Bump the runtime-dependencies group with 3 updates

[dependabot]

Bumps the runtime-dependencies group with 3 updates: numpy, ruamel-yaml and scipy.

Updates numpy from 2.0.2 to 2.2.1

Release notes

Sourced from numpy's releases.

2.2.1 (DEC 21, 2024)

NumPy 2.2.1 Release Notes

NumPy 2.2.1 is a patch release following 2.2.0. It fixes bugs found after the 2.2.0 release and has several maintenance pins to work around upstream changes.

There was some breakage in downstream projects following the 2.2.0 release due to updates to NumPy typing. Because of problems due to MyPy defects, we recommend using basedpyright for type checking, it can be installed from PyPI. The Pylance extension for Visual Studio Code is also based on Pyright. Problems that persist when using basedpyright should be reported as issues on the NumPy github site.

This release supports Python 3.10-3.13.

Contributors

A total of 9 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Charles Harris
• Joren Hammudoglu
• Matti Picus
• Nathan Goldbaum
• Peter Hawkins
• Simon Altrogge
• Thomas A Caswell
• Warren Weckesser
• Yang Wang +

Pull requests merged

A total of 12 pull requests were merged for this release.

• #27935: MAINT: Prepare 2.2.x for further development
• #27950: TEST: cleanups
• #27958: BUG: fix use-after-free error in npy_hashtable.cpp (#27955)
• #27959: BLD: add missing include
• #27982: BUG:fix compile error libatomic link test to meson.build
• #27990: TYP: Fix falsely rejected value types in ndarray.__setitem__
• #27991: MAINT: Don't wrap #include <Python.h> with extern "C"
• #27993: BUG: Fix segfault in stringdtype lexsort
• #28006: MAINT: random: Tweak module code in mtrand.pyx to fix a Cython...
• #28007: BUG: Cython API was missing NPY_UINTP.
• #28021: CI: pin scipy-doctest to 1.5.1
• #28044: TYP: allow None in operand sequence of nditer

Checksums

... (truncated)

Changelog

Sourced from numpy's changelog.

This is a walkthrough of the NumPy 2.1.0 release on Linux, modified for building with GitHub Actions and cibuildwheels and uploading to the anaconda.org staging repository for NumPy <https://anaconda.org/multibuild-wheels-staging/numpy>_. The commands can be copied into the command line, but be sure to replace 2.1.0 by the correct version. This should be read together with the :ref:general release guide <prepare_release>.

Facility preparation

Before beginning to make a release, use the requirements/*_requirements.txt files to ensure that you have the needed software. Most software can be installed with pip, but some will require apt-get, dnf, or whatever your system uses for software. You will also need a GitHub personal access token (PAT) to push the documentation. There are a few ways to streamline things:

• Git can be set up to use a keyring to store your GitHub personal access token. Search online for the details.
• You can use the keyring app to store the PyPI password for twine. See the online twine documentation for details.

Prior to release

Add/drop Python versions

When adding or dropping Python versions, three files need to be edited:

• .github/workflows/wheels.yml # for github cibuildwheel
• tools/ci/cirrus_wheels.yml # for cibuildwheel aarch64/arm64 builds
• pyproject.toml # for classifier and minimum version check.

Make these changes in an ordinary PR against main and backport if necessary. Add [wheel build] at the end of the title line of the commit summary so that wheel builds will be run to test the changes. We currently release wheels for new Python versions after the first Python rc once manylinux and cibuildwheel support it. For Python 3.11 we were able to release within a week of the rc1 announcement.

Backport pull requests

Changes that have been marked for this release must be backported to the maintenance/2.1.x branch.

Update 2.1.0 milestones

... (truncated)

Commits

• 7469245 Merge pull request #28047 from charris/prepare-2.2.1
• acb051e REL: Prepare for the NumPy 2.2.1 release [wheel build]
• 28a091a Merge pull request #28044 from charris/backport-28039
• 723605b TST: Add test for allowing None in operand sequence passed to nditer
• 554739e TYP: allow None in operand sequence of nditer
• 31bc4c8 Merge pull request #28021 from charris/backport-28020
• 32f52a3 CI: pin scipy-doctest to 1.5.1 (#28020)
• 6219aeb Merge pull request #28007 from charris/backport-28005
• eb7071c Merge pull request #28006 from charris/backport-28003
• 4f82c32 BUG: Cython API was missing NPY_UINTP.
• Additional commits viewable in compare view

Updates ruamel-yaml from 0.18.6 to 0.18.8

Updates scipy from 1.14.1 to 1.15.0

Release notes

Sourced from scipy's releases.

SciPy 1.15.0 Release Notes

SciPy 1.15.0 is the culmination of 6 months of hard work. It contains many new features, numerous bug-fixes, improved test coverage and better documentation. There have been a number of deprecations and API changes in this release, which are documented below. All users are encouraged to upgrade to this release, as there are a large number of bug-fixes and optimizations. Before upgrading, we recommend that users check that their own code does not use deprecated SciPy functionality (to do so, run your code with python -Wd and check for DeprecationWarning s). Our development attention will now shift to bug-fix releases on the 1.15.x branch, and on adding new features on the main branch.

This release requires Python 3.10-3.13 and NumPy 1.23.5 or greater.

Highlights of this release

• Sparse arrays are now fully functional for 1-D and 2-D arrays. We recommend that all new code use sparse arrays instead of sparse matrices and that developers start to migrate their existing code from sparse matrix to sparse array: migration_to_sparray. Both sparse.linalg and sparse.csgraph work with either sparse matrix or sparse array and work internally with sparse array.

• Sparse arrays now provide basic support for n-D arrays in the COO format including add, subtract, reshape, transpose, matmul, dot, tensordot and others. More functionality is coming in future releases.

• Preliminary support for free-threaded Python 3.13.

• New probability distribution features in scipy.stats can be used to improve the speed and accuracy of existing continuous distributions and perform new probability calculations.

• Several new features support vectorized calculations with Python Array API Standard compatible input (see "Array API Standard Support" below):

  • scipy.differentiate is a new top-level submodule for accurate estimation of derivatives of black box functions.
  • scipy.optimize.elementwise contains new functions for root-finding and minimization of univariate functions.
  • scipy.integrate offers new functions cubature, tanhsinh, and nsum for multivariate integration, univariate integration, and univariate series summation, respectively.

• scipy.interpolate.AAA adds the AAA algorithm for barycentric rational approximation of real or complex functions.

• scipy.special adds new functions offering improved Legendre function implementations with a more consistent interface.

... (truncated)

Commits

• 6e246d0 REL: 1.15.0 "final" rel commit [wheel build]
• ed7c850 Merge pull request #22233 from tylerjereddy/treddy_backports_1.15.0_final
• 2e2f2cd MAINT: PR 22233 wheel build [wheel build]
• f05c622 DOC: Update 1.15.0 relnotes
• 7348d92 Update scipy/differentiate/_differentiate.py
• 56b1f7e DOC: differentiate.jacobian: correct/improve documentation about callable int...
• 30077e7 DEP: linalg.solve_toeplitz/matmul_toeplitz: warn on n-D c, r (#22193)
• 256c1a2 Merge pull request #22181 from tylerjereddy/treddy_prep_scipy_1.15.0rc3
• f046276 REL: set 1.15.0rc3 unreleased
• a3d40a8 REL: 1.15.0rc2 rel commit [wheel build]
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
numpy	[>= 1.25.a, < 1.26]

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Summary by Sourcery

Update NumPy to 2.2.1, ruamel-yaml to 0.18.8, and SciPy to 1.15.0.

Build:

• Relax the upper pin on NumPy to allow versions up to 2.3.

Chores:

• Update runtime dependencies.

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request updates the runtime-dependencies group with 3 updates: numpy, ruamel-yaml, and scipy. It also updates the numpy version constraint in setup.cfg to <2.3.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change	Details	Files
Bumps numpy from 2.0.2 to 2.2.1	Updates the required version for numpy dependency to 2.2.1. Updates the maximum allowed version for numpy to 2.3	setup.cfg requirements_dev.txt
Bumps ruamel-yaml from 0.18.6 to 0.18.8	Updates the required version for ruamel-yaml dependency to 0.18.8	requirements_dev.txt
Bumps scipy from 1.14.1 to 1.15.0	Updates the required version for scipy dependency to 1.15.0	requirements_dev.txt

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time. You can also use
  this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

We have skipped reviewing this pull request. It seems to have been created by a bot (hey, dependabot[bot]!). We assume it knows what it's doing!

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

Superseded by #1571.