Skip to content

build(deps): bump the uv-dependencies group with 3 updates#90

Merged
amannocci merged 1 commit intomainfrom
dependabot/uv/uv-dependencies-bc43b34d26
Apr 6, 2026
Merged

build(deps): bump the uv-dependencies group with 3 updates#90
amannocci merged 1 commit intomainfrom
dependabot/uv/uv-dependencies-bc43b34d26

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 5, 2026

Bumps the uv-dependencies group with 3 updates: click, poethepoet and ruff.

Updates click from 8.3.1 to 8.3.2

Release notes

Sourced from click's releases.

8.3.2

This is the Click 8.3.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.3.2/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-2 Milestone: https://github.com/pallets/click/milestone/29

  • Fix handling of flag_value when is_flag=False to allow such options to be used without an explicit value. #3084 #3152
  • Hide Sentinel.UNSET values as None when using lookup_default(). #3136 #3199 #3202 #3209 #3212 #3224
  • Prevent _NamedTextIOWrapper from closing streams owned by StreamMixer. #824 #2991 #2993 #3110 #3139 #3140
  • Add comprehensive tests for CliRunner stream lifecycle, covering logging interaction, multi-threaded safety, and sequential invocation isolation. Add high-iteration stress tests behind a stress marker with a dedicated CI job. #3139
  • Fix callable flag_value being instantiated when used as a default via default=True. #3121 #3201 #3213 #3225
Changelog

Sourced from click's changelog.

Version 8.3.2

Released 2026-04-02

  • Fix handling of flag_value when is_flag=False to allow such options to be used without an explicit value. :issue:3084 :pr:3152
  • Hide Sentinel.UNSET values as None when using lookup_default(). :issue:3136 :pr:3199 :pr:3202 :pr:3209 :pr:3212 :pr:3224
  • Prevent _NamedTextIOWrapper from closing streams owned by StreamMixer. :issue:824 :issue:2991 :issue:2993 :issue:3110 :pr:3139 :pr:3140
  • Add comprehensive tests for CliRunner stream lifecycle, covering logging interaction, multi-threaded safety, and sequential invocation isolation. Add high-iteration stress tests behind a stress marker with a dedicated CI job. :pr:3139
  • Fix callable flag_value being instantiated when used as a default via default=True. :issue:3121 :pr:3201 :pr:3213 :pr:3225
Commits

Updates poethepoet from 0.42.1 to 0.43.0

Release notes

Sourced from poethepoet's releases.

0.43.0

Enhancements

Breaking changes

This release includes a refactor of how task variables are managed, improving boolean arg semantics and introducing private variables. These changes may affect a small number of existing configurations:

  • Boolean args now produce unset env vars when false. Previously false mapped to the string "False"; now the env var is removed entirely. This gives consistent falsy behavior across shells and parameter expansion operators (:-, :+). Tasks checking for the literal string "False" or using os.environ["flag"] will need updating.

  • Private env vars are filtered from subprocesses. Variables starting with _ and containing no uppercase characters (e.g. _secret) are now treated as private — available for config-time interpolation but excluded from the task subprocess environment. This is unlikely to affect existing configurations, but any task that relies on a subprocess reading a _lowercase env var will need to rename it.

  • Private arg option names strip leading underscores. An arg named _flag with no explicit options now generates --flag instead of --_flag. A new validation rejects duplicate CLI options across args.

See the migration guide for details and recommended fixes.

New Contributors

Full Changelog: nat-n/poethepoet@v0.42.1...v0.43.0

Commits
  • 6a25fba chore: bump version to 0.43.0
  • 83091a5 feat!: treat false boolean args as unset env vars and add private vars (#359)
  • 456094a feat: Add task groups for grouping tasks under a heading in help output (#354)
  • See full diff in compare view

Updates ruff from 0.15.8 to 0.15.9

Release notes

Sourced from ruff's releases.

0.15.9

Release Notes

Released on 2026-04-02.

Preview features

  • [pyflakes] Flag annotated variable redeclarations as F811 in preview mode (#24244)
  • [ruff] Allow dunder-named assignments in non-strict mode for RUF067 (#24089)

Bug fixes

  • [flake8-errmsg] Avoid shadowing existing msg in fix for EM101 (#24363)
  • [flake8-simplify] Ignore pre-initialization references in SIM113 (#24235)
  • [pycodestyle] Fix W391 fixes for consecutive empty notebook cells (#24236)
  • [pyupgrade] Fix UP008 nested class matching (#24273)
  • [pyupgrade] Ignore strings with string-only escapes (UP012) (#16058)
  • [ruff] RUF072: skip formfeeds on dedent (#24308)
  • [ruff] Avoid re-using symbol in RUF024 fix (#24316)
  • [ruff] Parenthesize expression in RUF050 fix (#24234)
  • Disallow starred expressions as values of starred expressions (#24280)

Rule changes

  • [flake8-simplify] Suppress SIM105 for except* before Python 3.12 (#23869)
  • [pyflakes] Extend F507 to flag %-format strings with zero placeholders (#24215)
  • [pyupgrade] UP018 should detect more unnecessarily wrapped literals (UP018) (#24093)
  • [pyupgrade] Fix UP008 callable scope handling to support lambdas (#24274)
  • [ruff] RUF010: Mark fix as unsafe when it deletes a comment (#24270)

Formatter

  • Add nested-string-quote-style formatting option (#24312)

Documentation

  • [flake8-bugbear] Clarify RUF071 fix safety for non-path string comparisons (#24149)
  • [flake8-type-checking] Clarify import cycle wording for TC001/TC002/TC003 (#24322)

Other changes

  • Avoid rendering fix lines with trailing whitespace after | (#24343)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.9

Released on 2026-04-02.

Preview features

  • [pyflakes] Flag annotated variable redeclarations as F811 in preview mode (#24244)
  • [ruff] Allow dunder-named assignments in non-strict mode for RUF067 (#24089)

Bug fixes

  • [flake8-errmsg] Avoid shadowing existing msg in fix for EM101 (#24363)
  • [flake8-simplify] Ignore pre-initialization references in SIM113 (#24235)
  • [pycodestyle] Fix W391 fixes for consecutive empty notebook cells (#24236)
  • [pyupgrade] Fix UP008 nested class matching (#24273)
  • [pyupgrade] Ignore strings with string-only escapes (UP012) (#16058)
  • [ruff] RUF072: skip formfeeds on dedent (#24308)
  • [ruff] Avoid re-using symbol in RUF024 fix (#24316)
  • [ruff] Parenthesize expression in RUF050 fix (#24234)
  • Disallow starred expressions as values of starred expressions (#24280)

Rule changes

  • [flake8-simplify] Suppress SIM105 for except* before Python 3.12 (#23869)
  • [pyflakes] Extend F507 to flag %-format strings with zero placeholders (#24215)
  • [pyupgrade] UP018 should detect more unnecessarily wrapped literals (UP018) (#24093)
  • [pyupgrade] Fix UP008 callable scope handling to support lambdas (#24274)
  • [ruff] RUF010: Mark fix as unsafe when it deletes a comment (#24270)

Formatter

  • Add nested-string-quote-style formatting option (#24312)

Documentation

  • [flake8-bugbear] Clarify RUF071 fix safety for non-path string comparisons (#24149)
  • [flake8-type-checking] Clarify import cycle wording for TC001/TC002/TC003 (#24322)

Other changes

  • Avoid rendering fix lines with trailing whitespace after | (#24343)

Contributors

... (truncated)

Commits
  • 724ccc1 Bump 0.15.9 (#24369)
  • 96d9e09 [ty] Move the deferred submodule inside infer/builder (#24368)
  • 130da28 [ty] Infer the extra_items keyword argument to class-based TypedDicts as an...
  • a617c54 [ty] Validate type qualifiers in functional TypedDict fields and the `extra_i...
  • d851708 [ty] Improve robustness of various type-qualifier-related checks (#24251)
  • aecb587 Only run the release-gate on workflow dispatch (#24366)
  • b889571 [ty] Use infer_type_expression for parsing parameter annotations and return...
  • 3286a62 Add a "release-gate" step to the release workflow (#24365)
  • 5f88756 Disallow starred expressions as values of starred expressions (#24280)
  • 5c59f8a [pyupgrade] Ignore strings with string-only escapes (UP012) (#16058)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the uv-dependencies group with 3 updates
5b0fcdf 
Bumps the uv-dependencies group with 3 updates: [click](https://github.com/pallets/click), [poethepoet](https://github.com/nat-n/poethepoet) and [ruff](https://github.com/astral-sh/ruff).


Updates `click` from 8.3.1 to 8.3.2
- [Release notes](https://github.com/pallets/click/releases)
- [Changelog](https://github.com/pallets/click/blob/main/CHANGES.rst)
- [Commits](pallets/click@8.3.1...8.3.2)

Updates `poethepoet` from 0.42.1 to 0.43.0
- [Release notes](https://github.com/nat-n/poethepoet/releases)
- [Commits](nat-n/poethepoet@v0.42.1...v0.43.0)

Updates `ruff` from 0.15.8 to 0.15.9
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.8...0.15.9)

---
updated-dependencies:
- dependency-name: click
  dependency-version: 8.3.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: uv-dependencies
- dependency-name: poethepoet
  dependency-version: 0.43.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: uv-dependencies
- dependency-name: ruff
  dependency-version: 0.15.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: uv-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Apr 5, 2026
@amannocci amannocci self-assigned this Apr 6, 2026
@amannocci amannocci merged commit c591e57 into main Apr 6, 2026
16 checks passed
@amannocci amannocci deleted the dependabot/uv/uv-dependencies-bc43b34d26 branch April 6, 2026 13:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@amannocci amannocci

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@amannocci