chore(deps): bump the pip group across 5 directories with 10 updates#6247
Open
dependabot[bot] wants to merge 1 commit into
Open
chore(deps): bump the pip group across 5 directories with 10 updates#6247dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the pip group with 1 update in the /docker/pytorch/2.11/cpu directory: [torch](https://github.com/pytorch/pytorch). Bumps the pip group with 1 update in the /docker/pytorch/2.11/cuda directory: [torch](https://github.com/pytorch/pytorch). Bumps the pip group with 2 updates in the /docker/ray directory: [torch](https://github.com/pytorch/pytorch) and [pip](https://github.com/pypa/pip). Bumps the pip group with 8 updates in the /docker/xgboost directory: | Package | From | To | | --- | --- | --- | | [urllib3](https://github.com/urllib3/urllib3) | `1.26.20` | `2.7.0` | | [cryptography](https://github.com/pyca/cryptography) | `46.0.7` | `48.0.1` | | [flask](https://github.com/pallets/flask) | `1.1.1` | `3.1.3` | | [requests](https://github.com/psf/requests) | `2.32.3` | `2.33.0` | | [werkzeug](https://github.com/pallets/werkzeug) | `0.15.6` | `3.1.6` | | [pyarrow](https://github.com/apache/arrow) | `22.0.0` | `23.0.1` | | [jinja2](https://github.com/pallets/jinja) | `2.11.3` | `3.1.6` | | [wheel](https://github.com/pypa/wheel) | `0.45.1` | `0.46.2` | Bumps the pip group with 7 updates in the /docker/xgboost/3.0-5 directory: | Package | From | To | | --- | --- | --- | | [urllib3](https://github.com/urllib3/urllib3) | `1.26.20` | `2.7.0` | | [cryptography](https://github.com/pyca/cryptography) | `46.0.7` | `48.0.1` | | [flask](https://github.com/pallets/flask) | `1.1.1` | `3.1.3` | | [requests](https://github.com/psf/requests) | `2.32.3` | `2.33.0` | | [werkzeug](https://github.com/pallets/werkzeug) | `0.15.6` | `3.1.6` | | [jinja2](https://github.com/pallets/jinja) | `2.11.3` | `3.1.6` | | [wheel](https://github.com/pypa/wheel) | `0.45.1` | `0.46.2` | Updates `torch` from 2.11.0 to 2.12.0 - [Release notes](https://github.com/pytorch/pytorch/releases) - [Changelog](https://github.com/pytorch/pytorch/blob/main/RELEASE.md) - [Commits](pytorch/pytorch@v2.11.0...v2.12.0) Updates `torch` from 2.11.0 to 2.12.0 - [Release notes](https://github.com/pytorch/pytorch/releases) - [Changelog](https://github.com/pytorch/pytorch/blob/main/RELEASE.md) - [Commits](pytorch/pytorch@v2.11.0...v2.12.0) Updates `torch` from 2.10.0 to 2.12.0 - [Release notes](https://github.com/pytorch/pytorch/releases) - [Changelog](https://github.com/pytorch/pytorch/blob/main/RELEASE.md) - [Commits](pytorch/pytorch@v2.11.0...v2.12.0) Updates `pip` from 26.0.1 to 26.1 - [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst) - [Commits](pypa/pip@26.0.1...26.1) Updates `urllib3` from 1.26.20 to 2.7.0 - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@1.26.20...2.7.0) Updates `cryptography` from 46.0.7 to 48.0.1 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@46.0.7...48.0.1) Updates `flask` from 1.1.1 to 3.1.3 - [Release notes](https://github.com/pallets/flask/releases) - [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst) - [Commits](pallets/flask@1.1.1...3.1.3) Updates `requests` from 2.32.3 to 2.33.0 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.32.3...v2.33.0) Updates `werkzeug` from 0.15.6 to 3.1.6 - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](pallets/werkzeug@0.15.6...3.1.6) Updates `pyarrow` from 22.0.0 to 23.0.1 - [Release notes](https://github.com/apache/arrow/releases) - [Commits](apache/arrow@apache-arrow-22.0.0...apache-arrow-23.0.1) Updates `jinja2` from 2.11.3 to 3.1.6 - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](pallets/jinja@2.11.3...3.1.6) Updates `wheel` from 0.45.1 to 0.46.2 - [Release notes](https://github.com/pypa/wheel/releases) - [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst) - [Commits](pypa/wheel@0.45.1...0.46.2) Updates `urllib3` from 1.26.20 to 2.7.0 - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@1.26.20...2.7.0) Updates `cryptography` from 46.0.7 to 48.0.1 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@46.0.7...48.0.1) Updates `flask` from 1.1.1 to 3.1.3 - [Release notes](https://github.com/pallets/flask/releases) - [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst) - [Commits](pallets/flask@1.1.1...3.1.3) Updates `requests` from 2.32.3 to 2.33.0 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.32.3...v2.33.0) Updates `werkzeug` from 0.15.6 to 3.1.6 - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](pallets/werkzeug@0.15.6...3.1.6) Updates `jinja2` from 2.11.3 to 3.1.6 - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](pallets/jinja@2.11.3...3.1.6) Updates `wheel` from 0.45.1 to 0.46.2 - [Release notes](https://github.com/pypa/wheel/releases) - [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst) - [Commits](pypa/wheel@0.45.1...0.46.2) --- updated-dependencies: - dependency-name: torch dependency-version: 2.12.0 dependency-type: direct:production dependency-group: pip - dependency-name: torch dependency-version: 2.12.0 dependency-type: direct:production dependency-group: pip - dependency-name: torch dependency-version: 2.12.0 dependency-type: direct:production dependency-group: pip - dependency-name: pip dependency-version: '26.1' dependency-type: direct:production dependency-group: pip - dependency-name: urllib3 dependency-version: 2.7.0 dependency-type: direct:production dependency-group: pip - dependency-name: cryptography dependency-version: 48.0.1 dependency-type: direct:production dependency-group: pip - dependency-name: flask dependency-version: 3.1.3 dependency-type: direct:production dependency-group: pip - dependency-name: requests dependency-version: 2.33.0 dependency-type: direct:production dependency-group: pip - dependency-name: werkzeug dependency-version: 3.1.6 dependency-type: direct:production dependency-group: pip - dependency-name: pyarrow dependency-version: 23.0.1 dependency-type: direct:production dependency-group: pip - dependency-name: jinja2 dependency-version: 3.1.6 dependency-type: direct:production dependency-group: pip - dependency-name: wheel dependency-version: 0.46.2 dependency-type: direct:production dependency-group: pip - dependency-name: urllib3 dependency-version: 2.7.0 dependency-type: direct:production dependency-group: pip - dependency-name: cryptography dependency-version: 48.0.1 dependency-type: direct:production dependency-group: pip - dependency-name: flask dependency-version: 3.1.3 dependency-type: direct:production dependency-group: pip - dependency-name: requests dependency-version: 2.33.0 dependency-type: direct:production dependency-group: pip - dependency-name: werkzeug dependency-version: 3.1.6 dependency-type: direct:production dependency-group: pip - dependency-name: jinja2 dependency-version: 3.1.6 dependency-type: direct:production dependency-group: pip - dependency-name: wheel dependency-version: 0.46.2 dependency-type: direct:production dependency-group: pip ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Rebasing might not happen immediately, so don't worry if this takes some time.
Note: if you make any changes to this PR yourself, they will take precedence over the rebase.
Bumps the pip group with 1 update in the /docker/pytorch/2.11/cpu directory: torch.
Bumps the pip group with 1 update in the /docker/pytorch/2.11/cuda directory: torch.
Bumps the pip group with 2 updates in the /docker/ray directory: torch and pip.
Bumps the pip group with 8 updates in the /docker/xgboost directory:
1.26.202.7.046.0.748.0.11.1.13.1.32.32.32.33.00.15.63.1.622.0.023.0.12.11.33.1.60.45.10.46.2Bumps the pip group with 7 updates in the /docker/xgboost/3.0-5 directory:
1.26.202.7.046.0.748.0.11.1.13.1.32.32.32.33.00.15.63.1.62.11.33.1.60.45.10.46.2Updates
torchfrom 2.11.0 to 2.12.0Release notes
Sourced from torch's releases.
... (truncated)
Commits
0d62256[release] Dockerfile: skip torchaudio install when CUDA_PATH=cu132 (#183346)7661cd9[MPS] Fix SDPA wrong output for permuted q/k/v with B > 1 (#181886)9da6087Fix stale PYTORCH_RELEASES_CODE_CC dict (fixes #182250) (#182369)e4c37ccAvoid raw stream name collisions in Inductor (#182178)822d047[MPS] Fix bool mask handling in 1-pass SDPA decode kernel (#182285) (#182311)5c5e523Add enable_gqa parameter to SDPA MPS meta registration (#181550)eece52e[AOTI] Add BC-safe c_shim v2 for _scaled_dot_product_attention_math_for_mps e...b39330b[Inductor] Call latest c_shim version for versioned fallback ops (#181548)06f10d0Revert "[FSDP2] add fqn to communication ops" (#182100) (#182157)449e339Revert "[Inductor] Improve materialization heuristic for a chain of computaio...Updates
torchfrom 2.11.0 to 2.12.0Release notes
Sourced from torch's releases.
... (truncated)
Commits
0d62256[release] Dockerfile: skip torchaudio install when CUDA_PATH=cu132 (#183346)7661cd9[MPS] Fix SDPA wrong output for permuted q/k/v with B > 1 (#181886)9da6087Fix stale PYTORCH_RELEASES_CODE_CC dict (fixes #182250) (#182369)e4c37ccAvoid raw stream name collisions in Inductor (#182178)822d047[MPS] Fix bool mask handling in 1-pass SDPA decode kernel (#182285) (#182311)5c5e523Add enable_gqa parameter to SDPA MPS meta registration (#181550)eece52e[AOTI] Add BC-safe c_shim v2 for _scaled_dot_product_attention_math_for_mps e...b39330b[Inductor] Call latest c_shim version for versioned fallback ops (#181548)06f10d0Revert "[FSDP2] add fqn to communication ops" (#182100) (#182157)449e339Revert "[Inductor] Improve materialization heuristic for a chain of computaio...Updates
torchfrom 2.10.0 to 2.12.0Release notes
Sourced from torch's releases.
... (truncated)
Commits
0d62256[release] Dockerfile: skip torchaudio install when CUDA_PATH=cu132 (#183346)7661cd9[MPS] Fix SDPA wrong output for permuted q/k/v with B > 1 (#181886)9da6087Fix stale PYTORCH_RELEASES_CODE_CC dict (fixes #182250) (#182369)e4c37ccAvoid raw stream name collisions in Inductor (#182178)822d047[MPS] Fix bool mask handling in 1-pass SDPA decode kernel (#182285) (#182311)5c5e523Add enable_gqa parameter to SDPA MPS meta registration (#181550)eece52e[AOTI] Add BC-safe c_shim v2 for _scaled_dot_product_attention_math_for_mps e...b39330b[Inductor] Call latest c_shim version for versioned fallback ops (#181548)06f10d0Revert "[FSDP2] add fqn to communication ops" (#182100) (#182157)449e339Revert "[Inductor] Improve materialization heuristic for a chain of computaio...Updates
pipfrom 26.0.1 to 26.1Changelog
Sourced from pip's changelog.
... (truncated)
Commits
90b2b3eBump for release193f289Update AUTHORS.txt63c3709Merge pull request #13876 from sbidoul/install-from-pylock-reqs-sbie5fe702Merge pull request #13949 from pypa/revert-13888-resolver-editable-links122a14aRevert "Allow editable installs to satisfy direct-URL dependencies (#13888)"c335252-r pylock.toml: add pip-wheel -r pylock.toml testba2fc12-r pylock.toml: proper error with remote pylock.toml containing directory ent...747c4aeMerge pull request #13948 from ichard26/reword-news3517841-r pylock: refine filename pylock-ness test2f7ad8c-r pylock.toml: fix crash with pip wheel and pip lockUpdates
urllib3from 1.26.20 to 2.7.0Release notes
Sourced from urllib3's releases.
... (truncated)
Changelog
Sourced from urllib3's changelog.
... (truncated)
Commits
9a950b9Release 2.7.05ec0de4Merge commit from fork2bdcc44Merge commit from forkf45b0dfFix a misleading example forProxyManager(#4970)577193cSwitch to nightly PyPy3.11 in CI for now (#4984)e90af45Avoid infinite loop inHTTPResponse.read_chunkedwhenamt=0(#4974)67ed74fBump dev dependencies (#4972)3abd481Upgrade mypy to version 1.20.2 (#4978)2b8725dDrop support for EOL PyPy3.10 (#4979)2944b2aUpgradesetup-chromeandsetup-firefoxto fix warnings (#4973)Updates
cryptographyfrom 46.0.7 to 48.0.1Changelog
Sourced from cryptography's changelog.
... (truncated)
Commits
de987ce48.0.1 version bump and changelog (#14996)8e03e30bump for 48.0.0 release (#14796)295e0d2Add AGENTS.md with CLAUDE.md symlink (#14794)104a2deBump BoringSSL, OpenSSL, AWS-LC in CI (#14793)67ec1e5call check_length early on AesSiv::encrypt (#14792)b2da57achangelog for mldsa/mlkem for openssl (#14791)3cf44adML-KEM OpenSSL support (#14781)2e31639ML-DSA OpenSSL support (#14773)5affe5afix rust nightly clippy (#14790)2e73ca4bump rust-openssl dep and update EcPoint::mul_generator to mul_generator2 (#1...Updates
flaskfrom 1.1.1 to 3.1.3Release notes
Sourced from flask's releases.
... (truncated)
Changelog
Sourced from flask's changelog.
... (truncated)
Commits
22d9247release version 3.1.3089cb86Merge commit from forkc17f379request context tracks session access27be933start version 3.1.34e652d3Abort if the instance folder cannot be created (#5903)3d03098Abort if the instance folder cannot be created407eb76document using gevent for async (#5900)ac5664ddocument using gevent for async4f79d5bIncrease required flit_core version to 3.11 (#5865)fe3b215Increase required flit_core version to 3.11Updates
requestsfrom 2.32.3 to 2.33.0Release notes
Sourced from requests's releases.
... (truncated)
Changelog
Sourced from requests's changelog.
... (truncated)
Commits
bc04dfdv2.33.066d21cbMerge commit from fork8b9bc8fMove badges to top of README (#7293)e331a28Remove unused extraction call (#7292)753fd08docs: fix FAQ grammar in httplib2 example774a0b8docs(socks): same block as other sections9c72a41Bump github/codeql-action from 4.33.0 to 4.34.1ebf7190Bump github/codeql-action from 4.32.0 to 4.33.00e4ae38docs: exclude Response.is_permanent_redirect from API docs (#7244)d568f47docs: clarify Quickstart POST example (#6960)Updates
werkzeugfrom 0.15.6 to 3.1.6Release notes
Sourced from werkzeug's releases.