Bumps the pip group with 4 updates in the /inputs/image/Wav2Lip directory: torch, numpy, opencv-python and tqdm.
Bumps the pip group with 5 updates in the /inputs/image/roop directory:
Fixed WebSocket ping tasks being prematurely garbage collected -- by :user:bdraco.
There was a small risk that WebSocket ping tasks would be prematurely garbage collected because the event loop only holds a weak reference to the task. The garbage collection risk has been fixed by holding a strong reference to the task. Additionally, the task is now scheduled eagerly with Python 3.12+ to increase the chance it can be completed immediately and avoid having to hold any references to the task.
Fixed server checks for circular symbolic links to be compatible with Python 3.13 -- by :user:steverep.
Related issues and pull requests on GitHub:
:issue:8565.
Fixed request body not being read when ignoring an Upgrade request -- by :user:Dreamsorcerer.
Related issues and pull requests on GitHub:
:issue:8597.
Fixed an edge case where shutdown would wait for timeout when the handler was already completed -- by :user:Dreamsorcerer.
Related issues and pull requests on GitHub:
:issue:8611.
Fixed connecting to npipe://, tcp://, and unix:// urls -- by :user:bdraco.
Related issues and pull requests on GitHub:
:issue:8632.
Fixed WebSocket ping tasks being prematurely garbage collected -- by :user:bdraco.
There was a small risk that WebSocket ping tasks would be prematurely garbage collected because the event loop only holds a weak reference to the task. The garbage collection risk has been fixed by holding a strong reference to the task. Additionally, the task is now scheduled eagerly with Python 3.12+ to increase the chance it can be completed immediately and avoid having to hold any references to the task.
Related issues and pull requests on GitHub:
:issue:8641.
Fixed incorrectly following symlinks for compressed file variants -- by :user:steverep.
This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.
The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj
The xmlattr filter does not allow keys with / solidus, >
greater-than sign, or = equals sign, in addition to disallowing spaces.
Regardless of any validation done by Jinja, user input should never be used
as keys to this filter, or must be separately validated first.
:ghsa:h75v-3vvj-5mfj
Replace pickled models (punkt, chunker, taggers) by new pickle-free "_tab" packages
No longer sort Wordnet synsets and relations (sort in calling function when required)
Only strip the last suffix in Wordnet Morphy, thus restricting synsets() results
Add Python 3.12 support
Many other minor fixes
Thanks to the following contributors to 3.8.2:
Tom Aarsen, Cat Lee Ball, Veralara Bernhard, Carlos Brandt, Konstantin Chernyshev, Michael Higgins,
Eric Kafe, Vivek Kalyan, David Lukes, Rob Malouf, purificant, Alex Rudnick, Liling Tan, Akihiro Yamazaki.
Version 3.8.1 2023-01-02
Resolve RCE vulnerability in localhost WordNet Browser (#3100)
This is a walkthrough of the NumPy 2.1.0 release on Linux, modified for
building with GitHub Actions and cibuildwheels and uploading to the
anaconda.org staging repository for NumPy <https://anaconda.org/multibuild-wheels-staging/numpy>_.
The commands can be copied into the command line, but be sure to replace 2.1.0
by the correct version. This should be read together with the
:ref:general release guide <prepare_release>.
Facility preparation
Before beginning to make a release, use the requirements/*_requirements.txt files to
ensure that you have the needed software. Most software can be installed with
pip, but some will require apt-get, dnf, or whatever your system uses for
software. You will also need a GitHub personal access token (PAT) to push the
documentation. There are a few ways to streamline things:
Git can be set up to use a keyring to store your GitHub personal access token.
Search online for the details.
You can use the keyring app to store the PyPI password for twine. See the
online twine documentation for details.
Prior to release
Add/drop Python versions
When adding or dropping Python versions, three files need to be edited:
.github/workflows/wheels.yml # for github cibuildwheel
.travis.yml # for cibuildwheel aarch64 builds
setup.py # for classifier and minimum version check.
Make these changes in an ordinary PR against main and backport if necessary.
Using the BLD: prefix (build label) for the commit summary will cause the
wheel builds to be run so that the changes will be tested, We currently release
wheels for new Python versions after the first Python rc once manylinux and
cibuildwheel support it. For Python 3.11 we were able to release within a week
of the rc1 announcement.
Backport pull requests
Changes that have been marked for this release must be backported to the
maintenance/2.1.x branch.
Update 2.1.0 milestones
... (truncated)
Commits
f5afe3d Merge pull request #27507 from charris/prepare-2.1.2
6b9ef48 REL: Prepare for the NumPy 2.1.2 release [wheel build]
6d85a24 MAINT: Pin setuptools for Python < 3.12 [wheel build]
7f327d8 Merge pull request #27506 from charris/backport-27503
09e9cd9 BUG: avoid segfault on bad arguments in ndarray.array_function
06b4793 Merge pull request #27501 from charris/backport-27495
364efb5 MAINT: Bump pypa/cibuildwheel from 2.21.1 to 2.21.2
df0e261 Merge pull request #27484 from ngoldbaum/use-weak-default
fa61bc6 Merge pull request #27481 from charris/backport-27472
d6d06ae Merge pull request #27480 from charris/backport-27475
ONNX v1.17.0 is now available with exciting new features! We would like to thank everyone who contributed to this release!
Please visit onnx.ai to learn more about ONNX and associated projects.
Bumps the pip group with 14 updates in the /RequirementsFiles directory:
2.5.0
2.5.0+cu124
3.9.5
3.10.2
2024.2.2
2024.7.4
3.7
3.10
3.1.3
3.1.4
3.8.1
3.9
1.26.4
2.1.2
1.16.1
1.17.0
4.10.0.82
4.10.0.84
10.3.0
11.0.0
1.4.2
1.5.0
2.2.1
2.2.2
3.18.1
3.19.1
2.14.0
2.17.0
Bumps the pip group with 12 updates in the /ThirdPartyRepository/Hotshot-XL directory:
2.0.1
2.2.0
2023.7.22
2024.7.4
3.4
3.7
3.1.2
3.1.4
1.26.0
2.1.2
10.0.1
10.3.0
2.31.0
2.32.2
4.66.1
4.66.3
4.34.0
4.38.0
2.0.6
2.2.2
3.17.0
3.19.1
1.31.0
2.8.0
Bumps the pip group with 6 updates in the /ThirdPartyRepository/LivePortrait directory:
2.3.0
2.5.0+cpu
4.37.1
5.0.0
1.26.4
2.1.2
1.16.1
1.17.0
4.66.4
4.66.5
4.22.0
4.38.0
Bumps the pip group with 4 updates in the /inputs/image/Wav2Lip directory: torch, numpy, opencv-python and tqdm. Bumps the pip group with 5 updates in the /inputs/image/roop directory:
1.24.3
2.1.2
1.14.0
1.17.0
4.8.0.74
4.8.1.78
10.0.0
10.3.0
4.65.0
4.66.3
Updates
torch
from 2.5.0 to 2.5.0+cu124Updates
aiohttp
from 3.9.5 to 3.10.2Release notes
Sourced from aiohttp's releases.
... (truncated)
Changelog
Sourced from aiohttp's changelog.
... (truncated)
Commits
491106e
Release 3.10.2 (#8655)ce2e975
[PR #8652/b0536ae6 backport][3.10] Do not follow symlinks for compressed file...6a77806
[PR #8636/51d872e backport][3.10] Remove Request.wait_for_disconnection() met...1f92213
[PR #8642/e4942771 backport][3.10] Fix response to circular symlinks with Pyt...2ef14a6
[PR #8641/0a88bab backport][3.10] Fix WebSocket ping tasks being prematurely ...68e8496
[PR #8608/c4acabc backport][3.10] Fix timer handle churn in websocket heartbe...72f41aa
[PR #8632/b2691f2 backport][3.10] Fix connecting to npipe://, tcp://, and uni...bf83dbe
[PR #8634/c7293e19 backport][3.10] Backport #8620 as improvements to various ...4815765
[PR #8597/c99a1e27 backport][3.10] Fix reading of body when ignoring an upgra...266608d
[PR #8611/1fcef940 backport][3.10] Fix handler waiting on shutdown (#8627)Updates
certifi
from 2024.2.2 to 2024.7.4Commits
bd81538
2024.07.04 (#295)06a2cbf
Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294)13bba02
Bump actions/checkout from 4.1.6 to 4.1.7 (#293)e8abcd0
Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#292)124f4ad
2024.06.02 (#291)c2196ce
--- (#290)fefdeec
Bump actions/checkout from 4.1.4 to 4.1.5 (#289)3c5fb15
Bump actions/download-artifact from 4.1.6 to 4.1.7 (#286)4a9569a
Bump actions/checkout from 4.1.2 to 4.1.4 (#287)1fc8086
Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#288)Updates
idna
from 3.7 to 3.10Release notes
Sourced from idna's releases.
Changelog
Sourced from idna's changelog.
Commits
729225d
Release v3.103eef168
Merge pull request #194 from kjd/revert-unicode-16ceca619
Revert Unicode 16.0.0 data updatesc43ac75
Merge pull request #191 from kjd/release-3.91b8800a
Release v3.9a1fd168
Merge pull request #190 from kjd/unicode-167732c61
Merge branch 'master' into unicode-164ed183d
Refactor membership test762216b
Format with ruff580ece9
Implement changes to UTS46 algorithmUpdates
jinja2
from 3.1.3 to 3.1.4Release notes
Sourced from jinja2's releases.
Changelog
Sourced from jinja2's changelog.
Commits
dd4a8b5
release version 3.1.40668239
Merge pull request from GHSA-h75v-3vvj-5mfjd655030
disallow invalid characters in keys to xmlattr filtera7863ba
add ghsa linksb5c98e7
start version 3.1.4da3a9f0
update project files (#1968)0ee5eb4
satisfy formatter, linter, and strict mypy20477c6
update project files (#5457)e491223
update pyyaml dev dependency36f9885
fix pr linkUpdates
nltk
from 3.8.1 to 3.9Changelog
Sourced from nltk's changelog.
... (truncated)
Commits
24936a2
Bump version to 3.9c222897
Merge branch 'develop' of https://github.com/nltk/nltk into develop34c3a4a
Merge branch 'develop' of https://github.com/nltk/nltk into develop253dd3a
add blackc43727f
Update version7137405
Merge pull request #3066 from asishm/bugfix-lambda-closure-leak369cb9f
Merge pull request #3245 from ekaf/hotfix-closuredup501c70e
Merge branch 'develop' into hotfix-closuredupbf05dc4
Merge pull request #3306 from ekaf/py3_compat66539c7
Sorted output in unit/test_wordnet.pyUpdates
numpy
from 1.26.4 to 2.1.2Release notes
Sourced from numpy's releases.
... (truncated)
Changelog
Sourced from numpy's changelog.
... (truncated)
Commits
f5afe3d
Merge pull request #27507 from charris/prepare-2.1.26b9ef48
REL: Prepare for the NumPy 2.1.2 release [wheel build]6d85a24
MAINT: Pin setuptools for Python < 3.12 [wheel build]7f327d8
Merge pull request #27506 from charris/backport-2750309e9cd9
BUG: avoid segfault on bad arguments in ndarray.array_function06b4793
Merge pull request #27501 from charris/backport-27495364efb5
MAINT: Bump pypa/cibuildwheel from 2.21.1 to 2.21.2df0e261
Merge pull request #27484 from ngoldbaum/use-weak-defaultfa61bc6
Merge pull request #27481 from charris/backport-27472d6d06ae
Merge pull request #27480 from charris/backport-27475Updates
onnx
from 1.16.1 to 1.17.0Release notes
Sourced from onnx's releases.
... (truncated)
Commits
b8baa84
Set version 1.17.0 for official release (#6405)6d77b80
[Cherry-Pick] Fix main url checks (#6312) (#6327)174938d
[Cherry-Pick] Fix protobuf pkg 5.28.0 failing on Windows (#6342) (#6347)f18d593
[Cherry-Pick] Remove unused variables (#6303) (#6324)c588905
Set version in rel-1.17.0 to 1.17.0rc1 (#6317)4392c2c
Prepare for rel-1.17.0 (#6281)cb54169
Update ort filter to 1.20.0 to skip tests known to fail with ort 1.19.0 (#6306)99e1fd3
Bump reviewdog/action-misspell from 1.21.0 to 1.23.0 (#6268)1920565
Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (#6273)2e8f228
Bump mypy from 1.10.1 to 1.11.1 (#6275)Updates
opencv-python
from 4.10.0.82 to 4.10.0.84Release notes
Sourced from opencv-python's releases.
Commits
Updates
pillow
from 10.3.0 to 11.0.0Release notes
Sourced from pillow's releases.
... (truncated)
Changelog
Sourced from pillow's changelog.
... (truncated)
Commits
204aae6
11.0.0 version bumpf2cc87b
Update CHANGES.rst [ci skip]c855e8e
Merge pull request #8464 from radarhere/imagemath_type_hintdc37515
Merge pull request #8463 from hugovk/update-3.13-datec3d81d6
Update Python 3.13 release datea60610c
Added type hintsa5c58f2
Merge pull request #8460 from hugovk/mit-cmue74994e
Update licence to MIT-CMUb5e1115
Update CHANGES.rst [ci skip]686b5e2
Merge pull request #8392 from radarhere/tiff_seekUpdates
scikit-learn
from 1.4.2 to 1.5.0Release notes
Sourced from scikit-learn's releases.
Commits
b51d0c9
trigger whell builder [cd build]919ae9b
MAINT Reoder what's new for 1.5 (#29039)0ac28ad
DOC Release highlights 1.5 (#29007)This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.
To ignore these dependencies, configure ignore rules in dependabot.yml