chore: coordinated routine dependency refresh#19
Open
magnaquant wants to merge 2 commits into
Open
Conversation
Lock-level updates within existing pyproject constraints: ccxt 4.5.63, pytest 9.1.1, redis 8.0.1, ruff 0.15.20, torch 2.12.1 (with transitive triton 3.7.1), and yfinance 1.5.1. pandas stays at 3.0.3 because 3.0.4 is yanked on PyPI, so the computation stack (pandas, numpy, scipy, scikit-learn) is unchanged by this refresh. pyproject.toml untouched. Supersedes the routine portion of the closed Dependabot group PR #15; requirements exports regenerated with the pinned Poetry toolchain. Release artifacts are regenerated in the follow-up commit because poetry.lock is a release-critical fingerprinted input.
Both releases regenerated from clean source commit 881176d via the release wrappers with fixed UTC timestamps (rebuilt on top of the merged docker digest bump so the release history fast-forwards). The computation stack is unchanged (pandas 3.0.3; the yanked 3.0.4 was correctly refused), and every economic CSV, figure, and target-tape hash is byte-identical; the only PDF content change is the source-tree digest hex in the reproducibility appendix.
9cc2df0 to
852460f
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The deferred routine portion of closed Dependabot group PR #15, done through the documented coordinated flow (CLAUDE.md): lock-level updates within existing constraints, exports regenerated with the pinned Poetry toolchain, and both artifact releases regenerated because poetry.lock is a release-critical fingerprinted input.
Verification
Merge notes
Merge by command-line fast-forward push only (git push origin chore/coordinated-dependency-refresh:main). Do NOT squash or use the GitHub rebase button; the manifests record source commit c021760, which must remain an ancestor. Do not move research-audit-v1.