Skip to content

chore(deps-dev): bump the dev group in /api with 5 updates#35581

Merged
crazywoola merged 2 commits intomainfrom
dependabot/uv/api/dev-0ca9a4a807
Apr 27, 2026
Merged

chore(deps-dev): bump the dev group in /api with 5 updates#35581
crazywoola merged 2 commits intomainfrom
dependabot/uv/api/dev-0ca9a4a807

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026

Bumps the dev group in /api with 5 updates:

Package From To
ruff 0.15.11 0.15.12
types-psycopg2 2.9.21.20260408 2.9.21.20260422
boto3-stubs 1.42.92 1.42.96
hypothesis 6.152.1 6.152.3
mypy 1.20.1 1.20.2

Updates ruff from 0.15.11 to 0.15.12

Release notes

Sourced from ruff's releases.

0.15.12

Release Notes

Released on 2026-04-24.

Preview features

  • Implement #ruff:file-ignore file-level suppressions (#23599)
  • Implement #ruff:ignore logical-line suppressions (#23404)
  • Revert preview changes to displayed diagnostic severity in LSP (#24789)
  • [airflow] Implement task-branch-as-short-circuit (AIR004) (#23579)
  • [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#24440)
  • [pylint] Fix PLC2701 for type parameter scopes (#24576)

Rule changes

  • [pandas-vet] Suggest .array as well in PD011 (#24805)

CLI

  • Respect default Unix permissions for cache files (#24794)

Documentation

  • [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#24749)
  • [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#24153)
  • Improve rules table accessibility (#24711)

Contributors

Install ruff 0.15.12

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.12/ruff-installer.sh | sh

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.12

Released on 2026-04-24.

Preview features

  • Implement #ruff:file-ignore file-level suppressions (#23599)
  • Implement #ruff:ignore logical-line suppressions (#23404)
  • Revert preview changes to displayed diagnostic severity in LSP (#24789)
  • [airflow] Implement task-branch-as-short-circuit (AIR004) (#23579)
  • [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#24440)
  • [pylint] Fix PLC2701 for type parameter scopes (#24576)

Rule changes

  • [pandas-vet] Suggest .array as well in PD011 (#24805)

CLI

  • Respect default Unix permissions for cache files (#24794)

Documentation

  • [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#24749)
  • [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#24153)
  • Improve rules table accessibility (#24711)

Contributors

Commits
  • 66f93cf Bump 0.15.12 (#24815)
  • 476a4d0 [ty] Complete support for more detailed diagnostics on possibly unbound error...
  • ed669ea Implement #ruff:file-ignore file-level suppressions (#23599)
  • e73d952 [ty] Include inferred type in invalid-key concise diagnostic for union/inte...
  • 80feb29 [ty] report only dead annotation-only locals as unused (#24811)
  • 0fbf2bc Drop deprecated license classifier (#24808)
  • 43b174c [ty] Infer lambda parameter types with Callable type context (#24317)
  • 4f449ae [ty] Add error context for intersection types (#24772)
  • 5b4e753 [ty] Add support for goto in literal enum member inlay hint (#24792)
  • e7cc762 [ty] Add error context for TypedDict assignments (#24790)
  • Additional commits viewable in compare view

Updates types-psycopg2 from 2.9.21.20260408 to 2.9.21.20260422

Commits

Updates boto3-stubs from 1.42.92 to 1.42.96

Release notes

Sourced from boto3-stubs's releases.

8.8.0 - Python 3.8 runtime is back

Changed

  • [services] install_requires section is calculated based on dependencies in use, so typing-extensions version is set properly
  • [all] Replaced typing imports with collections.abc with a fallback to typing for Python <3.9
  • [all] Added aliases for builtins.list, builtins.set, builtins.dict, and builtins.type, so Python 3.8 runtime should work as expected again (reported by @​YHallouard in #340 and @​Omri-Ben-Yair in #336)
  • [all] Unions use the same type annotations as the rest of the structures due to proper fallbacks

Fixed

  • [services] Universal input/output shapes were not replaced properly in service subresources
  • [docs] Simplified doc links rendering for services
  • [services] Cleaned up unnecessary imports in client.pyi
  • [builder] Import records with fallback are always rendered
Commits

Updates hypothesis from 6.152.1 to 6.152.3

Release notes

Sourced from hypothesis's releases.

Hypothesis for Python - version 6.152.3

The "hypothesis-urandom" backend now reads from "/dev/urandom" with buffering disabled, which improves the control of those hooking "/dev/urandom" to change or read Hypothesis's random decisions.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.152.2

This release further improves printing of generated values, building on the changes in version 6.151.11.

Principle changes:

  • In many cases where we would have printed a complex expression producing a value, we now print the repr (or a pretty-printed version of it).

  • Additionally, in some cases where we would print a complex expression that involved a lambda, we are now able to simplify that expression into a more readable one.

The canonical version of these notes (with links) is on readthedocs.

Commits
  • 609de04 Bump hypothesis-python version to 6.152.3 and update changelog
  • 902f1ba Merge pull request #4720 from Liam-DeVoe/urandom-disable-buffering
  • da81118 claude: open /dev/urandom with buffering=0 in URandomProvider
  • 80fada3 Merge pull request #4714 from HypothesisWorks/DRMacIver/uv
  • 634e2be Let tox auto-provision tox-uv instead of pinning it in tools.txt
  • 5265564 Seed pip into tox-uv envs
  • d6caeb8 Use uv instead of pyenv for build-time Python installs and tox
  • c727ead Bump hypothesis-python version to 6.152.2 and update changelog
  • 36d74b7 Merge pull request #4711 from HypothesisWorks/DRMacIver/is-code-owner
  • bbc8963 Merge pull request #4712 from HypothesisWorks/DRMacIver/fix-build
  • Additional commits viewable in compare view

Updates mypy from 1.20.1 to 1.20.2

Changelog

Sourced from mypy's changelog.

Mypy 1.20.1

  • Always disable sync in SQLite cache (Ivan Levkivskyi, PR 21184)
  • Temporarily skip few base64 tests (Ivan Levkivskyi, PR 21193)
  • Revert dict.__or__ typeshed change (Ivan Levkivskyi, PR 21186)
  • Fix narrowing for match case with variadic tuples (Shantanu, PR 21192)
  • Avoid narrowing type[T] in type calls (Shantanu, PR 21174)
  • Fix regression for catching empty tuple in except (Shantanu, PR 21153)
  • Fix reachability for frozenset and dict view narrowing (Shantanu, PR 21151)
  • Fix narrowing with chained comparison (Shantanu, PR 21150)
  • Avoid narrowing to unreachable at module level (Shantanu, PR 21144)
  • Allow dangerous identity comparisons to Any typed variables (Shantanu, PR 21142)
  • --warn-unused-config should not be a strict flag (Ivan Levkivskyi, PR 21139)

Mypy 1.20.2

  • Use WAL with SQLite cache and fix close (Shantanu, PR 21154)
  • Adjust SQLite journal mode (Ivan Levkivskyi, PR 21217)
  • Correctly aggregate narrowing information on parent expressions (Shantanu, PR 21206)
  • Fix regression related to generic callables (Shantanu, PR 21208)
  • Fix regression by avoiding widening types in some contexts (Shantanu, PR 21242)
  • Fix slicing in non-strict optional mode (Shantanu, PR 21282)
  • mypyc: Fix match statement semantics for "or" pattern (Shantanu, PR 21156)
  • mypyc: Fix issue with module dunder attributes (Piotr Sawicki, PR 21275)
  • Initial support for Python 3.15.0a8 (Marc Mueller, PR 21255)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

  • A5rocks
  • Aaron Wieczorek
  • Adam Turner
  • Ali Hamdan
  • asce
  • BobTheBuidler
  • Brent Westbrook
  • Brian Schubert
  • bzoracler
  • Chris Burroughs
  • Christoph Tyralla
  • Colin Watson
  • Donghoon Nam
  • E. M. Bray
  • Emma Smith
  • Ethan Sarp
  • George Ogden
  • getzze
  • grayjk
  • Gregor Riepl
  • Ivan Levkivskyi

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps-dev): bump the dev group in /api with 5 updates
68c761c 
Bumps the dev group in /api with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.11` | `0.15.12` |
| [types-psycopg2](https://github.com/python/typeshed) | `2.9.21.20260408` | `2.9.21.20260422` |
| [boto3-stubs](https://github.com/youtype/mypy_boto3_builder) | `1.42.92` | `1.42.96` |
| [hypothesis](https://github.com/HypothesisWorks/hypothesis) | `6.152.1` | `6.152.3` |
| [mypy](https://github.com/python/mypy) | `1.20.1` | `1.20.2` |


Updates `ruff` from 0.15.11 to 0.15.12
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.11...0.15.12)

Updates `types-psycopg2` from 2.9.21.20260408 to 2.9.21.20260422
- [Commits](https://github.com/python/typeshed/commits)

Updates `boto3-stubs` from 1.42.92 to 1.42.96
- [Release notes](https://github.com/youtype/mypy_boto3_builder/releases)
- [Commits](https://github.com/youtype/mypy_boto3_builder/commits)

Updates `hypothesis` from 6.152.1 to 6.152.3
- [Release notes](https://github.com/HypothesisWorks/hypothesis/releases)
- [Commits](HypothesisWorks/hypothesis@hypothesis-python-6.152.1...hypothesis-python-6.152.3)

Updates `mypy` from 1.20.1 to 1.20.2
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.20.1...v1.20.2)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.15.12
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev
- dependency-name: types-psycopg2
  dependency-version: 2.9.21.20260422
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev
- dependency-name: boto3-stubs
  dependency-version: 1.42.96
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev
- dependency-name: hypothesis
  dependency-version: 6.152.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev
- dependency-name: mypy
  dependency-version: 1.20.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Apr 27, 2026
@dependabot dependabot Bot requested a review from QuantumGhost as a code owner April 27, 2026 01:32
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Apr 27, 2026
@dosubot dosubot Bot added the size:S This PR changes 10-29 lines, ignoring generated files. label Apr 27, 2026
bowenliang123
bowenliang123 approved these changes Apr 27, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@bowenliang123 bowenliang123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@dosubot dosubot Bot added the lgtm This PR has been approved by a maintainer label Apr 27, 2026
@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 27, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 85.64%. Comparing base (b1b977e) to head (87a2c73).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #35581   +/-   ##
=======================================
  Coverage   85.64%   85.64%           
=======================================
  Files        4454     4454           
  Lines      208874   208874           
  Branches    39053    39053           
=======================================
  Hits       178888   178888           
  Misses      26841    26841           
  Partials     3145     3145
Flag Coverage Δ
api 85.01% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@crazywoola crazywoola added this pull request to the merge queue Apr 27, 2026
Merged via the queue into main with commit 2d6eaf6 Apr 27, 2026
30 checks passed
@crazywoola crazywoola deleted the dependabot/uv/api/dev-0ca9a4a807 branch April 27, 2026 02:18
fatelei pushed a commit that referenced this pull request Apr 29, 2026
@dependabot @crazywoola @fatelei
chore(deps-dev): bump the dev group in /api with 5 updates (#35581)
aa2dbe9 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Crazywoola <100913391+crazywoola@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@crazywoola crazywoola crazywoola approved these changes

@QuantumGhost QuantumGhost Awaiting requested review from QuantumGhost QuantumGhost is a code owner

+1 more reviewer

@bowenliang123 bowenliang123 bowenliang123 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file lgtm This PR has been approved by a maintainer python:uv Pull requests that update python:uv code size:S This PR changes 10-29 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bowenliang123 @crazywoola