-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump the pip group across 1 directory with 7 updates #3
Conversation
Bumps the pip group with 3 updates in the / directory: [requests](https://github.com/psf/requests), [tqdm](https://github.com/tqdm/tqdm) and [pyarrow](https://github.com/apache/arrow). Updates `requests` from 2.25.1 to 2.31.0 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.25.1...v2.31.0) Updates `tqdm` from 4.54.1 to 4.66.3 - [Release notes](https://github.com/tqdm/tqdm/releases) - [Commits](tqdm/tqdm@v4.54.1...v4.66.3) Updates `pyarrow` from 2.0.0 to 14.0.1 - [Commits](apache/arrow@apache-arrow-2.0.0...go/v14.0.1) Updates `certifi` from 2020.12.5 to 2024.2.2 - [Commits](certifi/python-certifi@2020.12.05...2024.02.02) Updates `idna` from 2.10 to 3.7 - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](kjd/idna@v2.10...v3.7) Updates `numpy` from 1.19.4 to 1.24.4 - [Release notes](https://github.com/numpy/numpy/releases) - [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst) - [Commits](numpy/numpy@v1.19.4...v1.24.4) Updates `urllib3` from 1.26.2 to 2.2.1 - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@1.26.2...2.2.1) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production dependency-group: pip - dependency-name: tqdm dependency-type: direct:production dependency-group: pip - dependency-name: pyarrow dependency-type: direct:production dependency-group: pip - dependency-name: certifi dependency-type: indirect dependency-group: pip - dependency-name: idna dependency-type: indirect dependency-group: pip - dependency-name: numpy dependency-type: indirect dependency-group: pip - dependency-name: urllib3 dependency-type: indirect dependency-group: pip ... Signed-off-by: dependabot[bot] <support@github.com>
Important Auto Review SkippedBot user detected. To trigger a single review, invoke the You can disable this status message by setting the Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
Superseded by #4. |
Bumps the pip group with 3 updates in the / directory: requests, tqdm and pyarrow.
Updates
requests
from 2.25.1 to 2.31.0Release notes
Sourced from requests's releases.
... (truncated)
Changelog
Sourced from requests's changelog.
... (truncated)
Commits
147c851
v2.31.074ea7cf
Merge pull request from GHSA-j8r2-6x86-q33q3022253
test on pypy 3.8 and pypy 3.9 on windows and macos (#6424)b639e66
test on py3.12 (#6448)d3d5044
Fixed a small typo (#6452)2ad18e0
v2.30.0f2629e9
Remove strict parameter (#6434)87d63de
v2.29.051716c4
enable the warnings plugin (#6416)a7da1ab
try on ubuntu 22.04 (#6418)Updates
tqdm
from 4.54.1 to 4.66.3Release notes
Sourced from tqdm's releases.
... (truncated)
Commits
4e613f8
Merge pull request from GHSA-g7vv-2v7x-gj9pb53348c
cli: eval safetycc372d0
bump version, merge pull request #1549 from tqdm/devele9f0c05
use PyPI trusted publishing7323d5b
slight makefile clean5306125
tests: bump pre-commit4a6fd4f
fix datetime.utcfromtimestamp py3.12 warning (#1519)6f13759
tests: fix macos notebook indentation3abcd2a
tests: fix asva4d15c8
tests: fix pandas warningsUpdates
pyarrow
from 2.0.0 to 14.0.1Commits
ba53748
MINOR: [Release] Update versions for 14.0.1529f376
MINOR: [Release] Update .deb/.rpm changelogs for 14.0.1b84bbca
MINOR: [Release] Update CHANGELOG.md for 14.0.1f141709
GH-38607: [Python] Disable PyExtensionType autoload (#38608)5a37e74
GH-38431: [Python][CI] Update fs.type_name checks for s3fs tests (#38455)2dcee3f
MINOR: [Release] Update versions for 14.0.0297428c
MINOR: [Release] Update .deb/.rpm changelogs for 14.0.03e9734f
MINOR: [Release] Update CHANGELOG.md for 14.0.09f90995
GH-38332: [CI][Release] Resolve symlinks in RAT lint (#38337)bd61239
GH-35531: [Python] C Data Interface PyCapsule Protocol (#37797)Updates
certifi
from 2020.12.5 to 2024.2.2Commits
45eb611
2024.02.02 (#266)83f4f04
fix leaking certificate issue (#265)bbf2208
Bump actions/upload-artifact from 4.2.0 to 4.3.0 (#264)9e837a5
Bump actions/upload-artifact from 4.1.0 to 4.2.0 (#262)05d071b
Bump actions/upload-artifact from 4.0.0 to 4.1.0 (#261)2a3088a
Bump actions/download-artifact from 4.1.0 to 4.1.1 (#260)d4ca66e
Bump actions/upload-artifact from 3.1.3 to 4.0.0 (#258)5d15663
Bump actions/download-artifact from 3.0.2 to 4.1.0 (#257)d66ef9d
Bump actions/setup-python from 4.7.1 to 5.0.0 (#256)8f0d412
Bump pypa/gh-action-pypi-publish from 1.8.10 to 1.8.11 (#255)Updates
idna
from 2.10 to 3.7Release notes
Sourced from idna's releases.
Changelog
Sourced from idna's changelog.
... (truncated)
Commits
1d365e1
Release v3.7c1b3154
Merge pull request #172 from kjd/optimize-contextj0394ec7
Merge branch 'master' into optimize-contextjcd58a23
Merge pull request #152 from elliotwutingfeng/dev5beb28b
More efficient resolution of joiner contexts1b12148
Update ossf/scorecard-action to v2.3.1d516b87
Update Github actions/checkout to v4c095c75
Merge branch 'master' into dev60a0a4c
Fix typo in GitHub Actions workflow key5918a0e
Merge branch 'master' into devUpdates
numpy
from 1.19.4 to 1.24.4Release notes
Sourced from numpy's releases.
... (truncated)
Commits
9315a90
Merge pull request #24044 from charris/fix-simple-anaconda-client334c25e
BLD: Use urllib < 2.0.0 for anaconda-client.008b17f
Merge pull request #24040 from charris/prepare-1.24.4-release7162cd6
REL: Prepare for the NumPy 1.24.4 release2d27747
Merge pull request #23994 from charris/update-rtools-install878122c
MAINT: Update rtools installationa5f33ab
Merge pull request #23890 from charris/backport-23887d62280d
DOC: Document themetadata
parameter of thedtype
constructor6da40bb
TYP: Add annotations for thenp.dtype
metadata parameter553bb3f
Merge pull request #23761 from charris/backport-23680Updates
urllib3
from 1.26.2 to 2.2.1Release notes
Sourced from urllib3's releases.
... (truncated)
Changelog
Sourced from urllib3's changelog.
... (truncated)
Commits
54d6edf
Release 2.2.149b2dda
Stop casting request headers to HTTPHeaderDict (#3344)e22f651
Fix docstring of retries parameterfa54179
Distinguish between truncated and excess content in response (#3273)cfe52f9
Fix InsecureRequestWarning for HTTPS Emscripten requests (#3333)25155d7
Ensure no remote connections during testing (#3328)12f9233
Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (#3340)9929d3c
Add nox session to start local Pyodide consoleaa8d3dd
Fix ssl_version tests for upcoming migration to pytest 823f2287
Remove TODO about informational responses (#3319)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.