build(deps): bump the dependencies group across 1 directory with 6 updates

[dependabot]

Bumps the dependencies group with 6 updates in the / directory:

Package	From	To
fastapi	0.111.0	0.111.1
transformers	4.41.2	4.42.4
pyright	1.1.369	1.1.372
pytest-asyncio	0.23.7	0.23.8
pylint	3.2.4	3.2.5
ruff	0.4.10	0.5.2

Updates fastapi from 0.111.0 to 0.111.1

Release notes

Sourced from fastapi's releases.

0.111.1

Upgrades

• ➖ Remove orjson and ujson from default dependencies. PR #11842 by @​tiangolo.
  • These dependencies are still installed when you install with pip install "fastapi[all]". But they not included in pip install fastapi.
• 📝 Restored Swagger-UI links to use the latest version possible. PR #11459 by @​UltimateLobster.

Docs

• ✏️ Rewording in docs/en/docs/fastapi-cli.md. PR #11716 by @​alejsdev.
• 📝 Update Hypercorn links in all the docs. PR #11744 by @​kittydoor.
• 📝 Update docs with Ariadne reference from Starlette to FastAPI. PR #11797 by @​DamianCzajkowski.
• 📝 Update fastapi instrumentation external link. PR #11317 by @​softwarebloat.
• ✏️ Fix links to alembic example repo in docs. PR #11628 by @​augiwan.
• ✏️ Update docs/en/docs/fastapi-cli.md. PR #11715 by @​alejsdev.
• 📝 Update External Links . PR #11500 by @​devon2018.
• 📝 Add External Link: Tutorial de FastAPI, ¿el mejor framework de Python?. PR #11618 by @​EduardoZepeda.
• 📝 Fix typo in docs/en/docs/tutorial/body-multiple-params.md. PR #11698 by @​mwb-u.
• 📝 Add External Link: Deploy a Serverless FastAPI App with Neon Postgres and AWS App Runner at any scale. PR #11633 by @​ananis25.
• 📝 Update security/first-steps.md. PR #11674 by @​alejsdev.
• 📝 Update security/first-steps.md. PR #11673 by @​alejsdev.
• 📝 Update note in path-params-numeric-validations.md. PR #11672 by @​alejsdev.
• 📝 Tweak intro docs about Annotated and Query() params. PR #11664 by @​tiangolo.
• 📝 Update JWT auth documentation to use PyJWT instead of pyhon-jose. PR #11589 by @​estebanx64.
• 📝 Update docs. PR #11603 by @​alejsdev.
• ✏️ Fix typo: convert every 're-use' to 'reuse'.. PR #11598 by @​hasansezertasan.
• ✏️ Fix typo in fastapi/applications.py. PR #11593 by @​petarmaric.
• ✏️ Fix link in fastapi-cli.md. PR #11524 by @​svlandeg.

Translations

• 🌐 Add Spanish translation for docs/es/docs/how-to/graphql.md. PR #11697 by @​camigomezdev.
• 🌐 Add Portuguese translation for docs/pt/docs/reference/index.md. PR #11840 by @​lucasbalieiro.
• 🌐 Fix link in German translation. PR #11836 by @​anitahammer.
• 🌐 Add Portuguese translation for docs/pt/docs/tutorial/dependencies/sub-dependencies.md. PR #11792 by @​Joao-Pedro-P-Holanda.
• 🌐 Add Turkish translation for docs/tr/docs/tutorial/request-forms.md. PR #11553 by @​hasansezertasan.
• 🌐 Add Portuguese translation for docs/pt/docs/reference/exceptions.md. PR #11834 by @​lucasbalieiro.
• 🌐 Add Portuguese translation for docs/pt/docs/tutorial/dependencies/global-dependencies.md. PR #11826 by @​Joao-Pedro-P-Holanda.
• 🌐 Add Portuguese translation for docs/pt/docs/how-to/general.md. PR #11825 by @​lucasbalieiro.
• 🌐 Add Portuguese translation for docs/pt/docs/advanced/async-tests.md. PR #11808 by @​ceb10n.
• 🌐 Add Ukrainian translation for docs/uk/docs/tutorial/first-steps.md. PR #11809 by @​vkhoroshchak.
• 🌐 Add Portuguese translation for docs/pt/docs/tutorial/dependencies/dependencies-in-path-operation-operators.md. PR #11804 by @​Joao-Pedro-P-Holanda.
• 🌐 Add Chinese translation for docs/zh/docs/fastapi-cli.md. PR #11786 by @​logan2d5.
• 🌐 Add Portuguese translation for docs/pt/docs/advanced/openapi-webhooks.md. PR #11791 by @​ceb10n.
• 🌐 Update Chinese translation for docs/tutorial/security/oauth2-jwt.md. PR #11781 by @​logan2d5.
• 📝 Fix image missing in French translation for docs/fr/docs/async.md . PR #11787 by @​pe-brian.
• 🌐 Add Portuguese translation for docs/pt/docs/advanced/advanced-dependencies.md. PR #11775 by @​ceb10n.
• 🌐 Add Portuguese translation for docs/pt/docs/tutorial/dependencies/classes-as-dependencies.md. PR #11768 by @​Joao-Pedro-P-Holanda.
• 🌐 Add Portuguese translation for docs/pt/docs/advanced/additional-status-codes.md. PR #11753 by @​ceb10n.
• 🌐 Add Portuguese translation for docs/pt/docs/tutorial/dependencies/index.md. PR #11757 by @​Joao-Pedro-P-Holanda.

... (truncated)

Commits

• b199364 🔖 Release version 0.111.1
• 38db0a5 📝 Update release notes
• 0f22c76 📝 Update release notes
• 4d3ef06 ➖ Remove orjson and ujson from default dependencies (#11842)
• 7a9396c 📝 Update release notes
• 0b1e2ec ✏️ Rewording in docs/en/docs/fastapi-cli.md (#11716)
• fb15c48 📝 Update release notes
• 9d74b23 ♻️ Simplify internal docs script (#11777)
• 3a8f6cd 📝 Update release notes
• 60f7fe4 📝 Update Hypercorn links in all the docs (#11744)
• Additional commits viewable in compare view

Updates transformers from 4.41.2 to 4.42.4

Release notes

Sourced from transformers's releases.

Patch release v4.42.4

Mostly gemma2 support FA2 softcapping!

but also fix the sliding window for long context and other typos.

• [Gemma2] Support FA2 softcapping (#31887) by @​ArthurZucker
• [ConvertSlow] make sure the order is preserved for addedtokens (#31902) by @​ArthurZucker
• Fixes to alternating SWA layers in Gemma2 (#31775) by @​turboderp
• Requires for torch.tensor before casting (#31755) by @​echarlaix

Was off last week could not get this out, thanks all for your patience 🥳

Patch release v4.42.3

Make sure we have attention softcapping for "eager" GEMMA2 model

After experimenting, we noticed that for the 27b model mostly, softcapping is a must. So adding it back (it should have been there, but an error on my side made it disappear) sorry all! 😭

• Gemma capping is a must for big models (#31698)

Patch release v4.42.2

Patch release

Thanks to our 2 contributors for their prompt fixing mostly applies for training and FA2!

• Fix Gemma2 4d attention mask (#31674) by @​hiyouga
• don't zero out the attention_mask when using sliding window with flash attention (#31670) by @​winglian

v4.42.1: Patch release

Patch release for commit:

• [HybridCache] Fix get_seq_length method (#31661)

v4.42.0: Gemma 2, RTDETR, InstructBLIP, LLAVa Next, New Model Adder

New model additions

Gemma-2

The Gemma2 model was proposed in Gemma2: Open Models Based on Gemini Technology and Research by Gemma2 Team, Google. Gemma2 models are trained on 6T tokens, and released with 2 versions, 2b and 7b.

The abstract from the paper is the following:

This work introduces Gemma2, a new family of open language models demonstrating strong performance across academic benchmarks for language understanding, reasoning, and safety. We release two sizes of models (2 billion and 7 billion parameters), and provide both pretrained and fine-tuned checkpoints. Gemma2 outperforms similarly sized open models on 11 out of 18 text-based tasks, and we present comprehensive evaluations of safety and responsibility aspects of the models, alongside a detailed description of our model development. We believe the responsible release of LLMs is critical for improving the safety of frontier models, and for enabling the next wave of LLM innovations

• Add gemma 2 by @​ArthurZucker in #31659

RTDETR

... (truncated)

Commits

• fc35907 v4.42.4
• e002fcd [Gemma2] Support FA2 softcapping (#31887)
• 2e43416 [ConvertSlow] make sure the order is preserved for addedtokens (#31902)
• c43fd9d Fixes to alternating SWA layers in Gemma2 (#31775)
• 0be998b Requires for torch.tensor before casting (#31755)
• b7ee1e8 v4.42.3
• da50b41 Gemma capping is a must for big models (#31698)
• 086c74e v4.42.2
• 8691867 Fix Gemma2 4d attention mask (#31674)
• 7edc993 don't zero out the attention_mask when using sliding window with flash attent...
• Additional commits viewable in compare view

Updates pyright from 1.1.369 to 1.1.372

Commits

• 59a4bdf [pyright updated to 1.1.372] Update Version (#283)
• ca00a93 [pyright updated to 1.1.371] Update Version (#282)
• 14f3e58 Pyright NPM Package update to 1.1.370 (#281)
• 804dafb chore(internal): loosen twine dependency
• See full diff in compare view

Updates pytest-asyncio from 0.23.7 to 0.23.8

Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio 0.23.8

0.23.8 (2024-07-17)

• Fixes a bug that caused duplicate markers in async tests #813

Known issues

As of v0.23, pytest-asyncio attaches an asyncio event loop to each item of the test suite (i.e. session, packages, modules, classes, functions) and allows tests to be run in those loops when marked accordingly. Pytest-asyncio currently assumes that async fixture scope is correlated with the new event loop scope. This prevents fixtures from being evaluated independently from the event loop scope and breaks some existing test suites (see #706). For example, a test suite may require all fixtures and tests to run in the same event loop, but have async fixtures that are set up and torn down for each module. If you're affected by this issue, please continue using the v0.21 release, until it is resolved.

Commits

• 4be86a5 docs: Prepare release of v0.23.8.
• 74b3a0a Build(deps): Bump exceptiongroup in /dependencies/default
• b0009ca [build] Declare support for Python 3.13.
• c747c7d Build(deps): Bump coverage from 7.5.4 to 7.6.0 in /dependencies/default
• 5c40a1c Build(deps): Bump hypothesis in /dependencies/default
• b735e8a build: Remove development dependency on Docker.
• 91171b4 ci: Test with CPython 3.13.
• d572138 Build(deps): Bump hypothesis in /dependencies/default
• a89e4d7 Build(deps): Bump certifi in /dependencies/docs
• b646cc1 [fix] Fixed a bug that causes markers to be duplicated for async test functions.
• Additional commits viewable in compare view

Updates pylint from 3.2.4 to 3.2.5

Commits

• ae730ac Bump pylint to 3.2.5, update changelog (#9756)
• be7b5cc [unreachable-code] Fix the false positive in python 3.8 (#9753) (#9755)
• 6c3ab77 [release] Fix 3.2.4 release date following issue with twine 5.1.0 (#9749) (#9...
• See full diff in compare view

Updates ruff from 0.4.10 to 0.5.2

Release notes

Sourced from ruff's releases.

0.5.2

Release Notes

Preview features

• Use space separator before parenthesized expressions in comprehensions with leading comments (#12282)
• [flake8-async] Update ASYNC100 to include anyio and asyncio (#12221)
• [flake8-async] Update ASYNC109 to include anyio and asyncio (#12236)
• [flake8-async] Update ASYNC110 to include anyio and asyncio (#12261)
• [flake8-async] Update ASYNC115 to include anyio and asyncio (#12262)
• [flake8-async] Update ASYNC116 to include anyio and asyncio (#12266)

Rule changes

• [flake8-return] Exempt properties from explicit return rule (RET501) (#12243)
• [numpy] Add np.NAN-to-np.nan diagnostic (#12292)
• [refurb] Make list-reverse-copy an unsafe fix (#12303)

Server

• Consider include and extend-include settings in native server (#12252)
• Include nested configurations in settings reloading (#12253)

CLI

• Omit code frames for fixes with empty ranges (#12304)
• Warn about formatter incompatibility for D203 (#12238)

Bug fixes

• Make cache-write failures non-fatal on Windows (#12302)
• Treat not operations as boolean tests (#12301)
• [flake8-bandit] Avoid S310 violations for HTTP-safe f-strings (#12305)
• [flake8-bandit] Support explicit string concatenations in S310 HTTP detection (#12315)
• [flake8-bandit] fix S113 false positive for httpx without timeout argument (#12213)
• [pycodestyle] Remove "non-obvious" allowance for E721 (#12300)
• [pyflakes] Consider with blocks as single-item branches for redefinition analysis (#12311)
• [refurb] Restrict forwarding for newline argument in open() calls to Python versions >= 3.10 (#12244)

Documentation

• Update help and documentation to reflect --output-format full default (#12248)

Performance

• Use more threads when discovering Python files (#12258)

Install ruff 0.5.2

Install prebuilt binaries via shell script

... (truncated)

Changelog

Sourced from ruff's changelog.

0.5.2

Preview features

• Use space separator before parenthesized expressions in comprehensions with leading comments (#12282)
• [flake8-async] Update ASYNC100 to include anyio and asyncio (#12221)
• [flake8-async] Update ASYNC109 to include anyio and asyncio (#12236)
• [flake8-async] Update ASYNC110 to include anyio and asyncio (#12261)
• [flake8-async] Update ASYNC115 to include anyio and asyncio (#12262)
• [flake8-async] Update ASYNC116 to include anyio and asyncio (#12266)

Rule changes

• [flake8-return] Exempt properties from explicit return rule (RET501) (#12243)
• [numpy] Add np.NAN-to-np.nan diagnostic (#12292)
• [refurb] Make list-reverse-copy an unsafe fix (#12303)

Server

• Consider include and extend-include settings in native server (#12252)
• Include nested configurations in settings reloading (#12253)

CLI

• Omit code frames for fixes with empty ranges (#12304)
• Warn about formatter incompatibility for D203 (#12238)

Bug fixes

• Make cache-write failures non-fatal on Windows (#12302)
• Treat not operations as boolean tests (#12301)
• [flake8-bandit] Avoid S310 violations for HTTP-safe f-strings (#12305)
• [flake8-bandit] Support explicit string concatenations in S310 HTTP detection (#12315)
• [flake8-bandit] fix S113 false positive for httpx without timeout argument (#12213)
• [pycodestyle] Remove "non-obvious" allowance for E721 (#12300)
• [pyflakes] Consider with blocks as single-item branches for redefinition analysis (#12311)
• [refurb] Restrict forwarding for newline argument in open() calls to Python versions >= 3.10 (#12244)

Documentation

• Update help and documentation to reflect --output-format full default (#12248)

Performance

• Use more threads when discovering Python files (#12258)

0.5.1

Preview features

... (truncated)

Commits

• dc8db1a Make some amendments to the v0.5.2 changelog (#12319)
• 18c364d [flake8-bandit] Support explicit string concatenations in S310 HTTP detecti...
• 7a7c601 Bump version to v0.5.2 (#12316)
• 3bfbbbc Avoid allocation when validating HTTP and HTTPS prefixes (#12313)
• 1a3ee45 [flake8-bandit] Avoid S310 violations for HTTP-safe f-strings (#12305)
• 6584886 [refurb] Make list-reverse-copy an unsafe fix (#12303)
• 456d6a2 Consider with blocks as single-item branches (#12311)
• 940df67 Omit code frames for fixes with empty ranges (#12304)
• e58713e Make cache-write failures non-fatal (#12302)
• aa5c53b Remove 'non-obvious' allowance for E721 (#12300)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[winstxnhdw]

@dependabot rebase

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.