Skip to content

chore(deps-dev): bump the dev group across 1 directory with 5 updates#35

Merged
Sehat1137 merged 1 commit into
masterfrom
dependabot/pip/dev-7e65113154
May 16, 2026
Merged

chore(deps-dev): bump the dev group across 1 directory with 5 updates#35
Sehat1137 merged 1 commit into
masterfrom
dependabot/pip/dev-7e65113154

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 24, 2026

Copy link
Copy Markdown
Contributor

Updates the requirements on ruff, mypy, basedpyright, types-requests and zizmor to permit the latest version.
Updates ruff to 0.15.11

Release notes

Sourced from ruff's releases.

0.15.11

Release Notes

Released on 2026-04-16.

Preview features

  • [ruff] Ignore RUF029 when function is decorated with asynccontextmanager (#24642)
  • [airflow] Implement airflow-xcom-pull-in-template-string (AIR201) (#23583)
  • [flake8-bandit] Fix S103 false positives and negatives in mask analysis (#24424)

Bug fixes

  • [flake8-async] Omit overridden methods for ASYNC109 (#24648)

Documentation

  • [flake8-async] Add override mention to ASYNC109 docs (#24666)
  • Update Neovim config examples to use vim.lsp.config (#24577)

Contributors

Install ruff 0.15.11

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.11/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ruff/releases/download/0.15.11/ruff-installer.ps1 | iex"

Download ruff 0.15.11

File Platform Checksum
ruff-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
ruff-x86_64-apple-darwin.tar.gz Intel macOS checksum
ruff-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
ruff-i686-pc-windows-msvc.zip x86 Windows checksum

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.11

Released on 2026-04-16.

Preview features

  • [ruff] Ignore RUF029 when function is decorated with asynccontextmanager (#24642)
  • [airflow] Implement airflow-xcom-pull-in-template-string (AIR201) (#23583)
  • [flake8-bandit] Fix S103 false positives and negatives in mask analysis (#24424)

Bug fixes

  • [flake8-async] Omit overridden methods for ASYNC109 (#24648)

Documentation

  • [flake8-async] Add override mention to ASYNC109 docs (#24666)
  • Update Neovim config examples to use vim.lsp.config (#24577)

Contributors

0.15.10

Released on 2026-04-09.

Preview features

  • [flake8-logging] Allow closures in except handlers (LOG004) (#24464)
  • [flake8-self] Make SLF diagnostics robust to non-self-named variables (#24281)
  • [flake8-simplify] Make the fix for collapsible-if safe in preview (SIM102) (#24371)

Bug fixes

  • Avoid emitting multi-line f-string elements before Python 3.12 (#24377)
  • Avoid syntax error from E502 fixes in f-strings and t-strings (#24410)
  • Strip form feeds from indent passed to dedent_to (#24381)
  • [pyupgrade] Fix panic caused by handling of octals (UP012) (#24390)
  • Reject multi-line f-string elements before Python 3.12 (#24355)

Rule changes

  • [ruff] Treat f-string interpolation as potential side effect (RUF019) (#24426)

Server

... (truncated)

Commits

Updates mypy to 1.20.1

Changelog

Sourced from mypy's changelog.

Mypy 1.20.1

  • Always disable sync in SQLite cache (Ivan Levkivskyi, PR 21184)
  • Temporarily skip few base64 tests (Ivan Levkivskyi, PR 21193)
  • Revert dict.__or__ typeshed change (Ivan Levkivskyi, PR 21186)
  • Fix narrowing for match case with variadic tuples (Shantanu, PR 21192)
  • Avoid narrowing type[T] in type calls (Shantanu, PR 21174)
  • Fix regression for catching empty tuple in except (Shantanu, PR 21153)
  • Fix reachability for frozenset and dict view narrowing (Shantanu, PR 21151)
  • Fix narrowing with chained comparison (Shantanu, PR 21150)
  • Avoid narrowing to unreachable at module level (Shantanu, PR 21144)
  • Allow dangerous identity comparisons to Any typed variables (Shantanu, PR 21142)
  • --warn-unused-config should not be a strict flag (Ivan Levkivskyi, PR 21139)

Mypy 1.20.2

  • Use WAL with SQLite cache and fix close (Shantanu, PR 21154)
  • Adjust SQLite journal mode (Ivan Levkivskyi, PR 21217)
  • Correctly aggregate narrowing information on parent expressions (Shantanu, PR 21206)
  • Fix regression related to generic callables (Shantanu, PR 21208)
  • Fix regression by avoiding widening types in some contexts (Shantanu, PR 21242)
  • Fix slicing in non-strict optional mode (Shantanu, PR 21282)
  • mypyc: Fix match statement semantics for "or" pattern (Shantanu, PR 21156)
  • mypyc: Fix issue with module dunder attributes (Piotr Sawicki, PR 21275)
  • Initial support for Python 3.15.0a8 (Marc Mueller, PR 21255)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

  • A5rocks
  • Aaron Wieczorek
  • Adam Turner
  • Ali Hamdan
  • asce
  • BobTheBuidler
  • Brent Westbrook
  • Brian Schubert
  • bzoracler
  • Chris Burroughs
  • Christoph Tyralla
  • Colin Watson
  • Donghoon Nam
  • E. M. Bray
  • Emma Smith
  • Ethan Sarp
  • George Ogden
  • getzze
  • grayjk
  • Gregor Riepl
  • Ivan Levkivskyi

... (truncated)

Commits

Updates basedpyright to 1.39.2

Commits
  • ceb200c 1.39.2
  • eb7a92c try to fix browser-basedpyright being published with nothing in it
  • dec5306 update package-lock.json
  • 6db43de 1.39.1
  • 335e486 fix failing tests from merge
  • bbe71b6 delete newly added github action from upstream that we don't use
  • 8f22618 update prettierignore
  • ff1f5a4 fix compile errors from merge
  • f2f2174 Merge tag '1.1.409' into merge-1.1.409
  • 63998f4 Publish 1.1.409
  • Additional commits viewable in compare view

Updates types-requests to 2.33.0.20260408

Commits

Updates zizmor to 1.24.1

Release notes

Sourced from zizmor's releases.

v1.24.1

Bug Fixes 🐛🔗

  • Fixed a bug where the ref-version-mismatch audit would incorrectly flag some version comments as not containing an appropriate version (#1900)
Changelog

Sourced from zizmor's changelog.

1.24.1

Bug Fixes 🐛

  • Fixed a bug where the [ref-version-mismatch] audit would incorrectly flag some version comments as not containing an appropriate version (#1900)

1.24.0

New Features 🌈

  • zizmor now allows users to audit from stdin, by passing zizmor - (#1611)

Enhancements 🌱

  • The [use-trusted-publishing] audit now detects bun publish and bunx npm publish patterns (#1737)

    Many thanks to @​shaanmajid for proposing and implementing this improvement!

  • zizmor's CLI help and usage output now uses a custom color scheme for improved readability (#1747)

  • The [secrets-outside-env] audit is now configurable with an allowlist of secret names that should not be flagged, even when referenced outside of an environment (#1759)

    Many thanks to @​rmuir for proposing and implementing this improvement!

  • The [dependabot-cooldown] audit now emits a pedantic finding whenever it encounters a cooldown used with a multi-ecosystem-group, as the two do not interact well (#1780)

  • Recommend gh release upload as a replacement for @​svenstaro/upload-release-action in [superfluous-actions] (#1801)

  • Recommend gh issue create as a replacement for @​dacbd/create-issue-action in [superfluous-actions] (#1873)

  • The [obfuscation] audit now emits a finding for with: ${{ expr }} clauses cannot be analyzed (#1772)

  • zizmor --help is now rendered with option groups for improved readability (#1831)

    Many thanks to @​deckstose for implementing this improvement!

  • zizmor's SARIF output now uses codeflows instead of related locations, improving its rendering behavior on GitHub Advanced Security (#1843)

  • The [ref-version-mismatch] audit now uses a more useful audit description

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Updates the requirements on [ruff](https://github.com/astral-sh/ruff), [mypy](https://github.com/python/mypy), [basedpyright](https://github.com/detachhead/basedpyright), [types-requests](https://github.com/python/typeshed) and [zizmor](https://github.com/zizmorcore/zizmor) to permit the latest version.

Updates `ruff` to 0.15.11
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.0...0.15.11)

Updates `mypy` to 1.20.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.18.2...v1.20.1)

Updates `basedpyright` to 1.39.2
- [Release notes](https://github.com/detachhead/basedpyright/releases)
- [Commits](DetachHead/basedpyright@v1.31.7...v1.39.2)

Updates `types-requests` to 2.33.0.20260408
- [Commits](https://github.com/python/typeshed/commits)

Updates `zizmor` to 1.24.1
- [Release notes](https://github.com/zizmorcore/zizmor/releases)
- [Changelog](https://github.com/zizmorcore/zizmor/blob/main/docs/release-notes.md)
- [Commits](zizmorcore/zizmor@v1.15.2...v1.24.1)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.15.11
  dependency-type: direct:development
  dependency-group: dev
- dependency-name: mypy
  dependency-version: 1.20.1
  dependency-type: direct:development
  dependency-group: dev
- dependency-name: basedpyright
  dependency-version: 1.39.2
  dependency-type: direct:development
  dependency-group: dev
- dependency-name: types-requests
  dependency-version: 2.33.0.20260408
  dependency-type: direct:development
  dependency-group: dev
- dependency-name: zizmor
  dependency-version: 1.24.1
  dependency-type: direct:development
  dependency-group: dev
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Apr 24, 2026
@Sehat1137 Sehat1137 merged commit 4bd5721 into master May 16, 2026
6 checks passed
@dependabot dependabot Bot deleted the dependabot/pip/dev-7e65113154 branch May 16, 2026 18:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant