chore(deps): bump the python-minor-patch group across 1 directory with 7 updates#15
chore(deps): bump the python-minor-patch group across 1 directory with 7 updates#15dependabot[bot] wants to merge 1 commit into
Conversation
…h 7 updates Bumps the python-minor-patch group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [pytest](https://github.com/pytest-dev/pytest) | `9.1.0` | `9.1.1` | | [ruff](https://github.com/astral-sh/ruff) | `0.15.17` | `0.15.20` | | [pandas](https://github.com/pandas-dev/pandas) | `3.0.3` | `3.0.4` | | [torch](https://github.com/pytorch/pytorch) | `2.12.0` | `2.12.1` | | [ccxt](https://github.com/ccxt/ccxt) | `4.5.58` | `4.5.62` | | [yfinance](https://github.com/ranaroussi/yfinance) | `1.4.1` | `1.5.1` | | [redis](https://github.com/redis/redis-py) | `8.0.0` | `8.0.1` | Updates `pytest` from 9.1.0 to 9.1.1 - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@9.1.0...9.1.1) Updates `ruff` from 0.15.17 to 0.15.20 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.15.17...0.15.20) Updates `pandas` from 3.0.3 to 3.0.4 - [Release notes](https://github.com/pandas-dev/pandas/releases) - [Commits](pandas-dev/pandas@v3.0.3...v3.0.4) Updates `torch` from 2.12.0 to 2.12.1 - [Release notes](https://github.com/pytorch/pytorch/releases) - [Changelog](https://github.com/pytorch/pytorch/blob/main/RELEASE.md) - [Commits](pytorch/pytorch@v2.12.0...v2.12.1) Updates `ccxt` from 4.5.58 to 4.5.62 - [Release notes](https://github.com/ccxt/ccxt/releases) - [Commits](ccxt/ccxt@v4.5.58...v4.5.62) Updates `yfinance` from 1.4.1 to 1.5.1 - [Release notes](https://github.com/ranaroussi/yfinance/releases) - [Changelog](https://github.com/ranaroussi/yfinance/blob/main/CHANGELOG.md) - [Commits](ranaroussi/yfinance@1.4.1...1.5.1) Updates `redis` from 8.0.0 to 8.0.1 - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](redis/redis-py@v8.0.0...v8.0.1) --- updated-dependencies: - dependency-name: pytest dependency-version: 9.1.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: python-minor-patch - dependency-name: ruff dependency-version: 0.15.20 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: python-minor-patch - dependency-name: pandas dependency-version: 3.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-minor-patch - dependency-name: torch dependency-version: 2.12.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: python-minor-patch - dependency-name: ccxt dependency-version: 4.5.62 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: python-minor-patch - dependency-name: yfinance dependency-version: 1.5.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: python-minor-patch - dependency-name: redis dependency-version: 8.0.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: python-minor-patch ... Signed-off-by: dependabot[bot] <support@github.com>
|
Closing: this repository binds paper and expansion artifacts to poetry.lock and pyproject.toml (they are release-critical fingerprinted paths in paper/results/manifest.json and paper/expansion/results/manifest.json), and CI additionally verifies the requirements/ exports match poetry.lock. A lock-only bump therefore always fails the drift gate and the provenance tests by design. Dependency updates land via a coordinated refresh instead: edit pyproject.toml, run scripts/update_dependency_locks.sh, regenerate both artifact releases from a clean source commit, and merge as a reviewed PR. This bump will be included in the next coordinated refresh. |
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
Lock-level updates within existing pyproject constraints: ccxt 4.5.63, pytest 9.1.1, redis 8.0.1, ruff 0.15.20, torch 2.12.1 (with transitive triton 3.7.1), and yfinance 1.5.1. pandas stays at 3.0.3 because 3.0.4 is yanked on PyPI, so the computation stack (pandas, numpy, scipy, scikit-learn) is unchanged by this refresh. pyproject.toml untouched. Supersedes the routine portion of the closed Dependabot group PR #15; requirements exports regenerated with the pinned Poetry toolchain. Release artifacts are regenerated in the follow-up commit because poetry.lock is a release-critical fingerprinted input.
Bumps the python-minor-patch group with 7 updates in the / directory:
9.1.09.1.10.15.170.15.203.0.33.0.42.12.02.12.14.5.584.5.621.4.11.5.18.0.08.0.1Updates
pytestfrom 9.1.0 to 9.1.1Release notes
Sourced from pytest's releases.
Commits
cf470ecPrepare release version 9.1.1e0c8ce6Merge pull request #14625 from pytest-dev/patchback/backports/9.1.x/a07c31a97...1b82d16Merge pull request #14624 from pytest-dev/patchback/backports/9.1.x/b375b79ec...501c4bcMerge pull request #14596 from bluetech/doc-classmethodb61f588Merge pull request #14622 from chrisburr/fix-14608-initial-conftest-test-subdir9a567e0[automated] Update plugin list (#14617) (#14618)ef8b299Merge pull request #14620 from pytest-dev/patchback/backports/9.1.x/680f9f3ed...66abd07Merge pull request #14220 from bysiber/fix-stale-iexp-raisesgroup79fbf93Merge pull request #14612 from pytest-dev/patchback/backports/9.1.x/974ed48b6...0d312ebMerge pull request #14611 from bluetech/parametrize-argvalues-typingUpdates
rufffrom 0.15.17 to 0.15.20Release notes
Sourced from ruff's releases.
... (truncated)
Changelog
Sourced from ruff's changelog.
... (truncated)
Commits
f82a36bBump 0.15.20 (#26376)af32943Improve the summarise-ecosystem-results skill (#26378)485ebabRemoveRUF076name from schema (#26371)ef81835[ty] Implement rust-analyzer's "Click for full compiler diagnostic" feature (...572b31e[ruff] Removepytest-fixture-autouse(RUF076) (#26240)f703f21Allow human-readable names in rule selectors (#25887)0d726b2[ty] Reuse equality semantics for membership compatibility (#25955)dbe6e98[ty] Infer definite equality comparison results (#26337)e700ea3[ty] Prove TypedDict structural patterns exhaustive (#26285)6a0d2ec[ty] Widen inferred class-valued instance attributes (#26338)Updates
pandasfrom 3.0.3 to 3.0.4Release notes
Sourced from pandas's releases.
Commits
8188eb1RLS: 3.0.4 (#66079)bd35f15[3.0.x] BUG: fix CoW issue in eval() (#66072)6195872[backport 3.0.x] BUG: anchor whole alternation in Series.str.match for PyArro...70313beBackport PR #66051 on branch 3.0.x (BUG: fix regression in DataFrame setitem ...57ed3e2[backport 3.0.x] Bump pypa/cibuildwheel from 3.4.1 to 4.1.0 (#65934) (#66026)f9693fc[backport 3.0.x] BUG(pandas 3.0 regression): drop(index=...) doesn't accept N...9760fff[backport 3.0.x] BUG: support for operations with custom objects / object dty...f03f3ab[backport 3.0.x] ENH: fallback to zoneinfo Python API (for correct tz localiz...774a50dBackport PR #65066 on branch 3.0.x (BUG: escape SQL identifiers in ADBCDataba...15494e8[3.0.x] BUG: fix segfault adding non-tick DateOffset to datetime data under t...Updates
torchfrom 2.12.0 to 2.12.1Release notes
Sourced from torch's releases.
Commits
7269437Update triton to 3.7.1 release (#186814)88f16c2[MPS] Fix fill_ on byte-dtype views with misaligned storage offset (#186821)ccf6e67[release-only] Update version to 2.12.1 (#186813)88a6dc7Revive CUDA 12.9 nightly binary builds (#186015)ded5505[CD] Drop CPython 3.13t from binary build matrix (#182951) (#186654)Updates
ccxtfrom 4.5.58 to 4.5.62Release notes
Sourced from ccxt's releases.
... (truncated)
Commits
4965ce2[Automated changes] 4.5.62d991315[Automated changes] GO files16c8779[Automated changes] C# files27a2af4[Automated changes] Java filesa633c45[Automated changes] JS filese534134[Automated changes] PHP files8720fcc[Automated changes] Python files89e0be7fix(bingx): read trading-fee response after the API call in fetchTradingFee (...d116ada[Automated changes] JS files1a53b03feat(htx): V5 linear websocket support (#29017)Updates
yfinancefrom 1.4.1 to 1.5.1Release notes
Sourced from yfinance's releases.
Changelog
Sourced from yfinance's changelog.
Commits
38c73ceVersion 1.5.19eef6c1Merge pull request #2862 from ranaroussi/dev4fedcfddocs: changelog entry for 125b12e80a768cdocs: changelog entry for 15ba02233cb3abMerge branch 'main' into devf10e765docs: changelog entry for b375cd8b375cd8Version 1.5.0d123d52docs: changelog entry for 818ab63909dc81docs: changelog entry for df54d12818ab63Add missing changes for #2860Updates
redisfrom 8.0.0 to 8.0.1Release notes
Sourced from redis's releases.
Commits
7c0fd11Updating lib version to 8.0.1b7a4d7dAvoid per-check fd allocation in hiredis_socket_can_read()— usepoll()...eec778efix(asyncio): release pooled connection when Pipeline.reset() is cancelled (#...08e01bbFixing pubsub's listen method to be blocking. (#4119)3d5257afix(search): parse RESP3 FT.SEARCH responses with bytes-typed keys (#4109)cce28ffFix hiredis readiness checks for high file descriptors (#4115)e20691cFixed async MultiDBClient with underlying RedisCluster (#4108)ea37fccFix async cluster node connection release on write errors (#4111)f4146faUpdating lib version + supported Redis versions in README.md + updating the R...d47674eBumping github-versions actions (#4102)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions