Sourced from sqlalchemy's releases.

1.4.26

Released: October 19, 2021

orm

• [orm] [bug] Improved the exception message generated when configuring a mapping with joined table inheritance where the two tables either have no foreign key relationships set up, or where they have multiple foreign key relationships set up. The message is now ORM specific and includes context that the _orm.Mapper.inherit_condition parameter may be needed particularly for the ambiguous foreign keys case.

• [orm] [bug] Fixed issue with _orm.with_loader_criteria() feature where ON criteria would not be added to a JOIN for a query of the form select(A).join(B), stating a target while making use of an implicit ON clause.

  References: #7189

• [orm] [bug] Fixed bug where the ORM "plugin", necessary for features such as _orm.with_loader_criteria() to work correctly, would not be applied to a _sql.select() which queried from an ORM column expression if it made use of the _sql.ColumnElement.label() modifier.

  References: #7205

• [orm] [bug] Add missing methods added in #6991 to _scoping.scoped_session and _asyncio.async_scoped_session().

  References: #7103

• [orm] [bug] An extra layer of warning messages has been added to the functionality of _orm.Query.join() and the ORM version of _sql.Select.join(), where a few places where "automatic aliasing" continues to occur will now be called out as a pattern to avoid, mostly specific to the area of joined table inheritance where classes that share common base tables are being joined together without using explicit aliases. One case emits a legacy warning for a pattern that's not recommended, the other case is fully deprecated.

  The automatic aliasing within ORM join() which occurs for overlapping mapped tables does not work consistently with all APIs such as _orm.contains_eager(), and rather than continue to try to make these use cases work everywhere, replacing with a more user-explicit pattern is clearer, less prone to bugs and simplifies SQLAlchemy's internals further.

  The warnings include links to the errors.rst page where each pattern is

... (truncated)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pyscaffold's changelog.

========= Changelog

Development version

Version 4.X.X, 2021-XX-XX

• Added linkcheck task to tox.ini, :pr:456
• Updated configuration for Sphinx and ReadTheDocs, :pr:455
• Note that templates and the generated boilerplate code is 0BSD-licensed, :pr:461
• Added 0BSD license template

Current versions

Version 4.0.2, 2021-05-26

• Restructured docs
• Fix WSL2 installation problem, :issue:440
• Fix for interactive mode under Windows, :issue:430

Version 3.3, 2020-12-24

• Code base changed to Black's standards
• New docs about version numbers and git integration
• Updated pre-commit hooks
• Updated docs/Makefile to use Sphinx "make mode"
• deprecated setuptools extensions/commands python setup.py test/docs/doctests, :issue:245
• New tox test environments for generating docs and running doctests
• New built-in extension for Cirrus CI, :issue:251
• experimental get_template is now part of the public API and can be used by extensions, :issue:252
• Updated setuptools_scm to version 4.1.2 in contrib
• Updated configupdater to version 1.1.2 in contrib
• precommit automatically fixes line endings by default
• deprecated log.configure_logger, use log.logger.reconfigure instead

.. note::

PyScaffold 3.3 is the last release to support Python 3.5

Older versions

... (truncated)

• d6faa13 Add max version to extensions in v3 requirements [all]
• 16d65e4 Update docs to explicitly show the version
• 382ff08 Updated changelog
• e01d7ed Check if description will render correctly on PyPI
• 9e8b416 Bundle templates in beta
• 89e9612 Set the correct username for PyPI
• 732ae4b Use a conda action for github workflows
• 383d1e1 Github Action: Install wheel and full checkout
• 7d88a63 Use recommended suffix for environment.yml
• 38a3eb0 Try py.test instead of python setup.py test
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pyscaffold's releases.

Bugfix release 4.0.2

• Restructured docs
• Fix WSL2 installation problem, issue 440
• Fix for interactive mode under Windows, issue 430

Sourced from pyscaffold's changelog.

Version 4.0.2, 2021-05-26

• Restructured docs
• Fix WSL2 installation problem, :issue:440
• Fix for interactive mode under Windows, :issue:430

Version 3.3, 2020-12-24

• Code base changed to Black's standards
• New docs about version numbers and git integration
• Updated pre-commit hooks
• Updated docs/Makefile to use Sphinx "make mode"
• deprecated setuptools extensions/commands python setup.py test/docs/doctests, :issue:245
• New tox test environments for generating docs and running doctests
• New built-in extension for Cirrus CI, :issue:251
• experimental get_template is now part of the public API and can be used by extensions, :issue:252
• Updated setuptools_scm to version 4.1.2 in contrib
• Updated configupdater to version 1.1.2 in contrib
• precommit automatically fixes line endings by default
• deprecated log.configure_logger, use log.logger.reconfigure instead

.. note::

PyScaffold 3.3 is the last release to support Python 3.5

Older versions

Version 4.0.1, 2021-03-17

• Fix tox -e build issue when running on Conda, :pr:417
• Ensure snake_case for keys in setup.cfg, :issue:418
• Update dependencies on configupdater and pyscaffoldext-django
• Remove broken checks for old setuptools, :issue:428

Version 4.0, 2021-03-04

• Cookiecutter, Django and Travis extensions extracted to their own repositories, :issue:175 and :issue:355
• Support for Python 3.4 and 3.5 dropped, :issue:226
• Dropped deprecated requirements.txt file, :issue:182
• Added support for global configuration (avoid retyping common putup's options), :issue:236
• PyScaffold is no longer a build-time dependency, it just generates the project structure
• Removed contrib subpackage, vendorized packages are now runtime dependencies, :pr:290
• setuptools_scm is included by default in setup.cfg, setup.py and pyproject.toml
• API changed to use pyscaffold.operations instead of integer flags, :pr:271

... (truncated)

• 90dde15 Version bump
• 2f82008 Add cast from TOMLDocument to MutableMapping
• eb9a0a6 Attempt to fix type errors on toml.py
• f73d9b5 Revert "Use datatype TOMLDocument"
• 66efcfd Use datatype TOMLDocument
• 906f1f9 Reorg of conda docs
• 89087ac Add one more faq about building without git
• 3df07d6 Fix missing shlex.join for Python < 3.8
• 3d9f590 Simplify quote with list2cmdline and add options to editors
• 20bdced Remove unused 'quote' arg in get_executable
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/checkout's releases.

v2.3.4

• Add missing awaits
• Swap to Environment Files

v2.3.3

• Remove Unneeded commit information from build logs
• Add Licensed to verify third party dependencies

v2.3.2

Add Third Party License Information to Dist Files

v2.3.1

Fix default branch resolution for .wiki and when using SSH

v2.3.0

Fallback to the default branch

v2.2.0

Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

v2.0.0

• Improved fetch performance
  • The default behavior now fetches only the commit being checked-out
• Script authenticated git commands
  • Persists the input token in the local git config
  • Enables your scripts to run authenticated git commands
  • Post-job cleanup removes the token
  • Opt out by setting the input persist-credentials: false
• Creates a local branch
  • No longer detached HEAD when checking out a branch
  • A local branch is created with the corresponding upstream branch set
• Improved layout
  • The input path is always relative to $GITHUB_WORKSPACE
  • Aligns better with container actions, where $GITHUB_WORKSPACE gets mapped in
• Fallback to REST API download
  • When Git 2.18 or higher is not in the PATH, the REST API will be used to download the files

... (truncated)

Sourced from actions/checkout's changelog.

Changelog

v2.3.1

• Fix default branch resolution for .wiki and when using SSH

v2.3.0

• Fallback to the default branch

v2.2.0

• Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

• Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

v2.0.0

• Do not pass cred on command line
• Add input persist-credentials
• Fallback to REST API to download repo

v2 (beta)

• Improved fetch performance
  • The default behavior now fetches only the SHA being checked-out
• Script authenticated git commands
  • Persists with.token in the local git config
  • Enables your scripts to run authenticated git commands
  • Post-job cleanup removes the token
  • Coming soon: Opt out by setting with.persist-credentials to false
• Creates a local branch
  • No longer detached HEAD when checking out a branch
  • A local branch is created with the corresponding upstream branch set
• Improved layout

... (truncated)

• 5a4ac90 Add missing awaits (#379)
• c952173 Swap to Environment Files (#360)
• a81bbbf Remove unneeded commit information from build logs (#345)
• 21dc310 Add Licensed To Help Verify Prod Licenses (#326)
• be6c44d Revert "Delete licenses.txt"
• dac8cc7 Delete licenses.txt
• 2036a08 Add Third Party License Information to Dist Files (#320)
• 592cf69 Update README.md
• a4b69b4 Update README.md
• 1433f62 update default branch (#305)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from wheel's changelog.

Release Notes

UNRELEASED

• Updated vendored packaging to 22.0

0.38.4 (2022-11-09)

• Fixed PKG-INFO conversion in bdist_wheel mangling UTF-8 header values in METADATA (PR by Anderson Bravalheri)

0.38.3 (2022-11-08)

• Fixed install failure when used with --no-binary, reported on Ubuntu 20.04, by removing setup_requires from setup.cfg

0.38.2 (2022-11-05)

• Fixed regression introduced in v0.38.1 which broke parsing of wheel file names with multiple platform tags

0.38.1 (2022-11-04)

• Removed install dependency on setuptools
• The future-proof fix in 0.36.0 for converting PyPy's SOABI into a abi tag was faulty. Fixed so that future changes in the SOABI will not change the tag.

0.38.0 (2022-10-21)

• Dropped support for Python < 3.7
• Updated vendored packaging to 21.3
• Replaced all uses of distutils with setuptools
• The handling of license_files (including glob patterns and default values) is now delegated to setuptools>=57.0.0 (#466). The package dependencies were updated to reflect this change.
• Fixed potential DoS attack via the WHEEL_INFO_RE regular expression
• Fixed ValueError: ZIP does not support timestamps before 1980 when using SOURCE_DATE_EPOCH=0 or when on-disk timestamps are earlier than 1980-01-01. Such timestamps are now changed to the minimum value before packaging.

0.37.1 (2021-12-22)

• Fixed wheel pack duplicating the WHEEL contents when the build number has changed (#415)
• Fixed parsing of file names containing commas in RECORD (PR by Hood Chatham)

0.37.0 (2021-08-09)

• Added official Python 3.10 support
• Updated vendored packaging library to v20.9

... (truncated)

• 6f1608d Created a new release
• cf8f5ef Moved news item from PR #484 to its proper place
• 9ec2016 Removed install dependency on setuptools (#483)
• 747e1f6 Fixed PyPy SOABI parsing (#484)
• 7627548 [pre-commit.ci] pre-commit autoupdate (#480)
• 7b9e8e1 Test on Python 3.11 final
• a04dfef Updated the pypi-publish action
• 94bb62c Fixed docs not building due to code style changes
• d635664 Updated the codecov action to the latest version
• fcb94cd Updated version to match the release
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from numpy's releases.

v1.24.0

NumPy 1.24 Release Notes

The NumPy 1.24.0 release continues the ongoing work to improve the handling and promotion of dtypes, increase the execution speed, and clarify the documentation. There are also a large number of new and expired deprecations due to changes in promotion and cleanups. This might be called a deprecation release. Highlights are

• Many new deprecations, check them out.
• Many expired deprecations,
• New F2PY features and fixes.
• New "dtype" and "casting" keywords for stacking functions.

See below for the details,

This release supports Python versions 3.8-3.11.

Deprecations

Deprecate fastCopyAndTranspose and PyArray_CopyAndTranspose

The numpy.fastCopyAndTranspose function has been deprecated. Use the corresponding copy and transpose methods directly:

arr.T.copy()

The underlying C function PyArray_CopyAndTranspose has also been deprecated from the NumPy C-API.

(gh-22313)

Conversion of out-of-bound Python integers

Attempting a conversion from a Python integer to a NumPy value will now always check whether the result can be represented by NumPy. This means the following examples will fail in the future and give a DeprecationWarning now:

np.uint8(-1)
np.array([3000], dtype=np.int8)

Many of these did succeed before. Such code was mainly useful for unsigned integers with negative values such as np.uint8(-1) giving np.iinfo(np.uint8).max.

Note that conversion between NumPy integers is unaffected, so that np.array(-1).astype(np.uint8) continues to work and use C integer overflow logic. For negative values, it will also work to view the array: np.array(-1, dtype=np.int8).view(np.uint8). In some cases,

... (truncated)

• 8cec820 Merge pull request #22813 from charris/prepare-1.24.0-release
• 8d33e68 REL: Prepare for the NumPy 1.24.0 release.
• 5ac09da Merge pull request #22815 from charris/backport-22814
• df2d26f BLD: use newer version of delocate
• e18104e Merge pull request #22805 from charris/backport-22804
• 6d44424 REV: revert change to numpyconfig.h for sizeof(type) hardcoding on macOS
• c484593 Merge pull request #22795 from charris/backport-22791
• 0904c01 Change argument to npy_floatstatus_..._barrier() functions to ensure it
• 34653f9 Merge pull request #22793 from charris/backport-22789
• 21f7096 BUG: Fix infinite recursion in longdouble/large integer scalar ops
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/setup-python's releases.

Improve error handling and messages

In scope of this release we added improved error message to put operating system and its version in the logs (actions/setup-python#559). Besides, the release

• fixes issue about specifying architecture for pypy-nightly on Windows with related pull request.
• improves error handling for Http Errors (actions/setup-python#511).
• updates minimatch (actions/setup-python#558).

v4.3.0

• Update @​actions/core to 1.10.0 version #517
• Update @​actions/cache to 3.0.4 version #499
• Only use github.token on github.com #443
• Improvement of documentation #477 #479 #491 #492

Add check-latest input and bug fixes

In scope of this release we add the check-latest input. If check-latest is set to true, the action first checks if the cached version is the latest one. If the locally cached version is not the most up-to-date, the version will then be downloaded from python-versions repository. By default check-latest is set to false. For PyPy it will to try to reach https://downloads.python.org/pypy/versions.json

Example of usage:

steps:
  - uses: actions/checkout@v3
  - uses: actions/setup-python@v4
    with:
      python-version: '3.9'
      check-latest: true
  - run: python --version

Besides, it includes such changes as

• Resolved logs for python-version and file inputs: actions/setup-python#465
• Added linux os release info to primary key: actions/setup-python#467
• Added fix to change Python versions for poetry: actions/setup-python#445
• Fix Tool Path handling for self-hosted runners: actions/setup-python#466

v4.1.0

In scope of this pull request we updated actions/cache package as the new version contains fixes for caching error handling. Moreover, we added a new input update-environment. This option allows to specify if the action shall update environment variables (default) or not.

Update-environment input

    - name: setup-python 3.9
      uses: actions/setup-python@v4
      with:
        python-version: 3.9
        update-environment: false

Besides, we added such changes as:

• Allow python-version-file to be a relative path: actions/setup-python#431
• Added new environment variables for Cmake: actions/setup-python#440
• Updated error message for resolveVersion: actions/setup-python#450
• Assign default value of AGENT_TOOLSDIRECTORY if not set: actions/setup-python#394

... (truncated)

• 2c3dd9e Add OS info to the error message (#559)
• 76bbdfa Update minimatch (#558)
• 1aafadc Caching projects that use setup.py (#549)
• b80efd6 Update to latest actions/publish-action (#546)
• 5cddb27 Recommend setting python-version (#545)
• 47c4a7a fix(ci): run .github/workflows/workflow.yml on ubuntu-20.04 (#535)
• af57b64 Extend docu regarding rate limit issues. (#510)
• 4818a5a Handle download HTTP error (#511)
• 8bcd256 Add architecture input check for PyPy for Windows platform (#520)
• 13ae5bb Merge pull request #517 from rentziass/rentziass/update-actions-core
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from numpy's releases.

v1.23.5

NumPy 1.23.5 Release Notes

NumPy 1.23.5 is a maintenance release that fixes bugs discovered after the 1.23.4 release and keeps the build infrastructure current. The Python versions supported for this release are 3.8-3.11.

Contributors

A total of 7 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• @​DWesl
• Aayush Agrawal +
• Adam Knapp +
• Charles Harris
• Navpreet Singh +
• Sebastian Berg
• Tania Allard

Pull requests merged

A total of 10 pull requests were merged for this release.

• #22489: TST, MAINT: Replace most setup with setup_method (also teardown)
• #22490: MAINT, CI: Switch to cygwin/cygwin-install-action@v2
• #22494: TST: Make test_partial_iteration_cleanup robust but require leak...
• #22592: MAINT: Ensure graceful handling of large header sizes
• #22593: TYP: Spelling alignment for array flag literal
• #22594: BUG: Fix bounds checking for random.logseries
• #22595: DEV: Update GH actions and Dockerfile for Gitpod
• #22596: CI: Only fetch in actions/checkout
• #22597: BUG: Decrement ref count in gentype_reduce if allocated memory...
• #22625: BUG: Histogramdd breaks on big arrays in Windows

Checksums

MD5

8a412b79d975199cefadb465279fd569  numpy-1.23.5-cp310-cp310-macosx_10_9_x86_64.whl
1b56e8e6a0516c78473657abf0710538  numpy-1.23.5-cp310-cp310-macosx_11_0_arm64.whl
c787f4763c9a5876e86a17f1651ba458  numpy-1.23.5-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
db07645022e56747ba3f00c2d742232e  numpy-1.23.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
c63a6fb7cc16a13aabc82ec57ac6bb4d  numpy-1.23.5-cp310-cp310-win32.whl
3fea9247e1d812600015641941fa273f  numpy-1.23.5-cp310-cp310-win_amd64.whl
4222cfb36e5ac9aec348c81b075e2c05  numpy-1.23.5-cp311-cp311-macosx_10_9_x86_64.whl
6c7102f185b310ac70a62c13d46f04e6  numpy-1.23.5-cp311-cp311-macosx_11_0_arm64.whl
6b7319f66bf7ac01b49e2a32470baf28  numpy-1.23.5-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
3c60928ddb1f55163801f06ac2229eb0  numpy-1.23.5-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
6936b6bcfd6474acc7a8c162a9393b3c  numpy-1.23.5-cp311-cp311-win32.whl

... (truncated)

• de82cd9 Merge pull request #22626 from charris/prepare-1.23.5-release
• 9c7ac34 REL: Prepare for the NumPy 1.23.5 Release.
• 2c4cf9a Merge pull request #22625 from charris/backport-22561
• dcd9404 BUG: Histogramdd breaks on big arrays in Windows (#22561)
• bb5e3a6 Merge pull request #22597 from charris/backport-22557
• 0d3d500 Merge pull request #22596 from charris/backport-22503
• 38fe21f Merge pull request #22595 from charris/backport-22452
• 45329c1 Merge pull request #22593 from charris/backport-22447
• 3ca02ce Merge pull request #22594 from charris/backport-22450
• 8cededd Merge pull request #22592 from charris/backport-22393
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from sqlalchemy's releases.

1.4.44

Released: November 12, 2022

sql

• [sql] [bug] Fixed critical memory issue identified in cache key generation, where for very large and complex ORM statements that make use of lots of ORM aliases with subqueries, cache key generation could produce excessively large keys that were orders of magnitude bigger than the statement itself. Much thanks to Rollo Konig Brock for their very patient, long term help in finally identifying this issue.

  References: #8790

postgresql

• [postgresql] [bug] [mssql] For the PostgreSQL and SQL Server dialects only, adjusted the compiler so that when rendering column expressions in the RETURNING clause, the "non anon" label that's used in SELECT statements is suggested for SQL expression elements that generate a label; the primary example is a SQL function that may be emitting as part of the column's type, where the label name should match the column's name by default. This restores a not-well defined behavior that had changed in version 1.4.21 due to #6718, #6710. The Oracle dialect has a different RETURNING implementation and was not affected by this issue. Version 2.0 features an across the board change for its widely expanded support of RETURNING on other backends.

  References: #8770

oracle

• [oracle] [bug] Fixed issue in the Oracle dialect where an INSERT statement that used insert(some_table).values(...).returning(some_table) against a full Table object at once would fail to execute, raising an exception.

tests

• [tests] [bug] Fixed issue where the --disable-asyncio parameter to the test suite would fail to not actually run greenlet tests and would also not prevent the suite from using a "wrapping" greenlet for the whole suite. This parameter now ensures that no greenlet or asyncio use will occur within the entire run when set.

  References: #8793

... (truncated)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from sqlalchemy's releases.

1.4.43

Released: November 4, 2022

orm

• [orm] [bug] Fixed issue in joined eager loading where an assertion fail would occur with a particular combination of outer/inner joined eager loads, when eager loading across three mappers where the middle mapper was an inherited subclass mapper.

  References: #8738

• [orm] [bug] Fixed bug involving Select constructs, where combinations of Select.select_from() with Select.join(), as well as when using Select.join_from(), would cause the _orm.with_loader_criteria() feature as well as the IN criteria needed for single-table inheritance queries to not render, in cases where the columns clause of the query did not explicitly include the left-hand side entity of the JOIN. The correct entity is now transferred to the Join object that's generated internally, so that the criteria against the left side entity is correctly added.

  References: #8721

• [orm] [bug] An informative exception is now raised when the _orm.with_loader_criteria() option is used as a loader option added to a specific "loader path", such as when using it within Load.options(). This use is not supported as _orm.with_loader_criteria() is only intended to be used as a top level loader option. Previously, an internal error would be generated.

  References: #8711

• [orm] [bug] Improved "dictionary mode" for _orm.Session.get() so that synonym names which refer to primary key attribute names may be indicated in the named dictionary.

  References: #8753

• [orm] [bug] Fixed issue where "selectin_polymorphic" loading for inheritance mappers would not function correctly if the _orm.Mapper.polymorphic_on parameter referred to a SQL expression that was not directly mapped on the class.

  References: #8704

• [orm] [bug] Fixed issue where the underlying DBAPI cursor would not be closed when using the _orm.Query object as an iterator, if a user-defined exception

... (truncated)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 4ebc28d Bump version numbers to 2022.6 / 2022f
• f1bd81b IANA 2022f
• 5797f88 Squashed 'tz/' changes from c4eb3fcf2..623631d84
• dacb1a1 Upgrade unittest asserts
• d1abcdd Bump GitHub Actions
• 7ff7f35 Add support for Python 3.11
• 1ab3481 Bump version numbers to 2022.5 / 2022e
• 872168c Squashed 'tz/' changes from 0fc8f915a..16bd7a384
• c5900e5 IANA 2022e
• 04b5402 Bump version numbers to 2022.4/2022d
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from numpy's releases.

v1.24.1

NumPy 1.24.1 Release Notes

NumPy 1.24.1 is a maintenance release that fixes bugs and regressions discovered after the 1.24.0 release. The Python versions supported by this release are 3.8-3.11.

Contributors

A total of 12 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Andrew Nelson
• Ben Greiner +
• Charles Harris
• Clément Robert
• Matteo Raso
• Matti Picus
• Melissa Weber Mendonça
• Miles Cranmer
• Ralf Gommers
• Rohit Goswami
• Sayed Adel
• Sebastian Berg

Pull requests merged

A total of 18 pull requests were merged for this release.

• #22820: BLD: add workaround in setup.py for newer setuptools
• #22830: BLD: CIRRUS_TAG redux
• #22831: DOC: fix a couple typos in 1.23 notes
• #22832: BUG: Fix refcounting errors found using pytest-leaks
• #22834: BUG, SIMD: Fix invalid value encountered in several ufuncs
• #22837: TST: ignore more np.distutils.log imports
• #22839: BUG: Do not use getdata() in np.ma.masked_invalid
• #22847: BUG: Ensure correct behavior for rows ending in delimiter in...
• #22848: BUG, SIMD: Fix the bitmask of the boolean comparison
• #22857: BLD: Help raspian arm + clang 13 about __builtin_mul_overflow
• #22858: API: Ensure a full mask is returned for masked_invalid
• #22866: BUG: Polynomials now copy properly (#22669)
• #22867: BUG, SIMD: Fix memory overlap in ufunc comparison loops
• #22868: BUG: Fortify string casts against floating point warnings
• #22875: TST: Ignore nan-warnings in randomized out tests
• #22883: MAINT: restore npymath implementations needed for freebsd
• #22884: BUG: Fix integer overflow in in1d for mixed integer dtypes #22877
• #22887: BUG: Use whole file for encoding checks with charset_normalizer.

Checksums

... (truncated)

• a28f4f2 Merge pull request #22888 from charris/prepare-1.24.1-release
• f8fea39 REL: Prepare for the NumPY 1.24.1 release.
• 6f491e0 Merge pull request #22887 from charris/backport-22872
• 48f5fe4 BUG: Use whole file for encoding checks with charset_normalizer [f2py] (#22...
• 0f3484a Merge pull request #22883 from charris/backport-22882
• 002c60d Merge pull request #22884 from charris/backport-22878
• 38ef9ce BUG: Fix integer overflow in in1d for mixed integer dtypes #22877 (#22878)
• bb00c68 MAINT: restore npymath implementations needed for freebsd
• 64e09c3 Merge pull request #22875 from charris/backport-22869
• dc7bac6 TST: Ignore nan-warnings in randomized out tests
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from wheel's changelog.

Release Notes

UNRELEASED

• Updated vendored packaging to 22.0

0.38.4 (2022-11-09)

• Fixed PKG-INFO conversion in bdist_wheel mangling UTF-8 header values in METADATA (PR by Anderson Bravalheri)

0.38.3 (2022-11-08)

• Fixed install failure when used with --no-binary, reported on Ubuntu 20.04, by removing setup_requires from setup.cfg

0.38.2 (2022-11-05)

• Fixed regression introduced in v0.38.1 which broke parsing of wheel file names with multiple platform tags

0.38.1 (2022-11-04)

• Removed install dependency on setuptools
• The future-proof fix in 0.36.0 for converting PyPy's SOABI into a abi tag was faulty. Fixed so that future changes in the SOABI will not change the tag.

0.38.0 (2022-10-21)

• Dropped support for Python < 3.7
• Updated vendored packaging to 21.3
• Replaced all uses of distutils with setuptools
• The handling of license_files (including glob patterns and default values) is now delegated to setuptools>=57.0.0 (#466). The package dependencies were updated to reflect this change.
• Fixed potential DoS attack via the WHEEL_INFO_RE regular expression
• Fixed ValueError: ZIP does not support timestamps before 1980 when using SOURCE_DATE_EPOCH=0 or when on-disk timestamps are earlier than 1980-01-01. Such timestamps are now changed to the minimum value before packaging.

0.37.1 (2021-12-22)

• Fixed wheel pack duplicating the WHEEL contents when the build number has changed (#415)
• Fixed parsing of file names containing commas in RECORD (PR by Hood Chatham)

0.37.0 (2021-08-09)

• Added official Python 3.10 support
• Updated vendored packaging library to v20.9

... (truncated)

• 814c2ef Created a new release
• 10a422d Added news item about PR #489
• 3f8bdf1 Allow METADATA file to contain UTF-8 chars (#489)
• daeb157 Created a new release
• 7a633c9 Removed setup_requires
• 4419390 Fixed parsing of wheel file names with multiple platform tags
• 6f1608d Created a new release
• cf8f5ef Moved news item from PR #484 to its proper place
• 9ec2016 Removed install dependency on setuptools (#483)
• 747e1f6 Fixed PyPy SOABI parsing (#484)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/setup-python's releases.

Add support to install multiple python versions

In scope of this release we added support to install multiple python versions. For this you can try to use this snippet:

    - uses: actions/setup-python@v4
      with:
        python-version: |
            3.8
            3.9
            3.10

Besides, we changed logic with throwing the error for GHES if cache is unavailable to warn (actions/setup-python#566).

Improve error handling and messages

In scope of this release we added improved error message to put operating system and its version in the logs (actions/setup-python#559). Besides, the release

• fixes issue about specifying architecture for pypy-nightly on Windows with related pull request.
• improves error handling for Http Errors (actions/setup-python#511).
• updates minimatch (actions/setup-python#558).

v4.3.0

• Update @​actions/core to 1.10.0 version #517
• Update @​actions/cache to 3.0.4 version #499
• Only use github.token on github.com #443
• Improvement of documentation #477 #479 #491 #492

Add check-latest input and bug fixes

In scope of this release we add the check-latest input. If check-latest is set to true, the action first checks if the cached version is the latest one. If the locally cached version is not the most up-to-date, the version will then be downloaded from python-versions repository. By default check-latest is set to false. For PyPy it will to try to reach https://downloads.python.org/pypy/versions.json

