Bump the classical-ml group across 1 directory with 3 updates

[dependabot]

Bumps the classical-ml group with 3 updates in the /classical-ml directory: scikit-learn-intelex, xgboost and jupyterlab.

Updates scikit-learn-intelex from 2024.7.0 to 2025.0.0

Commits

• 65afadb DOC: Add info about incremental algorithms and BS (#2103) (#2112)
• e0535f6 DOC: Array API support (backport #1918) (#2122)
• ae8edf3 oneMKL migration: Cherry-picking commits from #2063 and #2066 into 2025.0 rel...
• 4ef0f8b MAINT: allow distutils when packaging is not available (#2058) (#2060)
• 84e0e4a CI: deselections for 2025.0 (#2049)
• 5b5bd55 add instructions for building without installation (#2047)
• 5b149cb Optimize and fix sample weight checks for Kmeans predict (#2042)
• 5df8206 DEPS: array-api-strict to v2 (#2034)
• c0181f5 ENH: functional support for Array API (#1861)
• a92177f TEST: disabled LogReg SPMD test case (#2031)
• Additional commits viewable in compare view

Updates xgboost from 2.1.1 to 2.1.2

Release notes

Sourced from xgboost's releases.

2.1.2 Patch Release

The 2.1.2 patch release makes the following bug fixes:

• Clean up and modernize release-artifacts.py (#10818)
• Fix ellpack categorical feature with missing values. (#10906)
• Fix unbiased ltr with training continuation. (#10908)
• Fix potential race in feature constraint. (#10719)
• Fix boolean array for arrow-backed DF. (#10527)
• Ensure that pip check does not fail due to a bad platform tag (#10755)
• Check cub errors (#10721)
• Limit the maximum number of threads. (#10872)
• Fixes for large size clusters. (#10880)
• POSIX compliant poll.h and mmap (#10767)

Additional artifacts:

You can verify the downloaded packages by running the following command on your Unix shell:

echo "<hash> <artifact>" | shasum -a 256 --check

a84fc7d9846c24659a2ad16788a7eefa9640b19eea9bbc65f30e0a9d53c52453  xgboost-2.1.2.tar.gz
999eff38533ea79ab3a1f0da524c54f6d0abd2ef220b6dbb9ba1331703e898bc  xgboost_r_gpu_linux_2.1.2.tar.gz

Experimental binary packages for R with CUDA enabled

• xgboost_r_gpu_linux_2.1.2.tar.gz: Download

Source tarball

• xgboost.tar.gz: Download

Commits

• f199039 Bump minor version to 2.1.2. (#10921)
• 346c1f9 [BP] Clean up and modernize release-artifacts.py (#10818) (#10919)
• d6059f4 [BP] Test ellpack categorical feature with missing values. (#10906) (#10912)
• 40742a9 [BP] Fix unbiased ltr with training continuation. (#10908) (#10909)
• 6b4d703 [BP] Fix potential race in feature constraint. (#10719) (#10900)
• a4c6cde [BP] Fix boolean array for arrow-backed DF. (#10527) (#10901)
• 7f87b9e Ensure that pip check does not fail due to bad platform tag (#10755) (#10902)
• cc6d03c [BP] Check cub errors (#10721) (#10903)
• 1c61752 Limit the maximum number of threads. (#10872) (#10904)
• 5556bc3 [BP] Fixes for large size clusters. (#10880) (#10899)
• Additional commits viewable in compare view

Updates jupyterlab from 4.2.5 to 4.3.0

Release notes

Sourced from jupyterlab's releases.

v4.3.0

4.3.0

(Full Changelog)

New features added

• Notebook minimap in the virtual scrollbar #16432 (@​krassowski)

Enhancements made

• Change "File Size" column name to "Size" at small widths #16849 (@​JasonWeill)
• Adds command to toggle cell outputs #16833 (@​JasonWeill)
• Improve notebook output stream processing #16814 (@​davidbrochart)
• Update Show Virtual Scrollbar -> Show Minimap #16776 (@​jtpio)
• Clean up SVG icons from @jupyterlab/ui-components and update SVGO #16678 (@​joaopalmeiro)
• Convert @jupyterlab/completer type colors to theme CSS variables #16656 (@​joaopalmeiro)
• Adopt a theme CSS variable for the "expand a collapsed cell" button shadow #16653 (@​joaopalmeiro)
• Implement resizing for the file browser #16646 (@​krassowski)
• Add kernel selection to Galata notebook creation #16639 (@​pauldruce)
• Option to disable cell toolbar #16637 (@​JasonWeill)
• Update pending input message for clarification #16632 (@​RRosio)
• Standardize dialogs to shut down all kernels #16629 (@​joaopalmeiro)
• Standardize the button role and label for single, dismissal buttons in dialogs #16622 (@​joaopalmeiro)
• Copy and style edits for upgrade news notification #16615 (@​JasonWeill)
• Suppress the inline/tab completer if the other is already active #16613 (@​krassowski)
• Standardize the "go-to-line" input field using theme CSS variables #16604 (@​joaopalmeiro)
• Add setting to enable single-click navigation in file browser #16598 (@​RRosio)
• Standardize Contextual Help placeholder according to TOC #16572 (@​joaopalmeiro)
• Adopt the --jp-border-radius CSS variable in missing input fields #16568 (@​joaopalmeiro)
• Add Tab as an alternative shortcut for accepting inline completion #16565 (@​andrewfulton9)
• Set the background color for the hover state of the New Launcher button #16551 (@​joaopalmeiro)
• Adopt theme CSS variables for generic input fields #16548 (@​joaopalmeiro)
• Update the CSS variable used for notebook cell shadows #16546 (@​joaopalmeiro)
• Scope CSS rules to a new .jp-ThemedContainer class #16519 (@​fcollonval)
• Improve stream output handling #16498 (@​davidbrochart)
• [GSoC 2024] Use toolkit tree view for all tree view: table of content, debugger variables and running tabs #16488 (@​Mehak261124)
• Update notebook kernel selector #16475 (@​afshin)
• Filebrowser filter below breadcrumbs #16446 (@​JasonWeill)
• Define ICodeCellModel.executionState, deprecate setPrompt() #16431 (@​krassowski)
• Implement viewport tracking and reactive rendering in scrollbar #16392 (@​krassowski)
• Use lazy loading for HTML/PDF files, and help tabs #16387 (@​hnben)
• Shut down unused kernels #16341 (@​NexVeridian)
• Add the command to toggle the virtual scrollbar to the palette #16322 (@​jtpio)
• Add a signal to proxy all Completer.selected signals #16312 (@​ajbozarth)
• Add fullscreen mode menu entry and shortcut #16308 (@​dhysdrn)
• Advertise the color scheme based on the theme #16301 (@​krassowski)
• Add option to dismiss "Server Connection Error" dialog for the duration of the session #16269 (@​RRosio)

... (truncated)

Changelog

Sourced from jupyterlab's changelog.

4.3.0

(Full Changelog)

New features added

• Notebook minimap in the virtual scrollbar #16432 (@​krassowski)

Enhancements made

• Change "File Size" column name to "Size" at small widths #16849 (@​JasonWeill)
• Adds command to toggle cell outputs #16833 (@​JasonWeill)
• Improve notebook output stream processing #16814 (@​davidbrochart)
• Update Show Virtual Scrollbar -> Show Minimap #16776 (@​jtpio)
• Clean up SVG icons from @jupyterlab/ui-components and update SVGO #16678 (@​joaopalmeiro)
• Convert @jupyterlab/completer type colors to theme CSS variables #16656 (@​joaopalmeiro)
• Adopt a theme CSS variable for the "expand a collapsed cell" button shadow #16653 (@​joaopalmeiro)
• Implement resizing for the file browser #16646 (@​krassowski)
• Add kernel selection to Galata notebook creation #16639 (@​pauldruce)
• Option to disable cell toolbar #16637 (@​JasonWeill)
• Update pending input message for clarification #16632 (@​RRosio)
• Standardize dialogs to shut down all kernels #16629 (@​joaopalmeiro)
• Standardize the button role and label for single, dismissal buttons in dialogs #16622 (@​joaopalmeiro)
• Copy and style edits for upgrade news notification #16615 (@​JasonWeill)
• Suppress the inline/tab completer if the other is already active #16613 (@​krassowski)
• Standardize the "go-to-line" input field using theme CSS variables #16604 (@​joaopalmeiro)
• Add setting to enable single-click navigation in file browser #16598 (@​RRosio)
• Standardize Contextual Help placeholder according to TOC #16572 (@​joaopalmeiro)
• Adopt the --jp-border-radius CSS variable in missing input fields #16568 (@​joaopalmeiro)
• Add Tab as an alternative shortcut for accepting inline completion #16565 (@​andrewfulton9)
• Set the background color for the hover state of the New Launcher button #16551 (@​joaopalmeiro)
• Adopt theme CSS variables for generic input fields #16548 (@​joaopalmeiro)
• Update the CSS variable used for notebook cell shadows #16546 (@​joaopalmeiro)
• Scope CSS rules to a new .jp-ThemedContainer class #16519 (@​fcollonval)
• Improve stream output handling #16498 (@​davidbrochart)
• [GSoC 2024] Use toolkit tree view for all tree view: table of content, debugger variables and running tabs #16488 (@​Mehak261124)
• Update notebook kernel selector #16475 (@​afshin)
• Filebrowser filter below breadcrumbs #16446 (@​JasonWeill)
• Define ICodeCellModel.executionState, deprecate setPrompt() #16431 (@​krassowski)
• Implement viewport tracking and reactive rendering in scrollbar #16392 (@​krassowski)
• Use lazy loading for HTML/PDF files, and help tabs #16387 (@​hnben)
• Shut down unused kernels #16341 (@​NexVeridian)
• Add the command to toggle the virtual scrollbar to the palette #16322 (@​jtpio)
• Add a signal to proxy all Completer.selected signals #16312 (@​ajbozarth)
• Add fullscreen mode menu entry and shortcut #16308 (@​dhysdrn)
• Advertise the color scheme based on the theme #16301 (@​krassowski)
• Add option to dismiss "Server Connection Error" dialog for the duration of the session #16269 (@​RRosio)
• Add checkbox to skip showing the kernel restart dialog #16265 (@​NexVeridian)
• Allow to select the path in debugger source component #16246 (@​krassowski)
• Show kernel ID for notebooks and consoles in list view #16228 (@​gderocher)

... (truncated)

Commits

• 8e67004 [ci skip] Publish 4.3.0
• 9181514 Remove (beta) from the 4.3 changelog (#16902)
• 9cc6267 Update to @jupyter/ydoc final (#16898)
• 090fe73 [ci skip] Publish 4.3.0rc1
• a036d6b Fix bracket highlighting for Python string literal concatenation (#16866)
• d6f97bd Fix the handling of the file browser configuration (#16870)
• 48691c6 Ignore https://code.visualstudio.com in check-links (#16878)
• 37ddf09 Conditional rendering of 'Add' and 'or' buttons during shortcut editing (#16831)
• 5da7830 Fix incorrect access to uninitialised serverRequests (#16834)
• c9b0f6d Standardize the button role and label for single, dismissal buttons in dialog...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

classical-ml/jupyter-requirements.txt

Package	Version	License	Issue Type
jupyterlab	4.3.0	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
pip/jupyterlab	4.3.0	🟢 5.4	Details Check Score Reason Code-Review 🟢 8 Found 21/24 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10 License 🟢 9 license file detected CII-Best-Practices ⚠️ 2 badge detected: InProgress Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during GetBranch(4.2.x): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST 🟢 9 SAST tool detected but not run on all commits Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 17 existing vulnerabilities detected
pip/scikit-learn-intelex	2025.0.0	🟢 6.2	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 7 3 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/xgboost	2.1.2	🟢 6.6	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 9 29 out of 30 merged PRs checked by a CI test -- score normalized to 9 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 8 Found 17/19 approved changesets -- score normalized to 8 Contributors 🟢 10 project has 53 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 Packaging 🟢 10 packaging workflow detected Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected

Scanned Files

• classical-ml/jupyter-requirements.txt
• classical-ml/requirements.txt

[jitendra42]

@dependabot rebase

[dependabot]

Looks like these dependencies are no longer updatable, so this is no longer needed.