chore(deps): bump the pip-version-updates group across 1 directory with 5 updates

[dependabot]

Bumps the pip-version-updates group with 5 updates in the / directory:

Package	From	To
tox	4.27.0	4.28.0
mypy	1.16.1	1.17.0
python-dotenv	1.0.1	1.1.1
ruff	0.11.13	0.12.4
sphinx	7.1.2	7.4.7

Updates tox from 4.27.0 to 4.28.0

Release notes

Sourced from tox's releases.

4.28.0

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in tox-dev/tox#3548
• [docs] Document how to require a plugin by @​stephenfin in tox-dev/tox#3552
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in tox-dev/tox#3554
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in tox-dev/tox#3558
• Add [testenv] constraints option by @​stephenfin in tox-dev/tox#3556
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in tox-dev/tox#3562
• Allow disabling plugins on a one-off by @​gaborbernat in tox-dev/tox#3560

Full Changelog: tox-dev/tox@4.27.0...4.28.0

Changelog

Sourced from tox's changelog.

v4.28.0 (2025-07-20)

Features - 4.28.0

- Added ``constraints`` to allow specifying constraints files for all dependencies. (:issue:`3550`)
- Allow disabling tox plugins via the ``TOX_DISABLED_EXTERNAL_PLUGINS`` environment variable - by :user:`gaborbernat`. (:issue:`3468`)
Improved Documentation - 4.28.0

• The min_version/minversion config option is deprecated in favor of the requires option. (:issue:3553)

Commits

• af94e62 release 4.28.0
• 55af14a Allow disabling plugins on a one-off (#3560)
• 57b5dc6 [pre-commit.ci] pre-commit autoupdate (#3562)
• e2ff114 Add [testenv] constraints option (#3556)
• 7138c38 [pre-commit.ci] pre-commit autoupdate (#3558)
• 3c4497c [pre-commit.ci] pre-commit autoupdate (#3554)
• 452c174 [docs] Document how to require a plugin (#3552)
• cb8e0fb [pre-commit.ci] pre-commit autoupdate (#3548)
• See full diff in compare view

Updates mypy from 1.16.1 to 1.17.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Mypy 1.17

We’ve just uploaded mypy 1.17 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Optionally Check That Match Is Exhaustive

Mypy can now optionally generate an error if a match statement does not match exhaustively, without having to use assert_never(...). Enable this by using --enable-error-code exhaustive-match.

Example:

# mypy: enable-error-code=exhaustive-match
import enum
class Color(enum.Enum):
RED = 1
BLUE = 2
def show_color(val: Color) -> None:
# error: Unhandled case for values of type "Literal[Color.BLUE]"
match val:
case Color.RED:
print("red")

This feature was contributed by Donal Burns (PR 19144).

Further Improvements to Attribute Resolution

This release includes additional improvements to how attribute types and kinds are resolved. These fix many bugs and overall improve consistency.

• Handle corner case: protocol/class variable/descriptor (Ivan Levkivskyi, PR 19277)
• Fix a few inconsistencies in protocol/type object interactions (Ivan Levkivskyi, PR 19267)
• Refactor/unify access to static attributes (Ivan Levkivskyi, PR 19254)
• Remove inconsistencies in operator handling (Ivan Levkivskyi, PR 19250)
• Make protocol subtyping more consistent (Ivan Levkivskyi, PR 18943)

... (truncated)

Commits

• 0260991 Update version string
• 3901aa2 Updates to 1.17 changelog (#19436)
• 7d13396 Initial changelog for 1.17 release (#19427)
• a182dec Combine the revealed types of multiple iteration steps in a more robust manne...
• ab4fd57 Improve the handling of "iteration dependent" errors and notes in finally cla...
• 09ba1f6 [mypyc] Fix exception swallowing in async try/finally blocks with await (#19353)
• 5c65e33 [mypyc] Fix AttributeError in async try/finally with mixed return paths (#19361)
• 934ec50 Lessen dmypy suggest path limitations for Windows machines (#19337)
• a4801f9 Type ignore comments erroneously marked as unused by dmypy (#15043)
• c3bfa0d Handle corner case: protocol vs classvar vs descriptor (#19277)
• Additional commits viewable in compare view

Updates python-dotenv from 1.0.1 to 1.1.1

Release notes

Sourced from python-dotenv's releases.

v1.1.1

What's Changed

• fix: ensure find_dotenv work reliably on python 3.13 by @​theskumar in theskumar/python-dotenv#563
• fix(cli): issue with execvpe on Windows by @​wrongontheinternet in theskumar/python-dotenv#566

New Contributors

• @​wrongontheinternet made their first contribution in theskumar/python-dotenv#566

Full Changelog: theskumar/python-dotenv@v1.1.0...v1.1.1

v1.1.0

What's Changed

• Add a security policy by @​bbc2 in theskumar/python-dotenv#512
• Keep GitHub Actions up to date with GitHub's Dependabot by @​cclauss in theskumar/python-dotenv#506
• ci: fix multiline string in test.yml & use fail-fast strategy by @​cclauss in theskumar/python-dotenv#514
• Enhance dotenv run: Switch to execvpe for better resource management and signal handling by @​eekstunt in theskumar/python-dotenv#523
• ci: add py3.13 to test.yml by @​waketzheng in theskumar/python-dotenv#527
• Add Python 3.13 trove classifier by @​edgarrmondragon in theskumar/python-dotenv#535
• Bump the github-actions group with 2 updates by @​dependabot in theskumar/python-dotenv#529
• Add support for python 3.13 and drop 3.8 by @​theskumar in theskumar/python-dotenv#551
• docs: Update README.md by @​chapeupreto in theskumar/python-dotenv#516
• Some more s/Python-dotenv/python-dotenv/ by @​theskumar in theskumar/python-dotenv#552
• add _is_debugger so load_dotenv will work in pdb by @​randomseed42 in theskumar/python-dotenv#553

New Contributors

• @​eekstunt made their first contribution in theskumar/python-dotenv#523
• @​waketzheng made their first contribution in theskumar/python-dotenv#527
• @​edgarrmondragon made their first contribution in theskumar/python-dotenv#535
• @​dependabot made their first contribution in theskumar/python-dotenv#529
• @​chapeupreto made their first contribution in theskumar/python-dotenv#516
• @​randomseed42 made their first contribution in theskumar/python-dotenv#553

Full Changelog: theskumar/python-dotenv@v1.0.1...v1.1.0

Changelog

Sourced from python-dotenv's changelog.

[1.1.1] - 2025-06-24

Fixed

• CLI: Ensure find_dotenv work reliably on python 3.13 by [@​theskumar] in #563
• CLI: revert the use of execvpe on Windows by [@​wrongontheinternet] in #566

[1.1.0] - 2025-03-25

Feature

• Add support for python 3.13
• Enhance dotenv run, switch to execvpe for better resource management and signal handling (#523) by [@​eekstunt]

Fixed

• find_dotenv and load_dotenv now correctly looks up at the current directory when running in debugger or pdb (#553 by [@​randomseed42])

Misc

• Drop support for Python 3.8

Commits

• 16e660d Bump version: 1.1.0 → 1.1.1
• 667e82f update changelog
• 9d85edb fix(cli): issue with execvpe on Windows (#566)
• 8411987 fix: ensure find_dotenv work reliably on python 3.13 (#563)
• 01f8997 docs update
• 6a02ef5 update mkdocs -> mkdocstrings config
• 36c6270 Update changelog
• 2198b69 Bump version: 1.0.1 → 1.1.0
• c89fb6d Update changelog
• 8dd413e Add _is_debugger so load_dotenv will work in pdb (#553)
• Additional commits viewable in compare view

Updates ruff from 0.11.13 to 0.12.4

Release notes

Sourced from ruff's releases.

0.12.4

Release Notes

Preview features

• [flake8-type-checking, pyupgrade, ruff] Add from __future__ import annotations when it would allow new fixes (TC001, TC002, TC003, UP037, RUF013) (#19100)
• [flake8-use-pathlib] Add autofix for PTH109 (#19245)
• [pylint] Detect indirect pathlib.Path usages for unspecified-encoding (PLW1514) (#19304)

Bug fixes

• [flake8-bugbear] Fix B017 false negatives for keyword exception arguments (#19217)
• [flake8-use-pathlib] Fix false negative on direct Path() instantiation (PTH210) (#19388)
• [flake8-django] Fix DJ008 false positive for abstract models with type-annotated abstract field (#19221)
• [isort] Fix I002 import insertion after docstring with multiple string statements (#19222)
• [isort] Treat form feed as valid whitespace before a semicolon (#19343)
• [pydoclint] Fix SyntaxError from fixes with line continuations (D201, D202) (#19246)
• [refurb] FURB164 fix should validate arguments and should usually be marked unsafe (#19136)

Rule changes

• [flake8-use-pathlib] Skip single dots for invalid-pathlib-with-suffix (PTH210) on versions >= 3.14 (#19331)
• [pep8_naming] Avoid false positives on standard library functions with uppercase names (N802) (#18907)
• [pycodestyle] Handle brace escapes for t-strings in logical lines (#19358)
• [pylint] Extend invalid string character rules to include t-strings (#19355)
• [ruff] Allow strict kwarg when checking for starmap-zip (RUF058) in Python 3.14+ (#19333)

Documentation

• [flake8-type-checking] Make TC010 docs example more realistic (#19356)
• Make more documentation examples error out-of-the-box (#19288,#19272,#19291,#19296,#19292,#19295,#19297,#19309)

Contributors

• @​AlexWaygood
• @​BurntSushi
• @​Gankra
• @​MatthewMckee4
• @​MeGaGiGaGon
• @​MichaReiser
• @​UnboundVariable
• @​chirizxc
• @​close2code-palm
• @​corneliusroemer
• @​danparizher
• @​dcreager
• @​dhruvmanila
• @​dylwil3
• @​github-actions
• @​ntBre
• @​oconnor663

... (truncated)

Changelog

Sourced from ruff's changelog.

0.12.4

Preview features

• [flake8-type-checking, pyupgrade, ruff] Add from __future__ import annotations when it would allow new fixes (TC001, TC002, TC003, UP037, RUF013) (#19100)
• [flake8-use-pathlib] Add autofix for PTH109 (#19245)
• [pylint] Detect indirect pathlib.Path usages for unspecified-encoding (PLW1514) (#19304)

Bug fixes

• [flake8-bugbear] Fix B017 false negatives for keyword exception arguments (#19217)
• [flake8-use-pathlib] Fix false negative on direct Path() instantiation (PTH210) (#19388)
• [flake8-django] Fix DJ008 false positive for abstract models with type-annotated abstract field (#19221)
• [isort] Fix I002 import insertion after docstring with multiple string statements (#19222)
• [isort] Treat form feed as valid whitespace before a semicolon (#19343)
• [pydoclint] Fix SyntaxError from fixes with line continuations (D201, D202) (#19246)
• [refurb] FURB164 fix should validate arguments and should usually be marked unsafe (#19136)

Rule changes

• [flake8-use-pathlib] Skip single dots for invalid-pathlib-with-suffix (PTH210) on versions >= 3.14 (#19331)
• [pep8_naming] Avoid false positives on standard library functions with uppercase names (N802) (#18907)
• [pycodestyle] Handle brace escapes for t-strings in logical lines (#19358)
• [pylint] Extend invalid string character rules to include t-strings (#19355)
• [ruff] Allow strict kwarg when checking for starmap-zip (RUF058) in Python 3.14+ (#19333)

Documentation

• [flake8-type-checking] Make TC010 docs example more realistic (#19356)
• Make more documentation examples error out-of-the-box (#19288,#19272,#19291,#19296,#19292,#19295,#19297,#19309)

0.12.3

Preview features

• [flake8-bugbear] Support non-context-manager calls in B017 (#19063)
• [flake8-use-pathlib] Add autofixes for PTH100, PTH106, PTH107, PTH108, PTH110, PTH111, PTH112, PTH113, PTH114, PTH115, PTH117, PTH119, PTH120 (#19213)
• [flake8-use-pathlib] Add autofixes for PTH203, PTH204, PTH205 (#18922)

Bug fixes

• [flake8-return] Fix false-positive for variables used inside nested functions in RET504 (#18433)
• Treat form feed as valid whitespace before a line continuation (#19220)
• [flake8-type-checking] Fix syntax error introduced by fix (TC008) (#19150)
• [pyupgrade] Keyword arguments in super should suppress the UP008 fix (#19131)

Documentation

• [flake8-pyi] Make example error out-of-the-box (PYI007, PYI008) (#19103)
• [flake8-simplify] Make example error out-of-the-box (SIM116) (#19111)

... (truncated)

Commits

• ee2759b Bump 0.12.4 (#19406)
• 35f33d9 [ty] publish settings diagnostics (#19335)
• 5d78b31 [flake8-use-pathlib] Add autofix for PTH109 (#19245)
• c2a05b4 [ty] Use bitflags for resolved client capabilities (#19393)
• fae0b5c [ty] Initial implementation of declaration and definition providers. (#19371)
• cbe94b0 [ty] Support empty function bodies in if TYPE_CHECKING blocks (#19372)
• 029de78 [flake8-use-pathlib] Fix false negative on direct Path() instantiation (`...
• ff94fe7 Treat form feed as valid whitespace before a semicolon (#19343)
• b2501b4 [pylint] Detect indirect pathlib.Path usages for unspecified-encoding (...
• 291699b [refurb] FURB164 fix should validate arguments and should usually be mark...
• Additional commits viewable in compare view

Updates sphinx from 7.1.2 to 7.4.7

Release notes

Sourced from sphinx's releases.

Sphinx 7.4.7

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.4.6

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.4.5

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.4.4

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.4.3

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.4.2

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.4.1

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.4.0

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.3.7

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.3.6

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.3.5

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.3.4

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.3.3

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.3.2

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.3.1

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.3.0

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.2.6

Changelog: https://www.sphinx-doc.org/en/master/changes.html

... (truncated)

Changelog

Sourced from sphinx's changelog.

Release 7.4.7 (released Jul 20, 2024)

Bugs fixed

• #12096: Warn when files are overwritten in the build directory. Patch by Adam Turner and Bénédikt Tran.
• #12620: Ensure that old-style object description options are respected. Patch by Adam Turner.
• #12601, #12625: Support callable objects in :py:class:~typing.Annotated type metadata in the Python domain. Patch by Adam Turner.
• #12601, #12622: Resolve :py:class:~typing.Annotated warnings with sphinx.ext.autodoc, especially when using :mod:dataclasses as type metadata. Patch by Adam Turner.
• #12589, #12626: autosummary: Fix warnings with :rst:role:!autolink. Patch by Adam Turner.

Release 7.4.6 (released Jul 18, 2024)

Bugs fixed

• #12589, #9743, #12609: autosummary: Do not add the package prefix when generating autosummary directives for modules within a package. Patch by Adam Turner.
• #12613: Reduce log severity for ambiguity detection during inventory loading. Patch by James Addison.

Release 7.4.5 (released Jul 16, 2024)

Bugs fixed

• #12593, #12600: Revert coercing the type of selected :confval:html_sidebars values to a list. Log an error message when string values are detected. Patch by Adam Turner.
• #12594: LaTeX: since 7.4.0, :rst:dir:seealso and other "light" admonitions now break PDF builds if they contain a :dudir:figure directive; and also if they are contained in a table cell (rendered by tabulary). Patch by Jean-François B.

Release 7.4.4 (released Jul 15, 2024)

... (truncated)

Commits

• 0d912c8 Bump to 7.4.7 final
• bbc97e0 autosummary: Filter invalid import prefixes in autolink (#12626)
• 6c486a5 Fix detecting file changes for the overwritten file warning (#12627)
• 2bd973e autodoc: Fix warnings with dataclasses in Annotated metadata (#12622)
• dd77f85 Support callables in Annotated types (#12625)
• 1ed4ca7 Mark test_build_manpage as XFAIL following changes in Docutils master
• cd8ce07 Update message catalogues following reverted commits
• c6cd25f Partially revert "Update message catalogues (#11626)"
• fa2ba7d Partially Revert "[bot]: Update message catalogues (#12563)"
• e439c6f Ensure that old-style object description options are respected (#12620)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Qodana for Python

1 new problem were found

Inspection name	Severity	Problems
Inconsistent return statements	◽️ Notice	1

@@ Code coverage @@
+ 72% total lines covered
805 lines analyzed, 585 lines covered
# Calculated according to the filters of your coverage tool

💡 Qodana analysis was run in the pull request mode: only the changed files were checked
☁️ View the detailed Qodana report

Contact Qodana team

Contact us at qodana-support@jetbrains.com

• Or via our issue tracker: https://jb.gg/qodana-issue
• Or share your feedback: https://jb.gg/qodana-discussions

[mridang]

@dependabot recreate