Example of usage:

steps:
  - uses: actions/checkout@v3
  - uses: actions/setup-python@v4
    with:
      python-version: '3.9'
      check-latest: true
  - run: python --version

Besides, it includes such changes as

• Resolved logs for python-version and file inputs: actions/setup-python#465
• Added linux os release info to primary key: actions/setup-python#467
• Added fix to change Python versions for poetry: actions/setup-python#445
• Fix Tool Path handling for self-hosted runners: actions/setup-python#466

v4.1.0

In scope of this pull request we updated actions/cache package as the new version contains fixes for caching error handling. Moreover, we added a new input update-environment. This option allows to specify if the action shall update environment variables (default) or not.

Update-environment input

... (truncated)

• 5ccb29d Install multiple python versions (#567)
• c3e0339 Update action to use reusable workflows (#569)
• 206e984 refactor: Use early return pattern to avoid nested conditions (#566)
• 2c3dd9e Add OS info to the error message (#559)
• 76bbdfa Update minimatch (#558)
• 1aafadc Caching projects that use setup.py (#549)
• b80efd6 Update to latest actions/publish-action (#546)
• 5cddb27 Recommend setting python-version (#545)
• 47c4a7a fix(ci): run .github/workflows/workflow.yml on ubuntu-20.04 (#535)
• af57b64 Extend docu regarding rate limit issues. (#510)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 309a457 Update i18n section of README
• 67b32d0 Separete legacy tests to run in legacy container
• ce19dbe Bump version numbers to 2022.7/2022g
• 7285e70 IANA 2022g
• 3a52798 Squashed 'tz/' changes from d3dc2a9d6..9baf0d34d
• 8656870 Let _all_timezones_unchecked be garbage collected when no longer needed
• bd3e51f Rename all_timezones_unchecked to strongly indicate it is not public
• 01592a9 Merge pull request #90 from eendebakpt/import_time_lazy_list
• 5e9f112 lazy timezone
• 4ebc28d Bump version numbers to 2022.6 / 2022f
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from sqlalchemy's releases.

1.4.45

Released: December 10, 2022

orm

• [orm] [bug] Fixed bug where _orm.Session.merge() would fail to preserve the current loaded contents of relationship attributes that were indicated with the _orm.relationship.viewonly parameter, thus defeating strategies that use _orm.Session.merge() to pull fully loaded objects from caches and other similar techniques. In a related change, fixed issue where an object that contains a loaded relationship that was nonetheless configured as lazy='raise' on the mapping would fail when passed to _orm.Session.merge(); checks for "raise" are now suspended within the merge process assuming the _orm.Session.merge.load parameter remains at its default of True.

  Overall, this is a behavioral adjustment to a change introduced in the 1.4 series as of #4994, which took "merge" out of the set of cascades applied by default to "viewonly" relationships. As "viewonly" relationships aren't persisted under any circumstances, allowing their contents to transfer during "merge" does not impact the persistence behavior of the target object. This allows _orm.Session.merge() to correctly suit one of its use cases, that of adding objects to a Session that were loaded elsewhere, often for the purposes of restoring from a cache.

  References: #8862

• [orm] [bug] Fixed issues in _orm.with_expression() where expressions that were composed of columns that were referenced from the enclosing SELECT would not render correct SQL in some contexts, in the case where the expression had a label name that matched the attribute which used _orm.query_expression(), even when _orm.query_expression() had no default expression. For the moment, if the _orm.query_expression() does have a default expression, that label name is still used for that default, and an additional label with the same name will continue to be ignored. Overall, this case is pretty thorny so further adjustments might be warranted.

  References: #8881

engine

• [engine] [bug] Fixed issue where _engine.Result.freeze() method would not work for textual SQL using either _sql.text() or _engine.Connection.exec_driver_sql().

  References: #8963

... (truncated)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 9e9e840 2022.12.07
• b81bdb2 2022.09.24
• 939a28f 2022.09.14
• aca828a 2022.06.15.2
• de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...
• b8eb5e9 2022.06.15.1
• 47fb7ab Fix deprecation warning on Python 3.11 (#199)
• b0b48e0 fixes #198 -- update link in license
• 9d514b4 2022.06.15
• 4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.