Merge branch 'develop' into fix/freqai_torch

Author: xmatthias

.github/workflows/ci.yml

@@ -336,8 +336,9 @@ jobs:
         python-version: "${{ matrix.python-version }}"
 
     - name: Build distribution
+      # TODO: remove hard-pin on build 1.4.0 once https://github.com/pypa/build/issues/1004 is resolved.
       run: |
-        uv pip install -U build
+        uv pip install -U build==1.4.0
         python -m build --sdist --wheel
 
     - name: Upload artifacts 📦

docs/strategy-advanced.md

@@ -33,7 +33,7 @@ class AwesomeStrategy(IStrategy):
                 trade_entry_type = trade.get_custom_data(key='entry_type')
                 if trade_entry_type is None:
                     trade_entry_type = 'breakout' if 'entry_1' in trade.enter_tag else 'dip'
-                elif fills > 1:
+                elif len(fills) > 1:
                     trade_entry_type = 'buy_up'
                 trade.set_custom_data(key='entry_type', value=trade_entry_type)
         return super().bot_loop_start(**kwargs)

tests/test_pip_audit.py

@@ -23,9 +23,8 @@ def test_pip_audit_no_vulnerabilities():
     Run pip-audit to check for known security vulnerabilities.
 
     This test will fail if any vulnerabilities are detected in the installed packages.
+    Note: Document ignores here if vulnerabilities are acceptable.
 
-    Note: CVE-2025-53000 (nbconvert Windows vulnerability) is ignored as it only affects
-    Windows platforms and is a known acceptable risk for this project.
     """
     # Get the project root directory
     project_root = Path(__file__).parent.parent
@@ -35,8 +34,8 @@ def test_pip_audit_no_vulnerabilities():
         "pip_audit",
         # "--format=json",
         "--progress-spinner=off",
-        "--ignore-vuln",
-        "CVE-2025-53000",
+        # "--ignore-vuln",
+        # "CVE-2025-53000",
         "--skip-editable",
     ]