Bump the python-dependencies group with 5 updates

[dependabot]

Bumps the python-dependencies group with 5 updates:

Package	From	To
prek	0.3.3	0.3.8
ruff	0.15.2	0.15.7
ty	0.0.18	0.0.25
sphinx-autoapi	3.7.0	3.8.0
coverage	7.13.4	7.13.5

Updates prek from 0.3.3 to 0.3.8

Release notes

Sourced from prek's releases.

0.3.8

Release Notes

Released on 2026-03-23.

Enhancements

• Add experimental language: deno support (#1516)
• Add pretty-format-json as builtin hook (#915)
• Add check-vcs-permalinks as builtin hook (#1842)
• Add check-illegal-windows-names as builtin hook (#1841)
• Add check-shebang-scripts-are-executable builtin hook (#1847)
• Add destroyed-symlinks builtin hook (#1851)
• Add file-contents-sorter as builtin hook (#1846)
• Add --all flag to prek uninstall (#1817)
• Improve file pattern parse errors (#1829)
• Validate uv binary after download (#1825)

Bug fixes

• Fix workspace-relative added file paths (#1852)
• Relax alias-anchor ratio check for check-yaml (#1839)

Contributors

• @​j178
• @​shaanmajid
• @​mvanhorn
• @​feliblo
• @​Tiryoh

Install prek 0.3.8

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/j178/prek/releases/download/v0.3.8/prek-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/j178/prek/releases/download/v0.3.8/prek-installer.ps1 | iex"

Install prebuilt binaries via Homebrew

brew install prek

... (truncated)

Changelog

Sourced from prek's changelog.

0.3.8

Released on 2026-03-23.

Enhancements

• Add experimental language: deno support (#1516)
• Add pretty-format-json as builtin hook (#915)
• Add check-vcs-permalinks as builtin hook (#1842)
• Add check-illegal-windows-names as builtin hook (#1841)
• Add check-shebang-scripts-are-executable builtin hook (#1847)
• Add destroyed-symlinks builtin hook (#1851)
• Add file-contents-sorter as builtin hook (#1846)
• Add --all flag to prek uninstall (#1817)
• Improve file pattern parse errors (#1829)
• Validate uv binary after download (#1825)

Bug fixes

• Fix workspace-relative added file paths (#1852)
• Relax alias-anchor ratio check for check-yaml (#1839)

Contributors

• @​j178
• @​shaanmajid
• @​mvanhorn
• @​feliblo
• @​Tiryoh

0.3.7

Due to a release process failure, this version was republished as 0.3.8.

0.3.6

Released on 2026-03-16.

Enhancements

• Allow selectors for hook ids containing colons (#1782)
• Rename prek install-hooks to prek prepare-hooks and prek install --install-hooks to prek install --prepare-hooks (#1766)
• Retry auth-failed repo clones with terminal prompts enabled (#1761)

Performance

• Optimize detect_private_key by chunked reading and using aho-corasick (#1791)
• Optimize fix_byte_order_marker by shifting file contents in place (#1790)

Bug fixes

... (truncated)

Commits

• bb412c0 Bump version to 0.3.8 (#1858)
• 21de0b9 Fix permission for publish-npm
• 00e7be7 Clarify why check-illegal-windows-names stays builtin-only (#1857)
• 1dbec0c Bump version to 0.3.7 (#1856)
• ba62c04 Add pretty_format_json as builtin hook (#915)
• dbca904 Fix workspace-relative added file paths (#1852)
• 24f2d62 Add destroyed-symlinks builtin hook (#1851)
• fc529df Add check-shebang-scripts-are-executable builtin hook (#1847)
• addddb8 Add file-contents-sorter as builtin hook (#1846)
• cb3f71c Add check-vcs-permalinks as builtin hook (#1842)
• Additional commits viewable in compare view

Updates ruff from 0.15.2 to 0.15.7

Release notes

Sourced from ruff's releases.

0.15.7

Release Notes

Released on 2026-03-19.

Preview features

• Display output severity in preview (#23845)
• Don't show noqa hover for non-Python documents (#24040)

Rule changes

• [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)

Server

• Don't return code actions for non-Python documents (#23905)

Documentation

• Add company AI policy to contributing guide (#24021)
• Document editor features for Markdown code formatting (#23924)
• [pylint] Improve phrasing (PLC0208) (#24033)

Other changes

• Use PEP 639 license information (#19661)

Contributors

• @​tmimmanuel
• @​DimitriPapadopoulos
• @​amyreese
• @​statxc
• @​dylwil3
• @​hunterhogan
• @​renovate

Install ruff 0.15.7

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.7/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ruff/releases/download/0.15.7/ruff-installer.ps1 | iex"
</tr></table> 

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.7

Released on 2026-03-19.

Preview features

• Display output severity in preview (#23845)
• Don't show noqa hover for non-Python documents (#24040)

Rule changes

• [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)

Server

• Don't return code actions for non-Python documents (#23905)

Documentation

• Add company AI policy to contributing guide (#24021)
• Document editor features for Markdown code formatting (#23924)
• [pylint] Improve phrasing (PLC0208) (#24033)

Other changes

• Use PEP 639 license information (#19661)

Contributors

• @​tmimmanuel
• @​DimitriPapadopoulos
• @​amyreese
• @​statxc
• @​dylwil3
• @​hunterhogan
• @​renovate

0.15.6

Released on 2026-03-12.

Preview features

• Add support for lazy import parsing (#23755)
• Add support for star-unpacking of comprehensions (PEP 798) (#23788)
• Reject semantic syntax errors for lazy imports (#23757)
• Drop a few rules from the preview default set (#23879)
• [airflow] Flag Variable.get() calls outside of task execution context (AIR003) (#23584)
• [airflow] Flag runtime-varying values in DAG/task constructor arguments (AIR304) (#23631)
• [flake8-bugbear] Implement delattr-with-constant (B043) (#23737)

... (truncated)

Commits

• 0ef39de Bump 0.15.7 (#24049)
• beb543b [ty] ecosystem-analyzer: Fail on newly panicking projects (#24043)
• 378fe73 Don't show noqa hover for non-Python documents (#24040)
• b5665bd [pylint] Improve phrasing (PLC0208) (#24033)
• 6e20f22 test: migrate show_settings and version tests to use CliTest (#23702)
• f99b284 Drain file watcher events during test setup (#24030)
• 744c996 [ty] Filter out unsatisfiable inference attempts during generic call narrowin...
• 1616095 [ty] Avoid inferring intersection types for call arguments (#23933)
• 7f275f4 [ty] Pin mypy_primer in setup_primer_project.py (#24020)
• 7255e36 [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)
• Additional commits viewable in compare view

Updates ty from 0.0.18 to 0.0.25

Release notes

Sourced from ty's releases.

0.0.25

Release Notes

Released on 2026-03-24.

Breaking changes

• Support type:ignore[ty:code] suppressions (#24096)

Bug fixes

• Avoid eager TypedDict diagnostics in TypedDict | dict unions (#24151)
• Fix Salsa panic propagation (#24141)
• Fix folding ranges of comments separated by statements (#24132)
• Fix loop-header reachability cycles in conditional unpacking (#24006)
• Fix subtyping of intersections containing NewTypes of unions vs. unions (#24087)
• Fix untracked reads in Salsa queries that can lead to backdating panics (#24051)
• Prevent tainted loop bindings in cycle normalization (#24143)
• Simplify an intersection of N & ~T to Never if B & ~T would simplify to Never, where B is the concrete base type of a NewType N (#24086)

LSP

• Preserve blank lines between comments and imports in add-import action (#24066)

Type checking

• Add diagnostic hint for invalid assignments involving invariant generics (#24032)
• Add precisely-typed overloads for TypedDict update (#24101)
• Disallow read-only fields in TypedDict updates (#24128)
• Expand bounded typevars to their upper bounds when evaluating truthiness comparisons between intersections and literal types (#24082)
• Emit reveal_type diagnostics in unreachable code (#24070)
• Improve isinstance() reachability analysis (#24077)
• Improve keyword argument narrowing for nested dictionaries (#24010)
• Infer yield expression types (#23796)
• Reduce diagnostic range for invalid-metaclass (#24145)
• Support narrowing for extended walrus targets (#24129)
• Unions/intersections of gradual types should be assignable to Never (#24056)

Contributors

• @​MichaReiser
• @​AlexWaygood
• @​Glyphack
• @​sharkdp
• @​ibraheemdev
• @​charliermarsh
• @​mvanhorn
• @​carljm

Install ty 0.0.25

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.25

Released on 2026-03-24.

Breaking changes

• Support type:ignore[ty:code] suppressions (#24096)

Bug fixes

• Avoid eager TypedDict diagnostics in TypedDict | dict unions (#24151)
• Fix Salsa panic propagation (#24141)
• Fix folding ranges of comments separated by statements (#24132)
• Fix loop-header reachability cycles in conditional unpacking (#24006)
• Fix subtyping of intersections containing NewTypes of unions vs. unions (#24087)
• Fix untracked reads in Salsa queries that can lead to backdating panics (#24051)
• Prevent tainted loop bindings in cycle normalization (#24143)
• Simplify an intersection of N & ~T to Never if B & ~T would simplify to Never, where B is the concrete base type of a NewType N (#24086)

LSP

• Preserve blank lines between comments and imports in add-import action (#24066)

Type checking

• Add diagnostic hint for invalid assignments involving invariant generics (#24032)
• Add precisely-typed overloads for TypedDict update (#24101)
• Disallow read-only fields in TypedDict updates (#24128)
• Expand bounded typevars to their upper bounds when evaluating truthiness comparisons between intersections and literal types (#24082)
• Emit reveal_type diagnostics in unreachable code (#24070)
• Improve isinstance() reachability analysis (#24077)
• Improve keyword argument narrowing for nested dictionaries (#24010)
• Infer yield expression types (#23796)
• Reduce diagnostic range for invalid-metaclass (#24145)
• Support narrowing for extended walrus targets (#24129)
• Unions/intersections of gradual types should be assignable to Never (#24056)

Contributors

• @​MichaReiser
• @​AlexWaygood
• @​Glyphack
• @​sharkdp
• @​ibraheemdev
• @​charliermarsh
• @​mvanhorn
• @​carljm

0.0.24

... (truncated)

Commits

• d60899a Bump version to 0.0.25 (#3125)
• db65b3e Update documentation to reflect type:ignore changes (#3121)
• 9e46432 Use ty in Emacs with Eglot (#3107)
• 1f30d7c Update artifact github actions dependencies (#3113)
• 255ef63 Revert "Update Artifact GitHub Actions dependencies" (#3112)
• 5fe54ca Update Artifact GitHub Actions dependencies (#3108)
• a0cf1e7 Update Swatinem/rust-cache action to v2.9.1 (#3110)
• fd2acb4 Update prek dependencies (#3109)
• 8762330 Bump version to 0.0.24 (#3084)
• a6f24e1 Update prek dependencies (#3045)
• Additional commits viewable in compare view

Updates sphinx-autoapi from 3.7.0 to 3.8.0

Release notes

Sourced from sphinx-autoapi's releases.

v3.8.0

Features

• Autodoc-style directives can access members excluded by autoapi_options

Misc

• #553

Changelog

Sourced from sphinx-autoapi's changelog.

v3.8.0 (2026-03-07)

Features ^^^^^^^^

• Autodoc-style directives can access members excluded by autoapi_options

Misc ^^^^

• #553

Commits

• 75cbffd Version 3.8.0
• 7838cf6 Bump the github-actions group with 2 updates
• f1cdd30 Attempt to fix macos-latest build
• 34bb24c Autodoc-style directives can access members excluded by autoapi_options
• ccb2e89 astroid requirement is consistent across all versions of Python
• See full diff in compare view

Updates coverage from 7.13.4 to 7.13.5

Changelog

Sourced from coverage's changelog.

Version 7.13.5 — 2026-03-17

• Fix: issue 2138_ describes a memory leak that happened when repeatedly using the Coverage API with in-memory data. This is now fixed.

• Fix: the markdown-formatted coverage report didn't fully escape special characters in file paths (issue 2141). This would be very unlikely to cause a problem, but now it's done properly, thanks to Ellie Ayla <pull 2142_>.

• Fix: the C extension wouldn't build on VS2019, but now it does (issue 2145_).

.. _issue 2138: coveragepy/coveragepy#2138 .. _issue 2141: coveragepy/coveragepy#2141 .. _pull 2142: coveragepy/coveragepy#2142 .. _issue 2145: coveragepy/coveragepy#2145

.. _changes_7-13-4:

Commits

• c88da14 docs: sample HTML for 7.13.5
• e2ac3e1 build: sample HTML shouldn't include the status.json file
• 910f8f3 docs: prep for 7.13.5
• 3a4819c style: make workflows more uniform
• 2a53705 chore: bump the action-dependencies group across 1 directory with 4 updates (...
• e7c878d chore: make upgrade
• ab4db40 build: use --generate-hashes when pinning
• a438753 chore: make upgrade
• 7b33457 refactor: some leftover pyupgrade 3.10 bits
• 2ff968d refactor: this type wasn't used anywhere
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[Codecov Comments Bot (codecov-commenter)]

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ All tests successful. No failed tests found.
❗ Your organization needs to install the Codecov GitHub app to enable full functionality.