Skip to content

Comments

chore(deps): bump the pip-version-updates group across 1 directory with 4 updates#62

Closed
dependabot[bot] wants to merge 1 commit intobetafrom
dependabot/pip/pip-version-updates-a2835ae7aa
Closed

chore(deps): bump the pip-version-updates group across 1 directory with 4 updates#62
dependabot[bot] wants to merge 1 commit intobetafrom
dependabot/pip/pip-version-updates-a2835ae7aa

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 19, 2025
edited
Loading

Bumps the pip-version-updates group with 4 updates in the / directory: tox, types-python-dateutil, mypy and ruff.

Updates tox from 4.28.0 to 4.28.4

Release notes

Sourced from tox's releases.

4.28.4

What's Changed

New Contributors

Full Changelog: tox-dev/tox@4.28.3...4.28.4

4.28.3

What's Changed

Full Changelog: tox-dev/tox@4.28.2...4.28.3

4.28.2

What's Changed

Full Changelog: tox-dev/tox@4.28.1...4.28.2

4.28.1

What's Changed

Full Changelog: tox-dev/tox@4.28.0...4.28.1

Changelog

Sourced from tox's changelog.

v4.28.4 (2025-07-31)

Features - 4.28.4

- Pass ssh-agent variables ``SSH_AGENT_PID`` and ``SSH_AUTH_SOCK`` in ``pass_env`` by default.
  - by :user:`daniilgankov` (:issue:`3572`)

v4.28.3 (2025-07-25)


No significant changes.


v4.28.2 (2025-07-25)


Bugfixes - 4.28.2

  • Don't pass in the filter argument to tar.extractall on old Python versions - by :user:gaborbernat. (:issue:3568)

v4.28.1 (2025-07-22)

Bugfixes - 4.28.1

- Use `tarfile.data_filter <https://docs.python.org/3/library/tarfile.html#tarfile.data_filter>`_ with ``extractall``
  only on supported Python versions:

    

  • &gt;= 3.11.4
    • 

  • &gt;= 3.10.12 and &lt; 3.11
    • 

  • &gt;= 3.9.17 and &lt; 3.10
    • 



by :user:gaborbernat. (:issue:3565)

Commits

Updates types-python-dateutil from 2.9.0.20250708 to 2.9.0.20250809

Commits

Updates mypy from 1.17.0 to 1.17.1

Changelog

Sourced from mypy's changelog.

Mypy 1.17.1

  • Retain None as constraints bottom if no bottoms were provided (Stanislav Terliakov, PR 19485)
  • Fix "ignored exception in hasattr" in dmypy (Stanislav Terliakov, PR 19428)
  • Prevent a crash when InitVar is redefined with a method in a subclass (Stanislav Terliakov, PR 19453)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

  • Alexey Makridenko
  • Brian Schubert
  • Chad Dombrova
  • Chainfire
  • Charlie Denton
  • Charulata
  • Christoph Tyralla
  • CoolCat467
  • Donal Burns
  • Guy Wilson
  • Ivan Levkivskyi
  • johnthagen
  • Jukka Lehtosalo
  • Łukasz Kwieciński
  • Marc Mueller
  • Michael J. Sullivan
  • Mikhail Golubev
  • Sebastian Rittau
  • Shantanu
  • Stanislav Terliakov
  • wyattscarpenter

I’d also like to thank my employer, Dropbox, for supporting mypy development.

Mypy 1.16

We’ve just uploaded mypy 1.16 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Different Property Getter and Setter Types

Mypy now supports using different types for a property getter and setter:

class A:
    _value: int
</tr></table>

... (truncated)

Commits

Updates ruff from 0.12.4 to 0.12.9

Release notes

Sourced from ruff's releases.

0.12.9

Release Notes

Preview features

  • [airflow] Add check for airflow.secrets.cache.SecretCache (AIR301) (#17707)
  • [ruff] Offer a safe fix for multi-digit zeros (RUF064) (#19847)

Bug fixes

  • [flake8-blind-except] Fix BLE001 false-positive on raise ... from None (#19755)
  • [flake8-comprehensions] Fix false positive for C420 with attribute, subscript, or slice assignment targets (#19513)
  • [flake8-simplify] Fix handling of U+001C..U+001F whitespace (SIM905) (#19849)

Rule changes

  • [pylint] Use lowercase hex characters to match the formatter (PLE2513) (#19808)

Documentation

  • Fix lint.future-annotations link (#19876)

Other changes

  • Build riscv64 binaries for release (#19819)

  • Add rule code to error description in GitLab output (#19896)

  • Improve rendering of the full output format (#19415)

    Below is an example diff for F401:

    -unused.py:8:19: F401 [*] `pathlib` imported but unused
+F401 [*] `pathlib` imported but unused
+  --> unused.py:8:19
    |
  7 | # Unused, _not_ marked as required (due to the alias).
  8 | import pathlib as non_alias
-   |                   ^^^^^^^^^ F401
+   |                   ^^^^^^^^^
  9 |
 10 | # Unused, marked as required.
    |
-   = help: Remove unused import: `pathlib`
+help: Remove unused import: `pathlib`

    For now, the primary difference is the movement of the filename, line number, and column information to a second line in the header. This new representation will allow us to make further additions to Ruff's diagnostics, such as adding sub-diagnostics and multiple annotations to the same snippet.

... (truncated)

Changelog

Sourced from ruff's changelog.

0.12.9

Preview features

  • [airflow] Add check for airflow.secrets.cache.SecretCache (AIR301) (#17707)
  • [ruff] Offer a safe fix for multi-digit zeros (RUF064) (#19847)

Bug fixes

  • [flake8-blind-except] Fix BLE001 false-positive on raise ... from None (#19755)
  • [flake8-comprehensions] Fix false positive for C420 with attribute, subscript, or slice assignment targets (#19513)
  • [flake8-simplify] Fix handling of U+001C..U+001F whitespace (SIM905) (#19849)

Rule changes

  • [pylint] Use lowercase hex characters to match the formatter (PLE2513) (#19808)

Documentation

  • Fix lint.future-annotations link (#19876)

Other changes

  • Build riscv64 binaries for release (#19819)

  • Add rule code to error description in GitLab output (#19896)

  • Improve rendering of the full output format (#19415)

    Below is an example diff for F401:

    -unused.py:8:19: F401 [*] `pathlib` imported but unused
+F401 [*] `pathlib` imported but unused
+  --> unused.py:8:19
    |
  7 | # Unused, _not_ marked as required (due to the alias).
  8 | import pathlib as non_alias
-   |                   ^^^^^^^^^ F401
+   |                   ^^^^^^^^^
  9 |
 10 | # Unused, marked as required.
    |
-   = help: Remove unused import: `pathlib`
+help: Remove unused import: `pathlib`

    For now, the primary difference is the movement of the filename, line number, and column information to a second line in the header. This new representation will allow us to make further additions to Ruff's diagnostics, such as adding sub-diagnostics and multiple annotations to the same snippet.

0.12.8

... (truncated)

Commits
  • ef42246 Bump 0.12.9 (#19917)
  • dc2e8ab [ty] support kw_only=True for dataclass() and field() (#19677)
  • 9aaa82d Feature/build riscv64 bin (#19819)
  • 3288ac2 [ty] Add caching to CodeGeneratorKind::matches() (#19912)
  • 1167ed6 [ty] Rename functionArgumentNames to callArgumentNames inlay hint setting...
  • 2ee47d8 [ty] Default ty.inlayHints.* server settings to true (#19910)
  • d324ced [ty] Remove py-fuzzer skips for seeds that are no longer slow (#19906)
  • 5a570c8 [ty] fix deferred name loading in PEP695 generic classes/functions (#19888)
  • baadb5a [ty] Add some additional type safety to CycleDetector (#19903)
  • df0648a [flake8-blind-except] Fix BLE001 false-positive on raise ... from None ...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the pip-version-updates group across 1 directory wi…
33a79fd 
…th 4 updates

Bumps the pip-version-updates group with 4 updates in the / directory: [tox](https://github.com/tox-dev/tox), [types-python-dateutil](https://github.com/typeshed-internal/stub_uploader), [mypy](https://github.com/python/mypy) and [ruff](https://github.com/astral-sh/ruff).


Updates `tox` from 4.28.0 to 4.28.4
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](tox-dev/tox@4.28.0...4.28.4)

Updates `types-python-dateutil` from 2.9.0.20250708 to 2.9.0.20250809
- [Commits](https://github.com/typeshed-internal/stub_uploader/commits)

Updates `mypy` from 1.17.0 to 1.17.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.17.0...v1.17.1)

Updates `ruff` from 0.12.4 to 0.12.9
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.12.4...0.12.9)

---
updated-dependencies:
- dependency-name: tox
  dependency-version: 4.28.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: pip-version-updates
- dependency-name: types-python-dateutil
  dependency-version: 2.9.0.20250809
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: pip-version-updates
- dependency-name: mypy
  dependency-version: 1.17.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: pip-version-updates
- dependency-name: ruff
  dependency-version: 0.12.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: pip-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Aug 19, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 8, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Sep 8, 2025
@dependabot dependabot bot deleted the dependabot/pip/pip-version-updates-a2835ae7aa branch September 8, 2025 14:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants