ci(deps): bump github/codeql-action from 3 to 4#2
Open
dependabot[bot] wants to merge 1 commit into
Open
Conversation
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
rlogger
added a commit
that referenced
this pull request
Apr 28, 2026
…lassifiers, jit-friendly cleanup, JMLR paper restructure, honest BENCHMARKS framing, real-data path on activity_recognition Five concrete fixes flagged by an independent JMLR-MLOSS-style review. API hole (#2): - Public logits() method on BayesianCentroidClassifier, BayesianAdaptiveHDC, StreamingBayesianHDC. Returns pre-softmax cosine-similarity scores; canonical input to TemperatureCalibrator.fit and ConformalClassifier.fit. Closes the leak where the three classification examples and pvsa_quickstart had to call jax.vmap(clf._similarity_row) — a private method — to get logits. New test in tests/test_bayesian_models.py confirms shape, single-vs-batch dispatch, and softmax(logits) == predict_proba. - Examples updated to clf.logits(hv) instead of jax.vmap(clf._similarity_row)(hv). Performance claims contradicted by implementation (#5): - BayesianAdaptiveHDC.fit and StreamingBayesianHDC.fit rewritten as a single jax.lax.scan per epoch. The full pass JIT-compiles into one XLA computation and composes with vmap / pmap; no Python loop over observations. - New tests/test_v05_v06.py::test_streaming_fit_runs_under_jit and ::test_adaptive_fit_runs_under_jit confirm fit() now compiles end-to-end under jax.jit. - New cleanup_gaussian_stacked: JIT-friendly mirror of cleanup_gaussian that takes a stacked GaussianHV (mu/var arrays of shape (N, D)) and returns JAX scalars rather than Python int/float. The list-form cleanup_gaussian is preserved for the convenient API and now delegates internally. Two new tests in tests/test_mixture_and_derived.py. - TemperatureCalibrator: silent-fallback fix. The previous code caught broad Exception around jax.scipy.optimize.minimize and silently fell back to gradient descent — including when BFGS produced a non-finite result. Now catches only ImportError, additionally checks for non-finite candidate, and emits a RuntimeWarning when the fallback is taken. The fitted-temperature MLE guarantee in the docstring now reflects what the code actually does. JMLR paper (#1): - Body shrunk from ~10 pages to ~4 (533 → 336 lines of TeX). - Section 2 ("The Bayes-HDC System") rewritten as Section 2 "Probabilistic VSA" with five subsections (Distribution types · Closed-form moment propagation · KL divergences and reparameterisation gradients · Group action and equivariance · Uncertainty layer). The PVSA discussion now leads the body, matching the abstract's promise. - The eight per-module subsubsections (~120 lines of bulleted module descriptions) collapsed into Table 1 (one row per module, two columns: purpose + key components). Probabilistic-layer modules listed first, deterministic substrate below. - Three usage-example listings collapsed into one PVSA pipeline that exercises the full stack (encode → BayesianCentroidClassifier → clf.logits → TemperatureCalibrator → ConformalClassifier). Demonstrates the new public logits API. - Comparison-with-existing-software paragraph reframed: feature comparison rather than performance contest. Axes are descriptive of capability (XLA, TPU, PVSA, Conformal, Calibration), not framed as competitive wins. - Intro contribution list compressed to one paragraph; conclusion shortened; related-work section compressed to one paragraph. - Implementation Notes appendix removed (deferred to DESIGN.md to respect the 4-page MLOSS limit). - Abstract revised: dropped "first open-source library implementing PVSA" and the "5–25× ECE reduction" / "accuracy parity" benchmark claims; replaced with a description of the algebraic and uncertainty layers. Marketing tone (#3): - BENCHMARKS.md: "wins 5 of 5" replaced with an honest description of the methodology — "the Bayes-HDC column reports the best of an ensemble of four classifiers (ridge, logistic, centroid-LVQ, GBT) with the per-task winner chosen by held-out calibration-set accuracy; TorchHD reports its default centroid classifier on the same encoder." Multi-seed sweep flagged as a planned addition. Numbers stay; framing is now reviewer-defensible. - ORIGINALITY.md: "first HDC library to ship X" softened to "to the author's knowledge, no comparable HDC library ships X as a built-in primitive at time of writing" for TemperatureCalibrator and ConformalClassifier. The "first HDC library to provide" framing on calibration metrics removed. - README hero: "A JAX library with serious algebraic depth" replaced with a description of what the library does — "Probabilistic hyperdimensional computing in JAX". "the claims are theorems" softened to "the algebraic and coverage claims are property-tested" in the About paragraph. - MLOSS_COVER_LETTER: bracketed placeholders filled. New "Maturity and community adoption" section honestly acknowledges the project is at 0.4.0a0, was first published April 15, 2026, and that community adoption is the weakest dimension at submission time. Suggested-reviewer brackets replaced with descriptors of relevant subfield expertise (deferring assignment to the action editor). Real-data path on at least one example (#4): - examples/activity_recognition.py: --real-data flag loads UCIHAR via bayes_hdc.datasets.load_ucihar() (one-time OpenML download). Default remains synthetic so the example always runs offline. Try/except surfaces download failures and falls back gracefully. Docstring and Run:: stanza updated. The encoder/classifier code paths are identical between the two modes; only the data source changes. CI green: 480 tests pass (up from 475 with the new tests for logits + cleanup_gaussian_stacked + lax.scan-jit-compatibility); ruff and ruff format clean across bayes_hdc/, tests/, examples/, benchmarks/.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps github/codeql-action from 3 to 4.
Release notes
Sourced from github/codeql-action's releases.
... (truncated)
Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
43d8420Do not run Swift in debug artifacts after failure check76a687eMerge pull request #3804 from github/dependabot/npm_and_yarn/npm-minor-e84c60...751f3e2Bump eslint-plugin-jsdoc from 62.8.1 to 62.9.0 in the npm-minor group808513fUpdate language aliases teste452857Throw error early rather than warningb623f5fMerge pull request #3799 from github/mario-campos/test-multiple-registriesYou can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)