Skip to content

chore(deps-dev)(deps-dev): bump the linting group across 1 directory with 4 updates#20

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/backend/linting-458dd9682d
Open

chore(deps-dev)(deps-dev): bump the linting group across 1 directory with 4 updates#20
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/backend/linting-458dd9682d

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 4, 2026
edited
Loading

Updates the requirements on ruff, ty, bandit and typos to permit the latest version.
Updates ruff to 0.15.14

Release notes

Sourced from ruff's releases.

0.15.14

Release Notes

Released on 2026-05-21.

Preview features

  • [airflow] Implement airflow-task-implicit-multiple-outputs (AIR202) (#25152)
  • [flake8-use-pathlib] Mark PTH101 fix as unsafe when first argument is a class attribute annotated as int (#25086)
  • [pylint] Implement too-many-try-statements (W0717) (#23970)
  • [ruff] Add incorrect-decorator-order (RUF074) (#23461)
  • [ruff] Add fallible-context-manager (RUF075) (#22844)

Bug fixes

  • Fix lambda formatting in interpolated string expressions (#25144)
  • Treat generic frozenset annotations as immutable (#25251)
  • [flake8-type-checking] Avoid strict behavior when future-annotations are enabled (TC001, TC002, TC003) (#25035)
  • [pylint] Avoid false positives in else clause (PLR1733) (#25177)

Rule changes

  • [flake8-comprehensions] Skip C417 for lambdas with positional-only parameters (#25272)
  • [flake8-simplify] Preserve f-string source verbatim in SIM101 fix (#25061)

Performance

  • Avoid unnecessary parser lookahead for operators (#25290)

Documentation

  • Update code example setting Neovim LSP log level (#25284)

Other changes

  • Add full PEP 798 support (#25104)
  • Add a parser recursion limit (#24810)
  • Update various ruff_python_stdlib APIs (#25273)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.14

Released on 2026-05-21.

Preview features

  • [airflow] Implement airflow-task-implicit-multiple-outputs (AIR202) (#25152)
  • [flake8-use-pathlib] Mark PTH101 fix as unsafe when first argument is a class attribute annotated as int (#25086)
  • [pylint] Implement too-many-try-statements (W0717) (#23970)
  • [ruff] Add incorrect-decorator-order (RUF074) (#23461)
  • [ruff] Add fallible-context-manager (RUF075) (#22844)

Bug fixes

  • Fix lambda formatting in interpolated string expressions (#25144)
  • Treat generic frozenset annotations as immutable (#25251)
  • [flake8-type-checking] Avoid strict behavior when future-annotations are enabled (TC001, TC002, TC003) (#25035)
  • [pylint] Avoid false positives in else clause (PLR1733) (#25177)

Rule changes

  • [flake8-comprehensions] Skip C417 for lambdas with positional-only parameters (#25272)
  • [flake8-simplify] Preserve f-string source verbatim in SIM101 fix (#25061)

Performance

  • Avoid unnecessary parser lookahead for operators (#25290)

Documentation

  • Update code example setting Neovim LSP log level (#25284)

Other changes

  • Add full PEP 798 support (#25104)
  • Add a parser recursion limit (#24810)
  • Update various ruff_python_stdlib APIs (#25273)

Contributors

... (truncated)

Commits
  • 9ad2da3 Bump 0.15.14 (#25295)
  • c714e84 [ty] Modernize setup of union types in mdtests (#25291)
  • 8a8e35e [flake8-comprehensions] Skip C417 for lambdas with positional-only parame...
  • aea5ed4 Avoid unnecessary parser lookahead for operators (#25290)
  • e9d72bb [ty] Allow enum member accesses on self (#25077)
  • 6cbd59b Set exclude-newer = "7 days" in our PEP-723 scripts (#25285)
  • 9999a39 Update code example on how to update Neovim LSP log level (#25284)
  • 67d8c54 [ty] Retain recursively-defined state in binary expressions (#25277)
  • 25a3191 [ty] Refine Callable class-decorator fallback for unknown results (#25250)
  • c423054 Add a recursion limit to the parser (#24810)
  • Additional commits viewable in compare view

Updates ty to 0.0.39

Release notes

Sourced from ty's releases.

0.0.39

Release Notes

Released on 2026-05-22.

This release removes the Python 3.9 branches from our vendored standard library stubs. ty now only has "full" support for Python 3.10 and later, but will still report version-specific syntax errors and other diagnostics when --python-version 3.9 is provided via the CLI.

Bug fixes

  • Avoid panicking on __new__ assignments to classes (#25282)
  • Preserve declaration order when synthesizing class fields (#25249)
  • Respect dict-compatible fallbacks in TypedDict unions (#25242)
  • Retain recursively-defined state in binary expressions (#25277)

LSP server

  • Add Quick Fix to remove redundant cast (#25211)
  • Classify property declaration semantic tokens (#25322)
  • Escape HTML syntax in docstring rendering (#25247)
  • Prefer symbols from standard library over those of the same name from third party libraries for import completions. (#25108)
  • Support type aliases in document symbols (#25302)

Diagnostics

  • Add error context for extra callable parameters (#25269)

Performance

  • Avoid exponential blow-up in fall-through narrowing (#25278)
  • Speed up include filtering for projects with many literal include patterns (#25266)

Core type checking

  • Allow enum member accesses on self (#25077)
  • Emit a diagnostic for subclassing with order=True (#21704)
  • Full-scope bidirectional inference for unconstrained container literals (#25279)
  • Infer dict(TypedDict) as dict[str, object] (#24852)
  • Refine Callable class-decorator fallback for unknown results (#25250)
  • Reject incompatible explicit variance in generic base classes (#25327)
  • Support multi-inference through type aliases (#25245)
  • Sync vendored typeshed stubs (#25271, #25172)

Contributors

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.39

Released on 2026-05-22.

This release removes the Python 3.9 branches from our vendored standard library stubs. ty now only has "full" support for Python 3.10 and later, but will still report version-specific syntax errors and other diagnostics when --python-version 3.9 is provided via the CLI.

Bug fixes

  • Avoid panicking on __new__ assignments to classes (#25282)
  • Preserve declaration order when synthesizing class fields (#25249)
  • Respect dict-compatible fallbacks in TypedDict unions (#25242)
  • Retain recursively-defined state in binary expressions (#25277)

LSP server

  • Add Quick Fix to remove redundant cast (#25211)
  • Classify property declaration semantic tokens (#25322)
  • Escape HTML syntax in docstring rendering (#25247)
  • Prefer symbols from standard library over those of the same name from third party libraries for import completions. (#25108)
  • Support type aliases in document symbols (#25302)

Diagnostics

  • Add error context for extra callable parameters (#25269)

Performance

  • Avoid exponential blow-up in fall-through narrowing (#25278)
  • Speed up include filtering for projects with many literal include patterns (#25266)

Core type checking

  • Allow enum member accesses on self (#25077)
  • Emit a diagnostic for subclassing with order=True (#21704)
  • Full-scope bidirectional inference for unconstrained container literals (#25279)
  • Infer dict(TypedDict) as dict[str, object] (#24852)
  • Refine Callable class-decorator fallback for unknown results (#25250)
  • Reject incompatible explicit variance in generic base classes (#25327)
  • Support multi-inference through type aliases (#25245)
  • Sync vendored typeshed stubs (#25271, #25172)

Contributors

... (truncated)

Commits

Updates bandit to 1.9.4

Release notes

Sourced from bandit's releases.

1.9.4

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.9.3...1.9.4

Commits
  • 92ae8b8 Fix B106 reporting wrong line number on multiline function calls (#1360)
  • c8c8a55 Lower version guard in check_ast_node to Python 3.12 (#1355)
  • 8f2f928 Fix B615 false positive when revision is set via variable (#1358)
  • e27493f Include filename in nosec 'no failed test' warning (#1363)
  • b69b336 Fix B613 crash when reading from stdin (#1361)
  • e418b79 Bump docker/build-push-action from 6.18.0 to 6.19.2 (#1357)
  • ff646fd Bump docker/login-action from 3.6.0 to 3.7.0 (#1353)
  • c0def6c chore: fixed some typos in comments (#1351)
  • 765f00d Limit B614 to torch.load deserializers (#1348)
  • 06fbbab Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 (#1347)
  • Additional commits viewable in compare view

Updates typos to 1.46.3

Release notes

Sourced from typos's releases.

v1.46.3

[1.46.3] - 2026-05-23

Fixes

  • Don't correct to sequentials
  • Don't correct to subdolder
Changelog

Sourced from typos's changelog.

[1.46.3] - 2026-05-23

Fixes

  • Don't correct to sequentials
  • Don't correct to subdolder

[1.46.2] - 2026-05-16

Fixes

  • Don't correct to criterias
  • Don't correct to replaceables

[1.46.1] - 2026-05-08

Fixes

  • Don't correct to confidentials

[1.46.0] - 2026-04-30

Features

  • Updated the dictionary with the April 2026 changes

[1.45.2] - 2026-04-27

Fixes

  • Ignore ssh ed25519 public keys

[1.45.1] - 2026-04-13

Fixes

  • (action) Use a temp dir for caching

[1.45.0] - 2026-04-01

Features

  • Updated the dictionary with the March 2026 changes

[1.44.0] - 2026-02-27

Features

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 4, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 4, 2026

Assignees

The following users could not be added as assignees: LauritsFromberg, lauritsfromberg. Either they do not exist or they do not have the correct permissions to be added as an assignee.

Labels

The following labels could not be found: backend. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from lfr-ai as a code owner May 4, 2026 06:46
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 4, 2026
@dependabot dependabot Bot changed the title chore(deps-dev)(deps-dev): bump the linting group in /backend with 4 updates chore(deps-dev)(deps-dev): bump the linting group across 1 directory with 4 updates May 5, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/backend/linting-458dd9682d branch 2 times, most recently from ebb86f6 to 0737976 Compare May 11, 2026 04:50
@dependabot dependabot Bot force-pushed the dependabot/pip/backend/linting-458dd9682d branch from 0737976 to e781dfd Compare May 16, 2026 08:38
@dependabot
chore(deps-dev)(deps-dev): bump the linting group across 1 directory …
3ae5ea8 
…with 4 updates

Updates the requirements on [ruff](https://github.com/astral-sh/ruff), [ty](https://github.com/astral-sh/ty), [bandit](https://github.com/PyCQA/bandit) and [typos](https://github.com/crate-ci/typos) to permit the latest version.

Updates `ruff` to 0.15.14
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.12.0...0.15.14)

Updates `ty` to 0.0.39
- [Release notes](https://github.com/astral-sh/ty/releases)
- [Changelog](https://github.com/astral-sh/ty/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ty@0.0.32...0.0.39)

Updates `bandit` to 1.9.4
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](PyCQA/bandit@1.8.6...1.9.4)

Updates `typos` to 1.46.3
- [Release notes](https://github.com/crate-ci/typos/releases)
- [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md)
- [Commits](crate-ci/typos@v1.35.5...v1.46.3)

---
updated-dependencies:
- dependency-name: bandit
  dependency-version: 1.9.4
  dependency-type: direct:development
  dependency-group: linting
- dependency-name: ruff
  dependency-version: 0.15.12
  dependency-type: direct:development
  dependency-group: linting
- dependency-name: ty
  dependency-version: 0.0.34
  dependency-type: direct:development
  dependency-group: linting
- dependency-name: typos
  dependency-version: 1.46.0
  dependency-type: direct:development
  dependency-group: linting
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/backend/linting-458dd9682d branch from e781dfd to 3ae5ea8 Compare May 25, 2026 05:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lfr-ai lfr-ai Awaiting requested review from lfr-ai lfr-ai is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants