Bump the dependencies group across 1 directory with 5 updates

[dependabot[bot]]

Bumps the dependencies group with 5 updates in the / directory:

Package	From	To
filelock	3.15.1	3.15.4
ruff	0.4.9	0.5.0
types-requests	2.32.0.20240602	2.32.0.20240622
mypy	1.10.0	1.10.1
transformers	4.41.2	4.42.3

Updates filelock from 3.15.1 to 3.15.4

Release notes

Sourced from filelock's releases.

3.15.4

What's Changed

• Pass file_lock as positional argument by @​kwist-sgr in tox-dev/filelock#347

Full Changelog: https://github.com/tox-dev/filelock/compare/3.15.3...3.15.4

3.15.3

What's Changed

• Add test for virtualenv stability by @​gaborbernat in tox-dev/filelock#344
• Fix TypeError: _CountedFileLock.__init__() got an unexpected keyword argument 'timeout' by @​kwist-sgr in tox-dev/filelock#345

Full Changelog: https://github.com/tox-dev/filelock/compare/3.15.2...3.15.3

3.15.2

What's Changed

• Use a metaclass to implement the singleton pattern by @​kwist-sgr in tox-dev/filelock#340

New Contributors

• @​kwist-sgr made their first contribution in tox-dev/filelock#340

Full Changelog: https://github.com/tox-dev/filelock/compare/3.15.1...3.15.2

Commits

• 9a979df Pass file_lock as positional argument (#347)
• 3a79343 Fix `TypeError: _CountedFileLock.init() got an unexpected keyword argumen...
• 81d4cf9 Add test for virtualenv stability (#344)
• 192f1ef Use a metaclass to implement the singleton pattern (#340)
• 48788c5 Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#341)
• 7bd3b7b [pre-commit.ci] pre-commit autoupdate (#342)
• See full diff in compare view

Updates ruff from 0.4.9 to 0.5.0

Release notes

Sourced from ruff's releases.

0.5.0

Release Notes

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

• Follow the XDG specification to discover user-level configurations on macOS (same as on other Unix platforms)
• Selecting ALL now excludes deprecated rules
• The released archives now include an extra level of nesting, which can be removed with --strip-components=1 when untarring.
• The release artifact's file name no longer includes the version tag. This enables users to install via /latest URLs on GitHub.
• The diagnostic ranges for some flake8-bandit rules were modified (#10667).

Deprecations

The following rules are now deprecated:

• syntax-error (E999): Syntax errors are now always shown

Remapped rules

The following rules have been remapped to new rule codes:

• blocking-http-call-in-async-function: ASYNC100 to ASYNC210
• open-sleep-or-subprocess-in-async-function: ASYNC101 split into ASYNC220, ASYNC221, ASYNC230, and ASYNC251
• blocking-os-call-in-async-function: ASYNC102 has been merged into ASYNC220 and ASYNC221
• trio-timeout-without-await: TRIO100 to ASYNC100
• trio-sync-call: TRIO105 to ASYNC105
• trio-async-function-with-timeout: TRIO109 to ASYNC109
• trio-unneeded-sleep: TRIO110 to ASYNC110
• trio-zero-sleep-call: TRIO115 to ASYNC115
• repeated-isinstance-calls: PLR1701 to SIM101

Stabilization

The following rules have been stabilized and are no longer in preview:

• mutable-fromkeys-value (RUF024)
• default-factory-kwarg (RUF026)
• django-extra (S610)
• manual-dict-comprehension (PERF403)
• print-empty-string (FURB105)
• readlines-in-for (FURB129)
• if-expr-min-max (FURB136)
• bit-count (FURB161)
• redundant-log-base (FURB163)
• regex-flag-alias (FURB167)
• isinstance-type-none (FURB168)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.5.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

• Follow the XDG specification to discover user-level configurations on macOS (same as on other Unix platforms)
• Selecting ALL now excludes deprecated rules
• The released archives now include an extra level of nesting, which can be removed with --strip-components=1 when untarring.
• The release artifact's file name no longer includes the version tag. This enables users to install via /latest URLs on GitHub.
• The diagnostic ranges for some flake8-bandit rules were modified (#10667).

Deprecations

The following rules are now deprecated:

• syntax-error (E999): Syntax errors are now always shown

Remapped rules

The following rules have been remapped to new rule codes:

• blocking-http-call-in-async-function: ASYNC100 to ASYNC210
• open-sleep-or-subprocess-in-async-function: ASYNC101 split into ASYNC220, ASYNC221, ASYNC230, and ASYNC251
• blocking-os-call-in-async-function: ASYNC102 has been merged into ASYNC220 and ASYNC221
• trio-timeout-without-await: TRIO100 to ASYNC100
• trio-sync-call: TRIO105 to ASYNC105
• trio-async-function-with-timeout: TRIO109 to ASYNC109
• trio-unneeded-sleep: TRIO110 to ASYNC110
• trio-zero-sleep-call: TRIO115 to ASYNC115
• repeated-isinstance-calls: PLR1701 to SIM101

Stabilization

The following rules have been stabilized and are no longer in preview:

• mutable-fromkeys-value (RUF024)
• default-factory-kwarg (RUF026)
• django-extra (S610)
• manual-dict-comprehension (PERF403)
• print-empty-string (FURB105)
• readlines-in-for (FURB129)
• if-expr-min-max (FURB136)
• bit-count (FURB161)
• redundant-log-base (FURB163)
• regex-flag-alias (FURB167)
• isinstance-type-none (FURB168)
• type-none-comparison (FURB169)

... (truncated)

