Skip to content

Bump the py-version-updates group across 1 directory with 7 updates#133

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/py-version-updates-02892778ec
Open

Bump the py-version-updates group across 1 directory with 7 updates#133
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/py-version-updates-02892778ec

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 8, 2026
edited
Loading

Bumps the py-version-updates group with 7 updates in the / directory:

Package From To
copier 9.11.3 9.14.1
pylint 4.0.4 4.0.5
black 26.1.0 26.3.1
pytest 9.0.2 9.0.3
ruff 0.14.14 0.15.9
pytest-cov 7.0.0 7.1.0
mypy 1.19.1 1.20.0

Updates copier from 9.11.3 to 9.14.1

Release notes

Sourced from copier's releases.

v9.14.1 (2026-03-31)

Refactor

  • make YieldExtension self-contained

Security

  • require --trust for _external_data paths outside subproject root
  • disallow _subdirectory path outside template root

v9.14.0 (2026-03-13)

Feat

  • cli: add --answers-file flag to check-update command

Fix

  • only warn about dirty template when checking out HEAD
  • cli: show only supported flags in check-update command help output

v9.13.1 (2026-03-09)

Fix

  • vcs: make Git version parsing robust to vendor-suffixed patch versions

v9.13.0 (2026-03-05)

Feat

  • add CLI subcommand check-update to check for new template version (#2463)

Refactor

  • cli: call public run_* functions instead of internal Worker.run_* methods

v9.12.0 (2026-02-21)

Feat

  • add new settings API with minimal surface
  • re-export Phase enum at package level

Fix

  • updating: apply skip-if-exists patterns as gitignore-style at subproject root in update algorithm
  • updating: anchor removed file paths to project root in update algorithm
  • updating: normalize user-deleted paths before skip-if-exists pattern matching during updates

Refactor

... (truncated)

Changelog

Sourced from copier's changelog.

v9.14.1 (2026-03-31)

Refactor

  • make YieldExtension self-contained

Security

  • require --trust for _external_data paths outside subproject root
  • disallow _subdirectory path outside template root

v9.14.0 (2026-03-13)

Feat

  • cli: add --answers-file flag to check-update command

Fix

  • only warn about dirty template when checking out HEAD
  • cli: show only supported flags in check-update command help output

v9.13.1 (2026-03-09)

Fix

  • vcs: make Git version parsing robust to vendor-suffixed patch versions

v9.13.0 (2026-03-05)

Feat

  • add CLI subcommand check-update to check for new template version (#2463)

Refactor

  • cli: call public run_* functions instead of internal Worker.run_* methods

v9.12.0 (2026-02-21)

Feat

  • add new settings API with minimal surface
  • re-export Phase enum at package level

Fix

  • updating: apply skip-if-exists patterns as gitignore-style at subproject root in update algorithm
  • updating: anchor removed file paths to project root in update algorithm

... (truncated)

Commits
  • f6ac946 bump: version 9.14.0 → 9.14.1
  • 5413062 fix: require --trust for _external_data paths outside subproject root
  • cb80a3f fix: disallow _subdirectory path outside template root
  • 7aa7021 build(deps): update dependency requests to 2.33.0
  • 4798d0c build(deps): lock file maintenance
  • d01628d build(deps): update dependency uv to v0.10.12
  • a3d15dc build(deps): update jetify-com/devbox-install-action action to v0.15.0
  • ee3f817 build(deps): update dependency difftastic to v0.68.0
  • e87afd4 build(deps): update dependency rumdl to v0.1.59
  • a73777b build(deps): update dependency pytest-cov to v7.1.0
  • Additional commits viewable in compare view

Updates pylint from 4.0.4 to 4.0.5

Commits
  • 88e1ab7 Bump pylint to 4.0.5, update changelog (#10860)
  • d96d489 [Backport maintenance/4.0.x] Relax isort version constraint to allow isort 8 ...
  • 0b08ccb Fix dynamic color mapping for "fail-on" messages when using multiple reporter...
  • 154dba4 [Backport maintenance/4.0.x] Fix FP for invalid-name with typing.Final on...
  • 7b73bfd Disable unspecified-encoding for py-version above Python 3.15 (#10800)
  • 4cc98be [Backport maintenance/4.0.x] Fix setting options for import order checker (#1...
  • f0d30a2 Sync astroid version with requirements file again
  • 38bdf02 [Backport maintenance/4.0.x] Fix logging-unsupported-format when logging ...
  • f08c33a [Backport maintenance/4.0.x] Properly detect self.fail() as a terminating...
  • See full diff in compare view

Updates black from 26.1.0 to 26.3.1

Release notes

Sourced from black's releases.

26.3.1

Stable style

  • Prevent Jupyter notebook magic masking collisions from corrupting cells by using exact-length placeholders for short magics and aborting if a placeholder can no longer be unmasked safely (#5038)

Configuration

  • Always hash cache filename components derived from --python-cell-magics so custom magic names cannot affect cache paths (#5038)

Blackd

  • Disable browser-originated requests by default, add configurable origin allowlisting and request body limits, and bound executor submissions to improve backpressure (#5039)

26.3.0

Stable style

  • Don't double-decode input, causing non-UTF-8 files to be corrupted (#4964)
  • Fix crash on standalone comment in lambda default arguments (#4993)
  • Preserve parentheses when # type: ignore comments would be merged with other comments on the same line, preventing AST equivalence failures (#4888)

Preview style

  • Fix bug where if guards in case blocks were incorrectly split when the pattern had a trailing comma (#4884)
  • Fix string_processing crashing on unassigned long string literals with trailing commas (one-item tuples) (#4929)
  • Simplify implementation of the power operator "hugging" logic (#4918)

Packaging

  • Fix shutdown errors in PyInstaller builds on macOS by disabling multiprocessing in frozen environments (#4930)

Performance

  • Introduce winloop for windows as an alternative to uvloop (#4996)
  • Remove deprecated function uvloop.install() in favor of uvloop.new_event_loop() (#4996)
  • Rename maybe_install_uvloop function to maybe_use_uvloop to simplify loop installation and creation of either a uvloop/winloop evenloop or default eventloop (#4996)

Output

... (truncated)

Changelog

Sourced from black's changelog.

Version 26.3.1

Stable style

  • Prevent Jupyter notebook magic masking collisions from corrupting cells by using exact-length placeholders for short magics and aborting if a placeholder can no longer be unmasked safely (#5038)

Configuration

  • Always hash cache filename components derived from --python-cell-magics so custom magic names cannot affect cache paths (#5038)

Blackd

  • Disable browser-originated requests by default, add configurable origin allowlisting and request body limits, and bound executor submissions to improve backpressure (#5039)

Version 26.3.0

Stable style

  • Don't double-decode input, causing non-UTF-8 files to be corrupted (#4964)
  • Fix crash on standalone comment in lambda default arguments (#4993)
  • Preserve parentheses when # type: ignore comments would be merged with other comments on the same line, preventing AST equivalence failures (#4888)

Preview style

  • Fix bug where if guards in case blocks were incorrectly split when the pattern had a trailing comma (#4884)
  • Fix string_processing crashing on unassigned long string literals with trailing commas (one-item tuples) (#4929)
  • Simplify implementation of the power operator "hugging" logic (#4918)

Packaging

  • Fix shutdown errors in PyInstaller builds on macOS by disabling multiprocessing in frozen environments (#4930)

Performance

  • Introduce winloop for windows as an alternative to uvloop (#4996)
  • Remove deprecated function uvloop.install() in favor of uvloop.new_event_loop() (#4996)
  • Rename maybe_install_uvloop function to maybe_use_uvloop to simplify loop installation and creation of either a uvloop/winloop eventloop or default eventloop (#4996)

... (truncated)

Commits

Updates pytest from 9.0.2 to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

  • #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

  • #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

    Previously this resulted in an internal assertion failure during plugin loading.

    Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

  • #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

  • #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

  • #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

  • #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
  • #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
  • #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
  • #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

  • #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

    -- by aleguy02

Commits

Updates ruff from 0.14.14 to 0.15.9

Release notes

Sourced from ruff's releases.

0.15.9

Release Notes

Released on 2026-04-02.

Preview features

  • [pyflakes] Flag annotated variable redeclarations as F811 in preview mode (#24244)
  • [ruff] Allow dunder-named assignments in non-strict mode for RUF067 (#24089)

Bug fixes

  • [flake8-errmsg] Avoid shadowing existing msg in fix for EM101 (#24363)
  • [flake8-simplify] Ignore pre-initialization references in SIM113 (#24235)
  • [pycodestyle] Fix W391 fixes for consecutive empty notebook cells (#24236)
  • [pyupgrade] Fix UP008 nested class matching (#24273)
  • [pyupgrade] Ignore strings with string-only escapes (UP012) (#16058)
  • [ruff] RUF072: skip formfeeds on dedent (#24308)
  • [ruff] Avoid re-using symbol in RUF024 fix (#24316)
  • [ruff] Parenthesize expression in RUF050 fix (#24234)
  • Disallow starred expressions as values of starred expressions (#24280)

Rule changes

  • [flake8-simplify] Suppress SIM105 for except* before Python 3.12 (#23869)
  • [pyflakes] Extend F507 to flag %-format strings with zero placeholders (#24215)
  • [pyupgrade] UP018 should detect more unnecessarily wrapped literals (UP018) (#24093)
  • [pyupgrade] Fix UP008 callable scope handling to support lambdas (#24274)
  • [ruff] RUF010: Mark fix as unsafe when it deletes a comment (#24270)

Formatter

  • Add nested-string-quote-style formatting option (#24312)

Documentation

  • [flake8-bugbear] Clarify RUF071 fix safety for non-path string comparisons (#24149)
  • [flake8-type-checking] Clarify import cycle wording for TC001/TC002/TC003 (#24322)

Other changes

  • Avoid rendering fix lines with trailing whitespace after | (#24343)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.9

Released on 2026-04-02.

Preview features

  • [pyflakes] Flag annotated variable redeclarations as F811 in preview mode (#24244)
  • [ruff] Allow dunder-named assignments in non-strict mode for RUF067 (#24089)

Bug fixes

  • [flake8-errmsg] Avoid shadowing existing msg in fix for EM101 (#24363)
  • [flake8-simplify] Ignore pre-initialization references in SIM113 (#24235)
  • [pycodestyle] Fix W391 fixes for consecutive empty notebook cells (#24236)
  • [pyupgrade] Fix UP008 nested class matching (#24273)
  • [pyupgrade] Ignore strings with string-only escapes (UP012) (#16058)
  • [ruff] RUF072: skip formfeeds on dedent (#24308)
  • [ruff] Avoid re-using symbol in RUF024 fix (#24316)
  • [ruff] Parenthesize expression in RUF050 fix (#24234)
  • Disallow starred expressions as values of starred expressions (#24280)

Rule changes

  • [flake8-simplify] Suppress SIM105 for except* before Python 3.12 (#23869)
  • [pyflakes] Extend F507 to flag %-format strings with zero placeholders (#24215)
  • [pyupgrade] UP018 should detect more unnecessarily wrapped literals (UP018) (#24093)
  • [pyupgrade] Fix UP008 callable scope handling to support lambdas (#24274)
  • [ruff] RUF010: Mark fix as unsafe when it deletes a comment (#24270)

Formatter

  • Add nested-string-quote-style formatting option (#24312)

Documentation

  • [flake8-bugbear] Clarify RUF071 fix safety for non-path string comparisons (#24149)
  • [flake8-type-checking] Clarify import cycle wording for TC001/TC002/TC003 (#24322)

Other changes

  • Avoid rendering fix lines with trailing whitespace after | (#24343)

Contributors

... (truncated)

Commits
  • 724ccc1 Bump 0.15.9 (#24369)
  • 96d9e09 [ty] Move the deferred submodule inside infer/builder (#24368)
  • 130da28 [ty] Infer the extra_items keyword argument to class-based TypedDicts as an...
  • a617c54 [ty] Validate type qualifiers in functional TypedDict fields and the `extra_i...
  • d851708 [ty] Improve robustness of various type-qualifier-related checks (#24251)
  • aecb587 Only run the release-gate on workflow dispatch (#24366)
  • b889571 [ty] Use infer_type_expression for parsing parameter annotations and return...
  • 3286a62 Add a "release-gate" step to the release workflow (#24365)
  • 5f88756 Disallow starred expressions as values of starred expressions (#24280)
  • 5c59f8a [pyupgrade] Ignore strings with string-only escapes (UP012) (#16058)
  • Additional commits viewable in compare view

Updates pytest-cov from 7.0.0 to 7.1.0

Changelog

Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)

  • Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.

  • Improve handling of ResourceWarning from sqlite3.

    The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.

    With this fix one can suppress ResourceWarning from sqlite3 from command line::

    pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

  • Various improvements to documentation. Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and "vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>. Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.

  • Fixed some assertions in tests. Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.

  • Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

Commits
  • 66c8a52 Bump version: 7.0.0 → 7.1.0
  • f707662 Make the examples use pypy 3.11.
  • 6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
  • 8ebf20b Update changelog.
  • 861d30e Remove the backup context manager - shouldn't be needed since coverage 5.0, ...
  • fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
  • 78c9c4e Only run the 3.9 on older deps.
  • 4849a92 Punctuation.
  • 197c35e Update changelog and hopefully I don't forget to publish release again :))
  • 14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
  • Additional commits viewable in compare view

Updates mypy from 1.19.1 to 1.20.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Mypy 1.20

We’ve just uploaded mypy 1.20.0 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Planned Changes to Defaults and Flags in Mypy 2.0

As a reminder, we are planning to enable --local-partial-types by default in mypy 2.0, which will likely be the next feature release. This will often require at least minor code changes. This option is implicitly enabled by mypy daemon, so this makes the behavior of daemon and non-daemon modes consistent.

Note that this release improves the compatibility of --local-partial-types significantly to make the switch easier (see below for more).

This can also be configured in a mypy configuration file (use False to disable):

local_partial_types = True

For more information, refer to the documentation.

We will also enable --strict-bytes by default in mypy 2.0. This usually requires at most minor code changes to adopt. For more information, refer to the documentation.

Finally, --allow-redefinition-new will be renamed to --allow-redefinition. If you want to continue using the older --allow-redefinition semantics which are less flexible (e.g. limited support for conditional redefinitions), you can switch to --allow-redefinition-old, which is currently supported as an alias to the legacy --allow-redefinition behavior. To use --allow-redefinition in the upcoming mypy 2.0, you can't use --no-local-partial-types. For more information, refer to the documentation.

Better Type Narrowing

Mypy's implementation of narrowing has been substantially reworked. Mypy will now narrow more aggressively, more consistently, and more correctly. In particular, you are likely to notice new narrowing behavior in equality expressions (==), containment expressions (in),

... (truncated)

Commits
  • 770d3ca Remove +dev from version
  • 4738ffa Changelog updates for 1.20 (#21109)
  • b4f07a7 Use 'native-parser' instead of 'native-parse' for optional dependency (#21115)
  • 7bec7b7 [mypyc] Document librt and librt.base64 (#21114)
  • c482596 --allow-redefinition-new is no longer experimental (#21110)
  • c916ca3 sdist: include misc/{diff-cache,apply-cache-diff}.py for `mypy/test/test_di...
  • b137e4e [mypyc] Speed up native-to-native imports within the same group (#21101)
  • 978b711 [mypyc] Fix range loop variable off-by-one after loop exit (#21098)
  • 67ada30 [stubtest] Check runtime availability of private types not marked `@type_chec...
  • bdef6ef librt cache tests: build respecting MYPY_TEST_PREFIX (#21097)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the py-version-updates group across 1 directory with 7 updates
855202f 
Bumps the py-version-updates group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [copier](https://github.com/copier-org/copier) | `9.11.3` | `9.14.1` |
| [pylint](https://github.com/pylint-dev/pylint) | `4.0.4` | `4.0.5` |
| [black](https://github.com/psf/black) | `26.1.0` | `26.3.1` |
| [pytest](https://github.com/pytest-dev/pytest) | `9.0.2` | `9.0.3` |
| [ruff](https://github.com/astral-sh/ruff) | `0.14.14` | `0.15.9` |
| [pytest-cov](https://github.com/pytest-dev/pytest-cov) | `7.0.0` | `7.1.0` |
| [mypy](https://github.com/python/mypy) | `1.19.1` | `1.20.0` |



Updates `copier` from 9.11.3 to 9.14.1
- [Release notes](https://github.com/copier-org/copier/releases)
- [Changelog](https://github.com/copier-org/copier/blob/master/CHANGELOG.md)
- [Commits](copier-org/copier@v9.11.3...v9.14.1)

Updates `pylint` from 4.0.4 to 4.0.5
- [Release notes](https://github.com/pylint-dev/pylint/releases)
- [Commits](pylint-dev/pylint@v4.0.4...v4.0.5)

Updates `black` from 26.1.0 to 26.3.1
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](psf/black@26.1.0...26.3.1)

Updates `pytest` from 9.0.2 to 9.0.3
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.0.2...9.0.3)

Updates `ruff` from 0.14.14 to 0.15.9
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.14...0.15.9)

Updates `pytest-cov` from 7.0.0 to 7.1.0
- [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst)
- [Commits](pytest-dev/pytest-cov@v7.0.0...v7.1.0)

Updates `mypy` from 1.19.1 to 1.20.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.19.1...v1.20.0)

---
updated-dependencies:
- dependency-name: copier
  dependency-version: 9.14.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: py-version-updates
- dependency-name: pylint
  dependency-version: 4.0.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: py-version-updates
- dependency-name: black
  dependency-version: 26.3.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: py-version-updates
- dependency-name: pytest
  dependency-version: 9.0.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: py-version-updates
- dependency-name: ruff
  dependency-version: 0.15.9
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: py-version-updates
- dependency-name: pytest-cov
  dependency-version: 7.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: py-version-updates
- dependency-name: mypy
  dependency-version: 1.20.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: py-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 8, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants