Bump the apptainer group across 1 directory with 2 updates

[dependabot]

Bumps the apptainer group with 2 updates in the /apptainer/python directory: numpy and setuptools.

Updates numpy from 2.1.0 to 2.1.1

Release notes

Sourced from numpy's releases.

2.1.1 (Sep 3, 2024)

NumPy 2.1.1 Release Notes

NumPy 2.1.1 is a maintenance release that fixes bugs and regressions discovered after the 2.1.0 release.

The Python versions supported by this release are 3.10-3.13.

Contributors

A total of 7 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Andrew Nelson
• Charles Harris
• Mateusz Sokół
• Maximilian Weigand +
• Nathan Goldbaum
• Pieter Eendebak
• Sebastian Berg

Pull requests merged

A total of 10 pull requests were merged for this release.

• #27236: REL: Prepare for the NumPy 2.1.0 release [wheel build]
• #27252: MAINT: prepare 2.1.x for further development
• #27259: BUG: revert unintended change in the return value of set_printoptions
• #27266: BUG: fix reference counting bug in __array_interface__ implementation...
• #27267: TST: Add regression test for missing descr in array-interface
• #27276: BUG: Fix #27256 and #27257
• #27278: BUG: Fix array_equal for numeric and non-numeric scalar types
• #27287: MAINT: Update maintenance/2.1.x after the 2.0.2 release
• #27303: BLD: cp311- macosx_arm64 wheels [wheel build]
• #27304: BUG: f2py: better handle filtering of public/private subroutines

Checksums

MD5

3053a97400db800b7377749e691eb39e  numpy-2.1.1-cp310-cp310-macosx_10_9_x86_64.whl
84b752a2220dce7c96ff89eef4f4aec3  numpy-2.1.1-cp310-cp310-macosx_11_0_arm64.whl
47ed4f704a64261f07ca24ef2e674524  numpy-2.1.1-cp310-cp310-macosx_14_0_arm64.whl
b8a45caa870aee980c298053cf064d28  numpy-2.1.1-cp310-cp310-macosx_14_0_x86_64.whl
e097ad5eee572b791b4a25eedad6df4a  numpy-2.1.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
ae502c99315884cda7f0236a07c035c4  numpy-2.1.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
841a859d975c55090c0b60b72aab93a3  numpy-2.1.1-cp310-cp310-musllinux_1_1_x86_64.whl
d51be2b17f5b87aac64ab80fdfafc85e  numpy-2.1.1-cp310-cp310-musllinux_1_2_aarch64.whl
1f8249bd725397c6233fe6a0e8ad18b1  numpy-2.1.1-cp310-cp310-win32.whl
d38d6f06589c1ec104a6a31ff6035781  numpy-2.1.1-cp310-cp310-win_amd64.whl

... (truncated)

Commits

• 48606ab Merge pull request #27328 from charris/prepare-2.1.1
• a7cb4c4 REL: Prepare for the NumPy 2.1.1 release [wheel build]
• 884c92b Merge pull request #27303 from charris/backport-27284
• ca7f5c1 Merge pull request #27304 from charris/backport-27049
• 2a49507 BUG: f2py: better handle filtering of public/private subroutines
• d4306dd TST: Add regression test for gh-26920
• db9668d BLD: cp311- macosx_arm64 wheels [wheel build]
• c6ff254 Merge pull request #27287 from charris/post-2.0.2-release-update
• 326bc17 MAINT: Update main after the 2.0.2 release
• 8164b7c Merge pull request #27278 from charris/backport-27275
• Additional commits viewable in compare view

Updates setuptools from 73.0.1 to 75.1.0

Changelog

Sourced from setuptools's changelog.

v75.1.0

Features

• Deprecated bdist_wheel.universal configuration. (#4617)

Bugfixes

• Removed reference to upload_docs module in entry points. (#4650)

v75.0.0

Features

• Declare also the dependencies used by distutils (adds jaraco.collections).

Deprecations and Removals

• Removed upload_docs command. (#2971)
• pypa/distutils#294#4649)

v74.1.3

Bugfixes

• Fix cross-platform compilation using distutils._msvccompiler.MSVCCompiler -- by :user:saschanaz and :user:Avasam (#4648)

v74.1.2

Bugfixes

• Fixed TypeError in sdist filelist processing by adding support for pathlib Paths for the build_base. (#4615)
• Removed degraded and deprecated test_integration (easy_install) from the test suite. (#4632)

... (truncated)

Commits

• 3106af0 Bump version: 75.0.0 → 75.1.0
• 37c3d27 Removed reference to upload_docs module in entry points.
• 9fb53fd Merge pull request #4617 from abravalheri/issue-4612
• cd3ba7d Merge pull request #4644 from DimitriPapadopoulos/codespell
• 5e27b2a Bump version: 74.1.3 → 75.0.0
• af9e245 Merge pull request #4649 from pypa/feature/distutils-7283751
• f15861e Add news fragment.
• ce01828 Merge https://github.com/pypa/distutils into feature/distutils-7283751
• 378984e Remove news fragments, not useful here.
• ffdf0bd Merge tag 'v74.1.3'
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
pip/numpy	2.1.1	🟢 7.9	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 13 out of 13 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed Contributors 🟢 10 project has 93 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 9 license file detected Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 SAST 🟢 9 SAST tool detected but not run on all commits Security-Policy 🟢 9 security policy file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected
pip/setuptools	75.1.0	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 0 Found 1/16 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Binary-Artifacts ⚠️ 2 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Manifest Files

apptainer/python/requirements.txt

• numpy@2.1.1
• setuptools@75.1.0
• numpy@2.1.0
• setuptools@73.0.1