaking change)
• Replace pickled models (punkt, chunker, taggers) by new pickle-free "_tab" packages
• No longer sort Wordnet synsets and relations (sort in calling function when required)
• Only strip the last suffix in Wordnet Morphy, thus restricting synsets() results
• Add Python 3.12 support
• Many other minor fixes

Thanks to the following contributors to 3.8.2: Tom Aarsen, Cat Lee Ball, Veralara Bernhard, Carlos Brandt, Konstantin Chernyshev, Michael Higgins, Eric Kafe, Vivek Kalyan, David Lukes, Rob Malouf, purificant, Alex Rudnick, Liling Tan, Akihiro Yamazaki.

Version 3.8.1 2023-01-02

• Resolve RCE vulnerability in localhost WordNet Browser (#3100)
• Remove unused tool scripts (#3099)
• Resolve XSS vulnerability in localhost WordNet Browser (#3096)
• Add Python 3.11 support (#3090)

Thanks to the following contributors to 3.8.1: Francis Bond, John Vandenberg, Tom Aarsen

Version 3.8 2022-12-12

• Refactor dispersion plot (#3082)
• Provide type hints for LazyCorpusLoader variables (#3081)
• Throw warning when LanguageModel is initialized with incorrect vocabulary (#3080)
• Fix WordNet's all_synsets() function (#3078)
• Resolve TreebankWordDetokenizer inconsistency with end-of-string contractions (#3070)
• Support both iso639-3 codes and BCP-47 language tags (#3060)
• Avoid DeprecationWarning in Regexp tokenizer (#3055)
• Fix many doctests, add doctests to CI (#3054, #3050, #3048)
• Fix bool field not being read in VerbNet (#3044)
• Greatly improve time efficiency of SyllableTokenizer when tokenizing numbers (#3042)
• Fix encodings of Polish udhr corpus reader (#3038)
• Allow TweetTokenizer to tokenize emoji flag sequences (#3034)
• Prevent LazyModule from increasing the size of nltk.dict (#3033)
• Fix CoreNLPServer non-default port issue (#3031)
• Add "acion" suffix to the Spanish SnowballStemmer (#3030)
• Allow loading WordNet without OMW (#3026)
• Use input() in nltk.chat.chatbot() for Jupyter support (#3022)
• Fix edit_distance_align() in distance.py (#3017)
• Tackle performance and accuracy regression of sentence tokenizer since NLTK 3.6.6 (#3014)
• Add the Iota operator to semantic logic (#3010)
• Resolve critical errors in WordNet app (#3008)
• Resolve critical error in CHILDES Corpus (#2998)
• Make WordNet information_content() accept adjective satellites (#2995)

... (truncated)

Commits

• 24936a2 Bump version to 3.9
• c222897 Merge branch 'develop' of https://github.com/nltk/nltk into develop
• 34c3a4a Merge branch 'develop' of https://github.com/nltk/nltk into develop
• 253dd3a add black
• c43727f Update version
• 7137405 Merge pull request #3066 from asishm/bugfix-lambda-closure-leak
• 369cb9f Merge pull request #3245 from ekaf/hotfix-closuredup
• 501c70e Merge branch 'develop' into hotfix-closuredup
• bf05dc4 Merge pull request #3306 from ekaf/py3_compat
• 66539c7 Sorted output in unit/test_wordnet.py
• Additional commits viewable in compare view

Updates numpy from 1.26.4 to 2.1.2

Release notes

Sourced from numpy's releases.

2.1.2 (Oct 5, 2024)

NumPy 2.1.2 Release Notes

NumPy 2.1.2 is a maintenance release that fixes bugs and regressions discovered after the 2.1.1 release.

The Python versions supported by this release are 3.10-3.13.

Contributors

A total of 11 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Charles Harris
• Chris Sidebottom
• Ishan Koradia +
• João Eiras +
• Katie Rust +
• Marten van Kerkwijk
• Matti Picus
• Nathan Goldbaum
• Peter Hawkins
• Pieter Eendebak
• Slava Gorloff +

Pull requests merged

A total of 14 pull requests were merged for this release.

• #27333: MAINT: prepare 2.1.x for further development
• #27400: BUG: apply critical sections around populating the dispatch cache
• #27406: BUG: Stub out get_build_msvc_version if distutils.msvccompiler...
• #27416: BUILD: fix missing include for std::ptrdiff_t for C++23 language...
• #27433: BLD: pin setuptools to avoid breaking numpy.distutils
• #27437: BUG: Allow unsigned shift argument for np.roll
• #27439: BUG: Disable SVE VQSort
• #27471: BUG: rfftn axis bug
• #27479: BUG: Fix extra decref of PyArray_UInt8DType.
• #27480: CI: use PyPI not scientific-python-nightly-wheels for CI doc...
• #27481: MAINT: Check for SVE support on demand
• #27484: BUG: initialize the promotion state to be weak
• #27501: MAINT: Bump pypa/cibuildwheel from 2.20.0 to 2.21.2
• #27506: BUG: avoid segfault on bad arguments in ndarray.__array_function__

Checksums

MD5

4aae28b7919b126485c1aaccee37a6ba  numpy-2.1.2-cp310-cp310-macosx_10_9_x86_64.whl
172614423a82ef73d8752ad8a59cbafc  numpy-2.1.2-cp310-cp310-macosx_11_0_arm64.whl

... (truncated)

Changelog

Sourced from numpy's changelog.

This is a walkthrough of the NumPy 2.1.0 release on Linux, modified for building with GitHub Actions and cibuildwheels and uploading to the anaconda.org staging repository for NumPy <https://anaconda.org/multibuild-wheels-staging/numpy>_. The commands can be copied into the command line, but be sure to replace 2.1.0 by the correct version. This should be read together with the :ref:general release guide <prepare_release>.

Facility preparation

Before beginning to make a release, use the requirements/*_requirements.txt files to ensure that you have the needed software. Most software can be installed with pip, but some will require apt-get, dnf, or whatever your system uses for software. You will also need a GitHub personal access token (PAT) to push the documentation. There are a few ways to streamline things:

• Git can be set up to use a keyring to store your GitHub personal access token. Search online for the details.
• You can use the keyring app to store the PyPI password for twine. See the online twine documentation for details.

Prior to release

Add/drop Python versions

When adding or dropping Python versions, three files need to be edited:

• .github/workflows/wheels.yml # for github cibuildwheel
• .travis.yml # for cibuildwheel aarch64 builds
• setup.py # for classifier and minimum version check.

Make these changes in an ordinary PR against main and backport if necessary. Using the BLD: prefix (build label) for the commit summary will cause the wheel builds to be run so that the changes will be tested, We currently release wheels for new Python versions after the first Python rc once manylinux and cibuildwheel support it. For Python 3.11 we were able to release within a week of the rc1 announcement.

Backport pull requests

Changes that have been marked for this release must be backported to the maintenance/2.1.x branch.

Update 2.1.0 milestones

... (truncated)

Commits

• f5afe3d Merge pull request #27507 from charris/prepare-2.1.2
• 6b9ef48 REL: Prepare for the NumPy 2.1.2 release [wheel build]
• 6d85a24 MAINT: Pin setuptools for Python < 3.12 [wheel build]
• 7f327d8 Merge pull request #27506 from charris/backport-27503
• 09e9cd9 BUG: avoid segfault on bad arguments in ndarray.array_function
• 06b4793 Merge pull request #27501 from charris/backport-27495
• 364efb5 MAINT: Bump pypa/cibuildwheel from 2.21.1 to 2.21.2
• df0e261 Merge pull request #27484 from ngoldbaum/use-weak-default
• fa61bc6 Merge pull request #27481 from charris/backport-27472
• d6d06ae Merge pull request #27480 from charris/backport-27475
• Additional commits viewable in compare view

Updates onnx from 1.16.1 to 1.17.0

Release notes

Sourced from onnx's releases.

v1.17.0

ONNX v1.17.0 is now available with exciting new features! We would like to thank everyone who contributed to this release! Please visit onnx.ai to learn more about ONNX and associated projects.

Key Updates

ai.onnx Opset 22

• Update to support bfloat16:
  • Acos, Acosh, Asin, Asinh, Atan, Atanh, AveragePool, Bernoulli, Conv, ConvTranspose, Cos, Cosh, DeformConv, Det, Dropout, Elu, EyeLike, GRU, GlobalAveragePool, GlobalLpPool, GlobalMaxPool, GridSample, HardSigmoid, HardSwish, InstanceNormalization, LSTM, LpNormalization, LpPool, MaxPool, MaxRoiPool, MaxUnpool, Mish, Multinomial, NegativeLogLikelihoodLoss, RNN, RandomNormal, RandomNormalLike, RandomUniform, RandomUniformLike, RoiAlign, Round, Selu, Sin, Sinh, Softplus, Softsign, Tan, ThresholdedRelu

Python Changes

• Support for numpy >= 2.0

Bug fixes and infrastructure improvements

• Fix Check URLs errors 5972
• Use CMAKE_PREFIX_PATH in finding libprotobuf 5975
• Bump main VERSION_NUMBER to 1.17.0 5968
• Fix source and pip tar.gz builds on s390x systems 5984
• Fix unique_name 5992
• Fix SegFault bug in shape inference 5990
• Fix onnx.compose when connecting subgraphs 5991
• Fix conversion from split 11 to split 18 6020
• Update error messages for NegativeLogLikelihoodLoss inference function 6021
• Generalize input/output number check in shape inference 6005
• Replace rank inference with shape inference for Einsum op 6010
• build from source instruction with latest cmake change 6038
• Handle OneHot's depth value during shape inference 5963
• Not to install cmake in pyproject.toml on Windows 6045
• fix a skipped shape infer code 6049
• Include the ".onnxtext" extension in supported serialization format 6051
• Allow ReferenceEvaluator to return intermediate results 6066
• Fix 1 typo in numpy_helper.py 6041
• Remove benchmarking code 6076
• Prevent crash on import after GCC 8 builds 6048
• Check graph outputs are defined 6083
• Enable additional ruff rules 6032
• Add missing shape inference check for DequantizeLinear 6080
• Add bfloat16 to all relevant ops 6099
• fix(ci): install python dependencies with --only-binary :all: in manylinux 6120
• fix: install google-re2 with --only-binary option 6129
• Specify axis parameter for DequantizeLinear when input rank is 1 6095
• Pin onnxruntime to 1.17.3 for release CIs 6143
• Fix INT4 TensorProto byte size is 5x larger than expected with negative values 6161
• Mitigate tarball directory traversal risks 6164
• Fix reference implementation for ScatterND with 4D tensors 6174
• Addition of group > 1 in test and in backend for ConvTranspose 6175
• Support for bfloat16 for binary, unary operators in reference implementation 6166
• Refactor windows workflow to work on standard windows 6190
• Fix a few crashes while running shape inference 6195
• Update onnx to work with numpy>=2.0 6196
• Use sets to improve performance of dfs search 6213

... (truncated)

Commits

• b8baa84 Set version 1.17.0 for official release (#6405)
• 6d77b80 [Cherry-Pick] Fix main url checks (#6312) (#6327)
• 174938d [Cherry-Pick] Fix protobuf pkg 5.28.0 failing on Windows (#6342) (#6347)
• f18d593 [Cherry-Pick] Remove unused variables (#6303) (#6324)
• c588905 Set version in rel-1.17.0 to 1.17.0rc1 (#6317)
• 4392c2c Prepare for rel-1.17.0 (#6281)
• cb54169 Update ort filter to 1.20.0 to skip tests known to fail with ort 1.19.0 (#6306)
• 99e1fd3 Bump reviewdog/action-misspell from 1.21.0 to 1.23.0 (#6268)
• 1920565 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (#6273)
• 2e8f228 Bump mypy from 1.10.1 to 1.11.1 (#6275)
• Additional commits viewable in compare view

Updates opencv-python from 4.10.0.82 to 4.10.0.84

Release notes

Sourced from opencv-python's releases.

4.10.0.84

Complete OpenCV 4.10.0 chnagelog: https://github.com/opencv/opencv/wiki/ChangeLog

Python:

• NumPy 2.0 support in pre-built OpenCV packages for Python 3.9+
• Added python bindings for Rect2f and Point3i #24919
• Switched to numeric dtype for MatLike instead of generic #25406
• Added path-like objects support wherever file names are expected #24773

Commits

• See full diff in compare view

Updates pillow from 10.3.0 to 11.0.0

Release notes

Sourced from pillow's releases.

11.0.0

https://pillow.readthedocs.io/en/stable/releasenotes/11.0.0.html

Changes

• Do not create core image in TIFF seek() #8392 [@​radarhere]
• Removed custom build_openjpeg #8365 [@​radarhere]
• Support writing LONG8 offsets in AppendingTiffWriter #8417 [@​radarhere]
• Use ImageFile.MAXBLOCK when saving TIFF images #8461 [@​radarhere]
• Always raise warnings for deprecated feature checks #8459 [@​radarhere]
• Do not close provided file handles with libtiff when saving #8458 [@​radarhere]
• Revert "Skip QEMU-emulated wheels on workflow dispatch event" #8455 [@​radarhere]
• Support ImageFilter.BuiltinFilter for I;16* images #8438 [@​radarhere]
• [pre-commit.ci] pre-commit autoupdate #8448 [@​pre-commit-ci]
• Use ImagingCore.ptr instead of ImagingCore.id #8341 [@​homm]
• Simplified code #8445 [@​radarhere]
• Removed unused code #8447 [@​radarhere]
• Updated EPS mode when opening images without transparency #8281 [@​Yay295]
• Use transparency when combining P frames from APNGs #8443 [@​radarhere]
• Generate and upload attestations to PyPI #8441 [@​hugovk]
• Do not convert images unnecessarily in ImageEnhance #8431 [@​radarhere]
• Raise an error if path is compacted during mapping #8416 [@​radarhere]
• Support all resampling filters when resizing I;16* images #8422 [@​radarhere]
• Free memory on early return #8413 [@​radarhere]
• Cast int before potentially exceeding INT_MAX #8402 [@​radarhere]
• Prevent division by zero #8408 [@​radarhere]
• Check image value before use #8400 [@​radarhere]
• Use ruff check #8423 [@​radarhere]
• Change harfbuzz versions in wheels #8421 [@​radarhere]
• Use Capsule for WebP saving #8386 [@​homm]
• Fixed writing multiple StripOffsets to TIFF #8317 [@​Yay295]
• Updated macOS deployment target for PyPy on Intel to 10.15 #8414 [@​radarhere]
• Fix dereference before checking for NULL in ImagingTransformAffine #8398 [@​PavlNekrasov]
• Use transposed size after opening for TIFF images #8390 [@​radarhere]
• Improve ImageFont error messages #8338 [@​yngvem]
• Mention MAX_TEXT_CHUNK limit in PNG error message #8391 [@​radarhere]
• Cast Dib handle to int #8385 [@​radarhere]
• Updated macOS deployment target for Python >= 3.12 on Intel to 10.13 #8379 [@​radarhere]
• Removed unused ImagePath variable #8377 [@​radarhere]
• Change macos-14 to macos-latest #8376 [@​radarhere]
• Accept float stroke widths #8369 [@​radarhere]
• Remove comments #8370 [@​radarhere]
• Removed libffi-dev #8368 [@​radarhere]
• Improved handling of RGBA palettes when saving GIF images #8366 [@​radarhere]
• Support converting more modes to LAB by converting to RGBA first #8358 [@​radarhere]
• Optimize getbbox() and getextrema() routines #8194 [@​homm]
• Removed unused TiffImagePlugin IFD_LEGACY_API #8355 [@​radarhere]
• Handle duplicate EXIF header #8350 [@​zakajd]
• Use (void) for empty function parameters #8002 [@​Yay295]
• Return early from BoxBlur if either width or height is zero #8347 [@​radarhere]

... (truncated)

Changelog

Sourced from pillow's changelog.

11.0.0 (2024-10-15)

• Update licence to MIT-CMU #8460 [hugovk]

• Conditionally define ImageCms type hint to avoid requiring core #8197 [radarhere]

• Support writing LONG8 offsets in AppendingTiffWriter #8417 [radarhere]

• Use ImageFile.MAXBLOCK when saving TIFF images #8461 [radarhere]

• Do not close provided file handles with libtiff when saving #8458 [radarhere]

• Support ImageFilter.BuiltinFilter for I;16* images #8438 [radarhere]

• Use ImagingCore.ptr instead of ImagingCore.id #8341 [homm, radarhere, hugovk]

• Updated EPS mode when opening images without transparency #8281 [Yay295, radarhere]

• Use transparency when combining P frames from APNGs #8443 [radarhere]

• Support all resampling filters when resizing I;16* images #8422 [radarhere]

• Free memory on early return #8413 [radarhere]

• Cast int before potentially exceeding INT_MAX #8402 [radarhere]

• Check image value before use #8400 [radarhere]

• Improved copying imagequant libraries #8420 [radarhere]

• Use Capsule for WebP saving #8386 [homm, radarhere]

• Fixed writing multiple StripOffsets to TIFF #8317 [Yay295, radarhere]

... (truncated)

Commits

• 204aae6 11.0.0 version bump
• f2cc87b Update CHANGES.rst [ci skip]
• c855e8e Merge pull request #8464 from radarhere/imagemath_type_hint
• dc37515 Merge pull request #8463 from hugovk/update-3.13-date
• c3d81d6 Update Python 3.13 release date
• a60610c Added type hints
• a5c58f2 Merge pull request #8460 from hugovk/mit-cmu
• e74994e Update licence to MIT-CMU
• b5e1115 Update CHANGES.rst [ci skip]
• 686b5e2 Merge pull request #8392 from radarhere/tiff_seek
• Additional commits viewable in compare view

Updates scikit-learn from 1.4.2 to 1.5.0

Release notes

Sourced from scikit-learn's releases.

Scikit-learn 1.5.0

We're happy to announce the 1.5.0 release.

You can read the release highlights under https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_5_0.html and the long version of the change log under https://scikit-learn.org/stable/whats_new/v1.5.html

This version supports Python versions 3.9 to 3.12.

You can upgrade with pip as usual:

pip install -U scikit-learn

The conda-forge builds can be installed using:

conda install -c conda-forge scikit-learn

Commits

• b51d0c9 trigger whell builder [cd build]
• 919ae9b MAINT Reoder what's new for 1.5 (#29039)
• 0ac28ad DOC Release highlights 1.5 (#29007)
• dependabot[bot] commented 1 month ago

  This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

  To ignore these dependencies, configure ignore rules in dependabot.yml