Bump the group group across 1 directory with 7 updates

[dependabot]

Bumps the group group with 7 updates in the /python directory:

Package	From	To
fastapi	0.110.2	0.111.0
lxml	5.2.1	5.2.2
torch	2.2.2	2.3.0
torchvision	0.17.2	0.18.0
uvicorn	0.29.0	0.30.0
coverage	7.5.0	7.5.3
ruff	0.4.2	0.4.7

Updates fastapi from 0.110.2 to 0.111.0

Release notes

Sourced from fastapi's releases.

0.111.0

Features

• ✨ Add FastAPI CLI, the new fastapi command. PR #11522 by @​tiangolo.
  • New docs: FastAPI CLI.

Try it out with:

$ pip install --upgrade fastapi
$ fastapi dev main.py
╭────────── FastAPI CLI - Development mode ───────────╮
│                                                     │
│  Serving at: http://127.0.0.1:8000                  │
│                                                     │
│  API docs: http://127.0.0.1:8000/docs               │
│                                                     │
│  Running in development mode, for production use:   │
│                                                     │
│  fastapi run                                        │
│                                                     │
╰─────────────────────────────────────────────────────╯
INFO:     Will watch for changes in these directories: ['/home/user/code/awesomeapp']
INFO:     Uvicorn running on http://127.0.0.1:8000 (Press CTRL+C to quit)
INFO:     Started reloader process [2248755] using WatchFiles
INFO:     Started server process [2248757]
INFO:     Waiting for application startup.
INFO:     Application startup complete.

Refactors

• 🔧 Add configs and setup for fastapi-slim including optional extras fastapi-slim[standard], and fastapi including by default the same standard extras. PR #11503 by @​tiangolo.

0.110.3

Latest Changes

Docs

• 📝 Update references to Python version, FastAPI supports all the current versions, no need to make the version explicit. PR #11496 by @​tiangolo.
• ✏️ Fix typo in fastapi/security/api_key.py. PR #11481 by @​ch33zer.
• ✏️ Fix typo in security/http.py. PR #11455 by @​omarmoo5.

Translations

• 🌐 Add Traditional Chinese translation for docs/zh-hant/benchmarks.md. PR #11484 by @​KNChiu.

... (truncated)

Commits

• 1c3e691 📝 Update release notes
• ab8f557 📝 Update release notes
• 67da3bb 🔖 Release version 0.111.0
• 9ed94e4 📝 Update release notes
• d71be59 ✨ Add FastAPI CLI, the new fastapi command (#11522)
• a94ef33 📝 Update release notes
• ea1f219 🔧 Add configs and setup for fastapi-slim including optional extras `fastapi...
• 32be95d 🔖 Release version 0.110.3
• 92b67b1 📝 Update release notes
• e0a9692 📝 Update release notes
• Additional commits viewable in compare view

Updates lxml from 5.2.1 to 5.2.2

Release notes

Sourced from lxml's releases.

lxml-5.2.2

5.2.2 (2024-05-12)

Bugs fixed

• GH#417: The test_feed_parser test could fail if lxml_html_clean was not installed. It is now skipped in that case.

• LP#2059910: The minimum CPU architecture for the Linux x86 binary wheels was set back to "core2", without SSE 4.2.

• If libxml2 uses iconv, the compile time version is available as etree.ICONV_COMPILED_VERSION.

Changelog

Sourced from lxml's changelog.

5.2.2 (2024-05-12)

Bugs fixed

• GH#417: The test_feed_parser test could fail if lxml_html_clean was not installed. It is now skipped in that case.

• LP#2059910: The minimum CPU architecture for the Linux x86 binary wheels was set back to "core2", without SSE 4.2.

• If libxml2 uses iconv, the compile time version is available as etree.ICONV_COMPILED_VERSION.

Commits

• 8e4b14c Prepare release of lxml 5.2.2.
• ddaa6ed Provide compile time version of libiconv as "etree.ICONV_COMPILED_VERSION".
• 1ab00bd CI: Do not install lxml as dependency of "lxml_html_clean".
• b325054 CI: Stop building LTO wheels to avoid messing with the library build cache.
• 81624c2 CI: Exclude now-unsupported Python versions 3.6/7 from macOS jobs.
• 069fa36 Fix typo.
• e0df2ba Fix typo.
• df55eaf Update changelog.
• f3e77fa Remove dependency on SSE4 instructions, reverting back to "core2" as a target...
• a22e83c Update changelog.
• Additional commits viewable in compare view

Updates torch from 2.2.2 to 2.3.0

Release notes

Sourced from torch's releases.

