Skip to content

chore(deps): bump the python-deps group in /apps/api with 2 updates#46

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/apps/api/python-deps-fc863c4ac6
Open

chore(deps): bump the python-deps group in /apps/api with 2 updates#46
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/apps/api/python-deps-fc863c4ac6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 3, 2026

Copy link
Copy Markdown
Contributor

Bumps the python-deps group in /apps/api with 2 updates: ruff and pip-tools.

Updates ruff from 0.15.14 to 0.15.15

Release notes

Sourced from ruff's releases.

0.15.15

Release Notes

Released on 2026-05-28.

Preview features

  • Fix Markdown closing fence handling (#25310)
  • [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

  • [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

  • Avoid redundant TokenValue drops in the lexer (#25300)
  • Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
  • Use ThinVec in AST to shrink Stmt (#25361)

Documentation

  • Fix line-length example for --config option (#25389)
  • [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
  • [mccabe] Improve example (C901) (#25287)
  • [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
  • [refurb] Document FURB192 exception change for empty sequences (#25317)
  • [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

  • Fix formatting of lambdas nested within f-strings (#25398)

Server

  • Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

  • Expand semantic syntax errors for invalid walruses (#25415)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.15

Released on 2026-05-28.

Preview features

  • Fix Markdown closing fence handling (#25310)
  • [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

  • [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

  • Avoid redundant TokenValue drops in the lexer (#25300)
  • Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
  • Use ThinVec in AST to shrink Stmt (#25361)

Documentation

  • Fix line-length example for --config option (#25389)
  • [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
  • [mccabe] Improve example (C901) (#25287)
  • [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
  • [refurb] Document FURB192 exception change for empty sequences (#25317)
  • [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

  • Fix formatting of lambdas nested within f-strings (#25398)

Server

  • Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

  • Expand semantic syntax errors for invalid walruses (#25415)

Contributors

Commits
  • db5aa0a Bump 0.15.15 (#25431)
  • 366fe21 [ty] Improve diagnostics for syntax errors in forward annotations (#25158)
  • e2e1e64 [ty] Remove excess capacity from more Salsa cached collections (#25411)
  • 1bd77e1 [ty] Use diagnostic message as tie breaker when sorting (#25424)
  • 7e1bc1e Add agent skills for working on ty (#25422)
  • 574e107 Expand semantic syntax errors for invalid walruses (#25415)
  • 4a7ca06 [ty] Display docs for matching parameter when hovering over the name of an ar...
  • 5432709 Refine a few agents instructions (#25423)
  • 3cb09eb [ty] Support typing.TypeForm (#25334)
  • c8cd59f [ty] Infer class attributes assigned by metaclass initialization (#25342)
  • Additional commits viewable in compare view

Updates pip-tools from 7.5.1 to 7.5.3

Release notes

Sourced from pip-tools's releases.

v7.5.3

2026-02-11

Bug fixes

  • The option --unsafe-package is now normalized -- by @​shifqu.

    PRs and issues: #2150

  • Fixed a bug in which pip-compile lost any index URL options when looking up hashes -- by @​sirosen.

    This caused errors when a package was only available from an extra index, and caused pip-compile to incorrectly drop index URL options from output, even when they were present in the input requirements.

    PRs and issues: #2220, #2294, #2305

  • Fixed removal of temporary files used when reading requirements from stdin -- by @​sirosen.

Features

  • pip-tools is now tested against Python 3.14 and 3.14t in CI, and marks them as supported in the core packaging metadata -- by @​webknjaz.

    PRs and issues: #2255

  • pip-tools is now compatible with pip 26.0 -- by @​sirosen.

    PRs and issues: #2319, #2320

Removals and backward incompatible breaking changes

Improved documentation

  • The change log management infra now allows the maintainers to add notes before and after the regular categories -- by @​webknjaz.

    PRs and issues: #2287, #2322

  • Added documentation clarifying that pip-compile reads the existing output file as a constraint source, and how to use --upgrade to refresh dependencies -- by @​maliktafheem.

    PRs and issues: #2307

... (truncated)

Changelog

Sourced from pip-tools's changelog.

v7.5.3

2026-02-09

Bug fixes

  • The option --unsafe-package is now normalized -- by {user}shifqu.

    PRs and issues: {issue}2150

  • Fixed a bug in which pip-compile lost any index URL options when looking up hashes -- by {user}sirosen.

    This caused errors when a package was only available from an extra index, and caused pip-compile to incorrectly drop index URL options from output, even when they were present in the input requirements.

    PRs and issues: {issue}2220, {issue}2294, {issue}2305

  • Fixed removal of temporary files used when reading requirements from stdin -- by {user}sirosen.

Features

  • pip-tools is now tested against Python 3.14 and 3.14t in CI, and marks them as supported in the core packaging metadata -- by {user}webknjaz.

    PRs and issues: {issue}2255

  • pip-tools is now compatible with pip 26.0 -- by {user}sirosen.

    PRs and issues: {issue}2319, {issue}2320

Removals and backward incompatible breaking changes

  • Removed support for Python 3.8 -- by {user}sirosen.

Improved documentation

  • The change log management infra now allows the maintainers to add notes before and after the regular categories -- by {user}webknjaz.

    PRs and issues: {issue}2287, {issue}2322

  • Added documentation clarifying that pip-compile reads the existing output file as a constraint source, and how to use --upgrade to refresh dependencies -- by {user}maliktafheem.

    PRs and issues: {issue}2307

... (truncated)

Commits
  • 5f31d8a Merge pull request #2332 from sirosen/fix-release-version-normalization
  • 106f1d6 Fix CI workflow to normalize versions (for release)
  • 3a0f5ed Merge pull request #2329 from sirosen/release/v7.5.3
  • e4bd31d Merge pull request #2328 from jazzband/pre-commit-ci-update-config
  • 08107ab Update changelog for version 7.5.3
  • 5b4d130 Merge pull request #2325 from sirosen/ensure-tmpfile-cleanup
  • cc6a2b9 Apply feedback/suggestions from review
  • fc53265 [pre-commit.ci] pre-commit autoupdate
  • 6c27507 Add 'tempfile_compat' to handle windows tmp files
  • 9ac94db Fix leak of temp files when reading from stdin
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the python-deps group in /apps/api with 2 updates
47a7a2a 
Bumps the python-deps group in /apps/api with 2 updates: [ruff](https://github.com/astral-sh/ruff) and [pip-tools](https://github.com/jazzband/pip-tools).


Updates `ruff` from 0.15.14 to 0.15.15
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.14...0.15.15)

Updates `pip-tools` from 7.5.1 to 7.5.3
- [Release notes](https://github.com/jazzband/pip-tools/releases)
- [Changelog](https://github.com/jazzband/pip-tools/blob/main/CHANGELOG.md)
- [Commits](jazzband/pip-tools@v7.5.1...v7.5.3)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.15.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-deps
- dependency-name: pip-tools
  dependency-version: 7.5.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot requested a review from hubertlim as a code owner June 3, 2026 13:58
@dependabot @github

dependabot Bot commented on behalf of github Jun 3, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: dependencies, python. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hubertlim hubertlim Awaiting requested review from hubertlim hubertlim is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants