build(deps-dev): bump the pip-dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the pip-dependencies group with 3 updates in the / directory: webdav4, dvc and huggingface-hub.

Updates webdav4 from 0.10.0 to 0.11.0

Release notes

Sourced from webdav4's releases.

v0.11.0

What's Changed

• always run test for lower bound and upstream by @​skshetry in skshetry/webdav4#182
• Bump peaceiris/actions-gh-pages from 3 to 4 by @​dependabot[bot] in skshetry/webdav4#183
• Bump furo from 2024.5.6 to 2024.7.18 by @​dependabot[bot] in skshetry/webdav4#185
• remove types-pkg-resources by @​skshetry in skshetry/webdav4#193
• Bump mypy from 1.10.1 to 1.11.1 by @​dependabot[bot] in skshetry/webdav4#189
• Update myst-parser requirement from <4,>=3 to >=3,<5 by @​dependabot[bot] in skshetry/webdav4#191
• Bump furo from 2024.7.18 to 2024.8.6 by @​dependabot[bot] in skshetry/webdav4#192
• Update sphinx requirement from <8,>=7 to >=7,<9 by @​dependabot[bot] in skshetry/webdav4#190
• Bump mypy from 1.11.1 to 1.11.2 by @​dependabot[bot] in skshetry/webdav4#195
• update deps by @​skshetry in skshetry/webdav4#210
• update docs dependencies by @​skshetry in skshetry/webdav4#211

Full Changelog: skshetry/webdav4@v0.10.0...v0.11.0

Commits

• 88c8f9c udpate docs dependencies (#211)
• 35cc20a update deps (#210)
• e9b8fbd Bump mypy from 1.11.1 to 1.11.2 (#195)
• 93599ca Update sphinx requirement from <8,>=7 to >=7,<9 (#190)
• 0807785 Bump furo from 2024.7.18 to 2024.8.6 (#192)
• 0b407da Update myst-parser requirement from <4,>=3 to >=3,<5 (#191)
• 2e2bd70 Bump mypy from 1.10.1 to 1.11.1 (#189)
• 7d38791 remove types-pkg-resources (#193)
• ef3f097 Bump furo from 2024.5.6 to 2024.7.18 (#185)
• ef8510a cleanup GHA workflow, pre-commit hooks
• Additional commits viewable in compare view

Updates dvc from 3.66.1 to 3.67.0

Release notes

Sourced from dvc's releases.

3.67.0

What's Changed

• Support pathspec v1 by @​cpburnz in treeverse/dvc#10951
• fix: replace deprecated parseAll with parse_all in interpolate.py by @​ritoban23 in treeverse/dvc#10971
• Update dvc-data version to 3.18.2 by @​skshetry in treeverse/dvc#10962

New Contributors

• @​ChillarAnand made their first contribution in treeverse/dvc#10963
• @​ritoban23 made their first contribution in treeverse/dvc#10971
• @​cpburnz made their first contribution in treeverse/dvc#10951

Full Changelog: treeverse/dvc@3.66.1...3.67.0

Commits

• e40e378 build(deps): bump actions/download-artifact from 7 to 8 (#11006)
• b1aaeb9 build(deps): bump actions/upload-artifact from 6 to 7 (#11007)
• dcf6f48 bench: add version constraint for pathspec (#10986)
• c6c680d Support pathspec v1 (#10951)
• 1e8962b Remove boto3 from metadata copying in hook-dvc.py (#10983)
• 0f2361f fix(benchmarks): pin dulwich<1.0.0 for DVC versions before 3.44.0 (#10979)
• e9c0a99 [pre-commit.ci] pre-commit autoupdate (#10975)
• 3c71fdb fix: replace deprecated parseAll with parse_all in interpolate.py (#10971)
• 04cbd40 [pre-commit.ci] pre-commit autoupdate (#10967)
• 5725780 refactor: drop stale exceptions related to dvc machine (#10963)
• Additional commits viewable in compare view

Updates huggingface-hub from 1.4.1 to 1.8.0

Release notes

Sourced from huggingface-hub's releases.

[v1.8.0] Mounted volumes on Jobs, complete papers CLI, and more

🚀 Jobs can now mount volumes

Jobs can now access Hugging Face repositories (models, datasets, Spaces) and Storage Buckets directly as mounted volumes in their containers. This enables powerful workflows like running queries directly against datasets, loading models without explicit downloads, and persisting training checkpoints to buckets.

from huggingface_hub import run_job, Volume
job = run_job(
image="duckdb/duckdb",
command=["duckdb", "-c", "SELECT * FROM '/data/**/*.parquet' LIMIT 5"],
volumes=[
Volume(type="dataset", source="HuggingFaceFW/fineweb", mount_path="/data"),
],
)

hf jobs run -v hf://datasets/HuggingFaceFW/fineweb:/data duckdb/duckdb duckdb -c "SELECT * FROM '/data/**/*.parquet' LIMIT 5"

• Add volume mounting support for buckets and repos by @​XciD in #3936

📖 Papers CLI is now complete

The hf papers command now has full functionality: search papers by keyword, get structured JSON metadata, and read the full paper content as markdown. The ls command is also enhanced with new filters for week, month, and submitter.

# Search papers
hf papers search "vision language"
Get metadata
hf papers info 2601.15621
Read as markdown
hf papers read 2601.15621

• Complete hf papers with search, info, read + ls filters by @​mishig25 in #3952

🖥️ CLI repo ID shorthand

You can now use repo ID prefixes like spaces/user/repo, datasets/user/repo, and models/user/repo as a shorthand for user/repo --type space. This works automatically for all CLI commands that accept a --type flag.

# Before
hf download user/my-space --type space
hf discussions list user/my-dataset --type dataset
After
</tr></table>

... (truncated)

Commits

• 8b7c45c Release: v1.8.0
• 5e62f96 Release: v1.8.0.rc0
• 701fb0b feat(jobs): add volume mounting support for buckets and repos (#3936)
• 98e9a94 Use huggingface-hub-bot for post-release PR creation (#3967)
• 9e7fbad [CLI] Accept spaces/user/repo as repo ID prefix shorthand (#3929)
• da46c21 More robust stream to stdout in hf cp command (#3968)
• e41dce2 Add visibility parameter to HfApi repo create/update/duplicate methods (#...
• 274fabf [CLI] Mention hf-mount in CLI skill (#3966)
• 778d306 [CLI] Add space-specific options to hf repos create and `hf repos duplicate...
• 5596477 Update hardware flavors with HF Hub (#3965)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions