Bump numpy from 2.3.4 to 2.3.5 in /apptainer/python in the apptainer group

[dependabot]

Bumps the apptainer group in /apptainer/python with 1 update: numpy.

Updates numpy from 2.3.4 to 2.3.5

Release notes

Sourced from numpy's releases.

2.3.5 (Nov 16, 2025)

NumPy 2.3.5 Release Notes

The NumPy 2.3.5 release is a patch release split between a number of maintenance updates and bug fixes. This release supports Python versions 3.11-3.14.

Contributors

A total of 10 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Aaron Kollasch +
• Charles Harris
• Joren Hammudoglu
• Matti Picus
• Nathan Goldbaum
• Rafael Laboissière +
• Sayed Awad
• Sebastian Berg
• Warren Weckesser
• Yasir Ashfaq +

Pull requests merged

A total of 16 pull requests were merged for this release.

• #29979: MAINT: Prepare 2.3.x for further development
• #30026: SIMD, BLD: Backport FPMATH mode on x86-32 and filter successor...
• #30029: MAINT: Backport write_release.py
• #30041: TYP: Various typing updates
• #30059: BUG: Fix np.strings.slice if stop=None or start and stop >= len...
• #30063: BUG: Fix np.strings.slice if start > stop
• #30076: BUG: avoid negating INT_MIN in PyArray_Round implementation (#30071)
• #30090: BUG: Fix resize when it contains references (#29970)
• #30129: BLD: update scipy-openblas, use -Dpkg_config_path (#30049)
• #30130: BUG: Avoid compilation error of wrapper file generated with SWIG...
• #30157: BLD: use scipy-openblas 0.3.30.7 (#30132)
• #30158: DOC: Remove nonexistent order parameter docs of ma.asanyarray...
• #30185: BUG: Fix check of PyMem_Calloc return value. (#30176)
• #30217: DOC: fix links for newly rebuilt numpy-tutorials site
• #30218: BUG: Fix build on s390x with clang (#30214)
• #30237: ENH: Make FPE blas check a runtime check for all apple arm systems

Commits

• c3d60fc Merge pull request #30238 from charris/prepare-2.3.5
• 11451fa REL: Prepare for the NumPy 2.3.5 release
• eab5bd4 Merge pull request #30237 from charris/backport-30102
• 7cea31a Fixup merge of multiarraymodule.c
• b898173 Update numpy/_core/src/common/blas_utils.h
• f755483 Report FPE ignoring in matmul in show_runtime()
• c47116f Move test to Python
• bd7b93f ooops, needs to be a calloc of course.
• 83a1517 Guard for HAVE_CBLAS and always compile the helpers
• ab680ef ENH: Make FPE blas check a runtime check for all arm systems
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
pip/numpy	2.3.5	🟢 7.2	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Code-Review 🟢 10 all changesets reviewed Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Vulnerabilities ⚠️ 0 26 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits License 🟢 9 license file detected Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Security-Policy 🟢 9 security policy file detected CI-Tests 🟢 10 16 out of 16 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 101 contributing companies or organizations

Scanned Files

• apptainer/python/requirements.txt