chore(deps): bump the uv-version-updates group across 1 directory with 12 updates

[dependabot]

Bumps the uv-version-updates group with 12 updates in the / directory:

Package	From	To
pydantic	2.12.5	2.13.4
authlib	1.6.11	1.7.2
requests	2.33.0	2.34.0
cryptography	46.0.7	48.0.0
pytest-cov	7.0.0	7.1.0
tox	4.32.0	4.53.1
types-python-dateutil	2.9.0.20251115	2.9.0.20260508
testcontainers	4.14.1	4.14.2
ruff	0.14.10	0.15.12
sphinx	7.4.7	8.1.3
fawltydeps	0.19.0	0.20.0
ty	0.0.5	0.0.35

Updates pydantic from 2.12.5 to 2.13.4

Release notes

Sourced from pydantic's releases.

v2.13.4 2026-05-06

v2.13.4 (2026-05-06)

What's Changed

Packaging

• Bump libc from 0.2.155 to 0.2.185 by @​Viicos in #13109
• Adapt pydantic-core linker flags on macOS by @​washingtoneg and @​Viicos in #13147

Fixes

• Preserve RootModel core metadata by @​Viicos in #13129

Full Changelog: pydantic/pydantic@v2.13.3...v2.13.4

v2.13.3 2026-04-20

v2.13.3 (2026-04-20)

What's Changed

Fixes

• Handle AttributeError subclasses with from_attributes by @​Viicos in #13096

Full Changelog: pydantic/pydantic@v2.13.2...v2.13.3

v2.13.2 2026-04-17

v2.13.2 (2026-04-17)

What's Changed

Fixes

• Fix ValidationInfo.field_name missing with model_validate_json() by @​Viicos in #13084

Full Changelog: pydantic/pydantic@v2.13.1...v2.13.2

v2.13.1 2026-04-15

v2.13.1 (2026-04-15)

What's Changed

Fixes

• Fix ValidationInfo.data missing with model_validate_json() by @​davidhewitt in #13079

Full Changelog: pydantic/pydantic@v2.13.0...v2.13.1

v2.13.0 2026-04-13

... (truncated)

Changelog

Sourced from pydantic's changelog.

v2.13.4 (2026-05-06)

GitHub release

What's Changed

Packaging

• Bump libc from 0.2.155 to 0.2.185 by @​Viicos in #13109
• Adapt pydantic-core linker flags on macOS by @​washingtoneg and @​Viicos in #13147

Fixes

• Preserve RootModel core metadata by @​Viicos in #13129

v2.13.3 (2026-04-20)

GitHub release

What's Changed

Fixes

• Handle AttributeError subclasses with from_attributes by @​Viicos in #13096

v2.13.2 (2026-04-17)

GitHub release

What's Changed

Fixes

• Fix ValidationInfo.field_name missing with model_validate_json() by @​Viicos in #13084

v2.13.1 (2026-04-15)

GitHub release

What's Changed

Fixes

• Fix ValidationInfo.data missing with model_validate_json() by @​davidhewitt in #13079

v2.13.0 (2026-04-13)

GitHub release

The highlights of the v2.13 release are available in the blog post.

... (truncated)

Commits

• cf67d4b Fix linting
• f0d8a21 Prepare release v2.13.4
• 5e3fe1d Check for pydantic tag pattern in CI
• 7f9edcc Document tagging conventions
• b46a0c9 Adapt pydantic-core linker flags on macOS
• 50629c8 Update to PyPy 7.3.22
• 8522ebb Preserve RootModel core metadata
• a37f3af Adapt MISSING sentinel test to work with unreleased typing_extensions ver...
• 909259a Remove Logfire example in documentation
• 2c4174c Bump libc from 0.2.155 to 0.2.185
• Additional commits viewable in compare view

Updates authlib from 1.6.11 to 1.7.2

Release notes

Sourced from authlib's releases.

v1.7.2

What's Changed

• Fix the readme links by @​azmeuk in authlib/authlib#886
• Allow non-recommended algorithms in ClientSecretJWT and PrivateKey by @​azmeuk in authlib/authlib#887
• Validate BCP47 language tags with a regex by @​azmeuk in authlib/authlib#873
• Fix RFC7523 signing with non RSA keys by @​azmeuk in authlib/authlib#884

Full Changelog: authlib/authlib@v1.7.1...v1.7.2

v1.7.1

What's Changed

• Fix authlib.jose deprecation warning poping from _joserfc_helpers by @​azmeuk in authlib/authlib#881
• Fix redirecting to unvalidated redirect_uri on InvalidScopeError in OpenIDImplicitGrant and OpenIDHybridGrant.

Full Changelog: authlib/authlib@v1.7.0...v1.7.1

v1.7.0

What's Changed

• Authorization and token endpoints request empty scope parameter management by @​azmeuk in authlib/authlib#847
• Support from Python 3.10 to 3.14 by @​azmeuk in authlib/authlib#850
• Allow composition of AuthorizationServerMetadata by @​azmeuk in authlib/authlib#853
• Make require_oauth parenthesis optional by @​azmeuk in authlib/authlib#855
• Fix expires_at behavior when its value is 0 by @​azmeuk in authlib/authlib#854
• Migration to joserfc by @​lepture in authlib/authlib#852
• RP-initiated logout by @​frohrlich in authlib/authlib#849
• Fix get_jwt_config by @​lepture in authlib/authlib#858
• chore(ci): Update PyPy version from 3.10 to 3.11 by @​cclauss in authlib/authlib#863
• fix: remove "none" from default authlib.jose.jwt algorithms by @​lepture in authlib/authlib#860
• fix: normalize resolve_client_public_key method by @​lepture in authlib/authlib#861
• Implement rfc9700 PKCE downgrade countermeasure by @​azmeuk in authlib/authlib#864
• Use correct syntax for tox.requires in tox.ini by @​alex-ball in authlib/authlib#868
• Set client session User-Agent when fetching server metadata and JWKs by @​alex-ball in authlib/authlib#867
• fix: use the real application object for Flask by @​nblock in authlib/authlib#869
• Accept the issuer URL as a valid audience by @​azmeuk in authlib/authlib#865
• Don't nest InvalidTokenError extra attribute by @​azmeuk in authlib/authlib#872
• Documentation overhaul by @​azmeuk in authlib/authlib#875
• Update README.md docs.authlib.org/en/latest => docs.authlib.org/en/stable by @​guillett in authlib/authlib#876
• Merge release/1.6 branch by @​lepture in authlib/authlib#877

New Contributors

• @​frohrlich made their first contribution in authlib/authlib#849
• @​cclauss made their first contribution in authlib/authlib#863
• @​alex-ball made their first contribution in authlib/authlib#868
• @​nblock made their first contribution in authlib/authlib#869
• @​guillett made their first contribution in authlib/authlib#876

Full Changelog: authlib/authlib@v1.6.10...v1.7.0

v1.6.12

... (truncated)

Commits

• a0b76fa chore: bump to 1.7.2
• c85c7f2 Merge pull request #884 from azmeuk/852-rfc7523-key-import
• a3b2add Merge pull request #873 from azmeuk/bcp47
• f2578ea fix: Import RSAKey in auth.py for additional key support
• b57182c fix: fallback support RSAKey when client_secret is text
• 4e75902 Merge branch 'main' into 852-rfc7523-key-import
• 5eb4a86 Merge pull request #887 from azmeuk/883-alg
• 5633f37 fix: allow non-recommended algorithms in ClientSecretJWT and PrivateKeyJWT
• 4c8e7b3 Merge pull request #886 from azmeuk/885-readme
• 23b333e docs: fix the readme links
• Additional commits viewable in compare view

Updates requests from 2.33.0 to 2.34.0

Release notes

Sourced from requests's releases.

v2.34.0

2.34.0 (2026-05-11)

Announcements

• Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

  Special thanks to @​bastimeyer, @​cthoyt, @​edgarrmondragon, and @​srittau for helping review and test the types ahead of the release. (#7272)

Improvements

• Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)
• Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)
• Requests added support for Python 3.14t. (#7419)

Bugfixes

• Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)
• Requests no longer performs greedy matching on no_proxy domains. The proxy_bypass implementation has been updated with CPython's fix from bpo-39057. (#7427)
• Requests no longer incorrectly strips duplicate leading slashes in URI paths. This should address user issues with specific presigned URLs. Note the full fix requires urllib3 2.7.0+. (#7315)

New Contributors

• @​cjriches made their first contribution in psf/requests#7365
• @​dsanader made their first contribution in psf/requests#7376
• @​DimitriPapadopoulos made their first contribution in psf/requests#7393
• @​joshua-51 made their first contribution in psf/requests#7416
• @​eggsort made their first contribution in psf/requests#7421
• @​typhon8 made their first contribution in psf/requests#7315
• @​bastimeyer made their first contribution in psf/requests#7425

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2340-2026-05-11

v2.33.1

2.33.1 (2026-03-30)

Bugfixes

• Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
• Fixed Content-Type header parsing for malformed values. (#7309)
• Improved error consistency for malformed header values. (#7308)

... (truncated)

Changelog

Sourced from requests's changelog.

2.34.0 (2026-05-11)

Announcements

• Requests 2.34.0 introduces inline types, replacing those provided by typeshed. Public API types should be fully compatible with mypy, pyright, and ty. We believe types are comprehensive but if you find issues, please report them to the pinned tracking issue.

  Special thanks to @​bastimeyer, @​cthoyt, @​edgarrmondragon, and @​srittau for helping review and test the types ahead of the release. (#7272)

Improvements

• Digest Auth hashing algorithms have added usedforsecurity=False to clarify security considerations. (#7310)
• Requests added support for Python 3.15 based on beta1. Downstream projects should be able to start testing prior to its release in October. (#7422)
• Requests added support for Python 3.14t. (#7419)

Bugfixes

• Response.history no longer contains a reference to itself, preventing accidental looping when traversing the history list. (#7328)
• Requests no longer performs greedy matching on no_proxy domains. The proxy_bypass implementation has been updated with CPython's fix from bpo-39057. (#7427)
• Requests no longer incorrectly strips duplicate leading slashes in URI paths. This should address user issues with specific presigned URLs. Note the full fix requires urllib3 2.7.0+. (#7315)

2.33.1 (2026-03-30)

Bugfixes

• Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. (#7305)
• Fixed Content-Type header parsing for malformed values. (#7309)
• Improved error consistency for malformed header values. (#7308)

Commits

• 0b401c7 v2.34.0
• 86b378d Align Session.get parameters with requests.get (#7429)
• a4f9a59 Port bpo-39057 to Requests (#7427)
• 3816cfa Parameterize SupportsItems to handle Mapping key invariance (#7426)
• b684dcb sessions: fix hooks type (#7425)
• dc9dbdf Formalize 3.15 support (#7422)
• 25340eb Clear proxy env vars before every test run (#7423)
• fd62809 Preserve leading slashes in request path_url (#7315)
• e8d2c01 docs: Fix missing hook output in docs example (#7421)
• eb173bc Add 3.14t support to CI (#7419)
• Additional commits viewable in compare view

Updates cryptography from 46.0.7 to 48.0.0

Changelog

Sourced from cryptography's changelog.

48.0.0 - 2026-05-04

* **BACKWARDS INCOMPATIBLE:** Support for Python 3.8 has been removed.
  ``cryptography`` now requires Python 3.9 or later.
* **BACKWARDS INCOMPATIBLE:** Loading an X.509 CRL whose inner
  ``TBSCertList.signature`` algorithm does not match the outer
  ``signatureAlgorithm`` now raises ``ValueError``. Previously, such CRLs
  were parsed successfully and only rejected during signature validation.
* Added support for :doc:`/hazmat/primitives/asymmetric/mlkem` and
  :doc:`/hazmat/primitives/asymmetric/mldsa` when using OpenSSL 3.5.0 or
  later, in addition to the existing AWS-LC and BoringSSL support. This means
  post-quantum algorithms are now available to users of our wheels.

Note: Going forward, we do not guarantee that all functionality

in cryptography will be available when building against

OpenSSL. See :doc:/statements/state-of-openssl for more information.

.. _v47-0-0:
47.0.0 - 2026-04-24

• Support for Python 3.8 is deprecated and will be removed in the next cryptography release.
• BACKWARDS INCOMPATIBLE: Support for binary elliptic curves (SECT* classes) has been removed. These curves are rarely used and have additional security considerations that make them undesirable.
• BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.1.x has been removed. OpenSSL 3.0.0 or later is now required. LibreSSL, BoringSSL, and AWS-LC continue to be supported.
• BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 4.1.
• BACKWARDS INCOMPATIBLE: Loading keys with unsupported algorithms or keys with unsupported explicit curve encodings now raises :class:~cryptography.exceptions.UnsupportedAlgorithm instead of ValueError. This change affects :func:~cryptography.hazmat.primitives.serialization.load_pem_private_key, :func:~cryptography.hazmat.primitives.serialization.load_der_private_key, :func:~cryptography.hazmat.primitives.serialization.load_pem_public_key, :func:~cryptography.hazmat.primitives.serialization.load_der_public_key, and :meth:~cryptography.x509.Certificate.public_key when called on certificates with unsupported public key algorithms.
• BACKWARDS INCOMPATIBLE: When parsing elliptic curve private keys, we now reject keys that incorrectly encode a private key of the wrong length because such keys are impossible to process in a constant-time manner. We do not believe keys with this problem are in wide use, however we may revert this change based on the feedback we receive.
• Deprecated passing 64-bit (8-byte) and 128-bit (16-byte) keys to :class:~cryptography.hazmat.decrepit.ciphers.algorithms.TripleDES. In a

... (truncated)

Commits

• 8e03e30 bump for 48.0.0 release (#14796)
• 295e0d2 Add AGENTS.md with CLAUDE.md symlink (#14794)
• 104a2de Bump BoringSSL, OpenSSL, AWS-LC in CI (#14793)
• 67ec1e5 call check_length early on AesSiv::encrypt (#14792)
• b2da57a changelog for mldsa/mlkem for openssl (#14791)
• 3cf44ad ML-KEM OpenSSL support (#14781)
• 2e31639 ML-DSA OpenSSL support (#14773)
• 5affe5a fix rust nightly clippy (#14790)
• 2e73ca4 bump rust-openssl dep and update EcPoint::mul_generator to mul_generator2 (#1...
• 82ebd3b Bump BoringSSL, OpenSSL, AWS-LC in CI (#14785)
• Additional commits viewable in compare view

Updates pytest-cov from 7.0.0 to 7.1.0

Changelog

Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)

• Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.

• Improve handling of ResourceWarning from sqlite3.

  The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.

  With this fix one can suppress ResourceWarning from sqlite3 from command line::

  pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

• Various improvements to documentation. Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and "vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>. Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.

• Fixed some assertions in tests. Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.

• Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

Commits

• 66c8a52 Bump version: 7.0.0 → 7.1.0
• f707662 Make the examples use pypy 3.11.
• 6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
• 8ebf20b Update changelog.
• 861d30e Remove the backup context manager - shouldn't be needed since coverage 5.0, ...
• fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
• 78c9c4e Only run the 3.9 on older deps.
• 4849a92 Punctuation.
• 197c35e Update changelog and hopefully I don't forget to publish release again :))
• 14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
• Additional commits viewable in compare view

Updates tox from 4.32.0 to 4.53.1

Release notes

Sourced from tox's releases.

v4.53.1

What's Changed

• 🐛 fix(security): harden user-facing logs and untrusted inputs by @​gaborbernat in tox-dev/tox#3924
• 🐛 fix(type): correct argparse override signatures for ty 0.0.33 by @​gaborbernat in tox-dev/tox#3932
• fix: allow deps arrays in TOML schema by @​cyphercodes in tox-dev/tox#3931

New Contributors

• @​cyphercodes made their first contribution in tox-dev/tox#3931

Full Changelog: tox-dev/tox@4.53.0...4.53.1

v4.53.0

What's Changed

• ✨ feat(toml): allow bare range/labeled dicts in env_list by @​gaborbernat in tox-dev/tox#3923

Full Changelog: tox-dev/tox@4.52.1...4.53.0

v4.52.1

What's Changed

• use normalize_isa for architecture factor matching by @​rahuldevikar in tox-dev/tox#3919
• 🐛 fix(pip): invalidate install cache on resolution env var changes by @​gaborbernat in tox-dev/tox#3921

Full Changelog: tox-dev/tox@4.52.0...4.52.1

v4.52.0

What's Changed

• remove unsupported --remote flag from gh repo fork by @​rahuldevikar in tox-dev/tox#3908
• ✨ feat(config): support escaped dots in -x override keys by @​gaborbernat in tox-dev/tox#3910
• 🐛 fix(docs): auto-generate manpage from CLI parser by @​gaborbernat in tox-dev/tox#3911
• ✨ feat(runner): add PEP 723 inline script metadata support by @​gaborbernat in tox-dev/tox#3912

Full Changelog: tox-dev/tox@4.51.0...4.52.0

v4.51.0

What's Changed

• 🔒 ci(workflows): add zizmor security auditing by @​gaborbernat in tox-dev/tox#3896
• Add base_python_file config option by @​rahuldevikar in tox-dev/tox#3899

... (truncated)

Changelog

Sourced from tox's changelog.

Bug fixes - 4.53.1

• Hardening pass on user-facing logging and config parsing:

  • Mask secret-looking --key=value flag values in command logs (terminal warnings, .tox/<env>/log/*.log, and Outcome __repr__) using the same keyword regex previously applied to environment variable values.
  • Resolve PEP 723 script paths and reject any that escape tox_root; cap the script read at 5 MiB so a symlink to /dev/zero cannot exhaust memory.
  • Replace eval() of a constructed Literal[...] string in the CLI parser with a direct Literal[tuple(action.choices)] subscript.
  • Pass timeout=30 to urlopen when fetching a remote requirements file so a slow or unresponsive mirror cannot hang tox indefinitely. (:issue:3924)

• Allow the generated TOML schema to validate array values for deps. (:issue:3929)

• Correct type annotations for ArgumentParser.parse_args and parse_known_args overrides following typeshed PR [#15613](https://github.com/tox-dev/tox/issues/15613) <https://github.com/python/typeshed/pull/15613>_, which widened the args parameter from Sequence[str] to Iterable[str]. The narrower type in tox's overrides violated the Liskov substitution principle and caused invalid-method-override errors with ty 0.0.33. Also correct the option_spec annotation in docs/tox_conf.py to ClassVar[dict[str, Callable[[str], Any]]] matching the docutils stubs type. (:issue:3932)

---

v4.53.0 (2026-04-14)

---

Features - 4.53.0

• TOML env_list now accepts bare range dicts ({ prefix = "3.", start = 12, stop = 14 }) and bare labeled dicts ({ ecosystem = ["oci", "python"] }) as top-level items, removing the { product = [...] } wrapper when there is only a single factor group - by :user:gaborbernat. (:issue:3923)

Bug fixes - 4.53.0

• Nesting a range or labeled dict inside a product factor-group list now raises a clear error pointing at the un-nesting fix, instead of silently producing a malformed environment name - by :user:gaborbernat. (:issue:3923)

---

v4.52.1 (2026-04-09)

---

Bug fixes - 4.52.1

• Changing a resolution-affecting environment variable via set_env (e.g. PIP_INDEX_URL) now invalidates the install cache and triggers a reinstall, rather than incorrectly reusing the cached environment - by :user:gaborbernat. (:issue:3917)
• Use normalize_isa from python-discovery for architecture factor matching, supporting aliases like i686 →

... (truncated)

Commits

• 2b17791 release 4.53.1
• 86234dd fix: allow deps arrays in TOML schema (#3931)
• dd305fe 🐛 fix(type): correct argparse override signatures for ty 0.0.33 (#3932)
• 3aa3cd5 [pre-commit.ci] pre-commit autoupdate
• 59b6cd2 build(deps): bump astral-sh/setup-uv from 8.0.0 to 8.1.0 (#3928)
• 3765fcd [pre-commit.ci] pre-commit autoupdate (#3927)
• b76c383 build(deps): bump actions/cache from 5.0.4 to 5.0.5 (#3926)
• 7b0ad94 build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#3925)
• 4dcde44 🐛 fix(security): harden user-facing logs and untrusted inputs (#3924)
• 4c584f2 release 4.53.0
• Additional commits viewable in compare view

Updates types-python-dateutil from 2.9.0.20251115 to 2.9.0.20260508

Commits

• See full diff in compare view

Updates testcontainers from 4.14.1 to 4.14.2

Release notes

Sourced from testcontainers's releases.

testcontainers: v4.14.2

4.14.2 (2026-03-18)

Features

• kafka: allow configurable listener name and security protocol (#966) (44dd40b)

Changelog

Sourced from testcontainers's changelog.

4.14.2 (2026-03-18)

Features

• kafka: allow configurable listener name and security protocol (#966) (44dd40b)

Commits

• 5c67efb chore(main): release testcontainers 4.14.2 (#969)
• 44dd40b feat(kafka): allow configurable listener name and security protocol (#966)
• a78475a chore(main): Migrate to uv (#960)
• See full diff in compare view

Updates ruff from 0.14.10 to 0.15.12

Release notes

Sourced from ruff's releases.

0.15.12

Release Notes

Released on 2026-04-24.

Preview features

• Implement #ruff:file-ignore file-level suppressions (#23599)
• Implement #ruff:ignore logical-line suppressions (#23404)
• Revert preview changes to displayed diagnostic severity in LSP (#24789)
• [airflow] Implement task-branch-as-short-circuit (AIR004) (#23579)
• [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#24440)
• [pylint] Fix PLC2701 for type parameter scopes (#24576)

Rule changes

• [pandas-vet] Suggest .array as well in PD011 (#24805)

CLI

• Respect default Unix permissions for cache files (#24794)

Documentation

• [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#24749)
• [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#24153)
• Improve rules table accessibility (#24711)

Contributors

• @​dylwil3
• @​AlexWaygood
• @​woodruffw
• @​avasis-ai
• @​Dev-iL
• @​denyszhak
• @​ShipItAndPray
• @​anishgirianish
• @​augustelalande
• @​amyreese
• @​majiayu000

Install ruff 0.15.12

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.12/ruff-installer.sh | sh

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.12

Released on 2026-04-24.

Preview features

• Implement #ruff:file-ignore file-level suppressions (#23599)
• Implement #ruff:ignore logical-line suppressions (#23404)
• Revert preview changes to displayed diagnostic severity in LSP (#24789)
• [airflow] Implement task-branch-as-short-circuit (AIR004) (#23579)
• [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#24440)
• [pylint] Fix PLC2701 for type parameter scopes (#24576)

Rule changes

• [pandas-vet] Suggest .array as well in PD011 (#24805)

CLI

• Respect default Unix permissions for cache files (#24794)

Documentation

• [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#24749)
• [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#24153)
• Improve rules table accessibility (#24711)

Contributors

• @​dylwil3
• @​AlexWaygood
• @​woodruffw
• @​avasis-ai
• @​Dev-iL
• @​denyszhak
• @​ShipItAndPray
• @​anishgirianish
• @​augustelalande
• @​amyreese
• @​majiayu000

0.15.11

Released on 2026-04-16.

Preview features

• [ruff] Ignore RUF029 when function is decorated with asynccontextmanager (#24642)
• [airflow] Implement airflow-xcom-pull-in-template-string (AIR201) (#23583)
• [flake8-bandit] Fix S103 false positives and negatives in mask analysis (#24424)

... (truncated)

Commits

• 66f93cf Bump 0.15.12 (#24815)
• 476a4d0 [ty] Complete support for more detailed diagnostics on possibly unbound error...
• ed669ea Implement #ruff:file-ignore file-level suppressions (#23599)
• e73d952 [ty] Include inferred type in invalid-key concise diagnostic for union/inte...
• 80feb29 [ty] report only dead annotation-only locals as unused (#24811)
• 0fbf2bc Drop deprecated license classifier (#24808)
• 43b174c [ty] Infer lambda parameter types with Callable type context (#24317)
• 4f449ae [ty] Add error context for intersection types (#24772)
• 5b4e753 [ty] Add support for goto in literal enum member inlay hint (#24792)
• e7cc762 [ty] Add error context for TypedDict assignments (#24790)
• Additional commits viewable in compare view

Updates sphinx from 7.4.7 to 8.1.3

Release notes

Sourced from sphinx's releases.

Sphinx 8.1.3

Changelog: https://www.sphinx-doc.org/en/master/changes/8.1.html

Bugs fixed

• #13013: Restore support for cut_lines() with no object type. Patch by Adam Turner.

Sphinx 8.1.2

Changelog: https://www.sphinx-doc.org/en/master/changes/8.1.html

Bugs fixed

• #13012: Expose sphinx.errors.ExtensionError in sphinx.util for backwards compatibility. This will be removed in Sphinx 9, as exposing the exception in sphinx.util was never intentional. ExtensionError has been part of sphinx.errors since Sphinx 0.9. Patch by Adam Turner.

Sphinx 8.1.1

Changelog: https://www.sphinx-doc.org/en/master/changes/8.1.html

Bugs fixed

• #13006: Use the preferred https://www.cve.org/ URL for the :cve: role. Patch by Hugo van Kemenade.
• #13007: LaTeX: Improve resiliency when the required fontawesome or fontawesome5 packages are not installed. Patch by Jean-François B.

Sphinx 8.1.0

Changelog: https://www.sphinx-doc.org/en/master/changes/8.1.html

Dependencies

• #12756: Add lower-bounds to the sphinxcontrib-* dependencies. Patch by Adam Turner.
• #12833: Update the LaTeX parskip package from 2001 to 2018. Patch by Jean-François B.

Incompatible changes

• #12763: Remove unused internal class sphinx.util.Tee. Patch by Adam Turner.
• #12822: LaTeX: for Unicode engines, the fvset default is changed to '\\fvset{fontsize=auto}' from '\\fvset{fontsize=\\small}'. Code-blocks are unchanged as FreeMono is now loaded with Scale=0.9. An adjustment to existing projects is needed only if they used a custom fontpkg configuration and did not set fvset.

... (truncated)

Changelog

Sourced from sphinx's changelog.

Release 8.1.3 (released Oct 13, 2024)

Bugs fixed

• #13013: Restore support for :func:!cut_lines with no object type. Patch by Adam Turner.

Release 8.1.2 (released Oct 12, 2024)

Bugs fixed

• #13012: Expose :exc:sphinx.errors.ExtensionError in sphinx.util for backwards compatibility. This will be removed in Sphinx 9, as exposing the exception in sphinx.util was never intentional. :exc:!ExtensionError has been part of sphinx.errors since Sphinx 0.9. Patch by Adam Turner.

Release 8.1.1 (released Oct 11, 2024)

Bugs fixed

• #13006: Use the preferred

[github-actions]

Qodana for Python

2 new problems were found

Inspection name	Severity	Problems
Invalid type hints definitions and usages	🔶 Warning	1
Unused local symbols	◽️ Notice	1

@@ Code coverage @@
+ 75% total lines covered
917 lines analyzed, 690 lines covered
# Calculated according to the filters of your coverage tool

💡 Qodana analysis was run in the pull request mode: only the changed files were checked
☁️ View the detailed Qodana report

Contact Qodana team

Contact us at qodana-support@jetbrains.com

• Or via our issue tracker: https://jb.gg/qodana-issue
• Or share your feedback: https://jb.gg/qodana-discussions