[pip][dev] (deps-dev): Bump the dev-dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the dev-dependencies group with 5 updates in the / directory:

Package	From	To
coverage	7.13.2	7.13.4
filelock	3.20.3	3.24.3
platformdirs	4.5.1	4.9.2
ruff	0.14.14	0.15.2
virtualenv	20.36.1	20.38.0

Updates coverage from 7.13.2 to 7.13.4

Changelog

Sourced from coverage's changelog.

Version 7.13.4 — 2026-02-09

• Fix: the third-party code fix in 7.13.3 required examining the parent directories where coverage was run. In the unusual situation that one of the parent directories is unreadable, a PermissionError would occur, as described in issue 2129_. This is now fixed.

• Fix: in test suites that change sys.path, coverage.py could fail with "RuntimeError: Set changed size during iteration" as described and fixed in pull 2130_. Thanks, Noah Fatsi.

• We now publish ppc64le wheels, thanks to Pankhudi Jain <pull 2121_>_.

.. _pull 2121: coveragepy/coveragepy#2121 .. _issue 2129: coveragepy/coveragepy#2129 .. _pull 2130: coveragepy/coveragepy#2130

.. _changes_7-13-3:

Version 7.13.3 — 2026-02-03

• Fix: in some situations, third-party code was measured when it shouldn't have been, slowing down test execution. This happened with layered virtual environments such as uv sometimes makes. The problem is fixed, closing issue 2082_. Now any directory on sys.path that is inside a virtualenv is considered third-party code.

.. _issue 2082: coveragepy/coveragepy#2082

.. _changes_7-13-2:

Commits

• 4f78d57 build: no need to publish status.json
• f8616ff docs: sample HTML for 7.13.4
• fcf8c68 docs: prep for 7.13.4
• 189ecfd docs: thanks Pankhudi Jain for ppc64le wheels #2121
• 58aade0 build: add support for ppc64le architecture (#2121)
• 8ea42c8 chore: bump actions/attest-build-provenance (#2131)
• c09595f docs: Janine put a lot of effort into debugging issue #2128
• 8ee1760 docs: Greg wrote a great issue: #2129
• 76ba043 docs: thanks, Noah Fatsi
• 371fcc5 fix: set fixed paths_list in TreeMatcher init (#2130)
• Additional commits viewable in compare view

Updates filelock from 3.20.3 to 3.24.3

Release notes

Sourced from filelock's releases.

3.24.3

What's Changed

• 🐛 fix(ci): add trailing blank line after changelog entries by @​gaborbernat in tox-dev/filelock#492
• 🐛 fix(unix): handle ENOENT race on FUSE/NFS during acquire by @​gaborbernat in tox-dev/filelock#495

Full Changelog: tox-dev/filelock@3.24.2...3.24.3

3.24.2

What's Changed

• 📝 docs: restructure using Diataxis framework by @​gaborbernat in tox-dev/filelock#489
• 🐛 fix(test): resolve flaky write non-starvation test by @​gaborbernat in tox-dev/filelock#490
• 🐛 fix(rw): close sqlite3 cursors and skip SoftFileLock Windows race by @​gaborbernat in tox-dev/filelock#491

Full Changelog: tox-dev/filelock@3.24.1...3.24.2

3.24.1

What's Changed

• 🐛 fix(soft): resolve Windows deadlock and test race condition by @​gaborbernat in tox-dev/filelock#488

Full Changelog: tox-dev/filelock@3.24.0...3.24.1

3.24.0

What's Changed

• 🐛 fix(unix): auto-fallback to SoftFileLock on ENOSYS by @​gaborbernat in tox-dev/filelock#480
• ✨ feat(lock): add poll_interval to constructor by @​gaborbernat in tox-dev/filelock#482
• 🐛 fix(win): eliminate lock file race in threaded usage by @​gaborbernat in tox-dev/filelock#484
• ✨ feat(mode): respect POSIX default ACL inheritance by @​gaborbernat in tox-dev/filelock#483
• 🐛 fix(api): detect same-thread self-deadlock by @​gaborbernat in tox-dev/filelock#481
• ✨ feat(lock): add cancel_check to acquire by @​gaborbernat in tox-dev/filelock#487
• ✨ feat(lock): add lifetime parameter for lock expiration by @​gaborbernat in tox-dev/filelock#486

Full Changelog: tox-dev/filelock@3.23.0...3.24.0

3.23.0

What's Changed

• 📝 docs: add fasteners to similar libraries by @​gaborbernat in tox-dev/filelock#478

... (truncated)

Changelog

Sourced from filelock's changelog.

########### Changelog ###########

---

3.24.3 (2026-02-19)

---

• 🐛 fix(unix): handle ENOENT race on FUSE/NFS during acquire :pr:495
• 🐛 fix(ci): add trailing blank line after changelog entries :pr:492

---

3.24.2 (2026-02-16)

---

• 🐛 fix(rw): close sqlite3 cursors and skip SoftFileLock Windows race :pr:491
• 🐛 fix(test): resolve flaky write non-starvation test :pr:490
• 📝 docs: restructure using Diataxis framework :pr:489

---

3.24.1 (2026-02-15)

---

• 🐛 fix(soft): resolve Windows deadlock and test race condition :pr:488

---

3.24.0 (2026-02-14)

---

• ✨ feat(lock): add lifetime parameter for lock expiration (#68) :pr:486
• ✨ feat(lock): add cancel_check to acquire (#309) :pr:487
• 🐛 fix(api): detect same-thread self-deadlock :pr:481
• ✨ feat(mode): respect POSIX default ACLs (#378) :pr:483
• 🐛 fix(win): eliminate lock file race in threaded usage :pr:484
• ✨ feat(lock): add poll_interval to constructor :pr:482
• 🐛 fix(unix): auto-fallback to SoftFileLock on ENOSYS :pr:480

---

3.23.0 (2026-02-14)

---

• 📝 docs: move from Unlicense to MIT :pr:479
• 📝 docs: add fasteners to similar libraries :pr:478

---

3.22.0 (2026-02-14)

---

• 🐛 fix(soft): skip stale detection on Windows :pr:477
• ✨ feat(soft): detect and break stale locks :pr:476

... (truncated)

Commits

• b34b3df Release 3.24.3
• e266937 🐛 fix(unix): handle ENOENT race on FUSE/NFS during acquire (#495)
• e65c3b8 [pre-commit.ci] pre-commit autoupdate (#493)
• a67ae00 🐛 fix(ci): add trailing blank line after changelog entries (#492)
• db3e05a Release 3.24.2
• ab6b90e 🐛 fix(rw): close sqlite3 cursors and skip SoftFileLock Windows race (#491)
• 98b4ee9 🐛 fix(test): resolve flaky write non-starvation test (#490)
• ef15f6b 📝 docs: restructure using Diataxis framework (#489)
• 0b2f65b Release 3.24.1
• abccdba 🐛 fix(soft): resolve Windows deadlock and test race condition (#488)
• Additional commits viewable in compare view

Updates platformdirs from 4.5.1 to 4.9.2

Release notes

Sourced from platformdirs's releases.

4.9.2

What's Changed

• 📝 docs(platforms): fix RST formatting and TOC hierarchy by @​gaborbernat in tox-dev/platformdirs#447
• 📝 docs: restructure following Diataxis framework by @​gaborbernat in tox-dev/platformdirs#448

Full Changelog: tox-dev/platformdirs@4.9.1...4.9.2

4.9.1

What's Changed

• 📝 docs: enhance README, fix issues, and reorganize platforms.rst by @​gaborbernat in tox-dev/platformdirs#445

Full Changelog: tox-dev/platformdirs@4.9.0...4.9.1

4.9.0

What's Changed

• 📝 docs(usage): add use_site_for_root and comprehensive guidance by @​gaborbernat in tox-dev/platformdirs#439
• 🐛 fix(unix): use correct runtime dir path for OpenBSD by @​gaborbernat in tox-dev/platformdirs#440
• ✨ feat(api): add site_applications_dir property by @​gaborbernat in tox-dev/platformdirs#442
• ✨ feat(api): add site_bin_dir property by @​gaborbernat in tox-dev/platformdirs#443
• 📚 docs: split usage guide into tutorial, how-to, and reference by @​gaborbernat in tox-dev/platformdirs#441

Full Changelog: tox-dev/platformdirs@4.8.0...4.9.0

4.8.0

What's Changed

• 📝 docs(windows): document Store Python sandbox path behavior by @​gaborbernat in tox-dev/platformdirs#423
• ✨ feat(api): add site_log_dir and document Store Python sandbox by @​gaborbernat in tox-dev/platformdirs#424
• ✨ feat(api): add site_state_dir for system-wide state by @​gaborbernat in tox-dev/platformdirs#425
• ✨ feat(api): add use_site_for_root parameter by @​gaborbernat in tox-dev/platformdirs#426
• ✨ feat(windows): add PLATFORMDIRS_* env var overrides by @​gaborbernat in tox-dev/platformdirs#427
• ✨ feat(windows): add WIN_PD_OVERRIDE_* env var overrides by @​gaborbernat in tox-dev/platformdirs#428
• 🐛 fix(macos): yield individual site dirs in iter_*_dirs by @​gaborbernat in tox-dev/platformdirs#429
• ✨ feat(api): add user_bin_dir property by @​gaborbernat in tox-dev/platformdirs#430
• ✨ feat(api): add user_applications_dir property by @​gaborbernat in tox-dev/platformdirs#432
• 📝 docs(usage): note that home dir is in stdlib by @​gaborbernat in tox-dev/platformdirs#431

Full Changelog: tox-dev/platformdirs@4.7.1...4.8.0

... (truncated)

Changelog

Sourced from platformdirs's changelog.

########### Changelog ###########

---

4.9.2 (2026-02-16)

---

• 📝 docs: restructure following Diataxis framework :pr:448
• 📝 docs(platforms): fix RST formatting and TOC hierarchy :pr:447

---

4.9.1 (2026-02-14)

---

• 📝 docs: enhance README, fix issues, and reorganize platforms.rst :pr:445

---

4.9.0 (2026-02-14)

---

• 📚 docs: split usage guide into tutorial, how-to, and reference :pr:441
• ✨ feat(api): add site_bin_dir property :pr:443
• ✨ feat(api): add site_applications_dir property :pr:442
• 🐛 fix(unix): use correct runtime dir path for OpenBSD :pr:440
• 📝 docs(usage): document use_site_for_root parameter :pr:439

---

4.8.0 (2026-02-14)

---

• 📝 docs(usage): note that home dir is in stdlib :pr:431
• ✨ feat(api): add user_applications_dir property :pr:432
• ✨ feat(api): add user_bin_dir property :pr:430
• 🐛 fix(macos): yield individual site dirs in iter_*_dirs :pr:429
• ✨ feat(windows): add WIN_PD_OVERRIDE_* env var overrides :pr:428
• ✨ feat(windows): add PLATFORMDIRS_* env var overrides :pr:427
• ✨ feat(api): add use_site_for_root parameter :pr:426
• ✨ feat(api): add site_state_dir for system-wide state :pr:425
• ✨ feat(api): add site_log_dir and document Store Python sandbox :pr:424
• 📝 docs(windows): document Store Python sandbox path behavior :pr:423

---

4.7.1 (2026-02-13)

---

• 🐛 fix(windows): avoid FileNotFoundError in sandboxed environments :pr:422

---

4.7.0 (2026-02-12)

... (truncated)

Commits

• 72271a6 Release 4.9.2
• 3e45fa9 📝 docs: restructure following Diataxis framework (#448)
• 1d8448b 📝 docs(platforms): fix RST formatting and TOC hierarchy (#447)
• f656849 Release 4.9.1
• d983fb1 📝 docs: enhance README, fix issues, and reorganize platforms.rst (#445)
• 685a1d9 Release 4.9.0
• ae73d34 📚 docs: split usage guide into tutorial, how-to, and reference (#441)
• 816747e ✨ feat(api): add site_bin_dir property (#443)
• 7a47ac4 ✨ feat(api): add site_applications_dir property (#442)
• c69a552 🐛 fix(unix): use correct runtime dir path for OpenBSD (#440)
• Additional commits viewable in compare view

Updates ruff from 0.14.14 to 0.15.2

Release notes

Sourced from ruff's releases.

0.15.2

Release Notes

Released on 2026-02-19.

Preview features

• Expand the default rule set (#23385)

  In preview, Ruff now enables a significantly expanded default rule set of 412 rules, up from the stable default set of 59 rules. The new rules are mostly a superset of the stable defaults, with the exception of these rules, which are removed from the preview defaults:

  • multiple-imports-on-one-line (E401)
  • module-import-not-at-top-of-file (E402)
  • module-import-not-at-top-of-file (E701)
  • multiple-statements-on-one-line-semicolon (E702)
  • useless-semicolon (E703)
  • none-comparison (E711)
  • true-false-comparison (E712)
  • not-in-test (E713)
  • not-is-test (E714)
  • type-comparison (E721)
  • lambda-assignment (E731)
  • ambiguous-variable-name (E741)
  • ambiguous-class-name (E742)
  • ambiguous-function-name (E743)
  • undefined-local-with-import-star (F403)
  • undefined-local-with-import-star-usage (F405)
  • undefined-local-with-nested-import-star-usage (F406)
  • forward-annotation-syntax-error (F722)

  If you use preview and prefer the old defaults, you can restore them with configuration like:

  # ruff.toml
  [lint]
  select = ["E4", "E7", "E9", "F"]
  pyproject.toml
  [tool.ruff.lint]
  select = ["E4", "E7", "E9", "F"]

  If you do give them a try, feel free to share your feedback in the GitHub discussion!

• [flake8-pyi] Also check string annotations (PYI041) (#19023)

Bug fixes

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.2

Released on 2026-02-19.

Preview features

• Expand the default rule set (#23385)

  In preview, Ruff now enables a significantly expanded default rule set of 412 rules, up from the stable default set of 59 rules. The new rules are mostly a superset of the stable defaults, with the exception of these rules, which are removed from the preview defaults:

  • multiple-imports-on-one-line (E401)
  • module-import-not-at-top-of-file (E402)
  • module-import-not-at-top-of-file (E701)
  • multiple-statements-on-one-line-semicolon (E702)
  • useless-semicolon (E703)
  • none-comparison (E711)
  • true-false-comparison (E712)
  • not-in-test (E713)
  • not-is-test (E714)
  • type-comparison (E721)
  • lambda-assignment (E731)
  • ambiguous-variable-name (E741)
  • ambiguous-class-name (E742)
  • ambiguous-function-name (E743)
  • undefined-local-with-import-star (F403)
  • undefined-local-with-import-star-usage (F405)
  • undefined-local-with-nested-import-star-usage (F406)
  • forward-annotation-syntax-error (F722)

  If you use preview and prefer the old defaults, you can restore them with configuration like:

  # ruff.toml
  [lint]
  select = ["E4", "E7", "E9", "F"]
  pyproject.toml
  [tool.ruff.lint]
  select = ["E4", "E7", "E9", "F"]

  If you do give them a try, feel free to share your feedback in the GitHub discussion!

... (truncated)

Commits

• 9d18ee9 Hard code workflow name and cancel-in-progress only for PRs (#23431)
• 7cc15f0 Bump 0.15.2 (#23430)
• d1b5443 Add extension mapping to configuration file options (#23384)
• 222574a Expand the default rule set (#23385)
• 1465b5d [flake8-async] Fix in_async_context logic (#23426)
• 410902f [pyupgrade] Fix handling of typing.{io,re} (UP035) (#23131)
• 729610a [ty] Fall back to ambiguous for large control flow graphs (#23399)
• 1425c18 [ty] Add code folding support
• 97acaae [ty] Fix stack overflow for self-referential TypeOf in annotations (#23407)
• 1f380c8 [ty] Update tests reveal_type and Never (#23418)
• Additional commits viewable in compare view

Updates virtualenv from 20.36.1 to 20.38.0

Release notes

Sourced from virtualenv's releases.

20.38.0

What's Changed

• Fix Windows activation scripts to handle Python paths with spaces by @​rahuldevikar in pypa/virtualenv#3015
• Exclude pywintypes*.dll and pythoncom*.dll from being copied to Scripts directory by @​rahuldevikar in pypa/virtualenv#3012
• update Automated testing documentation section by @​elmjag in pypa/virtualenv#3016
• Preserver Symlinks in pyvenv.cfg paths by @​rahuldevikar in pypa/virtualenv#3022
• Add PKG_CONFIG_PATH environment variable support to all activation scripts by @​rahuldevikar in pypa/virtualenv#3023
• Add ty type checker to CI via tox by @​rahuldevikar in pypa/virtualenv#3025
• Upgrade embedded dependencies by @​rahuldevikar in pypa/virtualenv#3026
• Fix ty Type Narrowing by @​rahuldevikar in pypa/virtualenv#3030
• Replace ty: ignore with proper type declarations for inheritance patterns by @​rahuldevikar in pypa/virtualenv#3034
• Use user_cache_dir for app data with auto-migration from old location by @​rahuldevikar in pypa/virtualenv#3033
• Fix unhelpful KeyError when using invalid VIRTUALENV_DISCOVERY value by @​veeceey in pypa/virtualenv#3031
• ⚡ perf(test): parallelize test suite with pytest-xdist by @​gaborbernat in pypa/virtualenv#3035
• ✨ feat(create): sync with upstream CPython/PyPy venv by @​gaborbernat in pypa/virtualenv#3036
• Python3.9 dependency range correction by @​reactive-firewall in pypa/virtualenv#3038
• Version bump filelock to latest by @​reactive-firewall in pypa/virtualenv#3039
• Improve error message when discovery plugin is not available by @​veeceey in pypa/virtualenv#3032
• 👷 ci(release): add workflow_dispatch release with zipapp and get-virtualenv by @​gaborbernat in pypa/virtualenv#3040
• 📝 docs: restructure to follow Diataxis framework by @​gaborbernat in pypa/virtualenv#3041
• 👷 ci(release): split into release and tag-triggered publish by @​gaborbernat in pypa/virtualenv#3042
• Fix bash activate PKG_CONFIG_PATH unbound variable under bash -u by @​Fridayai700 in pypa/virtualenv#3047
• 🐛 fix(discovery): harden subprocess interrogation and test reliability by @​gaborbernat in pypa/virtualenv#3054
• 🔧 chore(tox): migrate tox.ini to tox.toml by @​gaborbernat in pypa/virtualenv#3050

New Contributors

• @​elmjag made their first contribution in pypa/virtualenv#3016
• @​veeceey made their first contribution in pypa/virtualenv#3031
• @​reactive-firewall made their first contribution in pypa/virtualenv#3038
• @​Fridayai700 made their first contribution in pypa/virtualenv#3047

Full Changelog: pypa/virtualenv@20.37.0...20.38.0

Changelog

Sourced from virtualenv's changelog.

Features - 20.38.0

• Store app data (pip/setuptools/wheel caches) under the OS cache directory (platformdirs.user_cache_dir) instead of the data directory (platformdirs.user_data_dir). Existing app data at the old location is automatically migrated on first use. This ensures cached files that can be redownloaded are placed in the standard cache location (e.g. ~/.cache on Linux, ~/Library/Caches on macOS) where they are excluded from backups and can be cleaned by system tools - by :user:rahuldevikar. (:issue:1884) (:issue:1884)
• Add PKG_CONFIG_PATH environment variable support to all activation scripts (Bash, Batch, PowerShell, Fish, C Shell, Nushell, and Python). The virtualenv's lib/pkgconfig directory is now automatically prepended to PKG_CONFIG_PATH on activation and restored on deactivation, enabling packages that use pkg-config during build/install to find their configuration files - by :user:rahuldevikar. (:issue:2637)
• Upgrade embedded pip to 26.0.1 from 25.3 and setuptools to 82.0.0, 75.3.4 from 75.3.2, 80.9.0
  • by :user:rahuldevikar. (:issue:3027)
• Replace ty: ignore comments with proper type narrowing using assertions and explicit None checks - by :user:rahuldevikar. (:issue:3029)

Bugfixes - 20.38.0

• Exclude pywin32 DLLs (pywintypes*.dll, pythoncom*.dll) from being copied to the Scripts directory during virtualenv creation on Windows. This fixes compatibility issues with pywin32, which expects its DLLs to be installed in site-packages/pywin32_system32 by its own post-install script - by :user:rahuldevikar. (:issue:2662)
• Preserve symlinks in pyvenv.cfg paths to match venv behavior. Use os.path.abspath() instead of os.path.realpath() to normalize paths without resolving symlinks, fixing issues with Python installations accessed via symlinked directories (common in network-mounted filesystems) - by :user:rahuldevikar. Fixes :issue:2770. (:issue:2770)
• Fix Windows activation scripts to properly quote python.exe path, preventing failures when Python is installed in a path with spaces (e.g., C:\Program Files) and a file named C:\Program exists on the filesystem - by :user:rahuldevikar. (:issue:2985)
• Fix bash -u (set -o nounset) compatibility in bash activation script by using ${PKG_CONFIG_PATH:-} and ${PKG_CONFIG_PATH:+:${PKG_CONFIG_PATH}} to handle unset PKG_CONFIG_PATH - by :user:Fridayai700. (:issue:3044)
• Gracefully handle corrupted on-disk cache and invalid JSON from Python interrogation subprocess instead of crashing with unhandled JSONDecodeError or KeyError - by :user:gaborbernat. (:issue:3054)

---

v20.36.1 (2026-01-09)

---

Commits

• fbbb97d release 20.38.0
• c5240c7 🔧 chore(tox): migrate tox.ini to tox.toml (#3050)
• 6ff2e3e 🐛 fix(discovery): harden subprocess interrogation and test reliability (#3054)
• d7919e5 Fix bash activate PKG_CONFIG_PATH unbound variable under bash -u (#3047)
• 39568b0 [pre-commit.ci] pre-commit autoupdate (#3043)
• f745000 🔒 security(workflows): add explicit permissions to all jobs
• fda5bbc 🐛 fix(release): clear coverage env vars in release env
• 1ecf0ed 👷 ci(release): split into release and tag-triggered publish (#3042)
• 4fb0401 📝 docs: restructure to follow Diataxis framework (#3041)
• 834c7ff 👷 ci(release): scope GH_RELEASE_TOKEN to release environment
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Coverage report

This PR does not seem to contain any modification to coverable code.