build(deps): bump the production group across 1 directory with 6 updates

[dependabot]

Bumps the production group with 6 updates in the / directory:

Package	From	To
matplotlib	3.10.3	3.10.5
numpy	2.2.6	2.3.2
polars	1.29.0	1.32.0
scikit-learn	1.6.1	1.7.1
statsmodels	0.14.4	0.14.5
transformers	4.52.3	4.54.1

Updates matplotlib from 3.10.3 to 3.10.5

Release notes

Sourced from matplotlib's releases.

REL: v3.10.5

This is the fourth bugfix release of the 3.10.x series.

Included in this release is distributed wheels for Python 3.14 (including freethreaded) and Windows ARM.

There are also several smaller bugfixes.

Commits

• ba89fe4 REL: v3.10.5
• 8c9c11f switch version number to 3.10.5...
• 9751681 REL: bump from v3.10.4 tag
• e4627f5 REL: v3.10.4
• 2dd5e9f Release prep v3.10.4
• e751cc1 Zenodo v3.10.3
• 4ecba94 Github stats v3.10.4
• 16cf944 Merge pull request #30357 from ksunden/3_10_4_cibw_pypy
• f394e4b Update cibw version to 3.0.1
• d60b516 Fix PyPy sections (build for both 3.10 and 3.11
• Additional commits viewable in compare view

Updates numpy from 2.2.6 to 2.3.2

Release notes

Sourced from numpy's releases.

v2.3.2 (Jul 24, 2025)

NumPy 2.3.2 Release Notes

The NumPy 2.3.2 release is a patch release with a number of bug fixes and maintenance updates. The highlights are:

• Wheels for Python 3.14.0rc1
• PyPy updated to the latest stable release
• OpenBLAS updated to 0.3.30

This release supports Python versions 3.11-3.14

Contributors

A total of 9 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• !DWesl
• Charles Harris
• Joren Hammudoglu
• Maanas Arora
• Marco Edward Gorelli
• Matti Picus
• Nathan Goldbaum
• Sebastian Berg
• kostayScr +

Pull requests merged

A total of 16 pull requests were merged for this release.

• #29256: MAINT: Prepare 2.3.x for further development
• #29283: TYP: Work around a mypy issue with bool arrays (#29248)
• #29284: BUG: fix fencepost error in StringDType internals
• #29287: BUG: handle case in mapiter where descriptors might get replaced...
• #29350: BUG: Fix shape error path in array-interface
• #29412: BUG: Allow reading non-npy files in npz and add test
• #29413: TST: Avoid uninitialized values in test (#29341)
• #29414: BUG: Fix reference leakage for output arrays in reduction functions
• #29415: BUG: fix casting issue in center, ljust, rjust, and zfill (#29369)
• #29416: TYP: Fix overloads in np.char.array and np.char.asarray...
• #29417: BUG: Any dtype should call square on arr \*\* 2 (#29392)
• #29424: MAINT: use a stable pypy release in CI
• #29425: MAINT: Support python 314rc1
• #29429: MAINT: Update highway to match main.
• #29430: BLD: use github to build macos-arm64 wheels with OpenBLAS and...
• #29437: BUG: fix datetime/timedelta hash memory leak (#29411)

Checksums

... (truncated)

Commits

• bc5e4f8 Merge pull request #29438 from charris/prepare-2.3.2
• 4bc5960 REL: Prepare for the NumPy 2.3.2 release [wheel build]
• 2679276 Merge pull request #29437 from charris/backport-29411
• b0fa284 BUG: fix datetime/timedelta hash memory leak (#29411)
• 6700579 Merge pull request #29425 from charris/support-python-314rc1
• 40aa44d BUILD: Add Python 3.14 to wheel builds [wheel build]
• 968fa73 Merge pull request #29430 from charris/backport-29069
• 6ad9db9 Merge pull request #29429 from charris/update-highway
• 3584ddd MAINT: Update highway to match main.
• f78821f BLD: use github to build macos-arm64 wheels with OpenBLAS [wheel build]
• Additional commits viewable in compare view

Updates polars from 1.29.0 to 1.32.0

Release notes

Sourced from polars's releases.

