Skip to content

chore(deps-dev): bump the python-packages group with 4 updates#91

Merged
qartik merged 1 commit intomainfrom
dependabot/pip/python-packages-d51029a0cc
May 1, 2026
Merged

chore(deps-dev): bump the python-packages group with 4 updates#91
qartik merged 1 commit intomainfrom
dependabot/pip/python-packages-d51029a0cc

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 1, 2026

Updates the requirements on prek, ruff, ty and uv-build to permit the latest version.
Updates prek to 0.3.11

Release notes

Sourced from prek's releases.

0.3.11

Release Notes

Released on 2026-04-27.

Highlights

Hook entries now have an explicit shell option for shell snippets. Set shell: sh, bash, pwsh, powershell, or cmd when an entry should be evaluated by that shell; leaving it unset keeps prek's direct argv execution.

prek auto-update can now filter tag candidates before choosing an update. Both options take glob patterns: use --include-tag to only consider matching tag names, and --exclude-tag to skip matching tags such as moving tags or prereleases.

Enhancements

  • Add auto-update --exclude-repo <repo> to skip repos (#1983)
  • Add auto-update --exit-code to exit with non-zero on updates (#2002)
  • Add auto-update --include-tag <pattern>/--exclude-tag <pattern> to filter tags (#1984)
  • Adds an explicit shell hook option for entries that should run as shell source (#2004)
  • Make --hook-dir optional for hook-impl (#1989)
  • Skip shim warning when --script-version is missing (#1990)

Bug fixes

  • Install Ruby executable in gem bin (#2017)
  • Use dedicated Android npm package (#1982)
  • Use stable repo keys without breaking cached clones (#1995)

Documentation

  • Explain prek name (#1980)
  • Clarify pass_filenames concurrency docs (#1999)
  • Reorganize documentation references (#2005)
  • Clarify hook author manifest env docs (#1991)
  • docs: add Sentry to users list (#1981)

Contributors

Install prek 0.3.11

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/j178/prek/releases/download/v0.3.11/prek-installer.sh | sh

... (truncated)

Changelog

Sourced from prek's changelog.

0.3.11

Released on 2026-04-27.

Highlights

Hook entries now have an explicit shell option for shell snippets. Set shell: sh, bash, pwsh, powershell, or cmd when an entry should be evaluated by that shell; leaving it unset keeps prek's direct argv execution.

prek auto-update can now filter tag candidates before choosing an update. Both options take glob patterns: use --include-tag to only consider matching tag names, and --exclude-tag to skip matching tags such as moving tags or prereleases.

Enhancements

  • Add auto-update --exclude-repo <repo> to skip repos (#1983)
  • Add auto-update --exit-code to exit with non-zero on updates (#2002)
  • Add auto-update --include-tag <pattern>/--exclude-tag <pattern> to filter tags (#1984)
  • Adds an explicit shell hook option for entries that should run as shell source (#2004)
  • Make --hook-dir optional for hook-impl (#1989)
  • Skip shim warning when --script-version is missing (#1990)

Bug fixes

  • Install Ruby executable in gem bin (#2017)
  • Use dedicated Android npm package (#1982)
  • Use stable repo keys without breaking cached clones (#1995)

Documentation

  • Explain prek name (#1980)
  • Clarify pass_filenames concurrency docs (#1999)
  • Reorganize documentation references (#2005)
  • Clarify hook author manifest env docs (#1991)
  • docs: add Sentry to users list (#1981)

Contributors

0.3.10

Released on 2026-04-21.

Enhancements

  • Disallow rev for non-remote repos in schema (#1964)
  • Hide up-to-date output in non-verbose mode (#1942)

... (truncated)

Commits

Updates ruff to 0.15.12

Release notes

Sourced from ruff's releases.

0.15.12

Release Notes

Released on 2026-04-24.

Preview features

  • Implement #ruff:file-ignore file-level suppressions (#23599)
  • Implement #ruff:ignore logical-line suppressions (#23404)
  • Revert preview changes to displayed diagnostic severity in LSP (#24789)
  • [airflow] Implement task-branch-as-short-circuit (AIR004) (#23579)
  • [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#24440)
  • [pylint] Fix PLC2701 for type parameter scopes (#24576)

Rule changes

  • [pandas-vet] Suggest .array as well in PD011 (#24805)

CLI

  • Respect default Unix permissions for cache files (#24794)

Documentation

  • [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#24749)
  • [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#24153)
  • Improve rules table accessibility (#24711)

Contributors

Install ruff 0.15.12

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.12/ruff-installer.sh | sh

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.12

Released on 2026-04-24.

Preview features

  • Implement #ruff:file-ignore file-level suppressions (#23599)
  • Implement #ruff:ignore logical-line suppressions (#23404)
  • Revert preview changes to displayed diagnostic severity in LSP (#24789)
  • [airflow] Implement task-branch-as-short-circuit (AIR004) (#23579)
  • [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#24440)
  • [pylint] Fix PLC2701 for type parameter scopes (#24576)

Rule changes

  • [pandas-vet] Suggest .array as well in PD011 (#24805)

CLI

  • Respect default Unix permissions for cache files (#24794)

Documentation

  • [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#24749)
  • [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#24153)
  • Improve rules table accessibility (#24711)

Contributors

0.15.11

Released on 2026-04-16.

Preview features

  • [ruff] Ignore RUF029 when function is decorated with asynccontextmanager (#24642)
  • [airflow] Implement airflow-xcom-pull-in-template-string (AIR201) (#23583)
  • [flake8-bandit] Fix S103 false positives and negatives in mask analysis (#24424)

... (truncated)

Commits
  • 66f93cf Bump 0.15.12 (#24815)
  • 476a4d0 [ty] Complete support for more detailed diagnostics on possibly unbound error...
  • ed669ea Implement #ruff:file-ignore file-level suppressions (#23599)
  • e73d952 [ty] Include inferred type in invalid-key concise diagnostic for union/inte...
  • 80feb29 [ty] report only dead annotation-only locals as unused (#24811)
  • 0fbf2bc Drop deprecated license classifier (#24808)
  • 43b174c [ty] Infer lambda parameter types with Callable type context (#24317)
  • 4f449ae [ty] Add error context for intersection types (#24772)
  • 5b4e753 [ty] Add support for goto in literal enum member inlay hint (#24792)
  • e7cc762 [ty] Add error context for TypedDict assignments (#24790)
  • Additional commits viewable in compare view

Updates ty to 0.0.33

Release notes

Sourced from ty's releases.

0.0.33

Release Notes

Released on 2026-04-28.

Notable changes

  • ty now prefers the declared type of an annotated assignment in more situations (#24802). Consider this example:

    from some_library import untyped_function
threshold: int | None = 0
result: str = untyped_function()

    ty previously favored the inferred type of the right hand side expression when threshold and result were used. This is useful for threshold, as it allows something like threshold += 1 to work without an error: we know that threshold could later become None, but right now, we see that it is an int. However, for result, the inferred type is Unknown. This is not a useful type and it can lead to false negatives. Starting with this release, ty will therefore prefer the declared type if the inferred and declared types are mutually assignable. In the above example, threshold will still be inferred as int (or rather Literal[1]), but result will now be inferred as str. If you previously added casts to work around this behavior, you should be able to remove them after upgrading.

Bug fixes

  • Fix reporting of annotation-only locals as unused (#24811)
  • Fix project and workspace selection (#24824)
  • Fix go-to definition for generic classes (#24714)
  • Fix receiver coloring for aliased decorators (#24884)

LSP server

  • Add support for go-to definition in literal enum member inlay hints (#24792)
  • Add support for "baking" keyword argument inlay hints into the source code (#24667)
  • Don't allow inlay hint edits when introducing a non global scope symbol (#24797)
  • Omit semantic highlighting for unresolved symbols (#24718)

Core type checking

  • Support narrowing with aliased conditional expressions (#24302)
  • Model short-circuiting control flow in Boolean expressions (#24458)
  • Handle finally blocks where all try/except blocks are terminal (#24882)
  • Detect invalid ClassVar vs instance-attribute overrides (#24767)
  • Emit diagnostic for invalid uses of Unpack[...] (#24868)
  • Infer lambda parameter types with Callable type context (#24317)
  • Support ** unpacking of TypedDict in dict-literal assignments (#24703)
  • Support Unpack[TypedDict] in **kwargs signatures (#24653)
  • Treat [*xs] as an irrefutable pattern when matching on Sequence (#24787)
  • Improve generics solving for unions in invariant positions (#24698)
  • Improve generics solving for unions when matching against protocols (#24837)

Diagnostics

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.33

Released on 2026-04-28.

Notable changes

  • ty now prefers the declared type of an annotated assignment in more situations (#24802). Consider this example:

    from some_library import untyped_function
threshold: int | None = 0
result: str = untyped_function()

    ty previously favored the inferred type of the right hand side expression when threshold and result were used. This is useful for threshold, as it allows something like threshold += 1 to work without an error: we know that threshold could later become None, but right now, we see that it is an int. However, for result, the inferred type is Unknown. This is not a useful type and it can lead to false negatives. Starting with this release, ty will therefore prefer the declared type if the inferred and declared types are mutually assignable. In the above example, threshold will still be inferred as int (or rather Literal[1]), but result will now be inferred as str. If you previously added casts to work around this behavior, you should be able to remove them after upgrading.

Bug fixes

  • Fix reporting of annotation-only locals as unused (#24811)
  • Fix project and workspace selection (#24824)
  • Fix go-to definition for generic classes (#24714)
  • Fix receiver coloring for aliased decorators (#24884)

LSP server

  • Add support for go-to definition in literal enum member inlay hints (#24792)
  • Add support for "baking" keyword argument inlay hints into the source code (#24667)
  • Don't allow inlay hint edits when introducing a non global scope symbol (#24797)
  • Omit semantic highlighting for unresolved symbols (#24718)

Core type checking

  • Support narrowing with aliased conditional expressions (#24302)
  • Model short-circuiting control flow in Boolean expressions (#24458)
  • Handle finally blocks where all try/except blocks are terminal (#24882)
  • Detect invalid ClassVar vs instance-attribute overrides (#24767)
  • Emit diagnostic for invalid uses of Unpack[...] (#24868)
  • Infer lambda parameter types with Callable type context (#24317)
  • Support ** unpacking of TypedDict in dict-literal assignments (#24703)
  • Support Unpack[TypedDict] in **kwargs signatures (#24653)
  • Treat [*xs] as an irrefutable pattern when matching on Sequence (#24787)
  • Improve generics solving for unions in invariant positions (#24698)
  • Improve generics solving for unions when matching against protocols (#24837)

Diagnostics

  • Add error context to invalid-return-type diagnostics, invalid-yield diagnostics, attribute assignment diagnostics (#24770, #24771)

... (truncated)

Commits

Updates uv-build to 0.11.8

Release notes

Sourced from uv-build's releases.

0.11.8

Release Notes

Released on 2026-04-27.

Enhancements

  • Add --python-downloads-json-url to python pin (#19092)
  • Fetch uv from Astral mirror during self-update (#18682)
  • Support pip uninstall -y (#19082)
  • Allow exclude-newer to be missing from the lockfile when exclude-newer-span is present (#19024)
  • Only show the version number in uv self version --short (#19019)
  • Silence warnings on empty SSL_CERT_DIR directory (#19018)
  • Use a sentinel timestamp for relative exclude-newer and exclude-newer-package values in lockfiles (#19022, #19101)

Configuration

  • Add UV_PYTHON_NO_REGISTRY (#19035)
  • Add an environment variable for UV_NO_PROJECT (#19052)
  • Expose UV_PYTHON_SEARCH_PATH for Python discovery PATH overrides (#19034)

Bug fixes

  • Add rust-toolchain.toml to uv-build sdist (#19131)
  • Ensure uv invocations of git do not inherit repository location environment variables (#19088)
  • Redact pre-signed upload URLs in verbose output (#19146)
  • Handle transitive URL dependencies in PEP 517 build requirements (#19076, #19086)
  • Support uv lock on a pyproject.toml that only contains dependency-groups (#19087)
  • Disable transparent Python upgrades in projects when a patch version is requested via .python-version (#19102)
  • Fix Python variant tagging in the Windows registry (#19012)
  • Ban external symlinks in .tar.zst wheels (#19144)

Distributions

  • Remove deprecated license classifiers from uv-build and add Python 3.14 classifier (#19130)

Documentation

  • Bump astral-sh/setup-uv version in docs (#19030)
  • Update PyTorch documentation for PyTorch 2.11 (#19095)

Install uv 0.11.8

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.8/uv-installer.sh | sh

Install prebuilt binaries via powershell script

... (truncated)

Changelog

Sourced from uv-build's changelog.

0.11.8

Released on 2026-04-27.

Enhancements

  • Add --python-downloads-json-url to python pin (#19092)
  • Fetch uv from Astral mirror during self-update (#18682)
  • Support pip uninstall -y (#19082)
  • Allow exclude-newer to be missing from the lockfile when exclude-newer-span is present (#19024)
  • Only show the version number in uv self version --short (#19019)
  • Silence warnings on empty SSL_CERT_DIR directory (#19018)
  • Use a sentinel timestamp for relative exclude-newer and exclude-newer-package values in lockfiles (#19022, #19101)

Configuration

  • Add UV_PYTHON_NO_REGISTRY (#19035)
  • Add an environment variable for UV_NO_PROJECT (#19052)
  • Expose UV_PYTHON_SEARCH_PATH for Python discovery PATH overrides (#19034)

Bug fixes

  • Add rust-toolchain.toml to uv-build sdist (#19131)
  • Ensure uv invocations of git do not inherit repository location environment variables (#19088)
  • Redact pre-signed upload URLs in verbose output (#19146)
  • Handle transitive URL dependencies in PEP 517 build requirements (#19076, #19086)
  • Support uv lock on a pyproject.toml that only contains dependency-groups (#19087)
  • Disable transparent Python upgrades in projects when a patch version is requested via .python-version (#19102)
  • Fix Python variant tagging in the Windows registry (#19012)
  • Ban external symlinks in .tar.zst wheels (#19144)

Distributions

  • Remove deprecated license classifiers from uv-build and add Python 3.14 classifier (#19130)

Documentation

  • Bump astral-sh/setup-uv version in docs (#19030)
  • Update PyTorch documentation for PyTorch 2.11 (#19095)

0.11.7

Released on 2026-04-15.

Python

  • Upgrade CPython build to 20260414 including an OpenSSL security upgrade (#19004)

Enhancements

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps-dev): bump the python-packages group with 4 updates
9a140b8 
Updates the requirements on [prek](https://github.com/j178/prek), [ruff](https://github.com/astral-sh/ruff), [ty](https://github.com/astral-sh/ty) and [uv-build](https://github.com/astral-sh/uv) to permit the latest version.

Updates `prek` to 0.3.11
- [Release notes](https://github.com/j178/prek/releases)
- [Changelog](https://github.com/j178/prek/blob/master/CHANGELOG.md)
- [Commits](j178/prek@v0.3.1...v0.3.11)

Updates `ruff` to 0.15.12
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.8...0.15.12)

Updates `ty` to 0.0.33
- [Release notes](https://github.com/astral-sh/ty/releases)
- [Changelog](https://github.com/astral-sh/ty/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ty@0.0.1-alpha.18...0.0.33)

Updates `uv-build` to 0.11.8
- [Release notes](https://github.com/astral-sh/uv/releases)
- [Changelog](https://github.com/astral-sh/uv/blob/main/CHANGELOG.md)
- [Commits](astral-sh/uv@0.8.13...0.11.8)

---
updated-dependencies:
- dependency-name: prek
  dependency-version: 0.3.11
  dependency-type: direct:development
  dependency-group: python-packages
- dependency-name: ruff
  dependency-version: 0.15.12
  dependency-type: direct:development
  dependency-group: python-packages
- dependency-name: ty
  dependency-version: 0.0.33
  dependency-type: direct:development
  dependency-group: python-packages
- dependency-name: uv-build
  dependency-version: 0.11.8
  dependency-type: direct:development
  dependency-group: python-packages
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels May 1, 2026
@qartik qartik added this pull request to the merge queue May 1, 2026
Merged via the queue into main with commit f409ee1 May 1, 2026
1 check passed
@qartik qartik deleted the dependabot/pip/python-packages-d51029a0cc branch May 1, 2026 19:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@qartik qartik qartik approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@qartik