Skip to content

chore(deps): bump the pip-minor-and-patch group in /omniparser with 3 updates#16

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/omniparser/pip-minor-and-patch-b33a6358ef
Closed

chore(deps): bump the pip-minor-and-patch group in /omniparser with 3 updates#16
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/omniparser/pip-minor-and-patch-b33a6358ef

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github May 15, 2026

Bumps the pip-minor-and-patch group in /omniparser with 3 updates: ultralytics, supervision and einops.

Updates ultralytics from 8.3.70 to 8.4.50

Release notes

Sourced from ultralytics's releases.

v8.4.26 - Platform NDJSON autosplit (#23990)

🌟 Summary

v8.4.26 focuses on reliability and usability improvements: smarter Platform dataset handling (auto-validation split for NDJSON), more robust Platform URL resolution, and an important FP16 SAM inference crash fix—plus CI and docs polish. 🚀

📊 Key Changes

  • ✅ Platform NDJSON auto-split (PR #23990, @​glenn-jocher)
    If a dataset has a train split but no val/test, Ultralytics now automatically creates a small validation split from training data instead of failing immediately.

    • Uses a deterministic split approach for consistency.
    • Warns users to still create a manual validation split for best quality.

  • 🌐 More reliable Ultralytics Platform URI resolution (PR #23990, @​glenn-jocher)
    Improved ul://... resolution with:

    • Retry logic for transient connection issues
    • Better timeout strategy (fast connect timeout + longer read timeout for large dataset processing)
    • Clearer handling for auth, permission, not-found, and processing states

  • 🧠 FP16 SAM TinyViT inference crash fix (PR #23780, @​Edwin-Kevin)
    Fixed a half-precision inference error in SAM TinyViT models (like mobile_sam.pt) caused by dtype mismatch in cached tensors.

    • Model setup order was adjusted so cached eval-time tensors match FP16 expectations.
    • Added/updated CUDA test coverage with half=True.

  • ⚙️ CI simplification and stability updates (mainly PR #23990)

    • Removed dedicated HUB CI job and related manual trigger
    • Standardized many CI runners from cpu-latest to ubuntu-latest
    • Temporarily pinned GPU CI to torch<2.11 until CUDA 13 driver support is ready

  • 📚 Platform docs improvements

🎯 Purpose & Impact

  • Less friction for dataset conversion 📦
    Users importing NDJSON datasets into YOLO workflows are less likely to hit hard failures when a validation split is missing.

  • Better reliability in cloud/remote workflows ☁️
    Platform URI retries and timeout tuning reduce flaky failures, especially with large datasets or temporary network instability.

  • More stable FP16 segmentation inference 🎯
    Users running SAM TinyViT in half precision on GPU should see fewer runtime dtype crashes and smoother deployment behavior.

  • Cleaner maintenance pipeline for Ultralytics 🛠️
    CI changes reduce complexity and improve consistency, helping keep releases stable.

  • Faster onboarding for new users 🎥
    The new Platform tutorial videos make it easier for broad audiences to get started quickly with data, training, and deployment.

What's Changed

... (truncated)

Commits
  • 7b3de51 ultralytics 8.4.50 New Export Integration: Deepx (#23553)
  • 6a04d7c Fix dtype mismatch in fuse_conv_and_bn and fuse_deconv_and_bn (#24480)
  • c025234 Docs: add RT-DETE eval_idx instruction (#24465)
  • 077d20c Fix tuner reporting iterations complete when every iteration failed (#24477)
  • a5ed6af ultralytics 8.4.49 Fail fast on three common training failure modes (#24478)
  • 6300d16 Remove flaky DOI badges from docs badge arrays (#24476)
  • aa03683 docs: add export install tip for benchmarks (#24464)
  • d46b51b Fix docs language banner links (#24474)
  • fb9e82f Remove unused frame_rate in BYTETracker/BOTSORT (#24457)
  • 166604e Fix Tuner._mutate RNG collisions for sub-second iterations (#24451)
  • Additional commits viewable in compare view

Updates supervision from 0.18.0 to 0.28.0

Release notes

Sourced from supervision's releases.

supervision-0.28.0: CompactMask & SAM3

🔦 Spotlight

Memory-efficient masks with sv.CompactMask

Segmentation models produce one full-resolution bitmap per instance. On a 1920×1080 image with 28 detections that is ~55 MB of mask data. Most pixels are background. sv.CompactMask stores only the tight bounding-box crop, RLE-encoded — the same 28 masks drop to ~237 KB of crops, a 240× reduction before RLE kicks in.

It's a drop-in replacement: annotators, filters, and area all work unchanged.

import supervision as sv
any segmentation modelRF-DETR Seg, YOLO-Seg, SAM3
detections = model.predict(image)  # sv.Detections with dense masks
dense_mb = detections.mask.nbytes / 1024 / 1024
compact = sv.CompactMask.from_dense(
masks=detections.mask,
xyxy=detections.xyxy,
image_shape=image.shape[:2],
)
detections.mask = compact  # swap in — API unchanged
filter by pixel area without materialising dense masks
large = detections[compact.area > 1000]
annotators call .to_dense() internally
annotated = sv.MaskAnnotator().annotate(image.copy(), detections)

SAM3 text-prompted segmentation

SAM3 segments objects by free-text prompt — no class list, no bounding boxes. sv.Detections.from_sam3() parses both PCS (multi-prompt) and PVS (video) response formats into a standard sv.Detections, with class_id set to the prompt index.

import requests, base64
import supervision as sv
PROMPTS = ["person", "bag"]
with open("image.jpg", "rb") as f:
img_b64 = base64.b64encode(f.read()).decode()
response = requests.post(
</tr></table>

... (truncated)

Changelog

Sourced from supervision's changelog.

0.28.0 Apr 30, 2026

  • Added #2159: sv.CompactMask for memory-efficient mask storage. Masks are stored as crop-region bounding boxes plus RLE-encoded data instead of full-resolution bitmaps, reducing memory by up to 240× for sparse masks. Integrates transparently with sv.Detections.mask — filtering, merging, and area all work without materialising the full array.

  • Added #2227: sv.CompactMask.resize(new_image_shape) rescales all stored crops to match a new image resolution, enabling use across frames or after image resizing pipelines.

  • Added #2178: sv.Detections.from_inference now supports compressed COCO RLE masks. Inference responses with rle or rle_mask fields containing a compressed counts string (as produced by pycocotools) are decoded directly into binary masks, avoiding a lossy polygon round-trip.

  • Added #2004: sv.Color.from_hex now accepts 8-digit hexadecimal RGBA codes (e.g. #ff00ff80). Color.as_hex() serialises back, including alpha when not fully opaque. New utility functions sv.hex_to_rgba, sv.rgba_to_hex, and sv.is_valid_hex are exported at the top level.

  • Added #709: sv.BlurAnnotator and sv.PixelateAnnotator now support dynamic sizing. When kernel_size=None or pixel_size=None (the new default), the size is computed per detection as a fraction of the shorter bounding-box dimension, producing consistent visual results across objects of different sizes.

  • Added #2186: sv.InferenceSlicer now emits a warning when detections returned by the callback fall outside the tile boundaries, helping catch coordinate-system bugs in custom callbacks.

  • Added #2103, #2152: New sv.Detections.from_sam3() classmethod parses SAM3 PCS (text-prompted) and PVS (visual-prompted video segmentation) response formats into a standard sv.Detections, both from the local inference package and from Roboflow-hosted server responses.

  • Added #2154: The library now uses Python's logging module instead of print for diagnostic output. Messages are emitted under the supervision logger so applications can capture, filter, or silence them through standard logging configuration.

  • Added #932: sv.ImageAssets for downloading sample images alongside existing video assets, useful for examples and tutorials.

  • Changed #2169: sv.MeanAveragePrecisionResult and related metric arrays (mAP_scores, ap_per_class, iou_thresholds, precision/recall) are now float32 instead of float64. Reduces memory and speeds up computation; numerical results may differ in the last few digits.

  • Changed #2178: sv.rle_to_mask and sv.mask_to_rle moved to supervision.detection.utils.converters. The old import path supervision.dataset.utils continues to work but is deprecated.

  • Fixed #2178: sv.rle_to_mask now returns NDArray[bool] as declared in its signature. Previously the implementation returned uint8 despite the bool annotation; code that relied on the undocumented uint8 output (e.g. mask * 255 producing uint8) should wrap the result with .astype(np.uint8).

  • Fixed #2210: sv.VideoInfo.fps now returns a float instead of a truncated int. Previously, frame rates like 23.976, 29.97, and 59.94 were silently truncated, causing frame-timing drift that accumulates over long videos. The type of VideoInfo.fps has changed from int to float; callers that pass fps to APIs requiring an integer (such as deque(maxlen=...) or TraceAnnotator(trace_length=...)) should wrap the value with int().

  • Fixed #2209: sv.Detections.is_empty() now returns True for detections filtered down to zero rows, even when tracker_id is an empty array. Previously this case incorrectly returned False.

  • Fixed #2199: sv.CSVSink now correctly slices numpy array values in custom_data per row. Previously the full array was written for every detection.

  • Fixed #2216: sv.CSVSink and sv.JSONSink now slice plain Python list and tuple values in custom_data per detection row. Lists and tuples matching the detection count are indexed per row, consistent with np.ndarray behavior.

  • Fixed #2217: sv.TraceAnnotator no longer crashes in smooth mode when a tracker remains stationary. Duplicate consecutive points caused splprep to fail; the annotator now deduplicates anchor points and falls back to a raw polyline when fewer than 4 unique points are available.

  • Fixed #2218: load_coco_annotations now rejects COCO annotations whose file_name escapes the images directory via ../ traversal or absolute paths, preventing path-traversal attacks from malicious annotation files.

  • Fixed #2187: Extreme memory usage when loading OBB (oriented bounding box) datasets, caused by allocating full-image masks for each rotated box, has been resolved.

  • Fixed #2188: sv.KeyPoints boolean mask indexing now works correctly when all instances have the same keypoint count (uniform-count selection).

  • Fixed #2185: sv.DetectionDataset.as_coco() now preserves area and iscrowd fields instead of silently dropping them in the round-trip.

  • Fixed #1746: Precision loss when converting annotations with force_mask=True in dataset format converters.

  • Fixed #1991: sv.PolygonZone no longer double-counts the same object when multiple zones overlap. Detection bounding boxes were incorrectly clipped to each zone's ROI before anchor computation, causing the same detection to appear at a different anchor point in each zone; anchor is now computed from the original bounding box so containment is independent per zone.

  • Fixed #1868: sv.LineZone no longer mis-attributes crossings when a tracker reuses the same tracker_id across different classes. Class-aware bookkeeping prevents a new object from inheriting another class's prior crossing state.

... (truncated)

Commits
  • 87b1b86 releasing 0.28.0 (#2220)
  • 1170a90 chore(pre_commit): ⬆ pre_commit autoupdate (#2235)
  • 2e0e8d9 ⬆️ Update wheel requirement from <0.47,>=0.40 to >=0.40,<0.48 (#2234)
  • 15730b2 docs: update author references and improve metadata (#2233)
  • 2db1e3a docs: improve SEO and GEO docs publishing (#2232)
  • 840226a chore: update pre-commit hooks configuration
  • dc03cea fix(docs): expand llms.txt, add FAQ schema, author attribution to how… (#2231)
  • f9ab57a ⬆️ Bump nbconvert from 7.17.0 to 7.17.1 in the uv group across 1 directory (#...
  • fb19852 chore(pre_commit): ⬆ pre_commit autoupdate (#2225)
  • 60f8d28 releasing 0.28.0.rc2
  • Additional commits viewable in compare view

Updates einops from 0.8.0 to 0.8.2

Release notes

Sourced from einops's releases.

v0.8.1 Multiple improvements

What's Changed

TLDR:

  • ellipsis is added to EinMix
  • tests moved into the package
  • devcontainer provided
  • added backend for pyTensor
  • niceties: citation, docs, fixed broken links
  • this did not require any changes in einops, but array API is supported by more libs these days, and einops can operate on them

PRs:

New Contributors

Full Changelog: arogozhnikov/einops@v0.8.0...v0.8.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the pip-minor-and-patch group
d1a78fd 
Bumps the pip-minor-and-patch group in /omniparser with 3 updates: [ultralytics](https://github.com/ultralytics/ultralytics), [supervision](https://github.com/roboflow/supervision) and [einops](https://github.com/arogozhnikov/einops).


Updates `ultralytics` from 8.3.70 to 8.4.50
- [Release notes](https://github.com/ultralytics/ultralytics/releases)
- [Commits](ultralytics/ultralytics@v8.3.70...v8.4.50)

Updates `supervision` from 0.18.0 to 0.28.0
- [Release notes](https://github.com/roboflow/supervision/releases)
- [Changelog](https://github.com/roboflow/supervision/blob/develop/docs/changelog.md)
- [Commits](roboflow/supervision@0.18.0...0.28.0)

Updates `einops` from 0.8.0 to 0.8.2
- [Release notes](https://github.com/arogozhnikov/einops/releases)
- [Commits](arogozhnikov/einops@v0.8.0...v0.8.2)

---
updated-dependencies:
- dependency-name: ultralytics
  dependency-version: 8.4.50
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor-and-patch
- dependency-name: supervision
  dependency-version: 0.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-minor-and-patch
- dependency-name: einops
  dependency-version: 0.8.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github May 15, 2026

Labels

The following labels could not be found: dependencies, security. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@ruchit-p ruchit-p closed this May 16, 2026
@ruchit-p ruchit-p deleted the dependabot/pip/omniparser/pip-minor-and-patch-b33a6358ef branch May 16, 2026 17:24
@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github May 16, 2026

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ruchit-p