Skip to content

build(deps): bump the pip-minor-patch-updates group across 2 directories with 6 updates#121

Merged
fujikosu merged 3 commits intomainfrom
dependabot/pip/pip-minor-patch-updates-53761be8bb
Apr 2, 2026
Merged

build(deps): bump the pip-minor-patch-updates group across 2 directories with 6 updates#121
fujikosu merged 3 commits intomainfrom
dependabot/pip/pip-minor-patch-updates-53761be8bb

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 2, 2026
edited
Loading

Bumps the pip-minor-patch-updates group with 3 updates in the / directory: mypy, pytest-cov and ruff.
Bumps the pip-minor-patch-updates group with 3 updates in the /src/sample_pytorch_gpu_project/.devcontainer directory: torch, torchvision and mlflow.

Updates mypy from 1.19.1 to 1.20.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Mypy 1.20

We’ve just uploaded mypy 1.20.0 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Planned Changes to Defaults and Flags in Mypy 2.0

As a reminder, we are planning to enable --local-partial-types by default in mypy 2.0, which will likely be the next feature release. This will often require at least minor code changes. This option is implicitly enabled by mypy daemon, so this makes the behavior of daemon and non-daemon modes consistent.

Note that this release improves the compatibility of --local-partial-types significantly to make the switch easier (see below for more).

This can also be configured in a mypy configuration file (use False to disable):

local_partial_types = True

For more information, refer to the documentation.

We will also enable --strict-bytes by default in mypy 2.0. This usually requires at most minor code changes to adopt. For more information, refer to the documentation.

Finally, --allow-redefinition-new will be renamed to --allow-redefinition. If you want to continue using the older --allow-redefinition semantics which are less flexible (e.g. limited support for conditional redefinitions), you can switch to --allow-redefinition-old, which is currently supported as an alias to the legacy --allow-redefinition behavior. To use --allow-redefinition in the upcoming mypy 2.0, you can't use --no-local-partial-types. For more information, refer to the documentation.

Better Type Narrowing

Mypy's implementation of narrowing has been substantially reworked. Mypy will now narrow more aggressively, more consistently, and more correctly. In particular, you are likely to notice new narrowing behavior in equality expressions (==), containment expressions (in),

... (truncated)

Commits
  • 770d3ca Remove +dev from version
  • 4738ffa Changelog updates for 1.20 (#21109)
  • b4f07a7 Use 'native-parser' instead of 'native-parse' for optional dependency (#21115)
  • 7bec7b7 [mypyc] Document librt and librt.base64 (#21114)
  • c482596 --allow-redefinition-new is no longer experimental (#21110)
  • c916ca3 sdist: include misc/{diff-cache,apply-cache-diff}.py for `mypy/test/test_di...
  • b137e4e [mypyc] Speed up native-to-native imports within the same group (#21101)
  • 978b711 [mypyc] Fix range loop variable off-by-one after loop exit (#21098)
  • 67ada30 [stubtest] Check runtime availability of private types not marked `@type_chec...
  • bdef6ef librt cache tests: build respecting MYPY_TEST_PREFIX (#21097)
  • Additional commits viewable in compare view

Updates pytest-cov from 7.0.0 to 7.1.0

Changelog

Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)

  • Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.

  • Improve handling of ResourceWarning from sqlite3.

    The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.

    With this fix one can suppress ResourceWarning from sqlite3 from command line::

    pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

  • Various improvements to documentation. Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and "vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>. Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.

  • Fixed some assertions in tests. Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.

  • Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

Commits
  • 66c8a52 Bump version: 7.0.0 → 7.1.0
  • f707662 Make the examples use pypy 3.11.
  • 6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
  • 8ebf20b Update changelog.
  • 861d30e Remove the backup context manager - shouldn't be needed since coverage 5.0, ...
  • fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
  • 78c9c4e Only run the 3.9 on older deps.
  • 4849a92 Punctuation.
  • 197c35e Update changelog and hopefully I don't forget to publish release again :))
  • 14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
  • Additional commits viewable in compare view

Updates ruff from 0.15.4 to 0.15.8

Release notes

Sourced from ruff's releases.

0.15.8

Release Notes

Released on 2026-03-26.

Preview features

  • [ruff] New rule unnecessary-if (RUF050) (#24114)
  • [ruff] New rule useless-finally (RUF072) (#24165)
  • [ruff] New rule f-string-percent-format (RUF073): warn when using % operator on an f-string (#24162)
  • [pyflakes] Recognize frozendict as a builtin for Python 3.15+ (#24100)

Bug fixes

  • [flake8-async] Use fully-qualified anyio.lowlevel import in autofix (ASYNC115) (#24166)
  • [flake8-bandit] Check tuple arguments for partial paths in S607 (#24080)
  • [pyflakes] Skip undefined-name (F821) for conditionally deleted variables (#24088)
  • E501/W505/formatter: Exclude nested pragma comments from line width calculation (#24071)
  • Fix %foo? parsing in IPython assignment expressions (#24152)
  • analyze graph: resolve string imports that reference attributes, not just modules (#24058)

Rule changes

  • [eradicate] ignore ty: ignore comments in ERA001 (#24192)
  • [flake8-bandit] Treat sys.executable as trusted input in S603 (#24106)
  • [flake8-self] Recognize Self annotation and self assignment in SLF001 (#24144)
  • [pyflakes] F507: Fix false negative for non-tuple RHS in %-formatting (#24142)
  • [refurb] Parenthesize generator arguments in FURB142 fixer (#24200)

Performance

  • Speed up diagnostic rendering (#24146)

Server

  • Warn when Markdown files are skipped due to preview being disabled (#24150)

Documentation

  • Clarify extend-ignore and extend-select settings documentation (#24064)
  • Mention AI policy in PR template (#24198)

Other changes

  • Use trusted publishing for NPM packages (#24171)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.8

Released on 2026-03-26.

Preview features

  • [ruff] New rule unnecessary-if (RUF050) (#24114)
  • [ruff] New rule useless-finally (RUF072) (#24165)
  • [ruff] New rule f-string-percent-format (RUF073): warn when using % operator on an f-string (#24162)
  • [pyflakes] Recognize frozendict as a builtin for Python 3.15+ (#24100)

Bug fixes

  • [flake8-async] Use fully-qualified anyio.lowlevel import in autofix (ASYNC115) (#24166)
  • [flake8-bandit] Check tuple arguments for partial paths in S607 (#24080)
  • [pyflakes] Skip undefined-name (F821) for conditionally deleted variables (#24088)
  • E501/W505/formatter: Exclude nested pragma comments from line width calculation (#24071)
  • Fix %foo? parsing in IPython assignment expressions (#24152)
  • analyze graph: resolve string imports that reference attributes, not just modules (#24058)

Rule changes

  • [eradicate] ignore ty: ignore comments in ERA001 (#24192)
  • [flake8-bandit] Treat sys.executable as trusted input in S603 (#24106)
  • [flake8-self] Recognize Self annotation and self assignment in SLF001 (#24144)
  • [pyflakes] F507: Fix false negative for non-tuple RHS in %-formatting (#24142)
  • [refurb] Parenthesize generator arguments in FURB142 fixer (#24200)

Performance

  • Speed up diagnostic rendering (#24146)

Server

  • Warn when Markdown files are skipped due to preview being disabled (#24150)

Documentation

  • Clarify extend-ignore and extend-select settings documentation (#24064)
  • Mention AI policy in PR template (#24198)

Other changes

  • Use trusted publishing for NPM packages (#24171)

Contributors

... (truncated)

Commits
  • c2a8815 Release 0.15.8 (#24217)
  • d444d52 [ty] Infer lambda expressions with Callable type context (#22633)
  • 9622285 [ty] Autocomplete arguments if in arguments node (#24167)
  • d812662 Use the release environment in publish-docs (#24214)
  • eda2355 [ty] Show Final source in final assignment diagnostic (#24194)
  • 929eb52 [ty] Enforce Final attribute assignment rules for annotated and augmented wri...
  • 34998be [ty] Fix typo in comment (#24211)
  • 560aca0 [ty] Minor simplifications to some benchmark code (#24209)
  • 683bae5 [ty] Track non-terminal-call constraints in global scope (#23245)
  • 4704c2a [ty] Remove unnecessary intermediate collection in `StaticClassLiteral::field...
  • Additional commits viewable in compare view

Updates torch from 2.10.0 to 2.11.0

Release notes

Sourced from torch's releases.

PyTorch 2.11.0 Release Notes

Highlights

For more details about these highlighted features, you can look at the release blogpost. Below are the full release notes for this release.

Backwards Incompatible Changes

Release Engineering

... (truncated)

Commits
  • 70d99e9 [release only] Increase timeout for rocm libtorch and manywheel builds (#178006)
  • 3e05c5a [MPS] Properly handle conjugated tensors in bmm (#178010)
  • db741c7 [MPS] fix compiling of SDPA producing nan results (#178009)
  • 483b55d Update pytorch_sphinx_theme2 version to 0.4.6 (#177616)
  • 7f2cdeb [windows][smoke test] Add an option to install cuda if required cuda/cudnn on...
  • 76fd078 [release-only] Fix libtorch builds. Fix lint (#177299)
  • fa384de [Inductor][MPS] Fix half-precision type mismatches in Metal shader codegen (#...
  • 036b25f Let stable::from_blob accept a lambda as deleter (cherry-pick) (#176440)
  • 41f8e3e [CI] Stop using G3 runners (#177161)
  • e2fa295 [CD] Unpin cuda-bindings dependencies (#177159)
  • Additional commits viewable in compare view

Updates torchvision from 0.25.0 to 0.26.0

Release notes

Sourced from torchvision's releases.

TorchVision 0.26 Release

TorchVision 0.26 is out! It is compatible with torch 2.11. It's a small release that comes with the following changes:

Breaking changes and deprecations

The video decoding and encoding utilities of TorchVision, which have been deprecate for a long time, are now removed. This includes torchvision.io.video.*, read_video, write_video, the VideoReader class, etc. Users are encouraged to switch to TorchCodec, which is faster and more stable.

The rare torchvision utilities that were still relying on video decoding (like the video datasets) have been transparently migrated to TorchCodec.

Note: the image decoders and encoders are staying in TorchVision.

(#9341, #9421, #9370, #9366)

Improvements

[ops] Speed up masks_to_boxes on CPU and GPU (#9358) [ops] Improve runtime complexity of roi_align on MPS (#9100)

Various code quality improvements (#8760, #9364, #9317, #9359, #9334, #9286, #9327) Various documentation improvements (#9339, #9374, #9323, #9324, #8879, #9350)

Bug Fixes

[transforms] Fix edge case conversion from CXCYWH to XYXY for integer bounding boxes in F.convert_bounding_box_format (#9322) [transforms] Fix tv_tensors.wrap to preserve subclass types for BoundingBoxes and KeyPoints (#9332) [transforms] Fix incorrect normalization axis in v2.ElasticTransform (#9300) [ops] Fix masks_to_boxes for empty masks (#9357) [io] Fix CPU jpeg and png decoder/encoder error-path leak on malformed inputs (#9434)

Contributors

🎉 We're grateful for our community, which helps us improve Torchvision by submitting issues and PRs, and providing feedback and suggestions. The following persons have contributed patches for this release:

Adam J. Stewart, Andrey Talman, Jaebeom, MPSFuzz , Murat Raimbekov, Nicolas Hug, ribbon-otter , Roy Hvaara, Salman Chishti, Scott Todd, Zhitao Yu

Commits
  • 336d36e [Cherry-pick for 0.26] Fix CPU decode_jpeg error-path leak on malformed JPEGs...
  • 4fe736f [Cherry-pick for 0.26] Remove rest of video decoder APIs (#9421)
  • 31d3aa3 [Release 0.26] update test-infra refs and version (#9390)
  • 186879a [Release 0.26] remove CVCUDA stuff - not yet ready for release (#9389)
  • b29ac89 [Release 0.26] remove prototype (#9388)
  • 0f6d91d Vectorize masks_to_boxes for performance (#9358)
  • 326a11d ElasticTransform docs: fix issue#8879 (#9350)
  • 74d1285 Fix CXCYWH to XYXY conversion for integer bounding boxes (#9322)
  • 6940e19 add warning for CelebA bbox data (#9339)
  • 4b0a90c Update version to 0.26.0a0 (#9376)
  • Additional commits viewable in compare view

Updates mlflow from 3.9.0 to 3.10.1

Release notes

Sourced from mlflow's releases.

v3.10.1

MLflow 3.10.1 is a patch release that contains some minor feature enhancements, bug fixes, and documentation updates.

Features:

Bug fixes:

Documentation updates:

  • [Docs] Update SSO oidc plugin doc: add google identity platform / AWS cognito / Azure Entra ID configuration guide (#20591, @​WeichenXu123)
  • [Docs / Tracing] Fix distributed tracing rendering and improve doc (#21070, @​B-Step62)
  • [Docs] docs: Add single quotes to install commands with extras to prevent zsh errors (#21227, @​mshavliuk)
  • [Docs / Model Registry] Fix outdated docstring claiming models:/ URIs are unsupported in register_model (#21197, @​copilot-swe-agent)
  • [Docs] Replace MinIO with RustFS in docker-compose setup (#21099, @​jmaggesi)

Small bug fixes and documentation updates:

#20740, #21148, #21149, #21096, @​TomeHirata; #21368, #21118, @​B-Step62; #21384, #21345, #21236, #21106, #21033, #21115, #21034, @​smoorjani; #21326, #21133, #21036, @​copilot-swe-agent; #21293, @​daniellok-db; #21175, @​caponetto; #21305, #21264, @​serena-ruan; #21216, @​justinwei-db; #21038, #21082, @​bbqiu; #21143, #20733, @​mprahl; #20488, @​mdalvz0000; #21142, @​EPgg92; #21094, @​PattaraS

v3.10.0

We're excited to announce MLflow 3.10.0, which includes several notable updates:

... (truncated)

Changelog

Sourced from mlflow's changelog.

3.10.1 (2026-03-05)

MLflow 3.10.1 is a patch release that contains some minor feature enhancements, bug fixes, and documentation updates.

Features:

Bug fixes:

Documentation updates:

  • [Docs] Update SSO oidc plugin doc: add google identity platform / AWS cognito / Azure Entra ID configuration guide (#20591, @​WeichenXu123)
  • [Docs / Tracing] Fix distributed tracing rendering and improve doc (#21070, @​B-Step62)
  • [Docs] docs: Add single quotes to install commands with extras to prevent zsh errors (#21227, @​mshavliuk)
  • [Docs / Model Registry] Fix outdated docstring claiming models:/ URIs are unsupported in register_model (#21197, @​copilot-swe-agent)
  • [Docs] Replace MinIO with RustFS in docker-compose setup (#21099, @​jmaggesi)

Small bug fixes and documentation updates:

#20740, #21148, #21149, #21096, @​TomeHirata; #21368, #21118, @​B-Step62; #21384, #21345, #21236, #21106, #21033, #21115, #21034, @​smoorjani; #21326, #21133, #21036, @​copilot-swe-agent; #21293, @​daniellok-db; #21175, @​caponetto; #21305, #21264, @​serena-ruan; #21216, @​justinwei-db; #21038, #21082, @​bbqiu; #21143, #20733, @​mprahl; #20488, @​mdalvz0000; #21142, @​EPgg92; #21094, @​PattaraS

3.10.0 (2026-02-20)

... (truncated)

Commits
  • cadc323 Bump version to 3.10.1 (#21396)
  • 3d17d6c Add back virtualenv to fix the docker build until the next release (#20740)
  • 3cfc12f Update SSO oidc plugin doc: add google identity platform / AWS cognito / Azur...
  • bcaad26 Fix "View full dashboard" link in gateway usage tab when workspace is enabled...
  • ff3249f Update GenAI link and video in the getting started page (#21368)
  • 1591d03 Persist AI Gateway default passphrase security banner dismissal to localStora...
  • 32979c9 Demote unused parameters log message from WARNING to DEBUG in instructions ju...
  • 18eeea0 Make simulator explicitly avoid stating goal in first message (#21384)
  • 42d4356 Clear "All" time selector when switching to overview tab (#21371)
  • 1a14934 Fix Traces view in Prompts tab not being scrollable (#21282)
  • Additional commits viewable in compare view

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 2, 2026
@dependabot
build(deps): bump the pip-minor-patch-updates group across 2 director…
14bc2b3 
…ies with 6 updates

Bumps the pip-minor-patch-updates group with 3 updates in the / directory: [mypy](https://github.com/python/mypy), [pytest-cov](https://github.com/pytest-dev/pytest-cov) and [ruff](https://github.com/astral-sh/ruff).
Bumps the pip-minor-patch-updates group with 3 updates in the /src/sample_pytorch_gpu_project/.devcontainer directory: [torch](https://github.com/pytorch/pytorch), [torchvision](https://github.com/pytorch/vision) and [mlflow](https://github.com/mlflow/mlflow).


Updates `mypy` from 1.19.1 to 1.20.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.19.1...v1.20.0)

Updates `pytest-cov` from 7.0.0 to 7.1.0
- [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst)
- [Commits](pytest-dev/pytest-cov@v7.0.0...v7.1.0)

Updates `ruff` from 0.15.4 to 0.15.8
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.4...0.15.8)

Updates `torch` from 2.10.0 to 2.11.0
- [Release notes](https://github.com/pytorch/pytorch/releases)
- [Changelog](https://github.com/pytorch/pytorch/blob/main/RELEASE.md)
- [Commits](pytorch/pytorch@v2.10.0...v2.11.0)

Updates `torchvision` from 0.25.0 to 0.26.0
- [Release notes](https://github.com/pytorch/vision/releases)
- [Commits](pytorch/vision@v0.25.0...v0.26.0)

Updates `mlflow` from 3.9.0 to 3.10.1
- [Release notes](https://github.com/mlflow/mlflow/releases)
- [Changelog](https://github.com/mlflow/mlflow/blob/master/CHANGELOG.md)
- [Commits](mlflow/mlflow@v3.9.0...v3.10.1)

---
updated-dependencies:
- dependency-name: mypy
  dependency-version: 1.20.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: pip-minor-patch-updates
- dependency-name: pytest-cov
  dependency-version: 7.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: pip-minor-patch-updates
- dependency-name: ruff
  dependency-version: 0.15.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: pip-minor-patch-updates
- dependency-name: torch
  dependency-version: 2.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor-patch-updates
- dependency-name: torchvision
  dependency-version: 0.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor-patch-updates
- dependency-name: mlflow
  dependency-version: 3.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor-patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/pip-minor-patch-updates-53761be8bb branch from 8bc6371 to 14bc2b3 Compare April 2, 2026 08:08
@fujikosu fujikosu merged commit 166cca8 into main Apr 2, 2026
2 checks passed
@fujikosu fujikosu deleted the dependabot/pip/pip-minor-patch-updates-53761be8bb branch April 2, 2026 08:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fujikosu fujikosu fujikosu approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@fujikosu