Skip to content
This repository was archived by the owner on Sep 25, 2025. It is now read-only.

Bump the pip-deps group across 1 directory with 4 updates#622

Open
dependabot[bot] wants to merge 1 commit intotestfrom
dependabot/pip/pip-deps-f5388f940c
Open

Bump the pip-deps group across 1 directory with 4 updates#622
dependabot[bot] wants to merge 1 commit intotestfrom
dependabot/pip/pip-deps-f5388f940c

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 15, 2025
edited
Loading

Bumps the pip-deps group with 4 updates in the / directory: boto3, requests-pkcs12, ruff and mypy.

Updates boto3 from 1.40.21 to 1.40.30

Commits
  • b01d02d Merge branch 'release-1.40.30'
  • 065a46d Bumping version to 1.40.30
  • f78c83b Add changelog entries from botocore
  • 97fd5d9 Merge pull request #4613 from adev-code/documentation-only
  • 2a0d0ad Merge branch 'release-1.40.29'
  • 12750f6 Merge branch 'release-1.40.29' into develop
  • 62ea501 Bumping version to 1.40.29
  • 32f7dea Add changelog entries from botocore
  • c1d11ea Fix ExtraArgs documentation in S3 copy methods to reference ALLOWED_COPY_ARGS
  • 14fc68d Fix ExtraArgs documentation in S3 copy methods to reference ALLOWED_COPY_ARGS
  • Additional commits viewable in compare view

Updates requests-pkcs12 from 1.26 to 1.27

Commits
  • a0138bf Release 1.27
  • 526cd7e Modernize package creation from "setup.py" to "build"
  • 536124d Switch to PKCS8 for PEM serialization to support FIPS-enabled systems. (#61)
  • 3796490 Set version to 1.27.dev0
  • See full diff in compare view

Updates ruff from 0.12.11 to 0.13.0

Release notes

Sourced from ruff's releases.

0.13.0

Release Notes

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

  • Several rules can now add from __future__ import annotations automatically

    TC001, TC002, TC003, RUF013, and UP037 now add from __future__ import annotations as part of their fixes when the lint.future-annotations setting is enabled. This allows the rules to move more imports into TYPE_CHECKING blocks (TC001, TC002, and TC003), use PEP 604 union syntax on Python versions before 3.10 (RUF013), and unquote more annotations (UP037).

  • Full module paths are now used to verify first-party modules

    Ruff now checks that the full path to a module exists on disk before categorizing it as a first-party import. This change makes first-party import detection more accurate, helping to avoid false positives on local directories with the same name as a third-party dependency, for example. See the FAQ section on import categorization for more details.

  • Deprecated rules must now be selected by exact rule code

    Ruff will no longer activate deprecated rules selected by their group name or prefix. As noted below, the two remaining deprecated rules were also removed in this release, so this won't affect any current rules, but it will still affect any deprecations in the future.

  • The deprecated macOS configuration directory fallback has been removed

    Ruff will no longer look for a user-level configuration file at ~/Library/Application Support/ruff/ruff.toml on macOS. This feature was deprecated in v0.5 in favor of using the XDG specification (usually resolving to ~/.config/ruff/ruff.toml), like on Linux. The fallback and accompanying deprecation warning have now been removed.

Removed Rules

The following rules have been removed:

Stabilization

The following rules have been stabilized and are no longer in preview:

The following behaviors have been stabilized:

... (truncated)

Changelog

Sourced from ruff's changelog.

0.13.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

  • Several rules can now add from __future__ import annotations automatically

    TC001, TC002, TC003, RUF013, and UP037 now add from __future__ import annotations as part of their fixes when the lint.future-annotations setting is enabled. This allows the rules to move more imports into TYPE_CHECKING blocks (TC001, TC002, and TC003), use PEP 604 union syntax on Python versions before 3.10 (RUF013), and unquote more annotations (UP037).

  • Full module paths are now used to verify first-party modules

    Ruff now checks that the full path to a module exists on disk before categorizing it as a first-party import. This change makes first-party import detection more accurate, helping to avoid false positives on local directories with the same name as a third-party dependency, for example. See the FAQ section on import categorization for more details.

  • Deprecated rules must now be selected by exact rule code

    Ruff will no longer activate deprecated rules selected by their group name or prefix. As noted below, the two remaining deprecated rules were also removed in this release, so this won't affect any current rules, but it will still affect any deprecations in the future.

  • The deprecated macOS configuration directory fallback has been removed

    Ruff will no longer look for a user-level configuration file at ~/Library/Application Support/ruff/ruff.toml on macOS. This feature was deprecated in v0.5 in favor of using the XDG specification (usually resolving to ~/.config/ruff/ruff.toml), like on Linux. The fallback and accompanying deprecation warning have now been removed.

Removed Rules

The following rules have been removed:

Stabilization

The following rules have been stabilized and are no longer in preview:

... (truncated)

Commits
  • a1fdd66 Bump 0.13.0 (#20336)
  • 8770b95 [ty] introduce DivergentType (#20312)
  • 65982a1 [ty] Use 'unknown' specialization for upper bound on Self (#20325)
  • 57d1f71 [ty] Simplify unions of enum literals and subtypes thereof (#20324)
  • 7a75702 Ignore deprecated rules unless selected by exact code (#20167)
  • 9ca632c Stabilize adding future import via config option (#20277)
  • 64fe7d3 [flake8-errmsg] Stabilize extending raw-string-in-exception (EM101) to ...
  • beeeb8d Stabilize the remaining Airflow rules (#20250)
  • b6fca52 [flake8-bugbear] Stabilize support for non-context-manager calls in `assert...
  • ac7f882 [flake8-commas] Stabilize support for trailing comma checks in type paramet...
  • Additional commits viewable in compare view

Updates mypy from 1.17.1 to 1.18.1

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Mypy 1.18

We’ve just uploaded mypy 1.18 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Mypy Performance Improvements

Mypy 1.18 includes numerous performance improvements, resulting in about 40% speedup compared to 1.17 when type checking mypy itself. In extreme cases, the improvement can be 10x or higher. The list below is an overview of the various mypy optimizations. Many mypyc improvements (discussed in a separate section below) also improve performance.

Type caching optimizations have a small risk of causing regressions. When reporting issues with unexpected inferred types, please also check if --disable-expression-cache will work around the issue, as it turns off some of these optimizations.

  • Improve self check performance by 1.8% (Jukka Lehtosalo, PR 19768, 19769, 19770)
  • Optimize fixed-format deserialization (Ivan Levkivskyi, PR 19765)
  • Use macros to optimize fixed-format deserialization (Ivan Levkivskyi, PR 19757)
  • Two additional micro‑optimizations (Ivan Levkivskyi, PR 19627)
  • Another set of micro‑optimizations (Ivan Levkivskyi, PR 19633)
  • Cache common types (Ivan Levkivskyi, PR 19621)
  • Skip more method bodies in third‑party libraries for speed (Ivan Levkivskyi, PR 19586)
  • Simplify the representation of callable types (Ivan Levkivskyi, PR 19580)
  • Add cache for types of some expressions (Ivan Levkivskyi, PR 19505)
  • Use cache for dictionary expressions (Ivan Levkivskyi, PR 19536)
  • Use cache for binary operations (Ivan Levkivskyi, PR 19523)
  • Cache types of type objects (Ivan Levkivskyi, PR 19514)
  • Avoid duplicate work when checking boolean operations (Ivan Levkivskyi, PR 19515)
  • Optimize generic inference passes (Ivan Levkivskyi, PR 19501)
  • Speed up the default plugin (Jukka Lehtosalo, PRs 19385 and 19462)
  • Remove nested imports from the default plugin (Ivan Levkivskyi, PR 19388)
  • Micro‑optimize type expansion (Jukka Lehtosalo, PR 19461)
  • Micro‑optimize type indirection (Jukka Lehtosalo, PR 19460)
  • Micro‑optimize the plugin framework (Jukka Lehtosalo, PR 19464)
  • Avoid temporary set creation in subtype checking (Jukka Lehtosalo, PR 19463)
  • Subtype checking micro‑optimization (Jukka Lehtosalo, PR 19384)
  • Return early where possible in subtype check (Stanislav Terliakov, PR 19400)
  • Deduplicate some types before joining (Stanislav Terliakov, PR 19409)
  • Speed up type checking by caching argument inference context (Jukka Lehtosalo, PR 19323)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the pip-deps group across 1 directory with 4 updates
13890ac 
Bumps the pip-deps group with 4 updates in the / directory: [boto3](https://github.com/boto/boto3), [requests-pkcs12](https://github.com/m-click/requests_pkcs12), [ruff](https://github.com/astral-sh/ruff) and [mypy](https://github.com/python/mypy).


Updates `boto3` from 1.40.21 to 1.40.30
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.40.21...1.40.30)

Updates `requests-pkcs12` from 1.26 to 1.27
- [Commits](m-click/requests_pkcs12@1.26...1.27)

Updates `ruff` from 0.12.11 to 0.13.0
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.12.11...0.13.0)

Updates `mypy` from 1.17.1 to 1.18.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.17.1...v1.18.1)

---
updated-dependencies:
- dependency-name: boto3
  dependency-version: 1.40.30
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-deps
- dependency-name: requests-pkcs12
  dependency-version: '1.27'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
- dependency-name: ruff
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
- dependency-name: mypy
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version minor Bump the minor version number of this project labels Sep 15, 2025
@dependabot dependabot bot requested a review from a team as a code owner September 15, 2025 14:12
@dependabot dependabot bot added minor Bump the minor version number of this project bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version labels Sep 15, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version minor Bump the minor version number of this project

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants