• cefe0bf Release 6.3.0
• a534fb9 Release 6.3.0b0
• 87920c5 Add changelog for 6.3.0 (#1669)
• dd6d9c7 add slide numbering (#1654)
• 5d2c5e2 Update state filter (#1664)
• 11ea593 fix: avoid closing the script tag early by escaping a forward slash (#1665)
• 968c5fb Fix HTML templates mentioned in help docs (#1653)
• 35c4d07 Add a new output filter that excludes widgets if there is no state (#1643)
• c663c75 6.2.0
• fd1dd15 6.2.0rc2
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from urllib3's releases.

1.25.8

Release: 1.25.8

1.25.7

No release notes provided.

1.25.6

Release: 1.25.6

1.25.5

Release: 1.25.5

1.25.4

Release: 1.25.4

Sourced from urllib3's changelog.

1.25.8 (2020-01-20)

• Drop support for EOL Python 3.4 (Pull #1774)

• Optimize _encode_invalid_chars (Pull #1787)

1.25.7 (2019-11-11)

• Preserve chunked parameter on retries (Pull #1715, Pull #1734)

• Allow unset SERVER_SOFTWARE in App Engine (Pull #1704, Issue #1470)

• Fix issue where URL fragment was sent within the request target. (Pull #1732)

• Fix issue where an empty query section in a URL would fail to parse. (Pull #1732)

• Remove TLS 1.3 support in SecureTransport due to Apple removing support (Pull #1703)

1.25.6 (2019-09-24)

• Fix issue where tilde (~) characters were incorrectly percent-encoded in the path. (Pull #1692)

1.25.5 (2019-09-19)

• Add mitigation for BPO-37428 affecting Python <3.7.4 and OpenSSL 1.1.1+ which caused certificate verification to be enabled when using cert_reqs=CERT_NONE. (Issue #1682)

1.25.4 (2019-09-19)

• Propagate Retry-After header settings to subsequent retries. (Pull #1607)

• Fix edge case where Retry-After header was still respected even when explicitly opted out of. (Pull #1607)

• Remove dependency on rfc3986 for URL parsing.

• Fix issue where URLs containing invalid characters within Url.auth would raise an exception instead of percent-encoding those characters.

... (truncated)

• 2a57bc5 Release 1.25.8 (#1788)
• a2697e7 Optimize _encode_invalid_chars (#1787)
• d2a5a59 Move IPv6 test skips in server fixtures
• d44f0e5 Factorize test certificates serialization
• 84abc7f Generate IPV6 certificates using trustme
• 6a15b18 Run IPv6 Tornado server from fixture
• 4903840 Use trustme to generate IP_SAN cert
• 9971e27 Empty responses should have no lines.
• 62ef68e Use trustme to generate NO_SAN certs
• fd2666e Use fixture to configure NO_SAN test certs
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from jupyter-core's releases.

4.11.1

What's Changed

• Fix inclusion of jupyter file and check in CI by @​blink1073 in jupyter/jupyter_core#276

Full Changelog: https://github.com/jupyter/jupyter_core/compare/4.11.0...4.11.1

4.11.0

What's Changed

• Use hatch backend by @​blink1073 in jupyter/jupyter_core#265
• is_hidden: Use normalized paths by @​martinRenou in jupyter/jupyter_core#271

New Contributors

• @​martinRenou made their first contribution in jupyter/jupyter_core#271

Full Changelog: https://github.com/jupyter/jupyter_core/compare/4.10.0...4.11.0

4.10.0

What's Changed

• Update changelog for 4.9.2 by @​blink1073 in jupyter/jupyter_core#252
• Include all files from jupyter_core by @​jonringer in jupyter/jupyter_core#253
• Add project URLs to setup.cfg by @​tlinhart in jupyter/jupyter_core#254
• Set up pre-commit by @​blink1073 in jupyter/jupyter_core#255
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jupyter/jupyter_core#257
• Add flake8 and mypy settings by @​blink1073 in jupyter/jupyter_core#256
• Clean up CI by @​blink1073 in jupyter/jupyter_core#258
• Update changelog for 4.10 Release by @​blink1073 in jupyter/jupyter_core#259

New Contributors

• @​jonringer made their first contribution in jupyter/jupyter_core#253
• @​tlinhart made their first contribution in jupyter/jupyter_core#254
• @​pre-commit-ci made their first contribution in jupyter/jupyter_core#257

Full Changelog: https://github.com/jupyter/jupyter_core/compare/4.9.2...4.10.0

4.9.2

What's Changed

• set proper sys.argv[0] for subcommand by @​bnavigator in jupyter/jupyter_core#248
• Add explicit encoding in open calls by @​dlukes in jupyter/jupyter_core#249
• jupyter_config_dir - reorder home_dir initialization by @​dharmaquark in jupyter/jupyter_core#251

New Contributors

• @​bnavigator made their first contribution in jupyter/jupyter_core#248
• @​dlukes made their first contribution in jupyter/jupyter_core#249
• @​dharmaquark made their first contribution in jupyter/jupyter_core#251

Full Changelog: https://github.com/jupyter/jupyter_core/compare/4.9.1...4.9.2

Sourced from jupyter-core's changelog.

Changes in jupyter-core

5.0.0

(Full Changelog)

Major Changes

Prefer Environment Level Configuration

We now make the assumption that if we are running in a virtual environment, we should prioritize the environment-level sys.prefix over the user-level paths. Users can opt out of this behavior by setting JUPYTER_PREFER_ENV_PATH, which takes precedence over our autodetection.

Migrate to Standard Platform Directories

In version 5, we introduce a JUPYTER_PLATFORM_DIRS environment variable to opt in to using more appropriate platform-specific directories. We raise a deprecation warning if the variable is not set. In version 6, JUPYTER_PLATFORM_DIRS will be opt-out. In version 7, we will remove the environment variable checks and old directory logic.

Drop Support for Python 3.7

We are dropping support for Python 3.7 ahead of its official end of life, to reduce maintenance burden as we add support for Python 3.11.

Enhancements made

• Use platformdirs for path locations #292 (@​blink1073)
• Try to detect if we are in a virtual environment and change path precedence accordingly #286 (@​jasongrout)

Bugs fixed

• Add current working directory as first config path #291 (@​blink1073)
• Fix inclusion of jupyter file and check in CI #276 (@​blink1073)

Maintenance and upkeep improvements

• Bump github/codeql-action from 1 to 2 #308 (@​dependabot)
• Bump actions/checkout from 2 to 3 #307 (@​dependabot)
• Add dependabot #306 (@​blink1073)
• Adopt jupyter releaser #305 (@​blink1073)
• Add more typing #304 (@​blink1073)
• Require Python 3.8+ #302 (@​blink1073)
• Use hatch backend #265 (@​blink1073)
• Switch to flit build backend #262 (@​blink1073)
• is_hidden: Use normalized paths #271 (@​martinRenou)

Documentation

• Update broken link to Contributing guide #289 (@​jamesr66a)

Contributors to this release

... (truncated)

• a8eac8c Release 4.11.2
• 1118c8c Merge pull request from GHSA-m678-f26j-3hrp
• d3f61f3 Release 4.11.1
• e7eeb9e Fix inclusion of jupyter file and check in CI (#276)
• 035bf11 Release 4.11.0
• 45aa28b [pre-commit.ci] pre-commit autoupdate (#273)
• 73401cc [pre-commit.ci] pre-commit autoupdate (#272)
• bc6b771 is_hidden: Use normalized paths (#271)
• be38e52 [pre-commit.ci] pre-commit autoupdate (#270)
• 7b790d8 [pre-commit.ci] pre-commit autoupdate (#269)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from joblib's changelog.

Release 1.2.0

• Fix a security issue where eval(pre_dispatch) could potentially run arbitrary code. Now only basic numerics are supported. joblib/joblib#1327

• Make sure that joblib works even when multiprocessing is not available, for instance with Pyodide joblib/joblib#1256

• Avoid unnecessary warnings when workers and main process delete the temporary memmap folder contents concurrently. joblib/joblib#1263

• Fix memory alignment bug for pickles containing numpy arrays. This is especially important when loading the pickle with mmap_mode != None as the resulting numpy.memmap object would not be able to correct the misalignment without performing a memory copy. This bug would cause invalid computation and segmentation faults with native code that would directly access the underlying data buffer of a numpy array, for instance C/C++/Cython code compiled with older GCC versions or some old OpenBLAS written in platform specific assembly. joblib/joblib#1254

• Vendor cloudpickle 2.2.0 which adds support for PyPy 3.8+.

• Vendor loky 3.3.0 which fixes several bugs including:

  • robustly forcibly terminating worker processes in case of a crash (joblib/joblib#1269);

  • avoiding leaking worker processes in case of nested loky parallel calls;

  • reliability spawn the correct number of reusable workers.

Release 1.1.0

• Fix byte order inconsistency issue during deserialization using joblib.load in cross-endian environment: the numpy arrays are now always loaded to use the system byte order, independently of the byte order of the system that serialized the pickle. joblib/joblib#1181

• Fix joblib.Memory bug with the ignore parameter when the cached function is a decorated function.

... (truncated)

• 5991350 Release 1.2.0
• 3fa2188 MAINT cleanup numpy warnings related to np.matrix in tests (#1340)
• cea26ff CI test the future loky-3.3.0 branch (#1338)
• 8aca6f4 MAINT: remove pytest.warns(None) warnings in pytest 7 (#1264)
• 067ed4f XFAIL test_child_raises_parent_exits_cleanly with multiprocessing (#1339)
• ac4ebd5 MAINT add back pytest warnings plugin (#1337)
• a23427d Test child raises parent exits cleanly more reliable on macos (#1335)
• ac09691 [MAINT] various test updates (#1334)
• 4a314b1 Vendor loky 3.2.0 (#1333)
• bdf47e9 Make test_parallel_with_interactively_defined_functions_default_backend timeo...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from nbconvert's releases.

Release 6.5.1

No release notes provided.

6.5.0

What's Changed

• Drop dependency on testpath. by @​anntzer in jupyter/nbconvert#1723
• Adopt pre-commit by @​blink1073 in jupyter/nbconvert#1744
• Add pytest settings and handle warnings by @​blink1073 in jupyter/nbconvert#1745
• Apply Autoformatters by @​blink1073 in jupyter/nbconvert#1746
• Add git-blame-ignore-revs by @​blink1073 in jupyter/nbconvert#1748
• Update flake8 config by @​blink1073 in jupyter/nbconvert#1749
• support bleach 5, add packaging and tinycss2 dependencies by @​bollwyvl in jupyter/nbconvert#1755
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jupyter/nbconvert#1752
• update cli example by @​leahecole in jupyter/nbconvert#1753
• Clean up pre-commit by @​blink1073 in jupyter/nbconvert#1757
• Clean up workflows by @​blink1073 in jupyter/nbconvert#1750

New Contributors

• @​pre-commit-ci made their first contribution in jupyter/nbconvert#1752

Full Changelog: https://github.com/jupyter/nbconvert/compare/6.4.5...6.5

6.4.3

What's Changed

• Add section to customizing showing how to use template inheritance by @​stefanv in jupyter/nbconvert#1719
• Remove ipython genutils by @​rgs258 in jupyter/nbconvert#1727
• Update changelog for 6.4.3 by @​blink1073 in jupyter/nbconvert#1728

New Contributors

• @​stefanv made their first contribution in jupyter/nbconvert#1719
• @​rgs258 made their first contribution in jupyter/nbconvert#1727

Full Changelog: https://github.com/jupyter/nbconvert/compare/6.4.2...6.4.3

6.4.0

What's Changed

• Optionally speed up validation by @​gwincr11 in jupyter/nbconvert#1672
• Adding missing div compared to JupyterLab DOM structure by @​SylvainCorlay in jupyter/nbconvert#1678
• Allow passing extra args to code highlighter by @​yuvipanda in jupyter/nbconvert#1683
• Prevent page breaks in outputs when printing by @​SylvainCorlay in jupyter/nbconvert#1679
• Add collapsers to template by @​SylvainCorlay in jupyter/nbconvert#1689
• Fix recent pandoc latex tables by adding calc and array (#1536, #1566) by @​cgevans in jupyter/nbconvert#1686
• Add an invalid notebook error by @​gwincr11 in jupyter/nbconvert#1675
• Fix typos in execute.py by @​TylerAnderson22 in jupyter/nbconvert#1692
• Modernize latex greek math handling (partially fixes #1673) by @​cgevans in jupyter/nbconvert#1687
• Fix use of deprecated API and update test matrix by @​blink1073 in jupyter/nbconvert#1696
• Update nbconvert_library.ipynb by @​letterphile in jupyter/nbconvert#1695
• Changelog for 6.4 by @​blink1073 in jupyter/nbconvert#1697

New Contributors

... (truncated)

• 7471b75 Release 6.5.1
• c1943e0 Fix pre-commit
• 8685e93 Fix tests
• 0abf290 Run black and prettier
• 418d545 Run test on 6.x branch
• bef65d7 Convert input to string prior to escape HTML
• 0818628 Check input type before escaping
• b206470 GHSL-2021-1017, GHSL-2021-1020, GHSL-2021-1021
• a03cbb8 GHSL-2021-1026, GHSL-2021-1025
• 48fe71e GHSL-2021-1024
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from mistune's releases.

Version 2.0.2

Fix escape_url via lepture/mistune#295

Version 2.0.1

Fix XSS for image link syntax.

Version 2.0.0

First release of Mistune v2.

Version 2.0.0 RC1

In this release, we have a Security Fix for harmful links.

Version 2.0.0 Alpha 1

This is the first release of v2. An alpha version for users to have a preview of the new mistune.

Sourced from mistune's changelog.

Changelog

Here is the full history of mistune v2.

Version 2.0.4

Released on Jul 15, 2022

Fix url plugin in <a> tag
Fix * formatting

Version 2.0.3

Released on Jun 27, 2022

• Fix table plugin
• Security fix for CVE-2022-34749

Version 2.0.2

Released on Jan 14, 2022
Fix escape_url
Version 2.0.1

Released on Dec 30, 2021

XSS fix for image link syntax.

Version 2.0.0

Released on Dec 5, 2021
This is the first non-alpha release of mistune v2.
Version 2.0.0rc1

Released on Feb 16, 2021

Version 2.0.0a6

</tr></table> 

... (truncated)

• 3f422f1 Version bump 2.0.3
• a6d4321 Fix asteris emphasis regex CVE-2022-34749
• 5638e46 Merge pull request #307 from jieter/patch-1
• 0eba471 Fix typo in guide.rst
• 61e9337 Fix table plugin
• 76dec68 Add documentation for renderer heading when TOC enabled
• 799cd11 Version bump 2.0.2
• babb0cf Merge pull request #295 from dairiki/bug.escape_url
• fc2cd53 Make mistune.util.escape_url less aggressive
• 3e8d352 Version bump 2.0.1
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from numpy's releases.

v1.22.0

NumPy 1.22.0 Release Notes

NumPy 1.22.0 is a big release featuring the work of 153 contributors spread over 609 pull requests. There have been many improvements, highlights are:

• Annotations of the main namespace are essentially complete. Upstream is a moving target, so there will likely be further improvements, but the major work is done. This is probably the most user visible enhancement in this release.
• A preliminary version of the proposed Array-API is provided. This is a step in creating a standard collection of functions that can be used across application such as CuPy and JAX.
• NumPy now has a DLPack backend. DLPack provides a common interchange format for array (tensor) data.
• New methods for quantile, percentile, and related functions. The new methods provide a complete set of the methods commonly found in the literature.
• A new configurable allocator for use by downstream projects.

These are in addition to the ongoing work to provide SIMD support for commonly used functions, improvements to F2PY, and better documentation.

The Python versions supported in this release are 3.8-3.10, Python 3.7 has been dropped. Note that 32 bit wheels are only provided for Python 3.8 and 3.9 on Windows, all other wheels are 64 bits on account of Ubuntu, Fedora, and other Linux distributions dropping 32 bit support. All 64 bit wheels are also linked with 64 bit integer OpenBLAS, which should fix the occasional problems encountered by folks using truly huge arrays.

Expired deprecations

Deprecated numeric style dtype strings have been removed

Using the strings "Bytes0", "Datetime64", "Str0", "Uint32", and "Uint64" as a dtype will now raise a TypeError.

(gh-19539)

Expired deprecations for loads, ndfromtxt, and mafromtxt in npyio

numpy.loads was deprecated in v1.15, with the recommendation that users use pickle.loads instead. ndfromtxt and mafromtxt were both deprecated in v1.17 - users should use numpy.genfromtxt instead with the appropriate value for the usemask parameter.

(gh-19615)

... (truncated)

• 4adc87d Merge pull request #20685 from charris/prepare-for-1.22.0-release
• fd66547 REL: Prepare for the NumPy 1.22.0 release.
• 125304b wip
• c283859 Merge pull request #20682 from charris/backport-20416
• 5399c03 Merge pull request #20681 from charris/backport-20954
• f9c45f8 Merge pull request #20680 from charris/backport-20663
• 794b36f Update armccompiler.py
• d93b14e Update test_public_api.py
• 7662c07 Update init.py
• 311ab52 Update armccompiler.py
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• 9e9e840 2022.12.07
• b81bdb2 2022.09.24
• 939a28f 2022.09.14
• aca828a 2022.06.15.2
• de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...
• b8eb5e9 2022.06.15.1
• 47fb7ab Fix deprecation warning on Python 3.11 (#199)
• b0b48e0 fixes #198 -- update link in license
• 9d514b4 2022.06.15
• 4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.