PyTorch 2.3: User-Defined Triton Kernels in torch.compile, Tensor Parallelism in Distributed

PyTorch 2.3 Release notes

• Highlights
• Backwards Incompatible Changes
• Deprecations
• New Features
• Improvements
• Bug fixes
• Performance
• Documentation

Highlights

We are excited to announce the release of PyTorch® 2.3! PyTorch 2.3 offers support for user-defined Triton kernels in torch.compile, allowing for users to migrate their own Triton kernels from eager without experiencing performance complications or graph breaks. As well, Tensor Parallelism improves the experience for training Large Language Models using native PyTorch functions, which has been validated on training runs for 100B parameter models.

This release is composed of 3393 commits and 426 contributors since PyTorch 2.2. We want to sincerely thank our dedicated community for your contributions. As always, we encourage you to try these out and report any issues as we improve 2.3. More information about how to get started with the PyTorch 2-series can be found at our Getting Started page.

... (truncated)

Commits

• 97ff6cf [Release only] Release 2.3 start using triton package from pypi (#123580)
• fb38ab7 Fix for MPS regression in #122016 and #123178 (#123385)
• 23961ce [Release/2.3] Set py3.x build-environment name consistently (#123446)
• 634cf50 [Wheel] Change libtorch_cpu OpenMP search path (#123417) (#123442)
• 12d0e69 update submodule onnx==1.16.0 (#123387)
• 38acd81 [MPS] Fwd-fix for clamp regression (#122148) (#123383)
• b197f54 Use numpy 2.0.0rc1 in CI (#123356)
• dc81d19 [CI] Test that NumPy-2.X builds are backward compatible with 1.X (#123354)
• 108305e Upgrade submodule pybind to 2.12.0 (#123355)
• a8b0091 Make PyTorch compilable against upcoming Numpy-2.0 (#121880) (#123380)
• Additional commits viewable in compare view

Updates torchvision from 0.17.2 to 0.18.0

Release notes

Sourced from torchvision's releases.

TorchVision 0.18 Release

BC-Breaking changes

[datasets] gdown is now a required dependency for downloading datasets that are on Google Drive. This change was actually introduced in 0.17.1 (repeated here for visibility) (#8237) [datasets] The StanfordCars dataset isn’t available for download anymore. Please follow these instructions to manually download it (#8309, #8324) [transforms] to_grayscale and corresponding transform now always return 3 channels when num_output_channels=3 (#8229)

Bug Fixes

[datasets] Fix download URL of EMNIST dataset (#8350) [datasets] Fix root path expansion in Kitti dataset (#8164) [models] Fix default momentum value of BatchNorm2d in MaxViT from 0.99 to 0.01 (#8312) [reference scripts] Fix CutMix and MixUp arguments (#8287) [MPS, build] Link essential libraries in cmake (#8230) [build] Fix build with ffmpeg 6.0 (#8096)

New Features

[transforms] New GrayscaleToRgb transform (#8247) [transforms] New JPEG augmentation transform (#8316)

Improvements

[datasets, io] Added pathlib.Path support to datasets and io utilities. (#8196, #8200, #8314, #8321) [datasets] Added allow_empty parameter to ImageFolder and related utils to support empty classes during image discovery (#8311) [datasets] Raise proper error in CocoDetection when a slice is passed (#8227) [io] Added support for EXIF orientation in JPEG and PNG decoders (#8303, #8279, #8342, #8302) [io] Avoiding unnecessary copies on io.VideoReader with pyav backend (#8173) [transforms] Allow SanitizeBoundingBoxes to sanitize more than labels (#8319) [transforms] Add sanitize_bounding_boxes kernel/functional (#8308) [transforms] Make perspective more numerically stable (#8249) [transforms] Allow 2D numpy arrays as inputs for to_image (#8256) [transforms] Speed-up rotate for 90, 180, 270 degrees (#8295) [transforms] Enabled torch compile on affine transform (#8218) [transforms] Avoid some graph breaks in transforms (#8171) [utils] Add float support to draw_keypoints (#8276) [utils] Add visibility parameter to draw_keypoints (#8225) [utils] Add float support to draw_segmentation_masks (#8150) [utils] Better show overlap section of masks in draw_segmentation_masks (#8213) [Docs] Various documentation improvements (#8341, #8332, #8198, #8318, #8202, #8246, #8208, #8231, #8300, #8197) [code quality] Various code quality improvements (#8273, #8335, #8234, #8345, #8334, #8119, #8251, #8329, #8217, #8180, #8105, #8280, #8161, #8313)

Contributors

We're grateful for our community, which helps us improve torchvision by submitting issues and PRs, and providing feedback and suggestions. The following persons have contributed patches for this release:

Adam Dangoor Ahmad Sharif , ahmadsharif1, Andrey Talman, Anner, anthony-cabacungan, Arun Sathiya, Brizar, Brizar , cdzhan, Danylo Baibak, Huy Do, Ivan Magazinnik, JavaZero, Johan Edstedt, Li-Huai (Allan) Lin, Mantas, Mark Harfouche, Mithra, Nicolas Hug, Nicolas Hug , nihui, Philip Meier, Philip Meier , RazaProdigy , Richard Barnes , Riza Velioglu, sam-watts, Santiago Castro, Sergii Dymchenko, Syed Raza, talcs, Thien Tran, Thien Tran , TilmannR, Tobias Fischer, vfdev, vfdev , Zhu Lin Ch'ng, Zoltán Böszörményi.

Commits

• 6043bc2 [Cherry-pick for 0.18] Update the download url in class EMNIST #8350 (#8365)
• 21a7a7c [Cherry-pick for 0.18] [FBcode -> GH] Fix fetch_png_exif_orientation #8345 (#...
• f22b01f [Cherry-pick for 0.18] Just a typo (#8341) (#8355)
• 7a4bdf3 [Cherry-pick for 0.18] yet another ssdlite link fix #8332 (#8352)
• fc0fe8f [Release only] Use release/2.3 instead of main for test-infra-ref (#8347)
• 4f19b9b Remove prototype stuff for release (#8331)
• c87be16 Use @​release/2.3 instead of @​main for CI jobs (#8330)
• 9cb639a Remove private PIL kernels from init.py (#8329)
• 924b162 Add JPEG augmentation (#8316)
• 2ba586d Document that datasets support pathlib.Path (#8321)
• Additional commits viewable in compare view

Updates uvicorn from 0.29.0 to 0.30.0

Release notes

Sourced from uvicorn's releases.

Version 0.30.0

Added

• New multiprocess manager (#2183)
• Allow ConfigParser or a io.IO[Any] on log_config (#1976)

Fixed

• Suppress side effects of signal propagation (#2317)
• Send content-length header on 5xx (#2304)

Deprecated

• Deprecate the uvicorn.workers module (#2302)

---

Full Changelog: encode/uvicorn@0.29.0...0.30.0

Changelog

Sourced from uvicorn's changelog.

0.30.0 (2024-05-28)

Added

• New multiprocess manager (#2183)
• Allow ConfigParser or a io.IO[Any] on log_config (#1976)

Fixed

• Suppress side-effects of signal propagation (#2317)
• Send content-length header on 5xx (#2304)

Deprecated

• Deprecate the uvicorn.workers module (#2302)

Commits

• 9a6b3a8 Version 0.30.0 (#2348)
• 53fa273 New multiprocess manager (#2183)
• 22873a9 Suppress side-effects of signal propagation (#2317)
• 14ffba8 Simplify CHANGELOG (#2337)
• 5c78192 Add favicon and logo to the documentation (#2336)
• b9c03a8 Improve type hints on WebSockets implementations (#2335)
• 14bdf04 Use pytestmark to simplify test suite (#2334)
• 0efd383 Send content-length header on 5xx (#2304)
• 772c24b Deprecate the uvicorn.workers module (#2302)
• 12c9ee3 Allow ConfigParser or a io.IO[Any] on log_config (#1976)
• Additional commits viewable in compare view

Updates coverage from 7.5.0 to 7.5.3

Changelog

Sourced from coverage's changelog.

Version 7.5.3 — 2024-05-28

• Performance improvements for combining data files, especially when measuring line coverage. A few different quadratic behaviors were eliminated. In one extreme case of combining 700+ data files, the time dropped from more than three hours to seven minutes. Thanks for Kraken Tech for funding the fix.

• Performance improvements for generating HTML reports, with a side benefit of reducing memory use, closing issue 1791_. Thanks to Daniel Diniz for helping to diagnose the problem.

.. _issue 1791: nedbat/coveragepy#1791

.. _changes_7-5-2:

Version 7.5.2 — 2024-05-24

• Fix: nested matches of exclude patterns could exclude too much code, as reported in issue 1779_. This is now fixed.

• Changed: previously, coverage.py would consider a module docstring to be an executable statement if it appeared after line 1 in the file, but not executable if it was the first line. Now module docstrings are never counted as executable statements. This can change coverage.py's count of the number of statements in a file, which can slightly change the coverage percentage reported.

• In the HTML report, the filter term and "hide covered" checkbox settings are remembered between viewings, thanks to Daniel Diniz <pull 1776_>_.

• Python 3.13.0b1 is supported.

• Fix: parsing error handling is improved to ensure bizarre source files are handled gracefully, and to unblock oss-fuzz fuzzing, thanks to Liam DeVoe <pull 1788_>. Closes issue 1787.

.. _pull 1776: nedbat/coveragepy#1776 .. _issue 1779: nedbat/coveragepy#1779 .. _issue 1787: nedbat/coveragepy#1787 .. _pull 1788: nedbat/coveragepy#1788

.. _changes_7-5-1:

Version 7.5.1 — 2024-05-04

... (truncated)

Commits

• f310d7e docs: sample HTML for 7.5.3
• a51d52f docs: prep for 7.5.3
• b666f3a perf: it's faster in all versions if we don't cache tokenize #1791
• a2b4929 docs: changelog entry for combine performance improvements
• b9aff50 perf: don't read full line_bits table each time
• c45ebac perf: cache alias mapping
• 390cb97 perf: avoid quadratic behavior when combining line coverage
• d3caf53 docs(build): tweaks to howto
• 909e887 build: bump version
• 242adea build: don't claim pre-alpha-1 in classifiers
• Additional commits viewable in compare view

Updates ruff from 0.4.2 to 0.4.7

Release notes

Sourced from ruff's releases.

v0.4.7

Changes

Preview features

• [flake8-pyi] Implement PYI064 (#11325)
• [flake8-pyi] Implement PYI066 (#11541)
• [flake8-pyi] Implement PYI057 (#11486)
• [pyflakes] Enable F822 in __init__.py files by default (#11370)

Formatter

• Fix incorrect placement of trailing stub function comments (#11632)

Server

• Respect file exclusions in ruff server (#11590)
• Add support for documents not exist on disk (#11588)
• Add Vim and Kate setup guide for ruff server (#11615)

Bug fixes

• Avoid removing newlines between docstring headers and rST blocks (#11609)
• Infer indentation with imports when logical indent is absent (#11608)
• Use char index rather than position for indent slice (#11645)
• [flake8-comprehension] Strip parentheses around generators in C400 (#11607)
• Mark repeated-isinstance-calls as unsafe on Python 3.10 and later (#11622)

Contributors

• @​AlexWaygood
• @​Chubercik
• @​JaRoSchm
• @​MichaReiser
• @​T-256
• @​carljm
• @​charliermarsh
• @​hassec
• @​plredmond
• @​tomasr8
• @​tusharsadhwani
• @​vitaliyf

v0.4.6

Changes

Breaking changes

• Use project-relative paths when calculating GitLab fingerprints (#11532)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.4.7

Preview features

• [flake8-pyi] Implement PYI064 (#11325)
• [flake8-pyi] Implement PYI066 (#11541)
• [flake8-pyi] Implement PYI057 (#11486)
• [pyflakes] Enable F822 in __init__.py files by default (#11370)

Formatter

• Fix incorrect placement of trailing stub function comments (#11632)

Server

• Respect file exclusions in ruff server (#11590)
• Add support for documents not exist on disk (#11588)
• Add Vim and Kate setup guide for ruff server (#11615)

Bug fixes

• Avoid removing newlines between docstring headers and rST blocks (#11609)
• Infer indentation with imports when logical indent is absent (#11608)
• Use char index rather than position for indent slice (#11645)
• [flake8-comprehension] Strip parentheses around generators in C400 (#11607)
• Mark repeated-isinstance-calls as unsafe on Python 3.10 and later (#11622)

0.4.6

Breaking changes

• Use project-relative paths when calculating GitLab fingerprints (#11532)
• Bump minimum supported Windows version to Windows 10 (#11613)

Preview features

• [flake8-async] Sleep with >24 hour interval should usually sleep forever (ASYNC116) (#11498)

Rule changes

• [numpy] Add missing functions to NumPy 2.0 migration rule (#11528)
• [mccabe] Consider irrefutable pattern similar to if .. else for C901 (#11565)
• Consider match-case statements for C901, PLR0912, and PLR0915 (#11521)
• Remove empty strings when converting to f-string (UP032) (#11524)
• [flake8-bandit] request-without-timeout should warn for requests.request (#11548)
• [flake8-self] Ignore sunder accesses in flake8-self rules (#11546)
• [pyupgrade] Lint for TypeAliasType usages (UP040) (#11530)

Server

... (truncated)

Commits

• 1ad5f9c Bump version to v0.4.7 (#11646)
• e914bc3 F401 sort bindings before adding to all (#11648)
• 27f6f04 [red-knot] initial (very incomplete) flow graph (#11624)
• d62a617 red-knot: Don't refer to Module instances as IDs (#11649)
• 16a926d [red-knot] infer int literal types (#11623)
• 05566c6 Update Who's Using Ruff? section to include Godot (#11647)
• 7ce17b7 Add Vim and Kate setup guide for ruff server (#11615)
• f9a6450 Use char index rather than position for indent slice (#11645)
• 8a25531 red-knot: improve internal documentation in module.rs (#11638)
• 9b6d2ce Fix incorect placement of trailing stub function comments (#11632)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.