Commits

• 244b923 Add necessary permissions for cargo-dist Docker build (#12072)
• a8b48fc Release v0.5.0 (#12068)
• 04c8597 [flake8-simplify] Stabilize detection of Yoda conditions for "constant" col...
• 4029a25 [Ruff v0.5] Stabilise 15 pylint rules (#12051)
• 0917ce1 Update documentation to mention etcetera crate instead of dirs for user c...
• 22cebdf Add server config to filter out syntax error diagnostics (#12059)
• 72b6c26 Simplify LinterResult, avoid cloning ParseError (#11903)
• 73851e7 Avoid displaying syntax error as log message (#11902)
• e7b4969 Remove E999 as a rule, disallow any disablement methods for syntax error (#...
• c98d8a0 [pyflakes] Stabilize detection of is comparisons to lists, etc. (F632) (#...
• Additional commits viewable in compare view

Updates types-requests from 2.32.0.20240602 to 2.32.0.20240622

Commits

• See full diff in compare view

Updates mypy from 1.10.0 to 1.10.1

Changelog

Sourced from mypy's changelog.

Mypy 1.10.1

• Fix error reporting on cached run after uninstallation of third party library (Shantanu, PR 17420)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

• Alex Waygood
• Ali Hamdan
• Edward Paget
• Evgeniy Slobodkin
• Hashem
• hesam
• Hugo van Kemenade
• Ihor
• James Braza
• Jelle Zijlstra
• jhance
• Jukka Lehtosalo
• Loïc Simon
• Marc Mueller
• Matthieu Devlin
• Michael R. Crusoe
• Nikita Sobolev
• Oskari Lehto
• Riccardo Di Maio
• Richard Si
• roberfi
• Roman Solomatin
• Sam Xifaras
• Shantanu
• Spencer Brown
• Srinivas Lade
• Tamir Duberstein
• youkaichao

I’d also like to thank my employer, Dropbox, for supporting mypy development.

Mypy 1.9

We’ve just uploaded mypy 1.9 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Breaking Changes

Because the version of typeshed we use in mypy 1.9 doesn't support 3.7, neither does mypy 1.9. (Jared Hance, PR 16883)

... (truncated)

Commits

• c28b525 [1.10 backport] Fix error reporting on cached run after uninstallation of thi...
• See full diff in compare view

Updates transformers from 4.41.2 to 4.42.3

Release notes

Sourced from transformers's releases.

Patch release v4.42.3

Make sure we have attention softcapping for "eager" GEMMA2 model

After experimenting, we noticed that for the 27b model mostly, softcapping is a must. So adding it back (it should have been there, but an error on my side made it disappear) sorry all! 😭

• Gemma capping is a must for big models (#31698)

Patch release v4.42.2

Patch release

Thanks to our 2 contributors for their prompt fixing mostly applies for training and FA2!

• Fix Gemma2 4d attention mask (#31674) by @​hiyouga
• don't zero out the attention_mask when using sliding window with flash attention (#31670) by @​winglian

v4.42.1: Patch release

Patch release for commit:

• [HybridCache] Fix get_seq_length method (#31661)

v4.42.0: Gemma 2, RTDETR, InstructBLIP, LLAVa Next, New Model Adder

New model additions

Gemma-2

The Gemma2 model was proposed in Gemma2: Open Models Based on Gemini Technology and Research by Gemma2 Team, Google. Gemma2 models are trained on 6T tokens, and released with 2 versions, 2b and 7b.

The abstract from the paper is the following:

This work introduces Gemma2, a new family of open language models demonstrating strong performance across academic benchmarks for language understanding, reasoning, and safety. We release two sizes of models (2 billion and 7 billion parameters), and provide both pretrained and fine-tuned checkpoints. Gemma2 outperforms similarly sized open models on 11 out of 18 text-based tasks, and we present comprehensive evaluations of safety and responsibility aspects of the models, alongside a detailed description of our model development. We believe the responsible release of LLMs is critical for improving the safety of frontier models, and for enabling the next wave of LLM innovations

• Add gemma 2 by @​ArthurZucker in #31659

RTDETR

The RT-DETR model was proposed in DETRs Beat YOLOs on Real-time Object Detection by Wenyu Lv, Yian Zhao, Shangliang Xu, Jinman Wei, Guanzhong Wang, Cheng Cui, Yuning Du, Qingqing Dang, Yi Liu.

RT-DETR is an object detection model that stands for “Real-Time DEtection Transformer.” This model is designed to perform object detection tasks with a focus on achieving real-time performance while maintaining high accuracy. Leveraging the transformer architecture, which has gained significant popularity in various fields of deep learning, RT-DETR processes images to identify and locate multiple objects within them.

• New model support RTDETR by @​SangbumChoi in #29077

InstructBlip

The InstructBLIP model was proposed in InstructBLIP: Towards General-purpose Vision-Language Models with Instruction Tuning by Wenliang Dai, Junnan Li, Dongxu Li, Anthony Meng Huat Tiong, Junqi Zhao, Weisheng Wang, Boyang Li, Pascale Fung, Steven Hoi. InstructBLIP leverages the BLIP-2 architecture for visual instruction tuning.

... (truncated)

Commits

• b7ee1e8 v4.42.3
• da50b41 Gemma capping is a must for big models (#31698)
• 086c74e v4.42.2
• 8691867 Fix Gemma2 4d attention mask (#31674)
• 7edc993 don't zero out the attention_mask when using sliding window with flash attent...
• e3cb841 v4.42.1
• b2455e5 [HybridCache] Fix get_seq_length method (#31661)
• 6c1d0b0 Release: v4.42.0
• 69b0f44 Add gemma 2 (#31659)
• be50a03 change anchor_image_size None for compatibility (#31640)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.