Sourced from opencv-python's releases.

4.5.2.52

opencv-python: https://pypi.org/project/opencv-python/ opencv-contrib-python: https://pypi.org/project/opencv-contrib-python/ opencv-python-headless: https://pypi.org/project/opencv-python-headless/ opencv-contrib-python-headless: https://pypi.org/project/opencv-contrib-python-headless/

OpenCV 4.5.2. Change the build infrastructure from Travis & Appveyour to Github Actions. Solves:

• #459
• #422

Breaking changes

With the transition to GitHub Actions, we miss:

• aarch64 packages
• x86 packages for Linux

4.5.2.50

opencv-python: https://pypi.org/project/opencv-python/ opencv-contrib-python: https://pypi.org/project/opencv-contrib-python/ opencv-python-headless: https://pypi.org/project/opencv-python-headless/ opencv-contrib-python-headless: https://pypi.org/project/opencv-contrib-python-headless/

OpenCV 4.5.2. Change the build infrastructure from Travis & Appveyour to Github Actions. Solves:

• #459
• #422

Breaking changes

With the transition to GitHub Actions, we miss:

• aarch64 packages
• x86 packages for Linux

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from numpy's releases.

v1.24.0

NumPy 1.24 Release Notes

The NumPy 1.24.0 release continues the ongoing work to improve the handling and promotion of dtypes, increase the execution speed, and clarify the documentation. There are also a large number of new and expired deprecations due to changes in promotion and cleanups. This might be called a deprecation release. Highlights are

• Many new deprecations, check them out.
• Many expired deprecations,
• New F2PY features and fixes.
• New "dtype" and "casting" keywords for stacking functions.

See below for the details,

This release supports Python versions 3.8-3.11.

Deprecations

Deprecate fastCopyAndTranspose and PyArray_CopyAndTranspose

The numpy.fastCopyAndTranspose function has been deprecated. Use the corresponding copy and transpose methods directly:

arr.T.copy()

The underlying C function PyArray_CopyAndTranspose has also been deprecated from the NumPy C-API.

(gh-22313)

Conversion of out-of-bound Python integers

Attempting a conversion from a Python integer to a NumPy value will now always check whether the result can be represented by NumPy. This means the following examples will fail in the future and give a DeprecationWarning now:

np.uint8(-1)
np.array([3000], dtype=np.int8)

Many of these did succeed before. Such code was mainly useful for unsigned integers with negative values such as np.uint8(-1) giving np.iinfo(np.uint8).max.

Note that conversion between NumPy integers is unaffected, so that np.array(-1).astype(np.uint8) continues to work and use C integer overflow logic. For negative values, it will also work to view the array: np.array(-1, dtype=np.int8).view(np.uint8). In some cases,

... (truncated)

• 8cec820 Merge pull request #22813 from charris/prepare-1.24.0-release
• 8d33e68 REL: Prepare for the NumPy 1.24.0 release.
• 5ac09da Merge pull request #22815 from charris/backport-22814
• df2d26f BLD: use newer version of delocate
• e18104e Merge pull request #22805 from charris/backport-22804
• 6d44424 REV: revert change to numpyconfig.h for sizeof(type) hardcoding on macOS
• c484593 Merge pull request #22795 from charris/backport-22791
• 0904c01 Change argument to npy_floatstatus_..._barrier() functions to ensure it
• 34653f9 Merge pull request #22793 from charris/backport-22789
• 21f7096 BUG: Fix infinite recursion in longdouble/large integer scalar ops
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from numpy's releases.

v1.23.5

NumPy 1.23.5 Release Notes

NumPy 1.23.5 is a maintenance release that fixes bugs discovered after the 1.23.4 release and keeps the build infrastructure current. The Python versions supported for this release are 3.8-3.11.

Contributors

A total of 7 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• @​DWesl
• Aayush Agrawal +
• Adam Knapp +
• Charles Harris
• Navpreet Singh +
• Sebastian Berg
• Tania Allard

Pull requests merged

A total of 10 pull requests were merged for this release.

• #22489: TST, MAINT: Replace most setup with setup_method (also teardown)
• #22490: MAINT, CI: Switch to cygwin/cygwin-install-action@v2
• #22494: TST: Make test_partial_iteration_cleanup robust but require leak...
• #22592: MAINT: Ensure graceful handling of large header sizes
• #22593: TYP: Spelling alignment for array flag literal
• #22594: BUG: Fix bounds checking for random.logseries
• #22595: DEV: Update GH actions and Dockerfile for Gitpod
• #22596: CI: Only fetch in actions/checkout
• #22597: BUG: Decrement ref count in gentype_reduce if allocated memory...
• #22625: BUG: Histogramdd breaks on big arrays in Windows

Checksums

MD5

8a412b79d975199cefadb465279fd569  numpy-1.23.5-cp310-cp310-macosx_10_9_x86_64.whl
1b56e8e6a0516c78473657abf0710538  numpy-1.23.5-cp310-cp310-macosx_11_0_arm64.whl
c787f4763c9a5876e86a17f1651ba458  numpy-1.23.5-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
db07645022e56747ba3f00c2d742232e  numpy-1.23.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
c63a6fb7cc16a13aabc82ec57ac6bb4d  numpy-1.23.5-cp310-cp310-win32.whl
3fea9247e1d812600015641941fa273f  numpy-1.23.5-cp310-cp310-win_amd64.whl
4222cfb36e5ac9aec348c81b075e2c05  numpy-1.23.5-cp311-cp311-macosx_10_9_x86_64.whl
6c7102f185b310ac70a62c13d46f04e6  numpy-1.23.5-cp311-cp311-macosx_11_0_arm64.whl
6b7319f66bf7ac01b49e2a32470baf28  numpy-1.23.5-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
3c60928ddb1f55163801f06ac2229eb0  numpy-1.23.5-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
6936b6bcfd6474acc7a8c162a9393b3c  numpy-1.23.5-cp311-cp311-win32.whl

... (truncated)

• de82cd9 Merge pull request #22626 from charris/prepare-1.23.5-release
• 9c7ac34 REL: Prepare for the NumPy 1.23.5 Release.
• 2c4cf9a Merge pull request #22625 from charris/backport-22561
• dcd9404 BUG: Histogramdd breaks on big arrays in Windows (#22561)
• bb5e3a6 Merge pull request #22597 from charris/backport-22557
• 0d3d500 Merge pull request #22596 from charris/backport-22503
• 38fe21f Merge pull request #22595 from charris/backport-22452
• 45329c1 Merge pull request #22593 from charris/backport-22447
• 3ca02ce Merge pull request #22594 from charris/backport-22450
• 8cededd Merge pull request #22592 from charris/backport-22393
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pillow's releases.

9.3.0

https://pillow.readthedocs.io/en/stable/releasenotes/9.3.0.html

Changes

• Initialize libtiff buffer when saving #6699 [@​radarhere]
• Limit SAMPLESPERPIXEL to avoid runtime DOS #6700 [@​wiredfool]
• Inline fname2char to fix memory leak #6329 [@​nulano]
• Fix memory leaks related to text features #6330 [@​nulano]
• Use double quotes for version check on old CPython on Windows #6695 [@​hugovk]
• GHA: replace deprecated set-output command with GITHUB_OUTPUT file #6697 [@​nulano]
• Remove backup implementation of Round for Windows platforms #6693 [@​cgohlke]
• Upload fribidi.dll to GitHub Actions #6532 [@​nulano]
• Fixed set_variation_by_name offset #6445 [@​radarhere]
• Windows build improvements #6562 [@​nulano]
• Fix malloc in _imagingft.c:font_setvaraxes #6690 [@​cgohlke]
• Only use ASCII characters in C source file #6691 [@​cgohlke]
• Release Python GIL when converting images using matrix operations #6418 [@​hmaarrfk]
• Added ExifTags enums #6630 [@​radarhere]
• Do not modify previous frame when calculating delta in PNG #6683 [@​radarhere]
• Added support for reading BMP images with RLE4 compression #6674 [@​npjg]
• Decode JPEG compressed BLP1 data in original mode #6678 [@​radarhere]
• pylint warnings #6659 [@​marksmayo]
• Added GPS TIFF tag info #6661 [@​radarhere]
• Added conversion between RGB/RGBA/RGBX and LAB #6647 [@​radarhere]
• Do not attempt normalization if mode is already normal #6644 [@​radarhere]
• Fixed seeking to an L frame in a GIF #6576 [@​radarhere]
• Consider all frames when selecting mode for PNG save_all #6610 [@​radarhere]
• Don't reassign crc on ChunkStream close #6627 [@​radarhere]
• Raise a warning if NumPy failed to raise an error during conversion #6594 [@​radarhere]
• Only read a maximum of 100 bytes at a time in IMT header #6623 [@​radarhere]
• Show all frames in ImageShow #6611 [@​radarhere]
• Allow FLI palette chunk to not be first #6626 [@​radarhere]
• If first GIF frame has transparency for RGB_ALWAYS loading strategy, use RGBA mode #6592 [@​radarhere]
• Round box position to integer when pasting embedded color #6517 [@​radarhere]
• Removed EXIF prefix when saving WebP #6582 [@​radarhere]
• Pad IM palette to 768 bytes when saving #6579 [@​radarhere]
• Added DDS BC6H reading #6449 [@​ShadelessFox]
• Added support for opening WhiteIsZero 16-bit integer TIFF images #6642 [@​JayWiz]
• Raise an error when allocating translucent color to RGB palette #6654 [@​jsbueno]
• Moved mode check outside of loops #6650 [@​radarhere]
• Added reading of TIFF child images #6569 [@​radarhere]
• Improved ImageOps palette handling #6596 [@​PososikTeam]
• Defer parsing of palette into colors #6567 [@​radarhere]
• Apply transparency to P images in ImageTk.PhotoImage #6559 [@​radarhere]
• Use rounding in ImageOps contain() and pad() #6522 [@​bibinhashley]
• Fixed GIF remapping to palette with duplicate entries #6548 [@​radarhere]
• Allow remap_palette() to return an image with less than 256 palette entries #6543 [@​radarhere]
• Corrected BMP and TGA palette size when saving #6500 [@​radarhere]

... (truncated)

Sourced from pillow's changelog.

9.3.0 (2022-10-29)

• Limit SAMPLESPERPIXEL to avoid runtime DOS #6700 [wiredfool]

• Initialize libtiff buffer when saving #6699 [radarhere]

• Inline fname2char to fix memory leak #6329 [nulano]

• Fix memory leaks related to text features #6330 [nulano]

• Use double quotes for version check on old CPython on Windows #6695 [hugovk]

• Remove backup implementation of Round for Windows platforms #6693 [cgohlke]

• Fixed set_variation_by_name offset #6445 [radarhere]

• Fix malloc in _imagingft.c:font_setvaraxes #6690 [cgohlke]

• Release Python GIL when converting images using matrix operations #6418 [hmaarrfk]

• Added ExifTags enums #6630 [radarhere]

• Do not modify previous frame when calculating delta in PNG #6683 [radarhere]

• Added support for reading BMP images with RLE4 compression #6674 [npjg, radarhere]

• Decode JPEG compressed BLP1 data in original mode #6678 [radarhere]

• Added GPS TIFF tag info #6661 [radarhere]

• Added conversion between RGB/RGBA/RGBX and LAB #6647 [radarhere]

• Do not attempt normalization if mode is already normal #6644 [radarhere]

... (truncated)

• d594f4c Update CHANGES.rst [ci skip]
• 909dc64 9.3.0 version bump
• 1a51ce7 Merge pull request #6699 from hugovk/security-libtiff_buffer
• 2444cdd Merge pull request #6700 from hugovk/security-samples_per_pixel-sec
• 744f455 Added release notes
• 0846bfa Add to release notes
• 799a6a0 Fix linting
• 00b25fd Hide UserWarning in logs
• 05b175e Tighter test case
• 13f2c5a Prevent DOS with large SAMPLESPERPIXEL in Tiff IFD
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from charset-normalizer's releases.

Version 3.0.0

3.0.0 (2022-10-20)

Added

• Extend the capability of explain=True when cp_isolation contains at most two entries (min one), will log in details of the Mess-detector results
• Support for alternative language frequency set in charset_normalizer.assets.FREQUENCIES
• Add parameter language_threshold in from_bytes, from_path and from_fp to adjust the minimum expected coherence ratio
• normalizer --version now specify if the current version provides extra speedup (meaning mypyc compilation whl)

Changed

• Build with static metadata (not pyproject.toml yet)
• Make language detection stricter
• Optional: Module md.py can be compiled using Mypyc to provide an extra speedup up to 4x faster than v2.1

Fixed

• CLI with opt --normalize fail when using full path for files
• TooManyAccentuatedPlugin induce false positive on the mess detection when too few alpha characters have been fed to it
• Sphinx warnings when generating the documentation

Removed

• Coherence detector no longer returns 'Simple English' instead returns 'English'
• Coherence detector no longer returns 'Classical Chinese' instead returns 'Chinese'
• Breaking: Method first() and best() from CharsetMatch
• UTF-7 will no longer appear as "detected" without a recognized SIG/mark (is unreliable/conflicts with ASCII)
• Breaking: Class aliases CharsetDetector, CharsetDoctor, CharsetNormalizerMatch and CharsetNormalizerMatches
• Breaking: Top-level function normalize
• Breaking: Properties chaos_secondary_pass, coherence_non_latin and w_counter from CharsetMatch
• Support for the backport unicodedata2

This is the last version (3.0.x) to support Python 3.6 We plan to drop it for 3.1.x

Version 3.0.0rc1

This is the last pre-release. If everything goes well, I will publish the stable tag.

3.0.0rc1 (2022-10-18)

Added

• Extend the capability of explain=True when cp_isolation contains at most two entries (min one), will log in details of the Mess-detector results
• Support for alternative language frequency set in charset_normalizer.assets.FREQUENCIES
• Add parameter language_threshold in from_bytes, from_path and from_fp to adjust the minimum expected coherence ratio

Changed

• Build with static metadata using 'build' frontend
• Make language detection stricter

Fixed

• CLI with opt --normalize fail when using full path for files
• TooManyAccentuatedPlugin induce false positive on the mess detection when too few alpha characters have been fed to it

Removed

... (truncated)

Sourced from charset-normalizer's changelog.

3.0.0 (2022-10-20)

Added

• Extend the capability of explain=True when cp_isolation contains at most two entries (min one), will log in details of the Mess-detector results
• Support for alternative language frequency set in charset_normalizer.assets.FREQUENCIES
• Add parameter language_threshold in from_bytes, from_path and from_fp to adjust the minimum expected coherence ratio
• normalizer --version now specify if current version provide extra speedup (meaning mypyc compilation whl)

Changed

• Build with static metadata using 'build' frontend
• Make the language detection stricter
• Optional: Module md.py can be compiled using Mypyc to provide an extra speedup up to 4x faster than v2.1

Fixed

• CLI with opt --normalize fail when using full path for files
• TooManyAccentuatedPlugin induce false positive on the mess detection when too few alpha character have been fed to it
• Sphinx warnings when generating the documentation

Removed

• Coherence detector no longer return 'Simple English' instead return 'English'
• Coherence detector no longer return 'Classical Chinese' instead return 'Chinese'
• Breaking: Method first() and best() from CharsetMatch
• UTF-7 will no longer appear as "detected" without a recognized SIG/mark (is unreliable/conflict with ASCII)
• Breaking: Class aliases CharsetDetector, CharsetDoctor, CharsetNormalizerMatch and CharsetNormalizerMatches
• Breaking: Top-level function normalize
• Breaking: Properties chaos_secondary_pass, coherence_non_latin and w_counter from CharsetMatch
• Support for the backport unicodedata2

3.0.0rc1 (2022-10-18)

Added

• Extend the capability of explain=True when cp_isolation contains at most two entries (min one), will log in details of the Mess-detector results
• Support for alternative language frequency set in charset_normalizer.assets.FREQUENCIES
• Add parameter language_threshold in from_bytes, from_path and from_fp to adjust the minimum expected coherence ratio

Changed

• Build with static metadata using 'build' frontend
• Make the language detection stricter

Fixed

• CLI with opt --normalize fail when using full path for files
• TooManyAccentuatedPlugin induce false positive on the mess detection when too few alpha character have been fed to it

Removed

• Coherence detector no longer return 'Simple English' instead return 'English'
• Coherence detector no longer return 'Classical Chinese' instead return 'Chinese'

3.0.0b2 (2022-08-21)

Added

... (truncated)

Sourced from charset-normalizer's upgrade guide.

Guide to upgrade your code from v1 to v2

• If you are using the legacy detect function, that is it. You have nothing to do.

Detection

Before

from charset_normalizer import CharsetNormalizerMatches
results = CharsetNormalizerMatches.from_bytes(
'我没有埋怨，磋砣的只是一些时间。'.encode('utf_32')
)

After

from charset_normalizer import from_bytes
results = from_bytes(
'我没有埋怨，磋砣的只是一些时间。'.encode('utf_32')
)

Methods that once were staticmethods of the class CharsetNormalizerMatches are now basic functions. from_fp, from_bytes, from_fp and `` are concerned.

Staticmethods scheduled to be removed in version 3.0

• 0ec52ef Version 3.0.0 (#223)
• db134f3 Update python-publish.yml
• 690f74c :wrench: pass --no-isolation through CIBW_CONFIG_SETTINGS --build-option
• 20996c3 :arrow_up: cibuildwheel v2.11.1 (fix-tag)
• 24f366c :arrow_up: cibuildwheel v2.11.1
• 33b7327 :wrench: update universal-wheel stage (missing build pkg)
• 544595d Merge pull request #209 from Ousret/3.0
• 6367d53 :pencil: Missing CHANGELOG entry and add language_threshold to docs::advanced...
• b15f416 :pencil: Update CHANGELOG.md
• f8e1153 :pencil: Adjust speedup docs section
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from numpy's releases.

v1.23.4

NumPy 1.23.4 Release Notes

NumPy 1.23.4 is a maintenance release that fixes bugs discovered after the 1.23.3 release and keeps the build infrastructure current. The main improvements are fixes for some annotation corner cases, a fix for a long time nested_iters memory leak, and a fix of complex vector dot for very large arrays. The Python versions supported for this release are 3.8-3.11.

Note that the mypy version needs to be 0.981+ if you test using Python 3.10.7, otherwise the typing tests will fail.

Contributors

A total of 8 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Bas van Beek
• Charles Harris
• Matthew Barber
• Matti Picus
• Ralf Gommers
• Ross Barnowski
• Sebastian Berg
• Sicheng Zeng +

Pull requests merged

A total of 13 pull requests were merged for this release.

• #22368: BUG: Add __array_api_version__ to numpy.array_api namespace
• #22370: MAINT: update sde toolkit to 9.0, fix download link
• #22382: BLD: use macos-11 image on azure, macos-1015 is deprecated
• #22383: MAINT: random: remove get_info from "extending with Cython"...
• #22384: BUG: Fix complex vector dot with more than NPY_CBLAS_CHUNK elements
• #22387: REV: Loosen lookfor's import try/except again
• #22388: TYP,ENH: Mark numpy.typing protocols as runtime checkable
• #22389: TYP,MAINT: Change more overloads to play nice with pyright
• #22390: TST,TYP: Bump mypy to 0.981
• #22391: DOC: Update delimiter param description.
• #22392: BUG: Memory leaks in numpy.nested_iters
• #22413: REL: Prepare for the NumPy 1.23.4 release.
• #22424: TST: Fix failing aarch64 wheel builds.

Checksums

MD5

90a3d95982490cfeeef22c0f7cbd874f  numpy-1.23.4-cp310-cp310-macosx_10_9_x86_64.whl

... (truncated)

• f802155 Merge pull request #22425 from charris/prepare-1.23.4-release_1
• 298174b REL: Prepare for the NumPy 1.23.4 release (1)
• 631072f Merge pull request #22424 from charris/backport-22418
• f4a3195 TST, BLD: Fix failing aarch64 wheel builds.
• 1cbd127 Merge pull request #22413 from charris/prepare-for-1.23.4
• 8cfc899 REL: Prepare for the NumPy 1.23.4 release.
• 22a41b5 Merge pull request #22392 from charris/backport-22296
• f6a3c11 Adding missing Py_DECREF call on iter
• 8274a16 Merge pull request #22391 from charris/backport-22372
• fa16a0c Merge pull request #22390 from charris/backport-22360
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• b81bdb2 2022.09.24
• 939a28f 2022.09.14
• aca828a 2022.06.15.2
• de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...
• b8eb5e9 2022.06.15.1
• 47fb7ab Fix deprecation warning on Python 3.11 (#199)
• b0b48e0 fixes #198 -- update link in license
• 9d514b4 2022.06.15
• 4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)
• 75cc94d 2022.05.18.1
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 939a28f 2022.09.14
• aca828a 2022.06.15.2
• de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...
• b8eb5e9 2022.06.15.1
• 47fb7ab Fix deprecation warning on Python 3.11 (#199)
• b0b48e0 fixes #198 -- update link in license
• 9d514b4 2022.06.15
• 4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)
• 75cc94d 2022.05.18.1
• 04b7480 Add support for Python 3.10 and drop EOL 3.5 (#167)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from numpy's releases.

v1.23.3

NumPy 1.23.3 Release Notes

NumPy 1.23.3 is a maintenance release that fixes bugs discovered after the 1.23.2 release. There is no major theme for this release, the main improvements are for some downstream builds and some annotation corner cases. The Python versions supported for this release are 3.8-3.11.

Note that we will move to MacOS 11 for the NumPy 1.23.4 release, the 10.15 version currently used will no longer be supported by our build infrastructure at that point.

Contributors

A total of 16 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Aaron Meurer
• Bas van Beek
• Charles Harris
• Ganesh Kathiresan
• Gavin Zhang +
• Iantra Solari+
• Jyn Spring 琴春 +
• Matti Picus
• Rafael Cardoso Fernandes Sousa
• Rafael Sousa +
• Ralf Gommers
• Rin Cat (鈴猫) +
• Saransh Chopra +
• Sayed Adel
• Sebastian Berg
• Serge Guelton

Pull requests merged

A total of 14 pull requests were merged for this release.

• #22136: BLD: Add Python 3.11 wheels to aarch64 build
• #22148: MAINT: Update setup.py for Python 3.11.
• #22155: CI: Test NumPy build against old versions of GCC(6, 7, 8)
• #22156: MAINT: support IBM i system
• #22195: BUG: Fix circleci build
• #22214: BUG: Expose heapsort algorithms in a shared header
• #22215: BUG: Support using libunwind for backtrack
• #22216: MAINT: fix an incorrect pointer type usage in f2py
• #22220: BUG: change overloads to play nice with pyright.
• #22221: TST,BUG: Use fork context to fix MacOS savez test
• #22222: TYP,BUG: Reduce argument validation in C-based __class_getitem__

... (truncated)

• e47cbb6 Merge pull request #22234 from charris/prepare-1.23.3-release
• e0e8991 REL: Prepare for the NumPy 1.23.3 release.
• 9bf22bb BUG: Better report integer division overflow (backport) (#22230)
• 0f0d355 Merge pull request #22224 from charris/backport-21928
• 55a5ca7 Merge pull request #22223 from charris/backport-21981
• 6cc4183 BUG: Fix the implementation of numpy.array_api.vecdot (#21928)
• fb9666f BUG: Replace assert with correct error
• fc0d627 TST: ensure np.equal.reduce raises a TypeError
• 754ec89 Merge pull request #22222 from charris/backport-22212
• 63ab75d Merge pull request #22221 from charris/backport-22204
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pydantic's releases.

v1.10.2 (2022-09-05)

• Revert Change: Revert percent encoding of URL parts which was originally added in #4224, #4470 by @​samuelcolvin
• Prevent long (length > 4_300) strings/bytes as input to int fields, see python/cpython#95778 and CVE-2020-10735, #1477 by @​samuelcolvin
• fix: dataclass wrapper was not always called, #4477 by @​PrettyWood
• Use tomllib on Python 3.11 when parsing mypy configuration, #4476 by @​hauntsaninja
• Basic fix of GenericModel cache to detect order of arguments in Union models, #4474 by @​sveinugu
• Fix mypy plugin when using bare types like list and dict as default_factory, #4457 by @​samuelcolvin

Full Changelog: https://github.com/pydantic/pydantic/compare/v1.10.1...v1.10.2

v1.10.1 (2022-08-31)

• Add __hash__ method to pydancic.color.Color class, #4454 by @​czaki

Full Changelog: https://github.com/pydantic/pydantic/compare/v1.10.0...v1.10.1

v1.10.0 (2022-08-30)

See #4419 for feedback and discussion, docs are live at pydantic-docs.helpmanual.io.

• Refactor the whole pydantic dataclass decorator to really act like its standard lib equivalent. It hence keeps __eq__, __hash__, ... and makes comparison with its non-validated version possible. It also fixes usage of frozen dataclasses in fields and usage of default_factory in nested dataclasses. The support of Config.extra has been added. Finally, config customization directly via a dict is now possible, #2557 by @​PrettyWood BREAKING CHANGES:
  • The compiled boolean (whether pydantic is compiled with cython) has been moved from main.py to version.py
  • Now that Config.extra is supported, dataclass ignores by default extra arguments (like BaseModel)
• Fix PEP487 __set_name__ protocol in BaseModel for PrivateAttrs, #4407 by @​tlambert03
• Allow for custom parsing of environment variables via parse_env_var in Config, #4406 by @​acmiyaguchi
• Rename master to main, #4405 by @​hramezani
• Fix StrictStr does not raise ValidationError when max_length is present in Field, #4388 by @​hramezani
• Make SecretStr and SecretBytes hashable, #4387 by @​chbndrhnns
• Fix StrictBytes does not raise ValidationError when max_length is present in Field, #4380 by @​JeanArhancet
• Add support for bare type, #4375 by @​hramezani
• Support Python 3.11, including binaries for 3.11 in PyPI, #4374 by @​samuelcolvin
• Add support for re.Pattern, #4366 by @​hramezani
• Fix __post_init_post_parse__ is incorrectly passed keyword arguments when no __post_init__ is defined, #4361 by @​hramezani
• Fix implicitly importing ForwardRef and Callable from pydantic.typing instead of typing and also expose MappingIntStrAny, #4358 by @​aminalaee
• remove Any types from the dataclass decorator so it can be used with the disallow_any_expr mypy option, #4356 by @​DetachHead
• moved repo to pydantic/pydantic, #4348 by @​yezz123
• fix "extra fields not permitted" error when dataclass with Extra.forbid is validated multiple times, #4343 by @​detachhead
• Add Python 3.9 and 3.10 examples to docs, #4339 by @​Bobronium
• Discriminated union models now use oneOf instead of anyOf when generating OpenAPI schema definitions, #4335 by @​MaxwellPayne
• Allow type checkers to infer inner type of Json type. Json[list[str]] will be now inferred as list[str], Json[Any] should be used instead of plain Json. Runtime behaviour is not changed, #4332 by @​Bobronium
• Allow empty string aliases by using a alias is not None check, rather than bool(alias), #4253 by @​sergeytsaplin
• Update ForwardRefs in Field.outer_type_, #4249 by @​JacobHayes
• The use of __dataclass_transform__ has been replaced by typing_extensions.dataclass_transform, which is the preferred way to mark pydantic models as a dataclass under PEP 681, #4241 by @​multimeric
• Use parent model's Config when validating nested NamedTuple fields, #4219 by @​synek

... (truncated)

Sourced from pydantic's changelog.

v1.10.2 (2022-09-05)

• Revert Change: Revert percent encoding of URL parts which was originally added in #4224, #4470 by @​samuelcolvin
• Prevent long (length > 4_300) strings/bytes as input to int fields, see python/cpython#95778 and CVE-2020-10735, #1477 by @​samuelcolvin
• fix: dataclass wrapper was not always called, #4477 by @​PrettyWood
• Use tomllib on Python 3.11 when parsing mypy configuration, #4476 by @​hauntsaninja
• Basic fix of GenericModel cache to detect order of arguments in Union models, #4474 by @​sveinugu
• Fix mypy plugin when using bare types like list and dict as default_factory, #4457 by @​samuelcolvin

v1.10.1 (2022-08-31)

• Add __hash__ method to pydancic.color.Color class, #4454 by @​czaki

v1.10.0 (2022-08-30)

• Refactor the whole pydantic dataclass decorator to really act like its standard lib equivalent. It hence keeps __eq__, __hash__, ... and makes comparison with its non-validated version possible. It also fixes usage of frozen dataclasses in fields and usage of default_factory in nested dataclasses. The support of Config.extra has been added. Finally, config customization directly via a dict is now possible, #2557 by @​PrettyWood BREAKING CHANGES:
  • The compiled boolean (whether pydantic is compiled with cython) has been moved from main.py to version.py
  • Now that Config.extra is supported, dataclass ignores by default extra arguments (like BaseModel)
• Fix PEP487 __set_name__ protocol in BaseModel for PrivateAttrs, #4407 by @​tlambert03
• Allow for custom parsing of environment variables via parse_env_var in Config, #4406 by @​acmiyaguchi
• Rename master to main, #4405 by @​hramezani
• Fix StrictStr does not raise ValidationError when max_length is present in Field, #4388 by @​hramezani
• Make SecretStr and SecretBytes hashable, #4387 by @​chbndrhnns
• Fix StrictBytes does not raise ValidationError when max_length is present in Field, #4380 by @​JeanArhancet
• Add support for bare type, #4375 by @​hramezani
• Support Python 3.11, including binaries for 3.11 in PyPI, #4374 by @​samuelcolvin
• Add support for re.Pattern, #4366 by @​hramezani
• Fix __post_init_post_parse__ is incorrectly passed keyword arguments when no __post_init__ is defined, #4361 by @​hramezani
• Fix implicitly importing ForwardRef and Callable from pydantic.typing instead of typing and also expose MappingIntStrAny, #4358 by @​aminalaee
• remove Any types from the dataclass decorator so it can be used with the disallow_any_expr mypy option, #4356 by @​DetachHead
• moved repo to pydantic/pydantic, #4348 by @​yezz123
• fix "extra fields not permitted" error when dataclass with Extra.forbid is validated multiple times, #4343 by @​detachhead
• Add Python 3.9 and 3.10 examples to docs, #4339 by @​Bobronium
• Discriminated union models now use oneOf instead of anyOf when generating OpenAPI schema definitions, #4335 by @​MaxwellPayne
• Allow type checkers to infer inner type of Json type. Json[list[str]] will be now inferred as list[str], Json[Any] should be used instead of plain Json. Runtime behaviour is not changed, #4332 by @​Bobronium
• Allow empty string aliases by using a alias is not None check, rather than bool(alias), #4253 by @​sergeytsaplin
• Update ForwardRefs in Field.outer_type_, #4249 by @​JacobHayes
• The use of __dataclass_transform__ has been replaced by typing_extensions.dataclass_transform, which is the preferred way to mark pydantic models as a dataclass under PEP 681, #4241 by @​multimeric
• Use parent model's Config when validating nested NamedTuple fields, #4219 by @​synek
• Update BaseModel.construct to work with aliased Fields, #4192 by @​kylebamos

... (truncated)

• bc74342 prepare for v1.10.2
• f1e9883 fix: dataclass wrapper was not always called (#4484)
• 91bb8d4 Basic fix of GenericModel cache to detect order of args in Union models [#447...
• eccd85e prevent long strings as int inputs (#4480)
• a4367c1 Revert percent encoding in URLs. (#4470)
• 02cf7f5 fix mypy with default_factory=list etc. (#4471)
• 5a2ddec Use tomllib on Python 3.11 (#4476)
• 317bef3 build(deps): bump black from 22.6.0 to 22.8.0 (#4465)
• 2add8a9 build(deps): bump hypothesis from 6.54.3 to 6.54.4 (#4464)
• f1fb4f2 build(deps): bump mkdocs-material from 8.4.0 to 8.4.2 (#4463)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• b8eb5e9 2022.06.15.1
• 47fb7ab Fix deprecation warning on Python 3.11 (#199)
• b0b48e0 fixes #198 -- update link in license
• 9d514b4 2022.06.15
• 4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)
• 75cc94d 2022.05.18.1
• 04b7480 Add support for Python 3.10 and drop EOL 3.5 (#167)
• e713282 2022.05.18
• 51c3f2a Automatically lock github issues after they've been closed for 90 days (#189)
• 1c2dd6f Remove universal wheel, python 2 is unsupported (#187)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pillow's releases.

9.4.0

https://pillow.readthedocs.io/en/stable/releasenotes/9.4.0.html

Changes

• Updated copyright year #6845 [@​radarhere]
• Fixed null pointer dereference crash with malformed font #6846 [@​radarhere]
• Return from ImagingFill early if image has a zero dimension #6842 [@​radarhere]
• Reversed deprecations for Image constants, except for duplicate Resampling attributes #6830 [@​radarhere]
• Improve exception traceback readability #6836 [@​hugovk]
• Fix version mismatch #6841 [@​smb123w64gb]
• Do not attempt to read IFD1 if absent #6840 [@​radarhere]
• Fixed writing int as ASCII tag #6800 [@​radarhere]
• If available, use wl-paste or xclip for grabclipboard() on Linux #6783 [@​radarhere]
• Added signed option when saving JPEG2000 images #6709 [@​radarhere]
• Patch OpenJPEG to include ARM64 fix #6718 [@​radarhere]
• Added support for I;16 modes in putdata() #6825 [@​radarhere]
• Added conversion from RGBa to RGB #6708 [@​radarhere]
• Added DDS support for uncompressed L and LA images #6820 [@​radarhere]
• Added LightSource tag values to ExifTags #6749 [@​radarhere]
• Updated libtiff shared library name #6826 [@​radarhere]
• Fixed PyAccess after changing ICO size #6821 [@​radarhere]
• Do not use EXIF from info when saving PNG images #6819 [@​radarhere]
• Fixed saving EXIF data to MPO #6817 [@​radarhere]
• Added Exif hide_offsets() #6762 [@​radarhere]
• Only compare to previous frame when checking for duplicate GIF frames while saving #6787 [@​radarhere]
• Always initialize all plugins in registered_extensions() #6811 [@​radarhere]
• Initialize unsigned char variables #6818 [@​radarhere]
• Updated deprecated NumPy alias #6814 [@​radarhere]
• Ignore non-opaque WebP background when saving as GIF #6792 [@​radarhere]
• Only set tile in ImageFile setstate #6793 [@​radarhere]
• Fixed BytesWarnings #6816 [@​radarhere]
• When reading BLP, do not trust JPEG decoder to determine image is CMYK #6767 [@​radarhere]
• Updated xz to 5.4.0 #6802 [@​radarhere]
• Added IFD enum to ExifTags #6748 [@​radarhere]
• Fixed bug combining GIF frame durations #6779 [@​radarhere]
• Remove unnecessary Pipfile #6790 [@​hugovk]
• Support saving JPEG comments #6774 [@​smason]
• Add support for PyPy3.9, drop PyPy3.7 #6782 [@​hugovk]
• [pre-commit.ci] pre-commit autoupdate #6780 [@​pre-commit-ci]
• Use compile_python_fuzzer #6775 [@​radarhere]
• Remove specific number of jobs from comment #6772 [@​radarhere]
• Fix WebP dealloc method definitions #6763 [@​Yay295]
• Added getxmp() to WebPImagePlugin #6758 [@​radarhere]
• Use stdlib for setuptools on Cygwin #6760 [@​radarhere]
• Added "exact" option when saving WebP #6747 [@​ashafaei]
• Use fractional coordinates when drawing text #6722 [@​radarhere]
• Fixed writing int as BYTE tag #6740 [@​radarhere]
• Remove Tidelift alignment action and badge #6739 [@​aclark4life]

... (truncated)

Sourced from pillow's changelog.

9.4.0 (2023-01-02)

• Fixed null pointer dereference crash with malformed font #6846 [wiredfool, radarhere]

• Return from ImagingFill early if image has a zero dimension #6842 [radarhere]

• Reversed deprecations for Image constants, except for duplicate Resampling attributes #6830 [radarhere]

• Improve exception traceback readability #6836 [hugovk, radarhere]

• Do not attempt to read IFD1 if absent #6840 [radarhere]

• Fixed writing int as ASCII tag #6800 [radarhere]

• If available, use wl-paste or xclip for grabclipboard() on Linux #6783 [radarhere]

• Added signed option when saving JPEG2000 images #6709 [radarhere]

• Patch OpenJPEG to include ARM64 fix #6718 [radarhere]

• Added support for I;16 modes in putdata() #6825 [radarhere]

• Added conversion from RGBa to RGB #6708 [radarhere]

• Added DDS support for uncompressed L and LA images #6820 [radarhere, REDxEYE]

• Added LightSource tag values to ExifTags #6749 [radarhere]

• Fixed PyAccess after changing ICO size #6821 [radarhere]

• Do not use EXIF from info when saving PNG images #6819 [radarhere]

• Fixed saving EXIF data to MPO #6817 [radarhere]

... (truncated)

• a5bbab1 9.4.0 version bump
• cdd3d8e Merge pull request #6851 from radarhere/size
• 38a93a0 Merge pull request #6850 from radarhere/releasenotes
• d4d981d Updated size parameter descriptions
• e908afe Updated security descriptions
• 0efda91 Merge pull request #6845 from radarhere/copyright
• 35b4c43 Added release notes for #6846
• a632b7a Added release notes for #6842
• 009bbe2 Update CHANGES.rst [ci skip]
• c4cc487 Merge pull request #6846 from radarhere/font_crash
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pydantic's releases.

v1.10.4 (2022-12-30)

• Change dependency to typing-extensions>=4.2.0, #4885 by @​samuelcolvin

Full Changelog: https://github.com/pydantic/pydantic/compare/v1.10.3...v1.10.4

v1.10.3 (2022-12-29)

• fix parsing of custom root models, #4883 by @​gou177
• fix: use dataclass proxy for frozen or empty dataclasses, #4878 by @​PrettyWood
• Fix schema and schema_json on models where a model instance is a one of default values, #4781 by @​Bobronium
• Add Jina AI to sponsors on docs index page, #4767 by @​samuelcolvin
• fix: support assignment on DataclassProxy, #4695 by @​PrettyWood
• Add postgresql+psycopg as allowed scheme for PostgreDsn to make it usable with SQLAlchemy 2, #4689 by @​morian
• Allow dict schemas to have both patternProperties and additionalProperties, #4641 by @​jparise
• Fixes error passing None for optional lists with unique_items, #4568 by @​mfulgo
• Fix GenericModel with Callable param raising a TypeError, #4551 by @​mfulgo
• Fix field regex with StrictStr type annotation, #4538 by @​sisp
• Correct dataclass_transform keyword argument name from field_descriptors to field_specifiers, #4500 by @​samuelcolvin
• fix: avoid multiple calls of __post_init__ when dataclasses are inherited, #4487 by @​PrettyWood
• Reduce the size of binary wheels, #2276 by @​samuelcolvin

Full Changelog: https://github.com/pydantic/pydantic/compare/v1.10.2...v1.10.3

v1.10.2 (2022-09-05)

• Revert Change: Revert percent encoding of URL parts which was originally added in #4224, #4470 by @​samuelcolvin
• Prevent long (length > 4_300) strings/bytes as input to int fields, see python/cpython#95778 and CVE-2020-10735, #1477 by @​samuelcolvin
• fix: dataclass wrapper was not always called, #4477 by @​PrettyWood
• Use tomllib on Python 3.11 when parsing mypy configuration, #4476 by @​hauntsaninja
• Basic fix of GenericModel cache to detect order of arguments in Union models, #4474 by @​sveinugu
• Fix mypy plugin when using bare types like list and dict as default_factory, #4457 by @​samuelcolvin

Full Changelog: https://github.com/pydantic/pydantic/compare/v1.10.1...v1.10.2

v1.10.1 (2022-08-31)

• Add __hash__ method to pydancic.color.Color class, #4454 by @​czaki

Full Changelog: https://github.com/pydantic/pydantic/compare/v1.10.0...v1.10.1

v1.10.0 (2022-08-30)

See #4419 for feedback and discussion, docs are live at pydantic-docs.helpmanual.io.

• Refactor the whole pydantic dataclass decorator to really act like its standard lib equivalent. It hence keeps __eq__, __hash__, ... and makes comparison with its non-validated version possible. It also fixes usage of frozen dataclasses in fields and usage of default_factory in nested dataclasses. The support of Config.extra has been added. Finally, config customization directly via a dict is now possible, #2557 by @​PrettyWood BREAKING CHANGES:
  • The compiled boolean (whether pydantic is compiled with cython) has been moved from main.py to version.py
  • Now that Config.extra is supported, dataclass ignores by default extra arguments (like BaseModel)

... (truncated)

Sourced from pydantic's changelog.

v1.10.4 (2022-12-30)

• Change dependency to typing-extensions>=4.2.0, #4885 by @​samuelcolvin

v1.10.3 (2022-12-29)

NOTE: v1.10.3 was "yanked" from PyPI due to #4885 which is fixed in v1.10.4

• fix parsing of custom root models, #4883 by @​gou177
• fix: use dataclass proxy for frozen or empty dataclasses, #4878 by @​PrettyWood
• Fix schema and schema_json on models where a model instance is a one of default values, #4781 by @​Bobronium
• Add Jina AI to sponsors on docs index page, #4767 by @​samuelcolvin
• fix: support assignment on DataclassProxy, #4695 by @​PrettyWood
• Add postgresql+psycopg as allowed scheme for PostgreDsn to make it usable with SQLAlchemy 2, #4689 by @​morian
• Allow dict schemas to have both patternProperties and additionalProperties, #4641 by @​jparise
• Fixes error passing None for optional lists with unique_items, #4568 by @​mfulgo
• Fix GenericModel with Callable param raising a TypeError, #4551 by @​mfulgo
• Fix field regex with StrictStr type annotation, #4538 by @​sisp
• Correct dataclass_transform keyword argument name from field_descriptors to field_specifiers, #4500 by @​samuelcolvin
• fix: avoid multiple calls of __post_init__ when dataclasses are inherited, #4487 by @​PrettyWood
• Reduce the size of binary wheels, #2276 by @​samuelcolvin

v1.10.2 (2022-09-05)

• Revert Change: Revert percent encoding of URL parts which was originally added in #4224, #4470 by @​samuelcolvin
• Prevent long (length > 4_300) strings/bytes as input to int fields, see python/cpython#95778 and CVE-2020-10735, #1477 by @​samuelcolvin
• fix: dataclass wrapper was not always called, #4477 by @​PrettyWood
• Use tomllib on Python 3.11 when parsing mypy configuration, #4476 by @​hauntsaninja
• Basic fix of GenericModel cache to detect order of arguments in Union models, #4474 by @​sveinugu
• Fix mypy plugin when using bare types like list and dict as default_factory, #4457 by @​samuelcolvin

v1.10.1 (2022-08-31)

• Add __hash__ method to pydancic.color.Color class, #4454 by @​czaki

v1.10.0 (2022-08-30)

• Refactor the whole pydantic dataclass decorator to really act like its standard lib equivalent. It hence keeps __eq__, __hash__, ... and makes comparison with its non-validated version possible. It also fixes usage of frozen dataclasses in fields and usage of default_factory in nested dataclasses. The support of Config.extra has been added. Finally, config customization directly via a dict is now possible, #2557 by @​PrettyWood BREAKING CHANGES:
  • The compiled boolean (whether pydantic is compiled with cython) has been moved from main.py to version.py
  • Now that Config.extra is supported, dataclass ignores by default extra arguments (like BaseModel)
• Fix PEP487 __set_name__ protocol in BaseModel for PrivateAttrs, #4407 by @​tlambert03
• Allow for custom parsing of environment variables via parse_env_var in Config, #4406 by @​acmiyaguchi

... (truncated)

• 63c683d prepare for v1.10.4 release
• 2106f1c Typing extensions min version (#4886)
• 0a9e000 prepare for v1.10.3, fix #4552
• bf4b5ce fix: use dataclasses proxy for frozen or empty dataclasses (#4878)
• a220f87 fix: Parsing of custom root models (#4883) (#4884)
• a825106 fix: avoid multiple calls of __post_init__ when dataclasses are inherited (...
• c04923c fix: support assignment on DataclassProxy (#4880)
• 18a91e3 Fixed datetime format specifier in docs (#4876) (#4879)
• 1a1497e fix history links (#4866)
• 4f13260 Reduce binary sizes (#4862)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from opencv-python's releases.

4.7.0.68

opencv-python: https://pypi.org/project/opencv-python/ opencv-contrib-python: https://pypi.org/project/opencv-contrib-python/ opencv-python-headless: https://pypi.org/project/opencv-python-headless/ opencv-contrib-python-headless: https://pypi.org/project/opencv-contrib-python-headless/

OpenCV 4.7.0

Changes:

• Updated third-party libraries to fix potential vulnerabilities.
• Dropped Python 3.6 support.
• Added Python 3.11 support.

4.6.0.66

opencv-python: https://pypi.org/project/opencv-python/ opencv-contrib-python: https://pypi.org/project/opencv-contrib-python/ opencv-python-headless: https://pypi.org/project/opencv-python-headless/ opencv-contrib-python-headless: https://pypi.org/project/opencv-contrib-python-headless/

OpenCV 4.6.0

Changes:

• Updated third-party libraries to fix potential vulnerabilities. #666
• Added support for building Windows ARM64 Python package. #644
• The repository has been synchronized with scikit-build 0.14.0 release. #637
• The build without internet connection has been fixed. #642
• This release produced with libpng 1.6.37 and supports eXIf orientation tag. #662

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from numpy's releases.

v1.24.1

NumPy 1.24.1 Release Notes

NumPy 1.24.1 is a maintenance release that fixes bugs and regressions discovered after the 1.24.0 release. The Python versions supported by this release are 3.8-3.11.

Contributors

A total of 12 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Andrew Nelson
• Ben Greiner +
• Charles Harris
• Clément Robert
• Matteo Raso
• Matti Picus
• Melissa Weber Mendonça
• Miles Cranmer
• Ralf Gommers
• Rohit Goswami
• Sayed Adel
• Sebastian Berg

Pull requests merged

A total of 18 pull requests were merged for this release.

• #22820: BLD: add workaround in setup.py for newer setuptools
• #22830: BLD: CIRRUS_TAG redux
• #22831: DOC: fix a couple typos in 1.23 notes
• #22832: BUG: Fix refcounting errors found using pytest-leaks
• #22834: BUG, SIMD: Fix invalid value encountered in several ufuncs
• #22837: TST: ignore more np.distutils.log imports
• #22839: BUG: Do not use getdata() in np.ma.masked_invalid
• #22847: BUG: Ensure correct behavior for rows ending in delimiter in...
• #22848: BUG, SIMD: Fix the bitmask of the boolean comparison
• #22857: BLD: Help raspian arm + clang 13 about __builtin_mul_overflow
• #22858: API: Ensure a full mask is returned for masked_invalid
• #22866: BUG: Polynomials now copy properly (#22669)
• #22867: BUG, SIMD: Fix memory overlap in ufunc comparison loops
• #22868: BUG: Fortify string casts against floating point warnings
• #22875: TST: Ignore nan-warnings in randomized out tests
• #22883: MAINT: restore npymath implementations needed for freebsd
• #22884: BUG: Fix integer overflow in in1d for mixed integer dtypes #22877
• #22887: BUG: Use whole file for encoding checks with charset_normalizer.

Checksums

... (truncated)

• a28f4f2 Merge pull request #22888 from charris/prepare-1.24.1-release
• f8fea39 REL: Prepare for the NumPY 1.24.1 release.
• 6f491e0 Merge pull request #22887 from charris/backport-22872
• 48f5fe4 BUG: Use whole file for encoding checks with charset_normalizer [f2py] (#22...
• 0f3484a Merge pull request #22883 from charris/backport-22882
• 002c60d Merge pull request #22884 from charris/backport-22878
• 38ef9ce BUG: Fix integer overflow in in1d for mixed integer dtypes #22877 (#22878)
• bb00c68 MAINT: restore npymath implementations needed for freebsd
• 64e09c3 Merge pull request #22875 from charris/backport-22869
• dc7bac6 TST: Ignore nan-warnings in randomized out tests
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 9e9e840 2022.12.07
• b81bdb2 2022.09.24
• 939a28f 2022.09.14
• aca828a 2022.06.15.2
• de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...
• b8eb5e9 2022.06.15.1
• 47fb7ab Fix deprecation warning on Python 3.11 (#199)
• b0b48e0 fixes #198 -- update link in license
• 9d514b4 2022.06.15
• 4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from chardet's releases.

chardet 5.1.0

Features

• Add should_rename_legacy argument to most functions, which will rename older encodings to their more modern equivalents (e.g., GB2312 becomes GB18030) (#264, @​dan-blanchard)
• Add capital letter sharp S and ISO-8859-15 support (#222, @​SimonWaldherr)
• Add a prober for MacRoman encoding (#5 updated as c292b52a97e57c95429ef559af36845019b88b33, Rob Speer and @​dan-blanchard )
• Add --minimal flag to chardetect command (#214, @​dan-blanchard)
• Add type annotations to the project and run mypy on CI (#261, @​jdufresne)
• Add support for Python 3.11 (#274, @​hugovk)

Fixes

• Clarify LGPL version in License trove classifier (#255, @​musicinmybrain)
• Remove support for EOL Python 3.6 (#260, @​jdufresne)
• Remove unnecessary guards for non-falsey values (#259, @​jdufresne)

Misc changes

• Switch to Python 3.10 release in GitHub actions (#257, @​jdufresne)
• Remove setup.py in favor of build package (#262, @​jdufresne)
• Run tests on macos, Windows, and 3.11-dev (#267, @​dan-blanchard)

chardet 5.0.0

⚠️ This release is the first release of chardet that no longer supports Python < 3.6 ⚠️

In addition to that change, it features the following user-facing changes:

• Added a prober for Johab Korean (#207, @​grizlupo)
• Added a prober for UTF-16/32 BE/LE (#109, #206, @​jpz)
• Added test data for Croatian, Czech, Hungarian, Polish, Slovak, Slovene, Greek, and Turkish, which should help prevent future errors with those languages
• Improved XML tag filtering, which should improve accuracy for XML files (#208)
• Tweaked SingleByteCharSetProber confidence to match latest uchardet (#209)
• Made detect_all return child prober confidences (#210)
• Updated examples in docs (#223, @​domdfcoding)
• Documentation fixes (#212, #224, #225, #226, #220, #221, #244 from too many to mention)
• Minor performance improvements (#252, @​deedy5)
• Add support for Python 3.10 when testing (#232, @​jdufresne)
• Lots of little development cycle improvements, mostly thanks to @​jdufresne

• 8087f00 Bump version to 5.1.0
• 041875f Revert "Distinguish between final and intermediate ResultDict (#266)"
• 7264282 Add support for Python 3.11 (#274)
• ac934fe Ignore black reformatting for blame
• fa4c1af Fix mypy error
• 99cd852 Update black pre-commit
• 0a0aa94 Fix linter
• c6f8e7d Stop running jobs twice on PRs
• 85035f5 Make sure we have test dependencies when linting
• 5b5e841 Add should_rename_legacy flag
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)