Skip to content

chore(deps-dev): bump the pip group across 1 directory with 2 updates #201

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 23, 2025
Merged

chore(deps-dev): bump the pip group across 1 directory with 2 updates #201

merged 1 commit into from
Sep 23, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 22, 2025

Bumps the pip group with 2 updates in the / directory: coverage and ruff.

Updates coverage from 7.10.6 to 7.10.7

Changelog

Sourced from coverage's changelog.

Version 7.10.7 — 2025-09-21

  • Performance: with branch coverage in large files, generating HTML, JSON, or LCOV reports could take far too long due to some quadratic behavior when creating the function and class index pages. This is now fixed, closing issue 2048_. Thanks to Daniel Diniz for help diagnosing the problem.

  • Most warnings and a few errors now have links to a page in the docs explaining the specific message. Closes issue 1921_.

.. _issue 1921: nedbat/coveragepy#1921 .. _issue 2048: nedbat/coveragepy#2048

.. _changes_7-10-6:

Commits
  • 92a2af5 docs: sample HTML for 7.10.7
  • 952afda docs: prep for 7.10.7
  • a301761 build: riscv64 wheels (#2055)
  • 5daff8d docs: now source is formatted with ruff
  • 04bbc3a docs: discuss cog in the contributing docs
  • c181b93 build: use cog --check-fail-msg to instruct devs
  • 33c4ba1 chore: make upgrade
  • 0744b73 chore: bump the action-dependencies group across 1 directory with 2 updates (...
  • 0d5a112 perf: bulk narrowing to avoid N**2. #2048
  • a868ed9 docs: mention Python Discord on the index page
  • Additional commits viewable in compare view

Updates ruff from 0.12.12 to 0.13.1

Release notes

Sourced from ruff's releases.

0.13.1

Release Notes

Released on 2025-09-18.

Preview features

  • [flake8-simplify] Detect unnecessary None default for additional key expression types (SIM910) (#20343)
  • [flake8-use-pathlib] Add fix for PTH123 (#20169)
  • [flake8-use-pathlib] Fix PTH101, PTH104, PTH105, PTH121 fixes (#20143)
  • [flake8-use-pathlib] Make PTH111 fix unsafe because it can change behavior (#20215)
  • [pycodestyle] Fix E301 to only trigger for functions immediately within a class (#19768)
  • [refurb] Mark single-item-membership-test fix as always unsafe (FURB171) (#20279)

Bug fixes

  • Handle t-strings for token-based rules and suppression comments (#20357)
  • [flake8-bandit] Fix truthiness: dict-only ** displays not truthy for shell (S602, S604, S609) (#20177)
  • [flake8-simplify] Fix diagnostic to show correct method name for str.rsplit calls (SIM905) (#20459)
  • [flynt] Use triple quotes for joined raw strings with newlines (FLY002) (#20197)
  • [pyupgrade] Fix false positive when class name is shadowed by local variable (UP008) (#20427)
  • [pyupgrade] Prevent infinite loop with I002 and UP026 (#20327)
  • [ruff] Recognize t-strings, generators, and lambdas in invalid-index-type (RUF016) (#20213)

Rule changes

  • [RUF102] Respect rule redirects in invalid rule code detection (#20245)
  • [flake8-bugbear] Mark the fix for unreliable-callable-check as always unsafe (B004) (#20318)
  • [ruff] Allow dataclass attribute value instantiation from nested frozen dataclass (RUF009) (#20352)

CLI

  • Add fixes to output-format=sarif (#20300)
  • Treat panics as fatal diagnostics, sort panics last (#20258)

Documentation

  • [ruff] Add analyze.string-imports-min-dots to settings (#20375)
  • Update README.md with Albumentations new repository URL (#20415)

Other changes

  • Bump MSRV to Rust 1.88 (#20470)
  • Enable inline noqa for multiline strings in playground (#20442)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.13.1

Released on 2025-09-18.

Preview features

  • [flake8-simplify] Detect unnecessary None default for additional key expression types (SIM910) (#20343)
  • [flake8-use-pathlib] Add fix for PTH123 (#20169)
  • [flake8-use-pathlib] Fix PTH101, PTH104, PTH105, PTH121 fixes (#20143)
  • [flake8-use-pathlib] Make PTH111 fix unsafe because it can change behavior (#20215)
  • [pycodestyle] Fix E301 to only trigger for functions immediately within a class (#19768)
  • [refurb] Mark single-item-membership-test fix as always unsafe (FURB171) (#20279)

Bug fixes

  • Handle t-strings for token-based rules and suppression comments (#20357)
  • [flake8-bandit] Fix truthiness: dict-only ** displays not truthy for shell (S602, S604, S609) (#20177)
  • [flake8-simplify] Fix diagnostic to show correct method name for str.rsplit calls (SIM905) (#20459)
  • [flynt] Use triple quotes for joined raw strings with newlines (FLY002) (#20197)
  • [pyupgrade] Fix false positive when class name is shadowed by local variable (UP008) (#20427)
  • [pyupgrade] Prevent infinite loop with I002 and UP026 (#20327)
  • [ruff] Recognize t-strings, generators, and lambdas in invalid-index-type (RUF016) (#20213)

Rule changes

  • [RUF102] Respect rule redirects in invalid rule code detection (#20245)
  • [flake8-bugbear] Mark the fix for unreliable-callable-check as always unsafe (B004) (#20318)
  • [ruff] Allow dataclass attribute value instantiation from nested frozen dataclass (RUF009) (#20352)

CLI

  • Add fixes to output-format=sarif (#20300)
  • Treat panics as fatal diagnostics, sort panics last (#20258)

Documentation

  • [ruff] Add analyze.string-imports-min-dots to settings (#20375)
  • Update README.md with Albumentations new repository URL (#20415)

Other changes

  • Bump MSRV to Rust 1.88 (#20470)
  • Enable inline noqa for multiline strings in playground (#20442)

Contributors

... (truncated)

Commits
  • 706be0a Add pyproject.toml to rooster config version_files and bump to 0.13.1 (#2...
  • 7b40428 Bump 0.13.1 (#20473)
  • b9b5755 Upgrade to the latest rooster version and include contributors in CHANGELOG (...
  • b4b5d67 [flynt] Use triple quotes for joined raw strings with newlines (FLY002) (...
  • 0b60584 Bump MSRV to Rust 1.88 (#20470)
  • 821b2f8 [refurb] Mark single-item-membership-test fix as always unsafe (FURB171...
  • 1758f26 Update rust toolchain to 1.90 (#20469)
  • 2502ff7 [ty] Make TypeIs invariant in its type argument (#20428)
  • 144373f [flake8-use-pathlib] Fix PTH101, PTH104, PTH105, PTH121 fixes (#20143)
  • 91995aa [pyupgrade] Fix false positive when class name is shadowed by local variabl...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Sep 22, 2025
@dependabot @coreone
chore(deps-dev): bump the pip group across 1 directory with 2 updates
d3fd78b 
Bumps the pip group with 2 updates in the / directory: [coverage](https://github.com/nedbat/coveragepy) and [ruff](https://github.com/astral-sh/ruff).


Updates `coverage` from 7.10.6 to 7.10.7
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](coveragepy/coveragepy@7.10.6...7.10.7)

Updates `ruff` from 0.12.12 to 0.13.1
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.12.12...0.13.1)

---
updated-dependencies:
- dependency-name: coverage
  dependency-version: 7.10.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: pip
- dependency-name: ruff
  dependency-version: 0.13.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
@coreone coreone force-pushed the dependabot/pip/pip-8c48670176 branch from 2f37931 to d3fd78b Compare September 23, 2025 16:03
@coreone coreone merged commit f04ded9 into main Sep 23, 2025
13 checks passed
@dependabot dependabot bot deleted the dependabot/pip/pip-8c48670176 branch September 23, 2025 16:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coreone coreone coreone approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ignore-for-release python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@coreone