Sourced from wheel's changelog.

Release Notes

UNRELEASED

• Updated vendored packaging to 22.0

0.38.4 (2022-11-09)

• Fixed PKG-INFO conversion in bdist_wheel mangling UTF-8 header values in METADATA (PR by Anderson Bravalheri)

0.38.3 (2022-11-08)

• Fixed install failure when used with --no-binary, reported on Ubuntu 20.04, by removing setup_requires from setup.cfg

0.38.2 (2022-11-05)

• Fixed regression introduced in v0.38.1 which broke parsing of wheel file names with multiple platform tags

0.38.1 (2022-11-04)

• Removed install dependency on setuptools
• The future-proof fix in 0.36.0 for converting PyPy's SOABI into a abi tag was faulty. Fixed so that future changes in the SOABI will not change the tag.

0.38.0 (2022-10-21)

• Dropped support for Python < 3.7
• Updated vendored packaging to 21.3
• Replaced all uses of distutils with setuptools
• The handling of license_files (including glob patterns and default values) is now delegated to setuptools>=57.0.0 (#466). The package dependencies were updated to reflect this change.
• Fixed potential DoS attack via the WHEEL_INFO_RE regular expression
• Fixed ValueError: ZIP does not support timestamps before 1980 when using SOURCE_DATE_EPOCH=0 or when on-disk timestamps are earlier than 1980-01-01. Such timestamps are now changed to the minimum value before packaging.

0.37.1 (2021-12-22)

• Fixed wheel pack duplicating the WHEEL contents when the build number has changed (#415)
• Fixed parsing of file names containing commas in RECORD (PR by Hood Chatham)

0.37.0 (2021-08-09)

• Added official Python 3.10 support
• Updated vendored packaging library to v20.9

... (truncated)

• 6f1608d Created a new release
• cf8f5ef Moved news item from PR #484 to its proper place
• 9ec2016 Removed install dependency on setuptools (#483)
• 747e1f6 Fixed PyPy SOABI parsing (#484)
• 7627548 [pre-commit.ci] pre-commit autoupdate (#480)
• 7b9e8e1 Test on Python 3.11 final
• a04dfef Updated the pypi-publish action
• 94bb62c Fixed docs not building due to code style changes
• d635664 Updated the codecov action to the latest version
• fcb94cd Updated version to match the release
• Additional commits viewable in compare view

Sourced from joblib's changelog.

Release 1.2.0

• Fix a security issue where eval(pre_dispatch) could potentially run arbitrary code. Now only basic numerics are supported. joblib/joblib#1327

• Make sure that joblib works even when multiprocessing is not available, for instance with Pyodide joblib/joblib#1256

• Avoid unnecessary warnings when workers and main process delete the temporary memmap folder contents concurrently. joblib/joblib#1263

• Fix memory alignment bug for pickles containing numpy arrays. This is especially important when loading the pickle with mmap_mode != None as the resulting numpy.memmap object would not be able to correct the misalignment without performing a memory copy. This bug would cause invalid computation and segmentation faults with native code that would directly access the underlying data buffer of a numpy array, for instance C/C++/Cython code compiled with older GCC versions or some old OpenBLAS written in platform specific assembly. joblib/joblib#1254

• Vendor cloudpickle 2.2.0 which adds support for PyPy 3.8+.

• Vendor loky 3.3.0 which fixes several bugs including:

  • robustly forcibly terminating worker processes in case of a crash (joblib/joblib#1269);

  • avoiding leaking worker processes in case of nested loky parallel calls;

  • reliability spawn the correct number of reusable workers.

Release 1.1.0

• Fix byte order inconsistency issue during deserialization using joblib.load in cross-endian environment: the numpy arrays are now always loaded to use the system byte order, independently of the byte order of the system that serialized the pickle. joblib/joblib#1181

• Fix joblib.Memory bug with the ignore parameter when the cached function is a decorated function.

... (truncated)

• 5991350 Release 1.2.0
• 3fa2188 MAINT cleanup numpy warnings related to np.matrix in tests (#1340)
• cea26ff CI test the future loky-3.3.0 branch (#1338)
• 8aca6f4 MAINT: remove pytest.warns(None) warnings in pytest 7 (#1264)
• 067ed4f XFAIL test_child_raises_parent_exits_cleanly with multiprocessing (#1339)
• ac4ebd5 MAINT add back pytest warnings plugin (#1337)
• a23427d Test child raises parent exits cleanly more reliable on macos (#1335)
• ac09691 [MAINT] various test updates (#1334)
• 4a314b1 Vendor loky 3.2.0 (#1333)
• bdf47e9 Make test_parallel_with_interactively_defined_functions_default_backend timeo...
• Additional commits viewable in compare view

Sourced from numpy's releases.

v1.22.0

NumPy 1.22.0 Release Notes

NumPy 1.22.0 is a big release featuring the work of 153 contributors spread over 609 pull requests. There have been many improvements, highlights are:

• Annotations of the main namespace are essentially complete. Upstream is a moving target, so there will likely be further improvements, but the major work is done. This is probably the most user visible enhancement in this release.
• A preliminary version of the proposed Array-API is provided. This is a step in creating a standard collection of functions that can be used across application such as CuPy and JAX.
• NumPy now has a DLPack backend. DLPack provides a common interchange format for array (tensor) data.
• New methods for quantile, percentile, and related functions. The new methods provide a complete set of the methods commonly found in the literature.
• A new configurable allocator for use by downstream projects.

These are in addition to the ongoing work to provide SIMD support for commonly used functions, improvements to F2PY, and better documentation.

The Python versions supported in this release are 3.8-3.10, Python 3.7 has been dropped. Note that 32 bit wheels are only provided for Python 3.8 and 3.9 on Windows, all other wheels are 64 bits on account of Ubuntu, Fedora, and other Linux distributions dropping 32 bit support. All 64 bit wheels are also linked with 64 bit integer OpenBLAS, which should fix the occasional problems encountered by folks using truly huge arrays.

Expired deprecations

Deprecated numeric style dtype strings have been removed

Using the strings "Bytes0", "Datetime64", "Str0", "Uint32", and "Uint64" as a dtype will now raise a TypeError.

(gh-19539)

Expired deprecations for loads, ndfromtxt, and mafromtxt in npyio

numpy.loads was deprecated in v1.15, with the recommendation that users use pickle.loads instead. ndfromtxt and mafromtxt were both deprecated in v1.17 - users should use numpy.genfromtxt instead with the appropriate value for the usemask parameter.

(gh-19615)

... (truncated)

• 4adc87d Merge pull request #20685 from charris/prepare-for-1.22.0-release
• fd66547 REL: Prepare for the NumPy 1.22.0 release.
• 125304b wip
• c283859 Merge pull request #20682 from charris/backport-20416
• 5399c03 Merge pull request #20681 from charris/backport-20954
• f9c45f8 Merge pull request #20680 from charris/backport-20663
• 794b36f Update armccompiler.py
• d93b14e Update test_public_api.py
• 7662c07 Update init.py
• 311ab52 Update armccompiler.py
• Additional commits viewable in compare view

• d43c7c7 release 7.16.3
• 5fa1e40 Merge pull request from GHSA-pq7m-3gw7-gq5x
• 8df8971 back to dev
• 9f477b7 release 7.16.2
• 138f266 bring back release helper from master branch
• 5aa3634 Merge pull request #13341 from meeseeksmachine/auto-backport-of-pr-13335-on-7...
• bcae8e0 Backport PR #13335: What's new 7.16.2
• 8fcdcd3 Pin Jedi to <0.17.2.
• 2486838 release 7.16.1
• 20bdc6f fix conda build
• Additional commits viewable in compare view

Sourced from pip's changelog.

21.1 (2021-04-24)

Process

• Start installation scheme migration from distutils to sysconfig. A warning is implemented to detect differences between the two implementations to encourage user reports, so we can avoid breakages before they happen.

Features

• Add the ability for the new resolver to process URL constraints. ([#8253](https://github.com/pypa/pip/issues/8253) <https://github.com/pypa/pip/issues/8253>_)
• Add a feature --use-feature=in-tree-build to build local projects in-place when installing. This is expected to become the default behavior in pip 21.3; see Installing from local packages <https://pip.pypa.io/en/stable/user_guide/#installing-from-local-packages>_ for more information. ([#9091](https://github.com/pypa/pip/issues/9091) <https://github.com/pypa/pip/issues/9091>_)
• Bring back the "(from versions: ...)" message, that was shown on resolution failures. ([#9139](https://github.com/pypa/pip/issues/9139) <https://github.com/pypa/pip/issues/9139>_)
• Add support for editable installs for project with only setup.cfg files. ([#9547](https://github.com/pypa/pip/issues/9547) <https://github.com/pypa/pip/issues/9547>_)
• Improve performance when picking the best file from indexes during pip install. ([#9748](https://github.com/pypa/pip/issues/9748) <https://github.com/pypa/pip/issues/9748>_)
• Warn instead of erroring out when doing a PEP 517 build in presence of --build-option. Warn when doing a PEP 517 build in presence of --global-option. ([#9774](https://github.com/pypa/pip/issues/9774) <https://github.com/pypa/pip/issues/9774>_)

Bug Fixes

• Fixed --target to work with --editable installs. ([#4390](https://github.com/pypa/pip/issues/4390) <https://github.com/pypa/pip/issues/4390>_)
• Add a warning, discouraging the usage of pip as root, outside a virtual environment. ([#6409](https://github.com/pypa/pip/issues/6409) <https://github.com/pypa/pip/issues/6409>_)
• Ignore .dist-info directories if the stem is not a valid Python distribution name, so they don't show up in e.g. pip freeze. ([#7269](https://github.com/pypa/pip/issues/7269) <https://github.com/pypa/pip/issues/7269>_)
• Only query the keyring for URLs that actually trigger error 401. This prevents an unnecessary keyring unlock prompt on every pip install invocation (even with default index URL which is not password protected). ([#8090](https://github.com/pypa/pip/issues/8090) <https://github.com/pypa/pip/issues/8090>_)
• Prevent packages already-installed alongside with pip to be injected into an isolated build environment during build-time dependency population. ([#8214](https://github.com/pypa/pip/issues/8214) <https://github.com/pypa/pip/issues/8214>_)
• Fix pip freeze permission denied error in order to display an understandable error message and offer solutions. ([#8418](https://github.com/pypa/pip/issues/8418) <https://github.com/pypa/pip/issues/8418>_)
• Correctly uninstall script files (from setuptools' scripts argument), when installed with --user. ([#8733](https://github.com/pypa/pip/issues/8733) <https://github.com/pypa/pip/issues/8733>_)
• New resolver: When a requirement is requested both via a direct URL (req @ URL) and via version specifier with extras (req[extra]), the resolver will now be able to use the URL to correctly resolve the requirement with extras. ([#8785](https://github.com/pypa/pip/issues/8785) <https://github.com/pypa/pip/issues/8785>_)
• New resolver: Show relevant entries from user-supplied constraint files in the error message to improve debuggability. ([#9300](https://github.com/pypa/pip/issues/9300) <https://github.com/pypa/pip/issues/9300>_)
• Avoid parsing version to make the version check more robust against lousily debundled downstream distributions. ([#9348](https://github.com/pypa/pip/issues/9348) <https://github.com/pypa/pip/issues/9348>_)
• --user is no longer suggested incorrectly when pip fails with a permission error in a virtual environment. ([#9409](https://github.com/pypa/pip/issues/9409) <https://github.com/pypa/pip/issues/9409>_)
• Fix incorrect reporting on Requires-Python conflicts. ([#9541](https://github.com/pypa/pip/issues/9541) <https://github.com/pypa/pip/issues/9541>_)

... (truncated)

• 2b2a268 Bump for release
• ea761a6 Update AUTHORS.txt
• 2edd3fd Postpone a deprecation to 21.2
• 3cccfbf Rename mislabeled news fragment
• 21cd124 Fix NEWS.rst placeholder position
• e46bdda Merge pull request #9827 from pradyunsg/fix-git-improper-tag-handling
• 0e4938d :newspaper:
• ca832b2 Don't split git references on unicode separators
• 1320bac Merge pull request #9814 from pradyunsg/revamp-ci-apr-2021-v2
• e9cc23f Skip checks on PRs only
• Additional commits viewable in compare view