Bump the apptainer group in /apptainer/python with 3 updates

[dependabot]

Bumps the apptainer group in /apptainer/python with 3 updates: numpy, psutil and intel-openmp.

Updates numpy from 2.2.2 to 2.2.3

Release notes

Sourced from numpy's releases.

2.2.3 (Feb 13, 2025)

NumPy 2.2.3 Release Notes

NumPy 2.2.3 is a patch release that fixes bugs found after the 2.2.2 release. The majority of the changes are typing improvements and fixes for free threaded Python. Both of those areas are still under development, so if you discover new problems, please report them.

This release supports Python versions 3.10-3.13.

Contributors

A total of 9 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• !amotzop
• Charles Harris
• Chris Sidebottom
• Joren Hammudoglu
• Matthew Brett
• Nathan Goldbaum
• Raghuveer Devulapalli
• Sebastian Berg
• Yakov Danishevsky +

Pull requests merged

A total of 21 pull requests were merged for this release.

• #28185: MAINT: Prepare 2.2.x for further development
• #28201: BUG: fix data race in a more minimal way on stable branch
• #28208: BUG: Fix from_float_positional errors for huge pads
• #28209: BUG: fix data race in np.repeat
• #28212: MAINT: Use VQSORT_COMPILER_COMPATIBLE to determine if we should...
• #28224: MAINT: update highway to latest
• #28236: BUG: Add cpp atomic support (#28234)
• #28237: BLD: Compile fix for clang-cl on WoA
• #28243: TYP: Avoid upcasting float64 in the set-ops
• #28249: BLD: better fix for clang / ARM compiles
• #28266: TYP: Fix timedelta64.__divmod__ and timedelta64.__mod__...
• #28274: TYP: Fixed missing typing information of set_printoptions
• #28278: BUG: backport resource cleanup bugfix from gh-28273
• #28282: BUG: fix incorrect bytes to stringdtype coercion
• #28283: TYP: Fix scalar constructors
• #28284: TYP: stub numpy.matlib
• #28285: TYP: stub the missing numpy.testing modules
• #28286: CI: Fix the github label for TYP: PR's and issues
• #28305: TYP: Backport typing updates from main
• #28321: BUG: fix race initializing legacy dtype casts
• #28324: CI: update test_moderately_small_alpha

... (truncated)

Commits

• a274561 Merge pull request #28322 from charris/prepare-2.2.3
• 5ab0f71 REL: Prepare for the NumPy 2.2.3 release [wheel build]
• 010ad9b Merge pull request #28324 from charris/update-test_dirichlet_moderately_small...
• 6338746 CI: update test_moderately_small_alpha [wheel build]
• 56f8d5b Merge pull request #28321 from charris/backport-28290
• 48515a3 MAINT: Update some testing files from main
• 96ca7e3 MAINT: respond to code review
• c20ac88 MAINT: use a try/finally to make the deadlock protection more robust
• d494647 MAINT: fix indentation and clarify comment
• 3f8fbd6 MAINT: go back to try/except
• Additional commits viewable in compare view

Updates psutil from 6.1.1 to 7.0.0

Changelog

Sourced from psutil's changelog.

7.0.0

2025-02-13

Enhancements

• 669_, [Windows]: net_if_addrs()_ also returns the broadcast address instead of None.
• 2480_: Python 2.7 is no longer supported. Latest version supporting Python 2.7 is psutil 6.1.X. Install it with: pip2 install psutil==6.1.*.
• 2490_: removed long deprecated Process.memory_info_ex() method. It was deprecated in psutil 4.0.0, released 8 years ago. Substitute is Process.memory_full_info().

Bug fixes

• 2496_, [Linux]: Avoid segfault (a cPython bug) on Process.memory_maps() for processes that use hundreds of GBs of memory.
• 2502_, [macOS]: virtual_memory()_ now relies on host_statistics64 instead of host_statistics. This is the same approach used by vm_stat CLI tool, and should grant more accurate results.

Compatibility notes

• 2480_: Python 2.7 is no longer supported.
• 2490_: removed long deprecated Process.memory_info_ex() method.

Commits

• ea5b556 pre-release
• d6e28b7 try to fix tests
• 104bb32 test cpu_times() for process children
• 16c091b test cpu_times() for process children
• eee09da [OSX] proc.c: Fix goo.gl link in comment for source reference (#2505)
• 17e2780 ci: build aarch64 wheel on GHA aarch64 runner (#2503)
• 1ba8667 pin black version to 24.X, because new 25.X breaks style
• 9c114a5 [OSX] use host_statistics64 to get memory metrics (#2502)
• 08d7d43 pin black version to 24.X, because new 25.X breaks style
• a509e5a 669 windows broadcast addr (#2501)
• Additional commits viewable in compare view

Updates intel-openmp from 2025.0.4 to 2025.0.5

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

apptainer/python/requirements.txt

Package	Version	License	Issue Type
intel-openmp	2025.0.5	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
pip/intel-openmp	2025.0.5	Unknown	Unknown
pip/numpy	2.2.3	🟢 7.8	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 18 out of 18 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 9 Found 17/18 approved changesets -- score normalized to 9 Contributors 🟢 10 project has 95 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 9 license file detected Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 SAST 🟢 9 SAST tool detected but not run on all commits Security-Policy 🟢 9 security policy file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected
pip/psutil	7.0.0	🟢 5.7	Details Check Score Reason Code-Review ⚠️ 1 Found 4/30 approved changesets -- score normalized to 1 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• apptainer/python/requirements.txt