Bump the pip group across 1 directory with 4 updates

[dependabot]

Bumps the pip group with 3 updates in the / directory: pyarrow, certifi and fiona.

Updates pyarrow from 2.0.0 to 14.0.1

Commits

• ba53748 MINOR: [Release] Update versions for 14.0.1
• 529f376 MINOR: [Release] Update .deb/.rpm changelogs for 14.0.1
• b84bbca MINOR: [Release] Update CHANGELOG.md for 14.0.1
• f141709 GH-38607: [Python] Disable PyExtensionType autoload (#38608)
• 5a37e74 GH-38431: [Python][CI] Update fs.type_name checks for s3fs tests (#38455)
• 2dcee3f MINOR: [Release] Update versions for 14.0.0
• 297428c MINOR: [Release] Update .deb/.rpm changelogs for 14.0.0
• 3e9734f MINOR: [Release] Update CHANGELOG.md for 14.0.0
• 9f90995 GH-38332: [CI][Release] Resolve symlinks in RAT lint (#38337)
• bd61239 GH-35531: [Python] C Data Interface PyCapsule Protocol (#37797)
• Additional commits viewable in compare view

Updates certifi from 2020.12.5 to 2024.7.4

Commits

• bd81538 2024.07.04 (#295)
• 06a2cbf Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294)
• 13bba02 Bump actions/checkout from 4.1.6 to 4.1.7 (#293)
• e8abcd0 Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#292)
• 124f4ad 2024.06.02 (#291)
• c2196ce --- (#290)
• fefdeec Bump actions/checkout from 4.1.4 to 4.1.5 (#289)
• 3c5fb15 Bump actions/download-artifact from 4.1.6 to 4.1.7 (#286)
• 4a9569a Bump actions/checkout from 4.1.2 to 4.1.4 (#287)
• 1fc8086 Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#288)
• Additional commits viewable in compare view

Updates fiona from 1.8.19 to 1.8.22

Release notes

Sourced from fiona's releases.

1.8.22

Builds now require Cython >= 0.29.29 because of cython/cython#4609 (see #1143).

Wheels include GDAL 3.4.3, PROJ 8.2.1, and GEOS 3.10.2.

1.8.21

Changes:

• Driver mode support tests have been made more general and less susceptible to driver quirks involving feature fields and coordinate values (#1060).
• OSError is raised on attempts to open a dataset in a Python file object in "a" mode (see #1027).
• Upgrade attrs, cython, etc to open up Python 3.10 support (#1049).

Bug fixes:

• Allow FieldSkipLogFilter to handle exception messages as well as strings (reported in #1035).
• Clean up VSI files left by MemoryFileBase, resolving #1041.
• Hard-coded "utf-8" collection encoding added in #423 has been removed (#1057).

Changelog

Sourced from fiona's changelog.

1.8.22 (2022-10-14)

Builds now require Cython >= 0.29.29 because of cython/cython#4609 (#1143).

1.8.21 (2022-02-07)

Changes:

• Driver mode support tests have been made more general and less susceptible to driver quirks involving feature fields and coordinate values (#1060).
• OSError is raised on attempts to open a dataset in a Python file object in "a" mode (see #1027).
• Upgrade attrs, cython, etc to open up Python 3.10 support (#1049).

Bug fixes:

• Allow FieldSkipLogFilter to handle exception messages as well as strings (reported in #1035).
• Clean up VSI files left by MemoryFileBase, resolving #1041.
• Hard-coded "utf-8" collection encoding added in #423 has been removed (#1057).

1.8.20 (2021-05-31)

Packaging:

• Wheels include GDAL 3.3.0 and GEOS 3.9.1.

Bug fixes:

• Allow use with click 8 and higher (#1015).

Commits

• bae44db Update init.py
• 898783f Update CHANGES.txt
• 0a910b0 Upgrade cython
• 8954176 Merge branch 'maint-1.8' of github.com:Toblerity/Fiona into maint-1.8
• 00f7c13 Finalize version and set date in change log
• 6b7474f Make tests less specific about feature equality (#1060)
• 51c80a4 Allow FieldSkipLogFilter to handle exception records
• 3a3828a Use proper fixture
• 55d039e Raise OSError on attempt to append to dataset stored in a file
• 9057cb3 Clean up files left by MemoryFileBase (#1058)
• Additional commits viewable in compare view

Updates numpy from 1.20.2 to 1.24.4

Release notes

Sourced from numpy's releases.

v1.24.4

NumPy 1.24.4 Release Notes

NumPy 1.24.4 is a maintenance release that fixes a few bugs discovered after the 1.24.3 release. It is the last planned release in the 1.24.x cycle. The Python versions supported by this release are 3.8-3.11.

Contributors

A total of 4 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Bas van Beek
• Charles Harris
• Sebastian Berg
• Hongyang Peng +

Pull requests merged

A total of 6 pull requests were merged for this release.

• #23720: MAINT, BLD: Pin rtools to version 4.0 for Windows builds.
• #23739: BUG: fix the method for checking local files for 1.24.x
• #23760: MAINT: Copy rtools installation from install-rtools.
• #23761: BUG: Fix masked array ravel order for A (and somewhat K)
• #23890: TYP,DOC: Annotate and document the metadata parameter of...
• #23994: MAINT: Update rtools installation

Checksums

MD5

25049e3aee79dde29e7a498d3ad13379  numpy-1.24.4-cp310-cp310-macosx_10_9_x86_64.whl
579b5c357c918feaef4af03af8afb721  numpy-1.24.4-cp310-cp310-macosx_11_0_arm64.whl
c873a14fa4f0210884db9c05e2904286  numpy-1.24.4-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
110a13ac016286059f0658b52b3646c0  numpy-1.24.4-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
fa67218966c0aef4094867cad7703648  numpy-1.24.4-cp310-cp310-win32.whl
6ee768803d8ebac43ee0a04e628a69f9  numpy-1.24.4-cp310-cp310-win_amd64.whl
0c918c16b58cb7f6773ea7d76e0bdaff  numpy-1.24.4-cp311-cp311-macosx_10_9_x86_64.whl
20506ae8003faf097c6b3a8915b4140e  numpy-1.24.4-cp311-cp311-macosx_11_0_arm64.whl
902df9d5963e89d88a1939d94207857f  numpy-1.24.4-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
2543611d802c141c8276e4868b4d9619  numpy-1.24.4-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
37b23a4e4e148d61dd3a515ac5dbf7ec  numpy-1.24.4-cp311-cp311-win32.whl
25e9f6bee2b65ff2a87588e717f15165  numpy-1.24.4-cp311-cp311-win_amd64.whl
f39a0cc3655a482af7d300bcaff5978e  numpy-1.24.4-cp38-cp38-macosx_10_9_x86_64.whl
9ed27941388fdb392e8969169f3fc600  numpy-1.24.4-cp38-cp38-macosx_11_0_arm64.whl
dee3f0c7482f1dc8bd1cd27b9b028a2c  numpy-1.24.4-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
2cc0967af29df3caef9fb3520f14e071  numpy-1.24.4-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
8572a3a0973fa78355bcb5f737745b47  numpy-1.24.4-cp38-cp38-win32.whl

... (truncated)

Commits

• 9315a90 Merge pull request #24044 from charris/fix-simple-anaconda-client
• 334c25e BLD: Use urllib < 2.0.0 for anaconda-client.
• 008b17f Merge pull request #24040 from charris/prepare-1.24.4-release
• 7162cd6 REL: Prepare for the NumPy 1.24.4 release
• 2d27747 Merge pull request #23994 from charris/update-rtools-install
• 878122c MAINT: Update rtools installation
• a5f33ab Merge pull request #23890 from charris/backport-23887
• d62280d DOC: Document the metadata parameter of the dtype constructor
• 6da40bb TYP: Add annotations for the np.dtype metadata parameter
• 553bb3f Merge pull request #23761 from charris/backport-23680
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.