Skip to content

chore(beep boop 🤖): Bump uv.lock (main) (2026-01-05) #1349

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
pablo-garay wants to merge 11 commits into
base: main
Choose a base branch
from
Open

chore(beep boop 🤖): Bump uv.lock (main) (2026-01-05) #1349

pablo-garay wants to merge 11 commits into from

Conversation

@pablo-garay
Copy link
Contributor

@pablo-garay pablo-garay commented Jan 5, 2026

🚀 PR to bump uv.lock in main.

📝 Please remember the following to-do's before merge:

  • Verify the presubmit CI

🙏 Please merge this PR only if the CI workflow completed successfully.

@pablo-garay @github-actions
chore(beep boop 🤖): Bump uv.lock (main) (2026-01-05)
face2d9 
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@copy-pr-bot
Copy link

copy-pr-bot bot commented Jan 5, 2026

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

greptile-apps[bot]
greptile-apps bot reviewed Jan 7, 2026
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Greptile Overview

Greptile Summary

Updated Python dependency lock file (uv.lock) with routine version bumps for multiple packages. Notable updates include:

  • accelerate: 1.11.0 → 1.12.0
  • aiobotocore: 2.25.2 → 2.26.0
  • aiohttp: 3.13.2 → 3.13.3
  • wandb: 0.23.0 → 0.23.1
  • werkzeug: 3.1.3 → 3.1.4
  • xformers: Platform marker updated from sys_platform == 'linux' to sys_platform != 'darwin' (broadens Windows support)

All updates appear to be minor/patch releases with no breaking changes expected. The torch dependency remains pinned at version 2.9.0+cu128 for CUDA builds, which aligns with the project constraint torch<=2.9.0 defined in pyproject.toml.

Confidence Score: 4/5

  • This PR is safe to merge with low risk pending successful CI validation
  • This is a routine automated lock file update with only minor/patch version bumps. All changes are transitive dependency updates with no direct modifications to source code. The torch version constraint is properly maintained, and the xformers platform marker change appropriately broadens platform support. Score of 4 (not 5) reflects the standard requirement to verify presubmit CI passes before merge, as mentioned in the PR description
  • No files require special attention - this is a standard lock file update

Important Files Changed

File Analysis

Filename Score Overview
uv.lock 4/5 Updated Python dependency lock file with multiple package version bumps including accelerate (1.11.0→1.12.0), aiobotocore (2.25.2→2.26.0), aiohttp (3.13.2→3.13.3), wandb (0.23.0→0.23.1), werkzeug (3.1.3→3.1.4), and torch version adjustments

Sequence Diagram

sequenceDiagram
    participant Dev as Developer
    participant UV as UV Package Manager
    participant PyPI as PyPI Registry
    participant PyTorch as PyTorch Index
    participant Lock as uv.lock File
    participant CI as CI Pipeline

    Dev->>UV: Run uv lock update
    UV->>PyPI: Query latest package versions
    PyPI-->>UV: Return available versions
    UV->>PyTorch: Query torch versions
    PyTorch-->>UV: Return torch 2.9.0+cu128
    UV->>UV: Resolve dependency tree
    Note over UV: Updated packages:<br/>accelerate 1.11.0→1.12.0<br/>aiobotocore 2.25.2→2.26.0<br/>aiohttp 3.13.2→3.13.3<br/>wandb 0.23.0→0.23.1<br/>werkzeug 3.1.3→3.1.4
    UV->>Lock: Write resolved dependencies
    Lock-->>UV: Lock file updated
    Dev->>CI: Create PR with updated lock
    CI->>CI: Run presubmit tests
    CI-->>Dev: Test results
Loading

@thomasdhc
Copy link
Contributor

thomasdhc commented Jan 7, 2026

/ok to test c309782

@thomasdhc
Copy link
Contributor

thomasdhc commented Jan 7, 2026

/ok to test 02c310b

greptile-apps[bot]
greptile-apps bot reviewed Jan 8, 2026
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Greptile Overview

Greptile Summary

Bumps uv.lock with dependency updates including PyTorch 2.8→2.9, accelerate, aiohttp, and 100+ other packages. Adds scikit-learn<1.8.0 version constraint to maintain compatibility with cuml 25.10. Updates test to handle Ray 2.53.0+ execution plan format changes.

Confidence Score: 4/5

  • Safe routine dependency bump with appropriate version constraints and test compatibility fixes
  • This is a standard automated dependency lock update. The changes include necessary compatibility fixes (scikit-learn version constraint for cuml compatibility, Ray test adjustments). The PR follows a routine bump pattern with appropriate safeguards including CI verification requirement in the description.
  • No files require special attention

Important Files Changed

File Analysis

Filename Score Overview
pyproject.toml 4/5 Adds version constraint scikit-learn<1.8.0 to maintain compatibility with cuml 25.10 in both deduplication_cuda12 and test extras
tests/backends/test_integration.py 4/5 Adds Ray version detection to handle execution plan format changes in Ray 2.53.0+, adjusting expected stage names for test assertions

Sequence Diagram

sequenceDiagram
    participant Dev as Developer
    participant UV as UV Lock
    participant Deps as Dependencies
    participant CI as CI Pipeline
    
    Dev->>UV: "Run uv lock update"
    UV->>Deps: "Resolve PyTorch 2.9, sklearn<1.8, etc"
    Deps-->>UV: "Return resolved versions"
    UV->>UV: "Update uv.lock (1898 lines)"
    Dev->>CI: "Add PYTHONFAULTHANDLER=1"
    Dev->>CI: "Include uv.lock in change detection"
    Dev->>CI: "Enable pytest -vv -s output"
    CI-->>Dev: "Run tests with new dependencies"
Loading

@thomasdhc thomasdhc added the r1.1.0 Pick this label for auto cherry-picking into r1.1.0 label Jan 9, 2026
ayushdg
ayushdg requested changes Jan 13, 2026
View reviewed changes
Copy link
Contributor

@ayushdg ayushdg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@praateekmahajan To confirm this is still a Do-not-merge right?

@praateekmahajan
Copy link
Contributor

praateekmahajan commented Jan 13, 2026

@ayushdg yes, and also we don't need to merge this in 1.1.0 since we haven't been able to resolve the issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ayushdg ayushdg ayushdg requested changes

+1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

r1.1.0 Pick this label for auto cherry-picking into r1.1.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@pablo-garay @thomasdhc @praateekmahajan @ayushdg