Bump the all-minor-and-patch-dependency-updates group across 1 directory with 5 updates

[dependabot[bot]]

Bumps the all-minor-and-patch-dependency-updates group with 5 updates in the / directory:

Package	From	To
bandit	1.7.8	1.7.9
pandas	2.1.4	2.2.2
ray[default]	2.24.0	2.30.0
ruff	0.4.8	0.4.10
sphinx-book-theme	1.1.2	1.1.3

Updates bandit from 1.7.8 to 1.7.9

Release notes

Sourced from bandit's releases.

1.7.9

What's Changed

• Bump docker/build-push-action from 5.1.0 to 5.2.0 by @​dependabot in PyCQA/bandit#1117
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in PyCQA/bandit#1119
• New logo for Bandit based on raccoon by @​ericwb in PyCQA/bandit#1121
• Start testing on Python 3.13 by @​ericwb in PyCQA/bandit#1122
• Bump docker/build-push-action from 5.2.0 to 5.3.0 by @​dependabot in PyCQA/bandit#1123
• Bump docker/setup-buildx-action from 3.1.0 to 3.2.0 by @​dependabot in PyCQA/bandit#1124
• Bump docker/login-action from 3.0.0 to 3.1.0 by @​dependabot in PyCQA/bandit#1125
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in PyCQA/bandit#1126
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in PyCQA/bandit#1127
• Bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @​dependabot in PyCQA/bandit#1130
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in PyCQA/bandit#1131
• Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by @​dependabot in PyCQA/bandit#1132
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in PyCQA/bandit#1133
• Updates banner logo so it renders well in dark mode by @​ericwb in PyCQA/bandit#1134
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in PyCQA/bandit#1135
• Add a sponsor section to README by @​ericwb in PyCQA/bandit#1137
• Ensure sarif extra is included as part of doc build by @​ericwb in PyCQA/bandit#1139
• Bump docker/login-action from 3.1.0 to 3.2.0 by @​dependabot in PyCQA/bandit#1142
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in PyCQA/bandit#1143
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in PyCQA/bandit#1145
• Guard against empty call argument list by @​ericwb in PyCQA/bandit#1146
• Bump docker/build-push-action from 5.3.0 to 5.4.0 by @​dependabot in PyCQA/bandit#1144
• Support configfile in .bandit file by @​bersbersbers in PyCQA/bandit#1052

New Contributors

• @​pre-commit-ci made their first contribution in PyCQA/bandit#1119
• @​bersbersbers made their first contribution in PyCQA/bandit#1052

Full Changelog: https://github.com/PyCQA/bandit/compare/1.7.8...1.7.9

Commits

• 691f465 Support configfile in .bandit file (#1052)
• f1a397e Bump docker/build-push-action from 5.3.0 to 5.4.0 (#1144)
• 049eba0 Guard against empty call argument list (#1146)
• ad56c78 [pre-commit.ci] pre-commit autoupdate (#1145)
• 2dd4cb5 [pre-commit.ci] pre-commit autoupdate (#1143)
• 313cae7 Bump docker/login-action from 3.1.0 to 3.2.0 (#1142)
• 3fa1e25 Ensure sarif extra is included as part of doc build (#1139)
• 8b659fb Add a sponsor section to README (#1137)
• 30cada5 [pre-commit.ci] pre-commit autoupdate (#1135)
• dbb4161 Updates banner logo so it renders well in dark mode (#1134)
• Additional commits viewable in compare view

Updates pandas from 2.1.4 to 2.2.2

Release notes

Sourced from pandas's releases.

Pandas 2.2.2

We are pleased to announce the release of pandas 2.2.2. This release includes some new features, bug fixes, and performance improvements. We recommend that all users upgrade to this version.

See the full whatsnew for a list of all the changes. Pandas 2.2.2 supports Python 3.9 and higher.

The release will be available on the defaults and conda-forge channels:

conda install pandas

Or via PyPI:

python3 -m pip install --upgrade pandas

Please report any issues with the release on the pandas issue tracker.

Thanks to all the contributors who made this release possible.

Pandas 2.2.1

We are pleased to announce the release of pandas 2.2.1. This release includes some new features, bug fixes, and performance improvements. We recommend that all users upgrade to this version.

See the full whatsnew for a list of all the changes. Pandas 2.2.1 supports Python 3.9 and higher.

The release will be available on the defaults and conda-forge channels:

conda install pandas

Or via PyPI:

python3 -m pip install --upgrade pandas

Please report any issues with the release on the pandas issue tracker.

Thanks to all the contributors who made this release possible.

Pandas 2.2.0

We are pleased to announce the release of pandas 2.2.0. This release includes some new features, bug fixes, and performance improvements. We recommend that all users upgrade to this version.

See the full whatsnew for a list of all the changes. Pandas 2.2.0 supports Python 3.9 and higher.

The release will be available on the defaults and conda-forge channels:

conda install pandas

Or via PyPI:

... (truncated)

Commits

• d9cdd2e RLS: 2.2.2
• 98aeac9 Backport PR #58209: CI: Pin blosc to fix pytables (#58211)
• 5466f15 Backport PR #58202: DOC/TST: Document numpy 2.0 support and add tests… (#58208)
• 45b0b32 Backport PR #58203 on branch 2.2.x (DOC: Add release date/contributors for 2....
• c7ec566 Backport PR #58087 on branch 2.2.x (BLD: Build wheels using numpy 2.0rc1) (#5...
• 691fc88 Backport PR #58181 on branch 2.2.x (CI: correct error msg in test_view_index)...
• a947587 Backport PR #58138 on branch 2.2.x (BLD: Fix nightlies not building) (#58140)
• b56842d Backport PR #58100 on branch 2.2.x (MNT: fix compatibility with beautifulsoup...
• 0f83d50 Revert "BLD: Pin numpy on 2.2.x" (#58093)
• e9b81ee Backport PR #58126: BLD: Build wheels with numpy 2.0rc1 (#58127)
• Additional commits viewable in compare view

Updates ray[default] from 2.24.0 to 2.30.0

Release notes

Sourced from ray[default]'s releases.

Ray-2.30.0

Ray Libraries

Ray Data

💫 Enhancements:

• Improve fractional CPU/GPU formatting (#45673)
• Use sampled fragments to estimate Parquet reader batch size (#45749)
• Refactoring ParquetDatasource and metadata fetching logic (#45728, #45727, #45733, #45734, #45767)
• Refactor planner.py (#45706)

Ray Tune

💫 Enhancements:

• Change the behavior of a missing stopping criterion metric to warn instead of raising an error. This enables the use case of reporting different sets of metrics on different iterations (ex: a separate set of training and validation metrics). (#45613)

Ray Serve

💫 Enhancements:

• Create internal request id to track request objects (#45761)

RLLib

💫 Enhancements:

• Stability: DreamerV3 weekly release test (#45654); Add "official" benchmark script for Atari PPO benchmarks. (#45697)
• Enhance env-rendering callback (#45682)

🔨 Fixes:

• Bug fix in new MetricsLogger API: EMA stats w/o window would lead to infinite list mem-leak. (#45752)
• Various other bug fixes: (#45819, #45820, #45683, #45651, #45753)

📖 Documentation:

• Re-do examples overview page (new API stack): #45382
  • PyFlyt QuadX WayPoints example #44758, #45956
  • RLModule inference on new API stack (#45831, #45845)
  • How to resume a tune.Tuner.fit() experiment from checkpoint. (#45681)
  • Custom RLModule (tiny CNN): #45774
  • Connector examples docstrings (#45864)
• Old API stack examples: #43592, #45829

Ray Core

🎉 New Features:

• Alpha release of job level logging configuration: users can now config the user logging to be logfmt format with logging context attached. (#45344)

💫 Enhancements:

• Integrate amdsmi in AMDAcceleratorManager (#44572)

🔨 Fixes:

• Fix the C++ GcsClient Del not respecting del_by_prefix (#45604)
• Fix exit handling of FiberState threads (#45834)

... (truncated)

Commits

• 97c3729 [ci] deflake rllib release tests (#45901) (#46114)
• 4d5768b update ray version to 2.30.0 (#46113)
• d59d1ef [finetune] change fine-tuning examples to use cuda 12.3 (#45879)
• 6be6bbc [Data] Hard deprecate set_progress_bar (#45905)
• 6bd04fd [core] Perf: Fair dispatching of the tasks for different scheduling_class to...
• a241492 [release] use bigger machine for anyscale build (#45883)
• fc79733 [Core] Remove dead gcs_failover_worker_reconnect_timeout config (#45898)
• 7fc11df [ci] avoid deadlocking bazel query and bazel run (#45892)
• c84bf37 [RLlib] Cleanup examples folder #13. Fix main examples docs page for RLlib. (...
• a1ccd21 [Data] Make ExecutionPlan.execute return RefBundle instead of BlockList...
• Additional commits viewable in compare view

Updates ruff from 0.4.8 to 0.4.10

Release notes

Sourced from ruff's releases.

v0.4.10

Changes

Parser

• Implement re-lexing logic for better error recovery (#11845)

Rule changes

• [flake8-copyright] Update CPY001 to check the first 4096 bytes instead of 1024 (#11927)
• [pycodestyle] Update E999 to show all syntax errors instead of just the first one (#11900)

Server

• Add tracing setup guide to Helix documentation (#11883)
• Add tracing setup guide to Neovim documentation (#11884)
• Defer notebook cell deletion to avoid an error message (#11864)

Security

• Guard against malicious ecosystem comment artifacts (#11879)

Contributors

• @​AlexWaygood
• @​MichaReiser
• @​adrinjalali
• @​dhruvmanila
• @​github-actions
• @​psychedelicious
• @​renovate
• @​snowsignal
• @​zanieb

v0.4.9

Changes

Preview features

• [pylint] Implement consider-dict-items (C0206) (#11688)
• [refurb] Implement repeated-global (FURB154) (#11187)

Rule changes

• [pycodestyle] Adapt fix for E203 to work identical to ruff format (#10999)

Formatter

• Fix formatter instability for lines only consisting of zero-width characters (#11748)

Server

... (truncated)

Changelog

Sourced from ruff's changelog.

0.4.10

Parser

• Implement re-lexing logic for better error recovery (#11845)

Rule changes

• [flake8-copyright] Update CPY001 to check the first 4096 bytes instead of 1024 (#11927)
• [pycodestyle] Update E999 to show all syntax errors instead of just the first one (#11900)

Server

• Add tracing setup guide to Helix documentation (#11883)
• Add tracing setup guide to Neovim documentation (#11884)
• Defer notebook cell deletion to avoid an error message (#11864)

Security

• Guard against malicious ecosystem comment artifacts (#11879)

0.4.9

Preview features

• [pylint] Implement consider-dict-items (C0206) (#11688)
• [refurb] Implement repeated-global (FURB154) (#11187)

Rule changes

• [pycodestyle] Adapt fix for E203 to work identical to ruff format (#10999)

Formatter

• Fix formatter instability for lines only consisting of zero-width characters (#11748)

Server

• Add supported commands in server capabilities (#11850)
• Use real file path when available in ruff server (#11800)
• Improve error message when a command is run on an unavailable document (#11823)
• Introduce the ruff.printDebugInformation command (#11831)
• Tracing system now respects log level and trace level, with options to log to a file (#11747)

CLI

• Handle non-printable characters in diff view (#11687)

Bug fixes

... (truncated)

Commits

• b54922f Bump version to v0.4.10 (#11953)
• 3f884b4 Avoid running logical line rule logic if not enabled (#11951)
• b456051 [red-knot] Add tracing to Salsa queries (#11949)
• 2dfbf11 [red-knot] Extract red_knot_python_semantic crate (#11926)
• ed948ea Avoid moving back the lexer for triple-quoted fstring (#11939)
• 22733cb red-knot(Salsa): Types without refinements (#11899)
• a26bd01 Avoid depth counting when detecting indentation (#11947)
• b617d90 Update E999 to show all syntax errors (#11900)
• cdc7c71 Avoid consuming trailing whitespace during re-lexing (#11933)
• ff3bf58 ruff server: Add tracing setup guide to Neovim documentation (#11884)
• Additional commits viewable in compare view

Updates sphinx-book-theme from 1.1.2 to 1.1.3

Release notes

Sourced from sphinx-book-theme's releases.

v1.1.3

(full changelog)

Enhancements made

• ENH: bump version for release :rocket: #843 (@​agoose77)
• ENH: bump version #818 (@​agoose77)

Bugs fixed

• FIX: breaking style changes in pydata-sphinx-theme #841 (@​agoose77)
• FIX: fixes to the dropdown buttons #831 (@​afeld)
• FIX: .bd-sizebar-secondary and .secondary-toggle breakpoint #809 (@​sinsong)

Maintenance and upkeep improvements

• MAINT: update pydata-sphinx-theme min version #842 (@​agoose77)
• MAINT: update the SCSS development stack #837 (@​agoose77)
• MAINT: use findall instead of traverse #820 (@​agoose77)

Documentation improvements

• DOCS: update list of default sidebars in docs #819 (@​aawadaptix)

Other merged PRs

• Build(deps): Bump pypa/gh-action-pypi-publish from 1.8.11 to 1.8.14 #830 (@​dependabot)
• Build(deps): Bump pre-commit/action from 3.0.0 to 3.0.1 #823 (@​dependabot)

Contributors to this release

(GitHub contributors page for this release)

@​aawadaptix | @​afeld | @​agoose77 | @​choldgraf | @​dependabot | @​LecrisUT | @​sinsong | @​welcome

Changelog

Sourced from sphinx-book-theme's changelog.

Changelog

Commits

• b0f7a35 Merge pull request #843 from executablebooks/agoose77/enh-bump-version
• 21ead22 enh: bump version
• c9ac6b1 Merge pull request #842 from executablebooks/agoose77/maint-bump-pydata-version
• bd60e86 Merge pull request #809 from sinsong/master
• 6e93460 maint: update pydata-sphinx-theme min version
• 9939b7a Update src/sphinx_book_theme/assets/styles/sections/_header-article.scss
• 36de725 Merge branch 'master' into master
• 3b6fd68 Merge pull request #841 from executablebooks/agoose77/fix-pydata-sphinx-theme...
• 2e53d46 docs: fix false-positive for nested admonitions
• 0a84a3f ci: fix pattern
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.