⬆️ Bump huggingface-hub from 0.24.6 to 0.26.2

[dependabot]

Bumps huggingface-hub from 0.24.6 to 0.26.2.

Release notes

Sourced from huggingface-hub's releases.

[v0.26.2] Fix: Reflect API response changes in file and repo security status fields

This patch release includes updates to align with recent API response changes:

• Update how file's security metadata is retrieved following changes in the API response (#2621).
• Expose repo security status field in ModelInfo (#2639).

Full Changelog: huggingface/huggingface_hub@v0.26.1...v0.26.2

v0.26.0: Multi-tokens support, conversational VLMs and quality of life improvements

🔐 Multiple access tokens support

Managing fine-grained access tokens locally just became much easier and more efficient! Fine-grained tokens let you create tokens with specific permissions, making them especially useful in production environments or when working with external organizations, where strict access control is essential.

To make managing these tokens easier, we've added a ✨ new set of CLI commands ✨ that allow you to handle them programmatically:

• Store multiple tokens on your machine by simply logging in with the login() command with each token:

huggingface-cli login

• Switch between tokens and choose the one that will be used for all interactions with the Hub:

huggingface-cli auth switch

• List available access tokens on your machine:

huggingface-cli auth list

• Delete a specific token from your machine with:

huggingface-cli logout [--token-name TOKEN_NAME]

✅ Nothing changes if you are using the HF_TOKEN environment variable as it takes precedence over the token set via the CLI. More details in the documentation. 🤗

• Support multiple tokens locally by @​hanouticelina in #2549

⚡️ InferenceClient improvements

🖼️ Conversational VLMs support

Conversational vision-language models inference is now supported with InferenceClient's chat completion!

from huggingface_hub import InferenceClient
works with remote url or base64 encoded url
image_url ="https://cdn.britannica.com/61/93061-050-99147DCE/Statue-of-Liberty-Island-New-York-Bay.jpg"
client = InferenceClient("meta-llama/Llama-3.2-11B-Vision-Instruct")
output = client.chat.completions.create(
messages=[
{
"role": "user",
"content": [
{
"type": "image_url",
</tr></table>

... (truncated)

Commits

• ee4c163 Release: v0.26.2
• f1b4229 Expose repo security status field in ModelInfo (#2639)
• de9e7ee Update how file's security metadata is retrieved following changes in the API...
• 812971b Release: v0.26.1
• f32b28a bugfix huggingface-cli command execution in python3.8 (#2620)
• 126750f Release: v0.26.0
• 2cb62f8 Release: v0.26.0.rc0
• 07896ee Remove templating utility (#2611)
• 8d9409d Translated index.md and installation.md to Tamil (#2555)
• c79e14b Fix 2609 - Import packaging by default (#2610)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
promptulate	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Oct 28, 2024 3:41pm

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.