Skip to content

chore(deps): bump the dev-dependencies group across 1 directory with 4 updates#62

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/dev-dependencies-5461e6d349
Open

chore(deps): bump the dev-dependencies group across 1 directory with 4 updates#62
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/dev-dependencies-5461e6d349

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps the dev-dependencies group with 4 updates in the / directory: pytest, mypy, ruff and build.

Updates pytest from 9.0.3 to 9.1.1

Release notes

Sourced from pytest's releases.

9.1.1

pytest 9.1.1 (2026-06-19)

Bug fixes

  • #14220: Fixed a logic bug in pytest.RaisesGroup which would might cause it to display incorrect "It matches FooError() which was paired with BarError" messages.
  • #14591: Fixed a regression in pytest 9.1.0 which caused overriding a parametrized fixture with an indirect @​pytest.mark.parametrize to fail with "duplicate parametrization of '<fixture name>'".
  • #14606: Fixed list-item typing errors from mypy in @pytest.mark.parametrize <pytest.mark.parametrize ref> argvalues parameter.
  • #14608: Fixed a regression in pytest 9.1.0 where conftest.py files located in <invocation dir>/test* were no longer loaded as initial conftests when invoked without arguments. This could cause certain hooks (like pytest_addoption) in these files to not fire.

9.1.0

pytest 9.1.0 (2026-06-13)

Removals and backward incompatible breaking changes

  • #14533: When using --doctest-modules, autouse fixtures with module, package or session scope that are defined inline in Python test modules (not plugins or conftests) will now possibly execute twice.

    If this is undesirable, move the fixture definition to a conftest.py file if possible.

    Technical explanation for those interested: When using --doctest-modules, pytest possibly collects Python modules twice, once as pytest.Module and once as a DoctestModule (depending on the configuration). Due to improvements in pytest's fixture implementation, if e.g. the DoctestModule collects a fixture, it is now visible to it only, and not to the Module. This means that both need to register the fixtures independently.

Deprecations (removal in next major release)

  • #10819: Added a deprecation warning for class-scoped fixtures defined as instance methods (without @classmethod). Such fixtures set attributes on a different instance than the test methods use, leading to unexpected behavior. Use @classmethod decorator instead -- by yastcher.

    See 10819 and 14011.

  • #12882: Calling request.getfixturevalue() <pytest.FixtureRequest.getfixturevalue> during teardown to request a fixture that was not already requested is now deprecated and will become an error in pytest 10.

    See dynamic-fixture-request-during-teardown for details.

  • #13409: Using non-~collections.abc.Collection iterables (such as generators, iterators, or custom iterable objects) for the argvalues parameter in @pytest.mark.parametrize <pytest.mark.parametrize ref> and metafunc.parametrize <pytest.Metafunc.parametrize> is now deprecated.

    These iterables get exhausted after the first iteration, leading to tests getting unexpectedly skipped in cases such as running pytest.main() multiple times, using class-level parametrize decorators, or collecting tests multiple times.

    See parametrize-iterators for details and suggestions.

  • #13946: The private config.inicfg attribute is now deprecated. Use config.getini() <pytest.Config.getini> to access configuration values instead.

    See config-inicfg for more details.

  • #14004: Passing baseid to ~pytest.FixtureDef or nodeid strings to fixture registration APIs is now deprecated. These are internal pytest APIs that are used by some plugins.

... (truncated)

Commits
  • cf470ec Prepare release version 9.1.1
  • e0c8ce6 Merge pull request #14625 from pytest-dev/patchback/backports/9.1.x/a07c31a97...
  • 1b82d16 Merge pull request #14624 from pytest-dev/patchback/backports/9.1.x/b375b79ec...
  • 501c4bc Merge pull request #14596 from bluetech/doc-classmethod
  • b61f588 Merge pull request #14622 from chrisburr/fix-14608-initial-conftest-test-subdir
  • 9a567e0 [automated] Update plugin list (#14617) (#14618)
  • ef8b299 Merge pull request #14620 from pytest-dev/patchback/backports/9.1.x/680f9f3ed...
  • 66abd07 Merge pull request #14220 from bysiber/fix-stale-iexp-raisesgroup
  • 79fbf93 Merge pull request #14612 from pytest-dev/patchback/backports/9.1.x/974ed48b6...
  • 0d312eb Merge pull request #14611 from bluetech/parametrize-argvalues-typing
  • Additional commits viewable in compare view

Updates mypy from 2.0.0 to 2.3.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Mypy 2.3

We've just uploaded mypy 2.3.0 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

The Upcoming Switch to the New Native Parser

We are planning to enable the new native parser (--native-parser) by default soon. We recommend that you test the native parser in your projects and report any issues in the mypy issue tracker.

Mypyc Free-threading Memory Safety

Free-threaded Python builds that don't have the GIL require additional synchronization primitives or lock-free algorithms to ensure memory safety when there are race conditions (for example, when a thread reads a list item while another thread writes the same list item concurrently). This release greatly improves memory safety of free threading.

List operations are now memory-safe on free threaded Python builds, even in the presence of race conditions. This has some performance cost. For list-heavy workloads, using librt.vecs.vec instead of list is often significantly faster, but note that vec is not (and likely won't be) fully memory safe, and the user is expected to avoid race conditions. The newly introduced librt.threading.Lock helps with this. Using variable-length tuples can also be more efficient than lists, since tuples are immutable and don't require expensive synchronization to ensure memory safety.

Instance attribute access is also (mostly) memory safe now on free-threaded builds in the presence of race conditions. We are planning to fix the remaining unsafe cases in a future release.

Full list of changes:

  • Make attribute access memory safe on free-threaded builds (Jukka Lehtosalo, PR 21705)
  • Fix unsafe borrowing of instance attributes with free-threading (Jukka Lehtosalo, PR 21688)
  • Make list get/set item more memory safe on free-threaded builds (Jukka Lehtosalo, PR 21683)
  • Don't borrow list items on free-threaded builds (Jukka Lehtosalo, PR 21679)
  • Make multiple assignment from list memory-safe on free-threaded builds (Jukka Lehtosalo, PR 21684)
  • Make for loop over list memory-safe on free-threaded builds (Jukka Lehtosalo, PR 21686)
  • Fix memory safety of list.count on free-threaded builds (Jukka Lehtosalo, PR 21680)
  • Make vec creation from list memory safe on free-threaded builds (Jukka Lehtosalo, PR 21681)

... (truncated)

Commits
  • 8aabf84 Drop +dev from version
  • 4d8ad2a Update changelog for 2.3 release (#21728)
  • 2c21546 [mypyc] Update documentation of race conditions under free threading (#21726)
  • a9f62a3 [mypyc] Make attribute access memory safe on free-threaded builds (#21705)
  • 0faa413 Use PYODIDE environment variable for Emscripten cross-compilation detection...
  • 3d75cdb [mypyc] Borrow final attributes more aggressively (#21702)
  • 24c237d [mypyc] Improve documentation of Final (#21713)
  • b5be217 [mypyc] Update free threading Python compatibility docs (#21711)
  • cbcb51a Narrow for frozendict membership check (#21709)
  • af2bc0f Sync typeshed (#21707)
  • Additional commits viewable in compare view

Updates ruff from 0.15.12 to 0.15.21

Release notes

Sourced from ruff's releases.

0.15.21

Release Notes

Released on 2026-07-09.

Preview features

  • Add --add-ignore for adding ruff:ignore comments (#26346)
  • [flake8-comprehensions] Drop C409 tuple comprehension preview behavior (#25707)
  • Avoid whitespace normalization when formatting comments (#26455)
  • [pyupgrade] Lint and fix use of deprecated abc decorators (UP051) (#26417)

Bug fixes

  • Refine non-empty f-string detection (#26526)
  • Detect syntax errors in individual notebook cells (#26419)
  • [flake8-implicit-str-concat] Fix ISC003 autofix incorrectly stripping + from comments (#26554)

Rule changes

  • [flake8-executable] Mark EXE004 fix as unsafe (#26033)
  • [flake8-pyi] Mark PYI061 fixes as unsafe in Python files (#26533)
  • [pydocstyle] Skip overload-with-docstring in stub files (D418) (#26318)

Performance

  • Avoid per-token source index visitor calls (#26506)
  • Cache parenthesized expression boundaries in the formatter (#26344)
  • Improve performance of rendering edits in preview mode (#26565)
  • Inline fits_element in formatter (#26429)
  • Inline formatter printing hot paths (#26504)
  • Lazily create builtin bindings (#26510)
  • Skip empty trivia scans in the source indexer (#26507)
  • Use ICF for macOS release builds (#25780)

Formatter

  • Add --extend-exclude to ruff format (#26372)

Documentation

  • Add "How does Ruff's import sorting compare to isort?" link to README (#26530)
  • Fix Mozilla Firefox repository link in README (#26537)
  • [flake8-bandit] Fix misleading docstring for mako-templates (S702) (#26432)
  • [ruff] Fix non-triggering example for if-key-in-dict-del (RUF051) (#26433)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.21

Released on 2026-07-09.

Preview features

  • Add --add-ignore for adding ruff:ignore comments (#26346)
  • [flake8-comprehensions] Drop C409 tuple comprehension preview behavior (#25707)
  • Avoid whitespace normalization when formatting comments (#26455)
  • [pyupgrade] Lint and fix use of deprecated abc decorators (UP051) (#26417)

Bug fixes

  • Refine non-empty f-string detection (#26526)
  • Detect syntax errors in individual notebook cells (#26419)
  • [flake8-implicit-str-concat] Fix ISC003 autofix incorrectly stripping + from comments (#26554)

Rule changes

  • [flake8-executable] Mark EXE004 fix as unsafe (#26033)
  • [flake8-pyi] Mark PYI061 fixes as unsafe in Python files (#26533)
  • [pydocstyle] Skip overload-with-docstring in stub files (D418) (#26318)

Performance

  • Avoid per-token source index visitor calls (#26506)
  • Cache parenthesized expression boundaries in the formatter (#26344)
  • Improve performance of rendering edits in preview mode (#26565)
  • Inline fits_element in formatter (#26429)
  • Inline formatter printing hot paths (#26504)
  • Lazily create builtin bindings (#26510)
  • Skip empty trivia scans in the source indexer (#26507)
  • Use ICF for macOS release builds (#25780)

Formatter

  • Add --extend-exclude to ruff format (#26372)

Documentation

  • Add "How does Ruff's import sorting compare to isort?" link to README (#26530)
  • Fix Mozilla Firefox repository link in README (#26537)
  • [flake8-bandit] Fix misleading docstring for mako-templates (S702) (#26432)
  • [ruff] Fix non-triggering example for if-key-in-dict-del (RUF051) (#26433)

Contributors

... (truncated)

Commits

Updates build from 1.5.0 to 1.5.1

Release notes

Sourced from build's releases.

1.5.1

What's Changed

... (truncated)

Changelog

Sourced from build's changelog.

#################### 1.5.1 (2026-07-09) ####################


Features


  • Add --report=PATH to write a machine-readable JSON report of built artifacts; --metadata now also accepts .whl files - by :user:gaborbernat (:issue:198)
  • The srcdir argument now accepts .tar.gz source distributions, extracting and building from them - by :user:gaborbernat (:issue:311)
  • The "Unmet dependencies" error from --no-isolation builds now shows the wanted version, found version, and interpreter - by :user:gaborbernat (:issue:504)
  • Add --sdist-extract-dir to extract the intermediate sdist into a persistent directory, enabling compiler cache reuse across rebuilds - by :user:gaborbernat (:issue:614)
  • Add --env-dir to place the isolated build environment at a fixed path, enabling compiler cache reuse across builds - by :user:gaborbernat (:issue:655)
  • Print a summary of resolved dependency versions (name==version) after installing them in isolated builds - by :user:gaborbernat (:issue:959)
  • On build failure, print a tip pointing to --env-dir and --sdist-extract-dir for debugging and link to the "Debug a failed build" how-to - reported by :user:dimpase, implemented by :user:gaborbernat (:issue:966)

Bugfixes


  • Drain verbose subprocess output inline instead of using a ThreadPoolExecutor, which silently swallowed logging errors - by :user:henryiii (:issue:1098)
  • Reject a file passed as --env-dir with a clear error instead of a raw FileExistsError - by :user:henryiii (:issue:1100)
  • Emit CLI warnings to stderr instead of stdout, so they no longer corrupt --metadata JSON output on stdout - by :user:ymyzk (:issue:1111)
  • Fix the Windows symlink support probe always returning False due to a stale object interpolated into the destination path - by :user:henryiii (:issue:1118)
  • Fix metadata_path's build-backend fallback returning a nonexistent dist-info path for wheels with a build tag - by :user:henryiii (:issue:1119)
  • Write pip/uv requirements and constraints files with \n instead of os.linesep, avoiding doubled \r\r\n line endings on Windows - by :user:henryiii (:issue:1120)
  • Batch of small robustness fixes: correct macOS release parsing for the minimum pip version, avoid sharing the mutable default build-system table between builders, keep the original error when isolated-environment setup fails early, and raise BuildException for an invalid wheel - by :user:henryiii (:issue:1121)
  • Decide color support independently for stdout and stderr instead of only checking stdout.isatty(), so redirecting one stream no longer disables or leaks ANSI colors on the other - by :user:henryiii (:issue:1123)

Deprecations and Removals


  • Deprecate :func:build.util.project_wheel_metadata; use python -m build --metadata instead - by :user:gaborbernat (:issue:557)
  • Warn on config settings without a value (e.g. -C--my-flag); use -C--my-flag= instead for compatibility with pip

... (truncated)

Commits
  • d08fcd7 chore: prepare for 1.5.1
  • 135801c test: isolate color tests from NO_COLOR and FORCE_COLOR (#1128)
  • 820d4e5 perf: memoize check_dependency (#1122)
  • 6c03264 pre-commit: bump repositories (#1127)
  • 43c337a refactor: simplify code paths found in review (#1124)
  • 260ae22 fix: minor robustness fixes from code review (#1121)
  • 100e86e refactor: open the wheel only once in metadata_path (#1126)
  • 272db6c fix: decide color support per output stream, not solely from stdout (#1123)
  • bc4ca7c fix: use LF instead of os.linesep when writing pip/uv requirements files (#1120)
  • 16d8143 fix: derive dist-info directory from wheel contents, not filename (#1119)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…4 updates

Bumps the dev-dependencies group with 4 updates in the / directory: [pytest](https://github.com/pytest-dev/pytest), [mypy](https://github.com/python/mypy), [ruff](https://github.com/astral-sh/ruff) and [build](https://github.com/pypa/build).


Updates `pytest` from 9.0.3 to 9.1.1
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.0.3...9.1.1)

Updates `mypy` from 2.0.0 to 2.3.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v2.0.0...v2.3.0)

Updates `ruff` from 0.15.12 to 0.15.21
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.12...0.15.21)

Updates `build` from 1.5.0 to 1.5.1
- [Release notes](https://github.com/pypa/build/releases)
- [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst)
- [Commits](pypa/build@1.5.0...1.5.1)

---
updated-dependencies:
- dependency-name: pytest
  dependency-version: 9.1.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: mypy
  dependency-version: 2.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: ruff
  dependency-version: 0.15.21
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: build
  dependency-version: 1.5.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jul 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants