Bump the pip group across 3 directories with 17 updates #8

dependabot · 2024-07-05T22:33:14Z

Bumps the pip group with 3 updates in the /apps/chatbot-kickstarter directory: redis, requests and streamlit.
Bumps the pip group with 3 updates in the /apps/file-q-and-a/nextjs-with-flask-server/server directory: flask-cors, scikit-learn and jinja2.
Bumps the pip group with 13 updates in the /apps/web-crawl-q-and-a directory:

Package	From	To
requests	`2.28.1`	`2.32.2`
scikit-learn	`1.2.0`	`1.5.0`
aiohttp	`3.8.3`	`3.9.4`
certifi	`2022.12.7`	`2024.7.4`
fonttools	`4.38.0`	`4.43.0`
idna	`3.4`	`3.7`
pillow	`9.4.0`	`10.3.0`
pipreqs	`0.4.11`	`0.4.12`
pycryptodomex	`3.17`	`3.19.1`
tornado	`6.2`	`6.4.1`
tqdm	`4.64.1`	`4.66.3`
transformers	`4.25.1`	`4.38.0`
urllib3	`1.26.13`	`1.26.19`

Updates redis from 4.5.1 to 4.5.4

Release notes

Sourced from redis's releases.

4.5.4

Changes

Upgrade urgency: SECURITY, contains fixes to security issues.

(CVE-2023-28859) - Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases.

(CVE-2023-28858) - Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases.

🐛 Bug Fixes

Fixing cancelled async futures (#2666)

Fix: do not use asyncio's timeout lib before 3.11.2 (#2659)

Fix UDS in v4.5.2: UnixDomainSocketConnection missing constructor argument (#2630)

🧰 Maintenance

Minor fixes for #2666 and enhanced async test (#2673)

Fix issue 2660: PytestUnraisableExceptionWarning from asycio client (#2669)

Removing accidentally checked in files (#2642)

Contributors

We'd like to thank all the contributors who worked on this release!

@bellini666, @chayim, @dvora-h, @shacharPash and @woutdenolf

4.5.3

Changes

Update urgency: HIGH: There is a critical bug that may affect a subset of users. Upgrade!

🐛 Bug Fixes

CWE-404 AsyncIO Race Condition Fix (#2624, #2579)

4.5.2

Changes

🚀 New Features

Introduce AbstractConnection so that UnixDomainSocketConnection can call super().init (#2588)

Added queue_class to REDIS_ALLOWED_KEYS (#2577)

Made search document subscriptable (#2615)

Sped up the protocol parsing (#2596)

🐛 Bug Fixes

Fix behaviour of async PythonParser to match RedisParser as for issue #2349 (#2582)

Replace async_timeout by asyncio.timeout (#2602)

Update json().arrindex() default values (#2611)

... (truncated)

Commits

e1017fd Version 4.5.4 (#2674)
ef3f086 Fix async (#2673)
5acbde3 Fixing cancelled async futures (#2666)
6d886d7 Fix issue 2660: PytestUnraisableExceptionWarning from asycio client (#2669)
326bb1c removing useless files (#2642)
4856813 UnixDomainSocketConnection missing constructor argument (#2630)
4802530 fix: do not use asyncio's timeout lib before 3.11.2 (#2659)
66a4d6b AsyncIO Race Condition Fix (#2641)
318b114 Version 4.5.2 (#2627)
1b2f408 Fix behaviour of async PythonParser to match RedisParser as for issue #2349 (...
Additional commits viewable in compare view

Updates requests from 2.28.2 to 2.32.2

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)

Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)

Fixed deserialization bug in JSONDecodeError. (#6629)

Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)

Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)

Fixed deserialization bug in JSONDecodeError. (#6629)

Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

Deprecations

... (truncated)

Commits

88dce9d v2.32.2
c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
92075b3 Add deprecation warning
aa1461b Move _get_connection to get_connection_with_tls_context
970e8ce v2.32.1
d6ebc4a v2.32.0
9a40d12 Avoid reloading root certificates to improve concurrent performance (#6667)
0c030f7 Merge pull request #6702 from nateprewitt/no_char_detection
555b870 Allow character detection dependencies to be optional in post-packaging steps
d6dded3 Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-test
Additional commits viewable in compare view

Updates streamlit from 1.20.0 to 1.30.0

Release notes

Sourced from streamlit's releases.

1.30.0

What's Changed

New Features 🎉

Add support for scroll container via the height parameter by @LukasMasuch in streamlit/streamlit#7697

Add display_text to LinkColumn by @sfc-gh-bhay in streamlit/streamlit#7741

st.query_params by @willhuang1997 in streamlit/streamlit#7774

Add Pandas styler support to LinkColumn by @LukasMasuch in streamlit/streamlit#7784

Config - MPA Sidebar Page Navigation by @mayagbarnes in streamlit/streamlit#7852

Feature - st.switch_page by @mayagbarnes in streamlit/streamlit#7853

Bug Fixes 🐛

Fix handling of ordinal columns for builtin-charts by @LukasMasuch in streamlit/streamlit#7771

Fix st.toggle background color by @sfc-gh-jgarcia in streamlit/streamlit#7788

Don't send command used to start streamlit to frontend by @vdonato in streamlit/streamlit#7787

Fix iframe background for dark color scheme by @LukasMasuch in streamlit/streamlit#7821

Prevent incompatible column config serialization by @LukasMasuch in streamlit/streamlit#7887

Prevent hiding required editable columns by @LukasMasuch in streamlit/streamlit#7888

Disable the ability to submit form if a submit button is disabled by @willhuang1997 in streamlit/streamlit#7827

Fix flickering effect when changing tabs by @LukasMasuch in streamlit/streamlit#7904

Fix shrunk icon size in st.expander by @matiboux in streamlit/streamlit#7596

Add check that individual elements are "python comparable" by @kajarenc in streamlit/streamlit#7840

Use commonpath rather than common prefix for more secure access by @kmcgrady in streamlit/streamlit#7901

Don't disable tab on stale flag by @LukasMasuch in streamlit/streamlit#7905

Fix embed params being dropped in page swaps by @sfc-gh-wihuang in streamlit/streamlit#7918

Other Changes

Fix parenthesis error messaging by @willhuang1997 in streamlit/streamlit#7770

Update SECURITY.md by @sfc-gh-hpathak in streamlit/streamlit#7783

Speed up plotly figures by 8x for users with "orjson" by @eric-skydio in streamlit/streamlit#7860

New Contributors

@sfc-gh-bhay made their first contribution in streamlit/streamlit#7741

@sfc-gh-jkinkead made their first contribution in streamlit/streamlit#7843

@sfc-gh-jdaly made their first contribution in streamlit/streamlit#7842

@matiboux made their first contribution in streamlit/streamlit#7596

Full Changelog: streamlit/streamlit@1.29.0...1.30.0

1.29.0

What's Changed

Breaking Changes 🛠

Remove old app test api by @AnOctopus in streamlit/streamlit#7657

New Features 🎉

Add ability to add empty query params by @willhuang1997 in streamlit/streamlit#7601

Add Enum coercion to options elements, if input Enum classes "identical" but redefined on script run by @Asaurus1 in streamlit/streamlit#7408

Remove Recording Feature Menu Item when unsupported by @kmcgrady in streamlit/streamlit#7604

Improved AppTest/ElementTree formatting by @AnOctopus in streamlit/streamlit#7658

Add support for timedelta type to st.dataframe, st.data_editor and st.table. by @LukasMasuch in streamlit/streamlit#7689

... (truncated)

Commits

2c39710 Support latest importlib-metadata v7 (#7925)
005d62a Up version to 1.30.0
33e347a Fix embed params being dropped in page swaps (#7918)
899cbbd Docstrings for release 1.30.0 (#7916)
02022e7 Reduce e2e test flakiness by using waiting methods (#7907)
7ee8f2b Update the frontend audit exceptions (#7909)
adb236b Don't disable tab on stale flag (#7905)
bd0a899 Use commonpath rather than common prefix for more secure access (#7901)
ee41c84 Add check that individual elements are "python comparable" (#7840)
d428d91 Fix shrunk icon size in st.expander (#7596)
Additional commits viewable in compare view

Updates flask-cors from 3.0.10 to 4.0.1

Release notes

Sourced from flask-cors's releases.

4.0.1

What's Changed

Fix Read the Docs builds by @kurtmckee in corydolphin/flask-cors#345

Update extension.py to clean request.path before logging it by @aneshujevic in corydolphin/flask-cors#351

Update CI to include Python 3.12 and flask 3.0.3 by @corydolphin in corydolphin/flask-cors#354

Release 4.0.1 by @corydolphin in corydolphin/flask-cors#353

New Contributors

@kurtmckee made their first contribution in corydolphin/flask-cors#345

@aneshujevic made their first contribution in corydolphin/flask-cors#351

Full Changelog: corydolphin/flask-cors@4.0.0...4.0.1

Release 4.0.0

What's Changed

Remove support for Python versions older than 3.8 by @WAKayser in corydolphin/flask-cors#330

Add GHA tooling by @corydolphin in corydolphin/flask-cors#331

New Contributors

@WAKayser made their first contribution in corydolphin/flask-cors#330

Full Changelog: corydolphin/flask-cors@3.1.01...v4.0.0

3.1.01

What's Changed

Include examples to specify that schema and port must be included in … by @YPCrumble in corydolphin/flask-cors#294

two small changes to the documentation, based on issue #290 by @bbbart in corydolphin/flask-cors#291

Fix typo by @sunarch in corydolphin/flask-cors#304

FIX: typo in CSRF by @sattamjh in corydolphin/flask-cors#315

Test against recent Python versions by @pylipp in corydolphin/flask-cors#314

Correct spelling mistakes by @EdwardBetts in corydolphin/flask-cors#311

'Access-Control-Allow-Private-Network = true' header for http response by @chelo-kjml in corydolphin/flask-cors#318

docs: Fix a few typos by @timgates42 in corydolphin/flask-cors#323

[Docs] Fix typo in configuration documentation by @sachit-shroff in corydolphin/flask-cors#316

Release Version 3.1.01 by @corydolphin in corydolphin/flask-cors#329

New Contributors

@YPCrumble made their first contribution in corydolphin/flask-cors#294

@sunarch made their first contribution in corydolphin/flask-cors#304

@sattamjh made their first contribution in corydolphin/flask-cors#315

@pylipp made their first contribution in corydolphin/flask-cors#314

@EdwardBetts made their first contribution in corydolphin/flask-cors#311

@chelo-kjml made their first contribution in corydolphin/flask-cors#318

@sachit-shroff made their first contribution in corydolphin/flask-cors#316

Full Changelog: corydolphin/flask-cors@3.0.10...3.1.01

Changelog

Sourced from flask-cors's changelog.

4.0.1

Security

Address CVE-2024-1681 which is a log injection vulnerability when the log level is set to debug by @aneshujevic in corydolphin/flask-cors#351

4.0.0

Remove support for Python versions older than 3.8 by @WAKayser in corydolphin/flask-cors#330

Add GHA tooling by @corydolphin in corydolphin/flask-cors#331

3.1.01

Include examples to specify that schema and port must be included in … by @YPCrumble in corydolphin/flask-cors#294

two small changes to the documentation, based on issue #290 by @bbbart in corydolphin/flask-cors#291

Fix typo by @sunarch in corydolphin/flask-cors#304

FIX: typo in CSRF by @sattamjh in corydolphin/flask-cors#315

Test against recent Python versions by @pylipp in corydolphin/flask-cors#314

Correct spelling mistakes by @EdwardBetts in corydolphin/flask-cors#311

'Access-Control-Allow-Private-Network = true' header for http response by @chelo-kjml in corydolphin/flask-cors#318

docs: Fix a few typos by @timgates42 in corydolphin/flask-cors#323

[Docs] Fix typo in configuration documentation by @sachit-shroff in corydolphin/flask-cors#316

Commits

1df178c Release 0.4.1 (#353)
5090b4a Update CI to include Python 3.12 and flask 3.0.3 (#354)
6172c20 Update extension.py to clean request.path before logging it (#351)
cadade9 Fix Read the Docs builds (#345)
40acc80 Update CHANGELOG to reflect 4.0.0 release (#335)
dbabb27 Testing: Move from deprecated assertEquals to assertEqual (#332)
0b74401 Convert CI to use GHA (#331)
637595d Remove support for old python versions (#330)
c9c55e1 Release Version 3.1.01 (#329)
98aca1a Fix typo (#316)
Additional commits viewable in compare view

Updates scikit-learn from 1.1.2 to 1.5.0

Release notes

Sourced from scikit-learn's releases.

Scikit-learn 1.5.0

We're happy to announce the 1.5.0 release.

You can read the release highlights under https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_5_0.html and the long version of the change log under https://scikit-learn.org/stable/whats_new/v1.5.html

This version supports Python versions 3.9 to 3.12.

You can upgrade with pip as usual:
pip install -U scikit-learn
The conda-forge builds can be installed using:
conda install -c conda-forge scikit-learn
Scikit-learn 1.4.2

We're happy to announce the 1.4.2 release.

This release only includes support for numpy 2.

This version supports Python versions 3.9 to 3.12.

You can upgrade with pip as usual:
pip install -U scikit-learn
Scikit-learn 1.4.1.post1

We're happy to announce the 1.4.1.post1 release.

You can see the changelog here: https://scikit-learn.org/stable/whats_new/v1.4.html#version-1-4-1-post1

This version supports Python versions 3.9 to 3.12.

You can upgrade with pip as usual:
pip install -U scikit-learn
The conda-forge builds can be installed using:
conda install -c conda-forge scikit-learn

... (truncated)

Commits

b51d0c9 trigger whell builder [cd build]
919ae9b MAINT Reoder what's new for 1.5 (#29039)
0ac28ad DOC Release highlights 1.5 (#29007)
729b54d test py3.12 against numpy 2 [cd build]
1e50434 set version
ffbe4ab DOC remove obsolete SVM example (#27108)
4647729 DOC Fix time complexity of MLP (#28592)
9bd7047 FIX convergence criterion of MeanShift (#28951)
b79420f FIX add long long for int32/int64 windows compat in NumPy 2.0 (#29029)
37f544d DOC replace pandas with Polars in examples/gaussian_process/plot_gpr_co2.py (...
Additional commits viewable in compare view

Updates jinja2 from 3.0.1 to 3.1.4

Release notes

Sourced from jinja2's releases.

3.1.4

This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Jinja2/3.1.4/ Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4

The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj

3.1.3

This is a fix release for the 3.1.x feature branch.

Fix for GHSA-h5c8-rqwp-cp95. You are affected if you are using xmlattr and passing user input as attribute keys.

Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-3

Milestone: https://github.com/pallets/jinja/milestone/15?closed=1

3.1.2

This is a fix release for the 3.1.0 feature release.

Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-2

Milestone: https://github.com/pallets/jinja/milestone/13?closed=1

3.1.1

Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-1

Milestone: https://github.com/pallets/jinja/milestone/12?closed=1

3.1.0

This is a feature release, which includes new features and removes previously deprecated features. The 3.1.x branch is now the supported bugfix branch, the 3.0.x branch has become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. We also encourage upgrading to MarkupSafe 2.1.1, the latest version at this time.

Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-0

Milestone: https://github.com/pallets/jinja/milestone/8?closed=1

MarkupSafe changes: https://markupsafe.palletsprojects.com/en/2.1.x/changes/#version-2-1-1

3.0.3

Changes: https://jinja.palletsprojects.com/en/3.0.x/changes/#version-3-0-3

3.0.2

Changes: https://jinja.palletsprojects.com/en/3.0.x/changes/#version-3-0-2

Changelog

Sourced from jinja2's changelog.

Version 3.1.4

Released 2024-05-05

The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. :ghsa:h75v-3vvj-5mfj

Version 3.1.3

Released 2024-01-10

Fix compiler error when checking if required blocks in parent templates are empty. :pr:1858

xmlattr filter does not allow keys with spaces. :ghsa:h5c8-rqwp-cp95

Make error messages stemming from invalid nesting of {% trans %} blocks more helpful. :pr:1918

Version 3.1.2

Released 2022-04-28

Add parameters to Environment.overlay to match __init__. :issue:1645

Handle race condition in FileSystemBytecodeCache. :issue:1654

Version 3.1.1

Released 2022-03-25

The template filename on Windows uses the primary path separator. :issue:1637

Version 3.1.0

Released 2022-03-24

Drop support for Python 3.6. :pr:1534

Remove previously deprecated code. :pr:1544

... (truncated)

Commits

dd4a8b5 release version 3.1.4
0668239 Merge pull request from GHSA-h75v-3vvj-5mfj
d655030 disallow invalid characters in keys to xmlattr filter
a7863ba add ghsa links
b5c98e7 start version 3.1.4
da3a9f0 update project files (#1968)
0ee5eb4 satisfy formatter, linter, and strict mypy
20477c6 update project files (#5457)
e491223 update pyyaml dev dependency
36f9885 fix pr link
Additional commits viewable in compare view

Updates requests from 2.28.1 to 2.32.2

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)

Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)

Fixed deserialization bug in JSONDecodeError. (#6629)

Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)

Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)

Fixed deserialization bug in JSONDecodeError. (#6629)

Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

Deprecations

... (truncated)

Commits

88dce9d v2.32.2
c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
92075b3 Add deprecation warning
aa1461b Move _get_connection to get_connection_with_tls_context
970e8ce v2.32.1
d6ebc4a v2.32.0
9a40d12 Avoid reloading root certificates to improve concurrent performance (#6667)
0c030f7 Merge pull request #6702 from nateprewitt/no_char_detection
555b870 Allow character detection dependencies to be optional in post-packaging steps
d6dded3 Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-test
Additional commits viewable in compare view

Updates scikit-learn from 1.2.0 to 1.5.0

Release notes

Sourced from scikit-learn's releases.

Scikit-learn 1.5.0

We're happy to announce the 1.5.0 release.

You can read the release highlights under https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_5_0.html and the long version of the change log under https://scikit-learn.org/stable/whats_new/v1.5.html

This version supports Python versions 3.9 to 3.12.

You can upgrade with pip as usual:
pip install -U scikit-learn
The conda-forge builds can be installed using:
conda install -c conda-forge scikit-learn
Scikit-learn 1.4.2

We're happy to announce the 1.4.2 release.

This release only includes support for numpy 2.

This version supports Python versions 3.9 to 3.12.

You can upgrade with pip as usual:
pip install -U scikit-learn
Scikit-learn 1.4.1.post1

We're happy to announce the 1.4.1.post1 release.

You can see the changelog here: https://scikit-learn.org/stable/whats_new/v1.4.html#version-1-4-1-post1

This version supports Python versions 3.9 to 3.12.

You can upgrade with pip as usual:
pip install -U scikit-learn
The conda-forge builds can be installed using:
conda install -c conda-forge scikit-learn

... (truncated)

Commits

b51d0c9 trigger whell builder [cd build]
919ae9b MAINT Reoder what's new for 1.5 (#29039)
0ac28ad DOC Release highlights 1.5 (#29007)
729b54d test py3.12 against numpy 2 [cd build]
1e50434 set version
ffbe4ab DOC remove obsolete SVM example (#27108)
4647729 DOC Fix time complexity of MLP (#28592)
9bd7047 FIX convergence criterion of MeanShift (#28951)
b79420f FIX add long long for int32/int64 windows compat in NumPy 2.0 (#29029)
37f544d DOC replace pandas with Polars in examples/gaussian_process/plot_gpr_co2.py (...
Additional commits viewable in compare view

Updates aiohttp from 3.8.3 to 3.9.4

Release notes

Sourced from aiohttp's releases.

3.9.4

Bug fixes

The asynchronous internals now set the underlying causes when assigning exceptions to the future objects -- by :user:webknjaz.

Related issues and pull requests on GitHub: #8089.

Treated values of Accept-Encoding header as case-insensitive when checking for gzip files -- by :user:steverep.

Related issues and pull requests on GitHub: #8104.

Improved the DNS resolution performance on cache hit -- by :user:bdraco.

This is achieved by avoiding an :mod:asyncio task creation in this case.

Related issues and pull requests on GitHub: #8163.Description has been truncated

Bumps the pip group with 3 updates in the /apps/chatbot-kickstarter directory: [redis](https://github.com/redis/redis-py), [requests](https://github.com/psf/requests) and [streamlit](https://github.com/streamlit/streamlit). Bumps the pip group with 3 updates in the /apps/file-q-and-a/nextjs-with-flask-server/server directory: [flask-cors](https://github.com/corydolphin/flask-cors), [scikit-learn](https://github.com/scikit-learn/scikit-learn) and [jinja2](https://github.com/pallets/jinja). Bumps the pip group with 13 updates in the /apps/web-crawl-q-and-a directory: | Package | From | To | | --- | --- | --- | | [requests](https://github.com/psf/requests) | `2.28.1` | `2.32.2` | | [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.2.0` | `1.5.0` | | [aiohttp](https://github.com/aio-libs/aiohttp) | `3.8.3` | `3.9.4` | | [certifi](https://github.com/certifi/python-certifi) | `2022.12.7` | `2024.7.4` | | [fonttools](https://github.com/fonttools/fonttools) | `4.38.0` | `4.43.0` | | [idna](https://github.com/kjd/idna) | `3.4` | `3.7` | | [pillow](https://github.com/python-pillow/Pillow) | `9.4.0` | `10.3.0` | | [pipreqs](https://github.com/bndr/pipreqs) | `0.4.11` | `0.4.12` | | [pycryptodomex](https://github.com/Legrandin/pycryptodome) | `3.17` | `3.19.1` | | [tornado](https://github.com/tornadoweb/tornado) | `6.2` | `6.4.1` | | [tqdm](https://github.com/tqdm/tqdm) | `4.64.1` | `4.66.3` | | [transformers](https://github.com/huggingface/transformers) | `4.25.1` | `4.38.0` | | [urllib3](https://github.com/urllib3/urllib3) | `1.26.13` | `1.26.19` | Updates `redis` from 4.5.1 to 4.5.4 - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](redis/redis-py@v4.5.1...v4.5.4) Updates `requests` from 2.28.2 to 2.32.2 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.28.2...v2.32.2) Updates `streamlit` from 1.20.0 to 1.30.0 - [Release notes](https://github.com/streamlit/streamlit/releases) - [Commits](streamlit/streamlit@1.20.0...1.30.0) Updates `flask-cors` from 3.0.10 to 4.0.1 - [Release notes](https://github.com/corydolphin/flask-cors/releases) - [Changelog](https://github.com/corydolphin/flask-cors/blob/main/CHANGELOG.md) - [Commits](corydolphin/flask-cors@3.0.10...4.0.1) Updates `scikit-learn` from 1.1.2 to 1.5.0 - [Release notes](https://github.com/scikit-learn/scikit-learn/releases) - [Commits](scikit-learn/scikit-learn@1.1.2...1.5.0) Updates `jinja2` from 3.0.1 to 3.1.4 - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](pallets/jinja@3.0.1...3.1.4) Updates `requests` from 2.28.1 to 2.32.2 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.28.2...v2.32.2) Updates `scikit-learn` from 1.2.0 to 1.5.0 - [Release notes](https://github.com/scikit-learn/scikit-learn/releases) - [Commits](scikit-learn/scikit-learn@1.1.2...1.5.0) Updates `aiohttp` from 3.8.3 to 3.9.4 - [Release notes](https://github.com/aio-libs/aiohttp/releases) - [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst) - [Commits](aio-libs/aiohttp@v3.8.3...v3.9.4) Updates `certifi` from 2022.12.7 to 2024.7.4 - [Commits](certifi/python-certifi@2022.12.07...2024.07.04) Updates `fonttools` from 4.38.0 to 4.43.0 - [Release notes](https://github.com/fonttools/fonttools/releases) - [Changelog](https://github.com/fonttools/fonttools/blob/main/NEWS.rst) - [Commits](fonttools/fonttools@4.38.0...4.43.0) Updates `idna` from 3.4 to 3.7 - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](kjd/idna@v3.4...v3.7) Updates `pillow` from 9.4.0 to 10.3.0 - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@9.4.0...10.3.0) Updates `pipreqs` from 0.4.11 to 0.4.12 - [Release notes](https://github.com/bndr/pipreqs/releases) - [Changelog](https://github.com/bndr/pipreqs/blob/master/HISTORY.rst) - [Commits](bndr/pipreqs@v0.4.11...v0.4.12) Updates `pycryptodomex` from 3.17 to 3.19.1 - [Release notes](https://github.com/Legrandin/pycryptodome/releases) - [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst) - [Commits](Legrandin/pycryptodome@v3.17.0...v3.19.1) Updates `tornado` from 6.2 to 6.4.1 - [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst) - [Commits](tornadoweb/tornado@v6.2.0...v6.4.1) Updates `tqdm` from 4.64.1 to 4.66.3 - [Release notes](https://github.com/tqdm/tqdm/releases) - [Commits](tqdm/tqdm@v4.64.1...v4.66.3) Updates `transformers` from 4.25.1 to 4.38.0 - [Release notes](https://github.com/huggingface/transformers/releases) - [Commits](huggingface/transformers@v4.25.1...v4.38.0) Updates `urllib3` from 1.26.13 to 1.26.19 - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@1.26.13...1.26.19) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production dependency-group: pip - dependency-name: requests dependency-type: direct:production dependency-group: pip - dependency-name: streamlit dependency-type: direct:production dependency-group: pip - dependency-name: flask-cors dependency-type: direct:production dependency-group: pip - dependency-name: scikit-learn dependency-type: direct:production dependency-group: pip - dependency-name: jinja2 dependency-type: direct:production dependency-group: pip - dependency-name: requests dependency-type: direct:production dependency-group: pip - dependency-name: scikit-learn dependency-type: direct:production dependency-group: pip - dependency-name: aiohttp dependency-type: direct:production dependency-group: pip - dependency-name: certifi dependency-type: direct:production dependency-group: pip - dependency-name: fonttools dependency-type: direct:production dependency-group: pip - dependency-name: idna dependency-type: direct:production dependency-group: pip - dependency-name: pillow dependency-type: direct:production dependency-group: pip - dependency-name: pipreqs dependency-type: direct:production dependency-group: pip - dependency-name: pycryptodomex dependency-type: direct:production dependency-group: pip - dependency-name: tornado dependency-type: direct:production dependency-group: pip - dependency-name: tqdm dependency-type: direct:production dependency-group: pip - dependency-name: transformers dependency-type: direct:production dependency-group: pip - dependency-name: urllib3 dependency-type: direct:production dependency-group: pip ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Jul 5, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the pip group across 3 directories with 17 updates #8

Bump the pip group across 3 directories with 17 updates #8

dependabot bot commented on behalf of github Jul 5, 2024

Bump the pip group across 3 directories with 17 updates #8

Are you sure you want to change the base?

Bump the pip group across 3 directories with 17 updates #8

Conversation

dependabot bot commented on behalf of github Jul 5, 2024

4.5.4

Changes

🐛 Bug Fixes

🧰 Maintenance

Contributors

4.5.3

Changes

🐛 Bug Fixes

4.5.2

Changes

🚀 New Features

🐛 Bug Fixes

v2.32.2

2.32.2 (2024-05-21)

v2.32.1

2.32.1 (2024-05-20)

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

2.32.2 (2024-05-21)

2.32.1 (2024-05-20)

2.32.0 (2024-05-20)

1.30.0

What's Changed

New Features 🎉

Bug Fixes 🐛

Other Changes

New Contributors

1.29.0

What's Changed

Breaking Changes 🛠

New Features 🎉

4.0.1

What's Changed

New Contributors

Release 4.0.0

What's Changed

New Contributors

3.1.01

What's Changed

New Contributors

4.0.1

Security

4.0.0

3.1.01

Scikit-learn 1.5.0

Scikit-learn 1.4.2

Scikit-learn 1.4.1.post1

3.1.4

3.1.3

3.1.2

3.1.1

3.1.0

3.0.3

3.0.2

Version 3.1.4

Version 3.1.3

Version 3.1.2

Version 3.1.1

Version 3.1.0

v2.32.2

2.32.2 (2024-05-21)

v2.32.1

2.32.1 (2024-05-20)

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

2.32.2 (2024-05-21)

2.32.1 (2024-05-20)

2.32.0 (2024-05-20)

Scikit-learn 1.5.0

Scikit-learn 1.4.2

Scikit-learn 1.4.1.post1

3.9.4

Bug fixes