Bump mypy from 2.1.0 to 2.2.0#56
Merged
Merged
Conversation
--- updated-dependencies: - dependency-name: mypy dependency-version: 2.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
b968954 to
ac3893a
Compare
Scriptception
approved these changes
Jul 13, 2026
Scriptception
left a comment
Contributor
There was a problem hiding this comment.
IcebergAutoReview
Verdict: approve
The focused Dependabot update is correct and supply-chain coherent. The single commit changes only the dev requirement and uv lockfile; lock graph churn is limited to mypy 2.2.0 and its expected ast-serialize/librt updates. No blocking findings were identified.
Findings
- No blocking findings.
Validation
- Ruff 0.15.21 lint: passed
- Ruff 0.15.21 format check: passed
- Focused pytest suite: 37 passed
- Release consistency check: passed
- git diff --check: passed
- Lockfile structural and artifact-integrity audit: passed; 305 artifacts use SHA-256 hashes and files.pythonhosted.org URLs
Residual risks / optional notes
- The read-only environment prevented uv from creating temporary/cache files, so uv lock --check, mypy 2.2.0, and the complete pytest suite could not run locally. CI directly exercises uv sync, mypy, linting, building, and pytest across Python 3.10–3.14.
Automated review by Codex ac3893ab2d0c using IcebergAutoReview.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps mypy from 2.1.0 to 2.2.0.
Changelog
Sourced from mypy's changelog.
... (truncated)
Commits
b3c4a5bMark release396f508[Chore] Update changelog for 2.2 (#21691)9592a9eUpload wasm wheels to PyPI (#21671)1dc6962Bump ast-serialize to 0.6.0 (#21664)96a7913Bump librt to 0.12.0 (#21663)5ef0902Fix the exportjson tool (.ff cache to .json conversion) (#21628)8d621adSupport --shadow-file with --native-parser (#21623)74ecdd8Sync typeshed (#21612)0cd1541[mypyc] Make function wrappers thread-safe on free-threaded builds (#21620)22a9cfd[mypyc] Make list remove and index thread-safe on free-threaded builds (#21614)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)