Skip to content

Bump tqdm from 4.64.1 to 4.66.3#1

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/tqdm-4.66.3
Open

Bump tqdm from 4.64.1 to 4.66.3#1
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/tqdm-4.66.3

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Feb 19, 2026

Bumps tqdm from 4.64.1 to 4.66.3.

Release notes

Sourced from tqdm's releases.

tqdm v4.66.3 stable

tqdm v4.66.2 stable

  • pandas: add DataFrame.progress_map (#1549)
  • notebook: fix HTML padding (#1506)
  • keras: fix resuming training when verbose>=2 (#1508)
  • fix format_num negative fractions missing leading zero (#1548)
  • fix Python 3.12 DeprecationWarning on import (#1519)
  • linting: use f-strings (#1549)
  • update tests (#1549)
  • CI: bump actions (#1549)

tqdm v4.66.1 stable

  • fix utils.envwrap types (#1493 <- #1491, #1320 <- #966, #1319)
    • e.g. cloudwatch & kubernetes workaround: export TQDM_POSITION=-1
  • drop mentions of unsupported Python versions

tqdm v4.66.0 stable

  • environment variables to override defaults (TQDM_*) (#1491 <- #1061, #950 <- #614, #1318, #619, #612, #370)
    • e.g. in CI jobs, export TQDM_MININTERVAL=5 to avoid log spam
    • add tests & docs for tqdm.utils.envwrap
  • fix & update CLI completion
  • fix & update API docs
  • minor code tidy: replace os.path => pathlib.Path
  • fix docs image hosting
  • release with CI bot account again (cli/cli#6680)

tqdm v4.65.2 stable

  • exclude examples from distributed wheel (#1492)

tqdm v4.65.1 stable

  • migrate setup.{cfg,py} => pyproject.toml (#1490)
    • fix asv benchmarks
    • update docs
  • fix snap build (#1490)
  • fix & update tests (#1490)
    • fix flaky notebook tests
    • bump pre-commit
    • bump workflow actions

tqdm v4.65.0 stable

  • add Python 3.11 and drop Python 3.6 support (#1439, #1419, #502 <- #720, #620)
  • misc code & docs tidy
  • fix & update CI workflows & tests
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump tqdm from 4.64.1 to 4.66.3
d7eb77b 
Bumps [tqdm](https://github.com/tqdm/tqdm) from 4.64.1 to 4.66.3.
- [Release notes](https://github.com/tqdm/tqdm/releases)
- [Commits](tqdm/tqdm@v4.64.1...v4.66.3)

---
updated-dependencies:
- dependency-name: tqdm
  dependency-version: 4.66.3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Feb 19, 2026
@dbmi-svc-checkmarx
Copy link

dbmi-svc-checkmarx commented Feb 19, 2026

Logo
Checkmarx One – Scan Summary & Detailsf825ccc4-4334-467b-982a-d4bd78335ae3

Fixed Issues (30)

Great job! The following issues were fixed in this Pull Request

Severity Issue Source File / Package
CRITICAL CVE-2025-32434 Python-torch-2.0.0
HIGH CVE-2019-9423 Python-opencv-python-headless-4.13.0.92
HIGH CVE-2024-31580 Python-torch-2.0.0
HIGH CVE-2024-31583 Python-torch-2.0.0
HIGH CVE-2025-55551 Python-torch-2.0.0
HIGH CVE-2025-55553 Python-torch-2.0.0
HIGH CVE-2025-55557 Python-torch-2.0.0
HIGH CVE-2025-55558 Python-torch-2.0.0
HIGH CVE-2025-55560 Python-torch-2.0.0
HIGH CVE-2026-24747 Python-torch-2.0.0
MEDIUM CVE-2024-31584 Python-torch-2.0.0
MEDIUM CVE-2024-34062 Python-tqdm-4.64.1
MEDIUM CVE-2024-5206 Python-scikit-learn-1.2.2
MEDIUM CVE-2025-2953 Python-torch-2.0.0
MEDIUM CVE-2025-2998 Python-torch-2.0.0
MEDIUM CVE-2025-2999 Python-torch-2.0.0
MEDIUM CVE-2025-3000 Python-torch-2.0.0
MEDIUM CVE-2025-3001 Python-torch-2.0.0
MEDIUM CVE-2025-3121 Python-torch-2.0.0
MEDIUM CVE-2025-3136 Python-torch-2.0.0
MEDIUM CVE-2025-3730 Python-torch-2.0.0
MEDIUM CVE-2025-4287 Python-torch-2.0.0
MEDIUM CVE-2025-46148 Python-torch-2.0.0
MEDIUM CVE-2025-46149 Python-torch-2.0.0
MEDIUM CVE-2025-46150 Python-torch-2.0.0
MEDIUM CVE-2025-46152 Python-torch-2.0.0
MEDIUM CVE-2025-55552 Python-torch-2.0.0
MEDIUM CVE-2025-55554 Python-torch-2.0.0
LOW CVE-2025-2148 Python-torch-2.0.0
LOW CVE-2025-63396 Python-torch-2.0.0

Use @Checkmarx to interact with Checkmarx PR Assistant.
Examples:
@Checkmarx how are you able to help me?
@Checkmarx rescan this PR

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dbmi-svc-checkmarx