Python Polars 1.32.0

🏆 Highlights

• Make Selector a concrete part of the DSL (#23351)
• Rework Categorical/Enum to use (Frozen)Categories (#23016)

🚀 Performance improvements

• Lower Expr.slice to streaming engine (#23683)
• Elide bound check (#23653)
• Preserve Column repr in ColumnTransform operations (#23648)
• Lower any() and all() to streaming engine (#23640)
• Lower row-separable functions in streaming engine (#23633)
• Lower int_range(len()) to with_row_index (#23576)
• Avoid double field resolution in with_columns (#23530)
• Rolling quantile lower time complexity (#23443)
• Use single-key optimization with Categorical (#23436)
• Improve null-preserving identification for boolean functions (#23317)
• Improve boolean bitwise aggregate performance (#23325)
• Enable Parquet expressions and dedup is_in values in Parquet predicates (#23293)
• Re-write join types during filter pushdown (#23275)
• Generate PQ ZSTD decompression context once (#23200)
• Trigger cache/cse optimizations when multiplexing (#23274)
• Cache FileInfo upon DSL -> IR conversion (#23263)
• Push more filters past joins (#23240)
• Optimize Bitmap::make_mut (#23138)

✨ Enhancements

• Add Python-side caching for credentials and provider auto-initialization (#23736)
• Expand on DataTypeExpr (#23249)
• Lower row-separable functions in streaming engine (#23633)
• Add scalar checks to range expressions (#23632)
• Expose POLARS_DOT_SVG_VIEWER to automatically dispatch to SVG viewer (#23592)
• Implement mean function in arr namespace (#23486)
• Implement vec_hash for List and Array (#23578)
• Add unstable pl.row_index() expression (#23556)
• Add Categories on the Python side (#23543)
• Implement partitioned sinks for the in-memory engine (#23522)
• Raise and Warn on UDF's without return_dtype set (#23353)
• IR pruning (#23499)
• Support min/max reducer for null dtype in streaming engine (#23465)
• Implement streaming Categorical/Enum min/max (#23440)
• Allow cast to Categorical inside list.eval (#23432)
• Support pathlib.Path as source for read/scan_delta() (#23411)
• Enable default set of ScanCastOptions for native scan_iceberg() (#23416)
• Pass payload in ExprRegistry (#23412)
• Support reading nanosecond/Int96 timestamps and schema evolved datasets in scan_delta() (#23398)
• Support row group skipping with filters when cast_options is given (#23356)
• Execute bitwise reductions in streaming engine (#23321)

... (truncated)

Commits

• c57de4b refactor(python): Remove unused functions from the rust side (#23757)
• a7081b6 ci: Add hashes json (#23758)
• c07a76a Python Polars 1.32 pre-release (#23750)
• 775e0be fix(python): Load _expiry_time from botocore Credentials in CredentialPro...
• 257714d feat(python): Add Python-side caching for credentials and provider auto-initi...
• f576f7e fix: Fix credential refresh logic (#23730)
• 03c772c chore: Add AExpr::is_expr_equal_to (#23740)
• 0039575 fix: Fix to_datetime() fallible identification (#23735)
• 226a8a2 fix: Correct output datatype for dt.with_time_unit (#23734)
• 2970c00 fix: Fix incorrect native Iceberg scan from tables with renamed/dropped colum...
• Additional commits viewable in compare view

Updates scikit-learn from 1.6.1 to 1.7.1

Release notes

Sourced from scikit-learn's releases.

Scikit-learn 1.7.1

We're happy to announce the 1.7.1 release.

This release contains fixes for a few regressions introduced in 1.7.

You can see the changelog here: https://scikit-learn.org/stable/whats_new/v1.7.html#version-1-7-1

You can upgrade with pip as usual:

pip install -U scikit-learn

The conda-forge builds can be installed using:

conda install -c conda-forge scikit-learn

Thanks to everyone who contributed to this release !

Scikit-learn 1.7.0

We're happy to announce the 1.7.0 release.

You can read the release highlights under https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_7_0.html and the long version of the change log under https://scikit-learn.org/stable/whats_new/v1.7.html

This version supports Python versions 3.10 to 3.13 and features an experimental support of free-threaded CPython.

You can upgrade with pip as usual:

pip install -U scikit-learn

The conda-forge builds can be installed using:

conda install -c conda-forge scikit-learn

Commits

• 3dbf4da [cd build] Trigger wheel builder workflow
• 672a2dd [cd build] Trigger wheel builder workflow
• 35afe8d generate changelog 1.7.1
• 33893bd set version
• f97fe77 CI Avoid miniconda CondaToSNonInteractiveError and stop using the default cha...
• 6cba1d8 FIX: Regression in DecisionBoundaryDisplay.from_estimator with colors and plo...
• 6b2b4b4 🔒 🤖 CI Update lock files for scipy-dev CI build(s) 🔒 🤖 ...
• ba2918e 🔒 🤖 CI Update lock files for free-threaded CI build(s) 🔒 :rob...
• d60cafe 🔒 🤖 CI Update lock files for array-api CI build(s) 🔒 🤖 ...
• a73deee 🔒 🤖 CI Update lock files for main CI build(s) 🔒 🤖 (#31758)
• Additional commits viewable in compare view

Updates statsmodels from 0.14.4 to 0.14.5

Release notes

Sourced from statsmodels's releases.

Release 0.14.5

This patch release fixes an issue with recent SciPy releases (1.16+) that prevented statsmodels from importing. It also addresses some small changes that improve future compatibility.

Commits

• 1107ea5 Merge pull request #9591 from bashtage/rls-0-14-5-notes
• f3b362a MAINT: Update CI
• e2249ab DOC: Final fixes
• 41758ad DOC: Add release note for 0.14.5
• aea8126 Merge pull request #9586 from bashtage/rls-0-14-5
• ccc1948 TST: Change optim options
• 2c5292b MAINT: Reduce noise for future changes
• d9ccc11 MAINT: Reduce noise for future changes
• 699740f TST: xfail test with issues and relax tol
• 132c549 MAINT: Reduce noise for future changes
• Additional commits viewable in compare view

Updates transformers from 4.52.3 to 4.54.1

Release notes

Sourced from transformers's releases.

Patch release 4.54.1

We had quite a lot of bugs that got through! Release was a bit rushed, sorry everyone! 🤗 Mostly cache fixes, as we now have layered cache, and fixed to distributed.

• Fix Cache.max_cache_len max value for Hybrid models, @​manueldeprada, @​Cyrilvallez, #39737
• [modenbert] fix regression, @​zucchini-nlp, #39750
• Fix version issue in modeling_utils.py, @​Cyrilvallez, #39759
• Fix GPT2 with cross attention, @​zucchini-nlp, #39754
• Fix mamba regression, @​manueldeprada, #39728
• Fix: add back base model plan, @​S1ro1, #39733
• fix cache inheritance, #39748
• Fix cache-related tests, @​zucchini-nlp, #39676
• Fix Layer device placement in Caches, @​Cyrilvallez, #39732
• PATCH: add back n-dim device-mesh + fix tp trainer saving, @​S1ro1, @​SunMarc, #39693
• fix missing model._tp_size from ep refactor, @​winglian, #39688

Patch release v4.53.3

Small path release 4.53.3!

A small patch for open telemetry fixes! Sorry for the delay!

** refactor: remove set_tracer_provider and set_meter_provider calls (huggingface/transformers#39422) from @​McPatate

Patch Release v4.53.2

This patch contains the following bug fixes:

• Fix some bug for finetune and batch infer For GLM-4.1V (#39090)
• [bugfix] fix flash attention 2 unavailable error on Ascend NPU (#39166)
• Fix errors when use verl to train GLM4.1v model (#39199)
• [pagged-attention] fix off-by-1 error in pagged attention generation (#39258)
• [smollm3] add tokenizer mapping for smollm3 (#39271)
• [sliding window] revert and deprecate (#39301)
• fix Glm4v batch videos forward (#39172)
• Add a default value for position_ids in masking_utils (#39310)

Patch Release v4.53.1

This patch contains several bug fixes. The following commits are included:

• Fix: unprotected import of tp plugin (#39083)
• Fix key mapping for VLMs (#39029)
• Several fixes for Gemma3n(#39135)
• [qwen2-vl] fix FA2 inference (#39121)
• [smolvlm] fix video inference (#39147)
• Fix multimodal processor get duplicate arguments when receive kwargs for initialization (#39125)
• when delaying optimizer creation only prepare the model (#39152)
• Add packed tensor format support for flex/sdpa/eager through the mask! (#39194)

Release v4.53.0

Gemma3n

... (truncated)

Commits

• 9c641dc v4.54.1
• b04aae7 Fix Cache.max_cache_len max value for Hybrid models (#39737)
• 0297e59 [modenbert] fix regression (#39750)
• b8e1b28 Fix version issue in modeling_utils.py (#39759)
• 166c1b4 Fix GPT2 with cross attention (#39754)
• ab2a609 Fix mamba regression (#39728)
• 3a6d13c Fix: add back base model plan (#39733)
• a033ae4 fix cache inheritance (#39748)
• 457b478 Fix cache-related tests (#39676)
• 862cb55 Fix Layer device placement in Caches (#39732)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions