Bump the actions group with 2 updates

[dependabot]

Updates the requirements on numpy and flit-core to permit the latest version.
Updates numpy to 2.0.2

Release notes

Sourced from numpy's releases.

NumPy 2.0.2 release (Aug 26, 2024)

NumPy 2.0.2 Release Notes

NumPy 2.0.2 is a maintenance release that fixes bugs and regressions discovered after the 2.0.1 release.

The Python versions supported by this release are 3.9-3.12.

Contributors

A total of 13 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Bruno Oliveira +
• Charles Harris
• Chris Sidebottom
• Christian Heimes +
• Christopher Sidebottom
• Mateusz Sokół
• Matti Picus
• Nathan Goldbaum
• Pieter Eendebak
• Raghuveer Devulapalli
• Ralf Gommers
• Sebastian Berg
• Yair Chuchem +

Pull requests merged

A total of 19 pull requests were merged for this release.

• #27000: REL: Prepare for the NumPy 2.0.1 release [wheel build]
• #27001: MAINT: prepare 2.0.x for further development
• #27021: BUG: cfuncs.py: fix crash when sys.stderr is not available
• #27022: DOC: Fix migration note for alltrue and sometrue
• #27061: BUG: use proper input and output descriptor in array_assign_subscript...
• #27073: BUG: Mirror VQSORT_ENABLED logic in Quicksort
• #27074: BUG: Bump Highway to latest master
• #27077: BUG: Off by one in memory overlap check
• #27122: BUG: Use the new npyv_loadable_stride_ functions for ldexp and...
• #27126: BUG: Bump Highway to latest
• #27128: BUG: add missing error handling in public_dtype_api.c
• #27129: BUG: fix another cast setup in array_assign_subscript
• #27130: BUG: Fix building NumPy in FIPS mode
• #27131: BLD: update vendored Meson for cross-compilation patches
• #27146: MAINT: Scipy openblas 0.3.27.44.4
• #27151: BUG: Do not accidentally store dtype metadata in np.save
• #27195: REV: Revert undef I and document it
• #27213: BUG: Fix NPY_RAVEL_AXIS on backwards compatible NumPy 2 builds
• #27279: BUG: Fix array_equal for numeric and non-numeric scalar types

... (truncated)

Commits

• 854252d Merge pull request #27280 from charris/prepare-2.0.2
• cffa071 REL: Prepare for the NumPy 2.0.2 release [wheel build]
• 1693029 Merge pull request #27279 from charris/backport-27275
• da9f9c3 BUG: Fix array_equal for numeric and non-numeric scalar types
• ee1cf96 Merge pull request #27213 from charris/backport-27202
• 49dec35 BUG: Fix NPY_RAVEL_AXIS on backwards compatible NumPy 2 builds
• be56ae2 Merge pull request #27195 from charris/backport-27182
• 75b039c REV: Revert undef I and document it
• 428e2ba Merge pull request #27151 from charris/backport-27143
• 451516d BUG: Do not accidentally store dtype metadata in np.save
• Additional commits viewable in compare view

Updates flit-core to 3.12.0

Changelog

Sourced from flit-core's changelog.

Release history

Version 3.12

• Support for license expressions using the AND and OR operators (:ghpull:731).
• Recognise __version__: str = "0.1" annotated assignments when finding the version number (:ghpull:728).
• Clear error message when referring to a license file in a parent directory, which is not supported (:ghpull:725).

Version 3.11

• Support for SPDX license expressions and multiple license files, as detailed in :pep:639::

    license = "BSD-3-Clause"
    license-files = ["LICENSE"]
  

  For now, only a single license identifier is allowed. More complex expressions describing multiple licenses & expressions may be supported in a future version.

• The metadata format <https://packaging.python.org/en/latest/specifications/core-metadata/>_ in produced packages is now version 2.4, to support the expanded license information.

Version 3.10.1

• The sdist of flit_core now includes the corresponding tests (:ghpull:704). These were missing in 3.10.

Version 3.10

• flit publish can now use PyPI tokens stored in keyring (:ghpull:649), either project tokens with a 'username' like :samp:pypi_token:project:{project_name} (use the normalised form of the name <https://packaging.python.org/en/latest/specifications/name-normalization/>_) or user tokens (:samp:pypi_token:user:{username}).
• The --python option can now take the path of a virtualenv folder, as an alternative to a Python executable (:ghpull:667).
• Flit will work with current development versions of Python again (:ghpull:684).
• The flit command line package now requires Python 3.8 or above (:ghpull:660). flit_core still works with Python 3.6 or above.
• The metadata in packages now has the names of optional dependency groups ("extras") normalised, complying with version 2.3 of the metadata standard (:ghpull:676, :ghpull:697).

... (truncated)

Commits

• 1c81417 Merge pull request #737 from pypa/changelog-3.12
• d9ce4c6 Bump version: 3.11.0 → 3.12.0
• 27ea098 Prepare release notes for 3.12
• 7a6e9b2 Merge pull request #731 from AA-Turner/compound-spdx
• 0b07d23 Reword error messages
• 38429c9 Add empty expression test case
• 4ab2335 Add brackets-only test case
• 78db7b5 Shorten error messages
• 20e1729 Handle mixed-case licence operators
• 9bd1477 Raise error on expressions with no operator
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Test Results

    9 files  ±0      9 suites  ±0   3m 18s ⏱️ +29s
  571 tests ±0    358 ✅ ±0    213 💤 ±0  0 ❌ ±0 
5 139 runs  ±0  3 222 ✅ ±0  1 917 💤 ±0  0 ❌ ±0 

Results for commit 3942256. ± Comparison against base commit f843047.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml