Bump numpy from 2.0.1 to 2.0.2

[dependabot]

Bumps numpy from 2.0.1 to 2.0.2.

Release notes

Sourced from numpy's releases.

NumPy 2.0.2 release (Aug 26, 2024)

NumPy 2.0.2 Release Notes

NumPy 2.0.2 is a maintenance release that fixes bugs and regressions discovered after the 2.0.1 release.

The Python versions supported by this release are 3.9-3.12.

Contributors

A total of 13 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Bruno Oliveira +
• Charles Harris
• Chris Sidebottom
• Christian Heimes +
• Christopher Sidebottom
• Mateusz Sokół
• Matti Picus
• Nathan Goldbaum
• Pieter Eendebak
• Raghuveer Devulapalli
• Ralf Gommers
• Sebastian Berg
• Yair Chuchem +

Pull requests merged

A total of 19 pull requests were merged for this release.

• #27000: REL: Prepare for the NumPy 2.0.1 release [wheel build]
• #27001: MAINT: prepare 2.0.x for further development
• #27021: BUG: cfuncs.py: fix crash when sys.stderr is not available
• #27022: DOC: Fix migration note for alltrue and sometrue
• #27061: BUG: use proper input and output descriptor in array_assign_subscript...
• #27073: BUG: Mirror VQSORT_ENABLED logic in Quicksort
• #27074: BUG: Bump Highway to latest master
• #27077: BUG: Off by one in memory overlap check
• #27122: BUG: Use the new npyv_loadable_stride_ functions for ldexp and...
• #27126: BUG: Bump Highway to latest
• #27128: BUG: add missing error handling in public_dtype_api.c
• #27129: BUG: fix another cast setup in array_assign_subscript
• #27130: BUG: Fix building NumPy in FIPS mode
• #27131: BLD: update vendored Meson for cross-compilation patches
• #27146: MAINT: Scipy openblas 0.3.27.44.4
• #27151: BUG: Do not accidentally store dtype metadata in np.save
• #27195: REV: Revert undef I and document it
• #27213: BUG: Fix NPY_RAVEL_AXIS on backwards compatible NumPy 2 builds
• #27279: BUG: Fix array_equal for numeric and non-numeric scalar types

... (truncated)

Commits

• 854252d Merge pull request #27280 from charris/prepare-2.0.2
• cffa071 REL: Prepare for the NumPy 2.0.2 release [wheel build]
• 1693029 Merge pull request #27279 from charris/backport-27275
• da9f9c3 BUG: Fix array_equal for numeric and non-numeric scalar types
• ee1cf96 Merge pull request #27213 from charris/backport-27202
• 49dec35 BUG: Fix NPY_RAVEL_AXIS on backwards compatible NumPy 2 builds
• be56ae2 Merge pull request #27195 from charris/backport-27182
• 75b039c REV: Revert undef I and document it
• 428e2ba Merge pull request #27151 from charris/backport-27143
• 451516d BUG: Do not accidentally store dtype metadata in np.save
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
pip/numpy	2.0.2	🟢 8.1	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 19 out of 19 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed Contributors 🟢 10 project has 93 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 9 license file detected Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 SAST 🟢 10 SAST tool is run on all commits Security-Policy 🟢 9 security policy file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected

Scanned Manifest Files

poetry.lock

• numpy@2.0.2
• numpy@2.0.1