Sourced from scipy's releases.

SciPy 1.11.1 Release Notes

SciPy 1.11.1 is a bug-fix release with no new features compared to 1.11.0. In particular, a licensing issue discovered after the release of 1.11.0 has been addressed.

Authors

• Name (commits)
• h-vetinari (1)
• Robert Kern (1)
• Ilhan Polat (4)
• Tyler Reddy (8)

A total of 4 people contributed to this release. People with a "+" by their names contributed a patch for the first time. This list of names is automatically generated, and may not be fully complete.

SciPy 1.11.0 Release Notes

SciPy 1.11.0 is the culmination of 6 months of hard work. It contains many new features, numerous bug-fixes, improved test coverage and better documentation. There have been a number of deprecations and API changes in this release, which are documented below. All users are encouraged to upgrade to this release, as there are a large number of bug-fixes and optimizations. Before upgrading, we recommend that users check that their own code does not use deprecated SciPy functionality (to do so, run your code with python -Wd and check for DeprecationWarning s). Our development attention will now shift to bug-fix releases on the 1.11.x branch, and on adding new features on the main branch.

This release requires Python 3.9+ and NumPy 1.21.6 or greater.

For running on PyPy, PyPy3 6.0+ is required.

Highlights of this release

• Several scipy.sparse array API improvements, including sparse.sparray, a new public base class distinct from the older sparse.spmatrix class, proper 64-bit index support, and numerous deprecations paving the way to a modern sparse array experience.
• scipy.stats added tools for survival analysis, multiple hypothesis testing, sensitivity analysis, and working with censored data.

... (truncated)

• cfe8011 REL: 1.11.1 rel commit [wheel build]
• 450d8aa Merge pull request #18779 from tylerjereddy/treddy_1_11_1_prep
• 6f942e8 DOC: update 1.11.1 relnotes
• 145cec5 MAINT: fix unuran licensing
• 0760bab MAINT:linalg.det:Return scalars for singleton inputs (#18763)
• a1c6f99 MAINT:linalg:Use only NumPy types in lu
• 5cdc2fe MAINT:linalg:Remove memcpy from lu
• d9ac3f3 FIX:linalg:Guard against possible permute_l out of bound behavior
• 7ec5010 BUG: fix handling for factorial(..., exact=False) for 0-dim array inputs (#...
• 90415c6 BUG: Fix work array construction for various weight shapes. (#18741)
• Additional commits viewable in compare view

Sourced from mpmath's releases.

1.3.0

Security issues:

• Fixed ReDOS vulnerability in mpmathify() (CVE-2021-29063) (Vinzent Steinberg)

Features:

• Added quadsubdiv() for numerical integration with adaptive path splitting (Fredrik Johansson)
• Added the Cohen algorithm for inverse Laplace transforms (Guillermo Navas-Palencia)
• Some speedup of matrix multiplication (Fredrik Johansson)
• Optimizations to Carlson elliptic integrals (Paul Masson)
• Added signal functions (squarew(), trianglew(), sawtoothw(), unit_triangle() sigmoidw()) (Nike Dattani, Deyan Mihaylov, Tina Yu)

Bug fixes:

• Correct mpf initialization from tuple for finf and fninf (Sergey B Kirpichev)
• Support QR decomposition for matrices of width 0 and 1 (Clemens Hofreither)
• Fixed some cases where elliprj() gave inaccurate results (Fredrik Johansson)
• Fixed cases where digamma() hangs for complex input (Fredrik Johansson)
• Fixed cases of polylog() with integer-valued parameter with complex type (Fredrik Johansson)
• Fixed fp.nsum() with Euler-Maclaurin algorithm (Fredrik Johansson)

Maintenance:

• Dropped support for Python 3.4 (Sergey B Kirpichev)
• Documentation cleanup (Sergey B Kirpichev)
• Removed obsolete files (Sergey B Kirpichev)
• Added options to runtests.py to skip tests and exit on failure (Jonathan Warner)

Sourced from mpmath's changelog.

--1.3.0-- Released March 7, 2023

Security issues:

• Fixed ReDOS vulnerability in mpmathify() (CVE-2021-29063) (Vinzent Steinberg)

Features:

• Added quadsubdiv() for numerical integration with adaptive path splitting (Fredrik Johansson)
• Added the Cohen algorithm for inverse Laplace transforms (Guillermo Navas-Palencia)
• Some speedup of matrix multiplication (Fredrik Johansson)
• Optimizations to Carlson elliptic integrals (Paul Masson)
• Added signal functions (squarew(), trianglew(), sawtoothw(), unit_triangle() sigmoidw()) (Nike Dattani, Deyan Mihaylov, Tina Yu)

Bug fixes:

• Correct mpf initialization from tuple for finf and fninf (Sergey B Kirpichev)
• Support QR decomposition for matrices of width 0 and 1 (Clemens Hofreither)
• Fixed some cases where elliprj() gave inaccurate results (Fredrik Johansson)
• Fixed cases where digamma() hangs for complex input (Fredrik Johansson)
• Fixed cases of polylog() with integer-valued parameter with complex type (Fredrik Johansson)
• Fixed fp.nsum() with Euler-Maclaurin algorithm (Fredrik Johansson)

Maintenance:

• Dropped support for Python 3.4 (Sergey B Kirpichev)
• Documentation cleanup (Sergey B Kirpichev)
• Removed obsolete files (Sergey B Kirpichev)
• Added options to runtests.py to skip tests and exit on failure (Jonathan Warner)

--1.2.0-- Released February 1, 2021

Features and optimizations:

• Support @ operator for matrix multiplication (Max Gaukler)
• Add eta() implementing the Dedekind eta function
• Optimized the python_trailing function (adhoc-king)
• Implement unary plus for matrices (Max Gaukler)
• Improved calculation of gram_index (p15-git-acc)

Compatibility:

... (truncated)

• b5c0450 version 1.3.0
• a27581c Merge pull request #656 from cclauss/patch-2
• 9d7884b don't use .ae method in library code
• 967de83 Downgrade to ubuntu-20.04 for Py35 and Py36
• 6425c6a build: strategy: fail-fast: false
• e2341c7 GitHub Actions: Test on Python 3.11 production release
• 1258e33 fix failing doctests
• b7c15d6 include signals documentation; remove duplicate docstrings
• 1b476ea update doc building instructions
• 5f57beb Merge pull request #646 from cclauss/patch-1
• Additional commits viewable in compare view

Sourced from pillow's releases.

10.3.0

https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html

Changes

• CVE-2024-28219: Use strncpy to avoid buffer overflow #7928 [@​hugovk]
• Use functools.lru_cache for hopper() #7912 [@​hugovk]
• Raise ValueError if seeking to greater than offset-sized integer in TIFF #7883 [@​radarhere]
• Improve speed of loading QOI images #7925 [@​radarhere]
• Added RGB to I;16N conversion #7920 [@​radarhere]
• Add --report argument to main.py to omit supported formats #7818 [@​nulano]
• Added RGB to I;16, I;16L and I;16B conversion #7918 [@​radarhere]
• Fix editable installation with custom build backend and configuration options #7658 [@​nulano]
• Fix putdata() for I;16N on big-endian #7209 [@​Yay295]
• Determine MPO size from markers, not EXIF data #7884 [@​radarhere]
• Improved conversion from RGB to RGBa, LA and La #7888 [@​radarhere]
• Support FITS images with GZIP_1 compression #7894 [@​radarhere]
• Use I;16 mode for 9-bit JPEG 2000 images #7900 [@​scaramallion]
• Raise ValueError if kmeans is negative #7891 [@​radarhere]
• Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893 [@​radarhere]
• Raise ValueError for negative values when loading P1-P3 PPM images #7882 [@​radarhere]
• Added reading of JPEG2000 palettes #7870 [@​radarhere]
• Added alpha_quality argument when saving WebP images #7872 [@​radarhere]
• Fixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions #7881 [@​radarhere]
• Removed Python and NumPy pinning on Cygwin #7880 [@​radarhere]
• Update UnidentifiedImageError and version imports #7644 [@​radarhere]
• Stop reading EPS image at EOF marker #7753 [@​radarhere]
• PSD layer co-ordinates may be negative #7706 [@​radarhere]
• Use subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer #7791 [@​radarhere]
• When saving GIF frame that restores to background color, do not fill identical pixels #7788 [@​radarhere]
• Fixed reading PNG iCCP compression method #7823 [@​radarhere]
• Allow writing IFDRational to UNDEFINED tag #7840 [@​radarhere]
• Fix logged tag name when loading Exif data #7842 [@​radarhere]
• Use maximum frame size in IHDR chunk when saving APNG images #7821 [@​radarhere]
• Prevent opening P TGA images without a palette #7797 [@​radarhere]
• Use palette when loading ICO images #7798 [@​radarhere]
• Use consistent arguments for load_read and load_seek #7713 [@​radarhere]
• Turn off nullability warnings for macOS SDK #7827 [@​radarhere]
• Fix shift-sign issue in Convert.c #7838 [@​r-barnes]
• winbuild: Refactor dependency versions into constants #7843 [@​hugovk]
• Build macOS arm64 wheels natively #7852 [@​radarhere]
• Fixed typo #7855 [@​radarhere]
• Open 16-bit grayscale PNGs as I;16 #7849 [@​radarhere]
• Handle truncated chunks at the end of PNG images #7709 [@​lajiyuan]
• Match mask size to pasted image size in GifImagePlugin #7779 [@​radarhere]
• Changed SupportsGetMesh protocol to be public #7841 [@​radarhere]
• Release GIL while calling WebPAnimDecoderGetNext #7782 [@​evanmiller]
• Fixed reading FLI/FLC images with a prefix chunk #7804 [@​twolife]
• Updated package name for Tidelift #7810 [@​radarhere]
• Removed unused code #7744 [@​radarhere]

... (truncated)

Sourced from pillow's changelog.

10.3.0 (2024-04-01)

• CVE-2024-28219: Use strncpy to avoid buffer overflow #7928 [radarhere, hugovk]

• Deprecate eval(), replacing it with lambda_eval() and unsafe_eval() #7927 [radarhere, hugovk]

• Raise ValueError if seeking to greater than offset-sized integer in TIFF #7883 [radarhere]

• Add --report argument to __main__.py to omit supported formats #7818 [nulano, radarhere, hugovk]

• Added RGB to I;16, I;16L, I;16B and I;16N conversion #7918, #7920 [radarhere]

• Fix editable installation with custom build backend and configuration options #7658 [nulano, radarhere]

• Fix putdata() for I;16N on big-endian #7209 [Yay295, hugovk, radarhere]

• Determine MPO size from markers, not EXIF data #7884 [radarhere]

• Improved conversion from RGB to RGBa, LA and La #7888 [radarhere]

• Support FITS images with GZIP_1 compression #7894 [radarhere]

• Use I;16 mode for 9-bit JPEG 2000 images #7900 [scaramallion, radarhere]

• Raise ValueError if kmeans is negative #7891 [radarhere]

• Remove TIFF tag OSUBFILETYPE when saving using libtiff #7893 [radarhere]

• Raise ValueError for negative values when loading P1-P3 PPM images #7882 [radarhere]

• Added reading of JPEG2000 palettes #7870 [radarhere]

• Added alpha_quality argument when saving WebP images #7872 [radarhere]

... (truncated)

• 5c89d88 10.3.0 version bump
• 63cbfcf Update CHANGES.rst [ci skip]
• 2776126 Merge pull request #7928 from python-pillow/lcms
• aeb51cb Merge branch 'main' into lcms
• 5beb0b6 Update CHANGES.rst [ci skip]
• cac6ffa Merge pull request #7927 from python-pillow/imagemath
• f5eeeac Name as 'options' in lambda_eval and unsafe_eval, but '_dict' in deprecated eval
• facf3af Added release notes
• 2a93aba Use strncpy to avoid buffer overflow
• a670597 Update CHANGES.rst [ci skip]
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.