chore(dev): update dev dependencies (non-major)

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
basedpyright	1.35.0 → 1.39.4
coverage	7.12.0 → 7.14.0
mypy (changelog)	1.19.0 → 1.20.2
pendulum	3.1.0 → 3.2.0
pre-commit	4.5.0 → 4.6.0
pytest-cov (changelog)	7.0.0 → 7.1.0
ruff (source, changelog)	0.14.8 → 0.15.13

---

Release Notes

detachhead/basedpyright (basedpyright)

v1.39.4: (pyright 1.1.409)

Compare Source

What's Changed

• Update basedpyright's docs for PyCharm by @​charliecloudberry in DetachHead#1643
• treat map & filter as not subscriptable at runtime and don't show generic inlay hints for non-subscriptable types by @​nfer in DetachHead#1797

New Contributors

• @​charliecloudberry made their first contribution in DetachHead#1643
• @​nfer made their first contribution in DetachHead#1797

Full Changelog: DetachHead/basedpyright@v1.39.3...v1.39.4

v1.39.3: (pyright 1.1.409)

Compare Source

What's Changed

• fix docs site not being deployed, which was caused by some changes I made to improve the security of our CI by @​DetachHead in DetachHead#1782

Full Changelog: DetachHead/basedpyright@v1.39.2...v1.39.3

v1.39.2: (pyright 1.1.409)

Compare Source

What's Changed

• fix basedpyright being broken in the playground caused by browser-basedpyright being published with nothing in it by @​DetachHead in DetachHead#1778

Full Changelog: DetachHead/basedpyright@v1.39.1...v1.39.2

v1.39.1: (pyright 1.1.409)

Compare Source

What's Changed

• Chinese (Simplified) localization update (2026.04) by @​NCBM in DetachHead#1767
• Merge pyright 1.1.409 by @​DetachHead in DetachHead#1777

Full Changelog: DetachHead/basedpyright@v1.39.0...v1.39.1

v1.39.0: (pyright 1.1.408)

Compare Source

What's Changed

new diagnostic rule - reportEmptyAbstractUsage

pyright only reports an error when you instantiate an abstract class that has unimplemented abstract methods. but a class that explicitly extends ABC (or uses ABCMeta) with no abstract methods can also be instantiated, and pyright has no issue with that:

from abc import ABC

class Foo(ABC):
    """abstract class with no abstract methods"""

foo = Foo()  # no error

but the author of the class likely intended this class not to be used directly, and instead subtyped. so if a class extends ABC but defines no abstract methods, instantiating it is likely unintentional.

the reportEmptyAbstractUsage rule flags such instantiations. see the docs for more info.

implemented by @​KotlinIsland in DetachHead#1748 (some fixes by @​detachhead in DetachHead#1766)

Full Changelog: DetachHead/basedpyright@v1.38.4...v1.39.0

v1.38.4: (pyright 1.1.408)

Compare Source

What's Changed

• fix typing_extensions auto-import being treated as first party by @​beauxq in DetachHead#1754
• fix "Received redundant open text document command" error when viewing previous versions of a notebook in vscode's timeline view by @​DetachHead in DetachHead#1758
• format python codeblocks in the docs using ruff by @​DetachHead in DetachHead#1759
• use @core-js/pure to polyfill newer js features by @​DetachHead in DetachHead#1760

Full Changelog: DetachHead/basedpyright@v1.38.3...v1.38.4

v1.38.3: (pyright 1.1.408)

Compare Source

What's Changed

• fix ordering of code actions and don't show # pyright:ignore[reportImportCycles] code action because it doesn't work by @​NCBM in DetachHead#1753

Full Changelog: DetachHead/basedpyright@v1.38.2...v1.38.3

v1.38.2: (pyright 1.1.408)

Compare Source

What's Changed

• Improved semantic tokens for keyword arguments by @​KurtBoehm in DetachHead#1740
• Hover messages and jump-to-definition for call expressions by @​KurtBoehm in DetachHead#1741

Full Changelog: DetachHead/basedpyright@v1.38.1...v1.38.2

v1.38.1: (pyright 1.1.408)

Compare Source

What's Changed

• fix language server crash on abstract setter with no parameter by @​DetachHead in DetachHead#1732
• fix docstrings for compiled builtin stubs not being generated for older python versions by @​DetachHead in DetachHead#1733
• Allow TYPE_CHECKING guards in match statements by @​grahamcracker1234 in DetachHead#1726

New Contributors

• @​grahamcracker1234 made their first contribution in DetachHead#1726

Full Changelog: DetachHead/basedpyright@v1.38.0...v1.38.1

v1.38.0: (pyright 1.1.408)

Compare Source

What's Changed

• show the default value from the implementation signature when displaying an overload signature (eg. hover and signature help) if its default value is an ellipsis by @​DetachHead in DetachHead#1717
• fix: don't comment out return types in stub generation by @​veeceey in DetachHead#1724
• add more quick fixes for specific error types by @​NCBM in DetachHead#1721
  • reportUnnecessaryCast
  • reportUnusedCallResult
  • reportSelfClsDefault
• fix logged message for pyright executable fallback in vscode extension by @​veeceey in DetachHead#1723

New Contributors

• @​veeceey made their first contribution in DetachHead#1724

Full Changelog: DetachHead/basedpyright@v1.37.4...v1.38.0

v1.37.4: (pyright 1.1.408)

Compare Source

What's Changed

• fix $schema being reported as unrecognized setting in config files by @​jaenw in DetachHead#1714
• update badge with logo & new background colour by @​DetachHead & @​NCBM in DetachHead#1716

New Contributors

• @​jaenw made their first contribution in DetachHead#1714

Full Changelog: DetachHead/basedpyright@v1.37.3...v1.37.4

v1.37.3: (pyright 1.1.408)

Compare Source

What's Changed

• fix infinite recursion crash when subject of match statement of type Never is used in the left side of a call in the case block by @​DetachHead in DetachHead#1711

Full Changelog: DetachHead/basedpyright@v1.37.2...v1.37.3

v1.37.2: (pyright 1.1.408)

Compare Source

What's Changed

• fix reference to non-existent baseline mode in the docs by @​DetachHead in DetachHead#1699
• No hover messages or jump-to-definition for literals by @​KurtBoehm in DetachHead#1706

Full Changelog: DetachHead/basedpyright@v1.37.1...v1.37.2

v1.37.1: (pyright 1.1.408)

Compare Source

What's Changed

• Merge 1.1.408 by @​DetachHead in DetachHead#1696

Full Changelog: DetachHead/basedpyright@v1.37.0...v1.37.1

v1.37.0: (pyright 1.1.407)

Compare Source

What's Changed

• fix skip_replace hack documentation by @​decorator-factory in DetachHead#1686
• add code action quick-fix to add @override by @​NCBM in DetachHead#1680
• Chinese (Simplified) translation update (2026.01) by @​NCBM in DetachHead#1691
• Add baselineMode setting for the language server by @​andyscho in DetachHead#1693

New Contributors

• @​andyscho made their first contribution in DetachHead#1693

Full Changelog: DetachHead/basedpyright@v1.36.2...v1.37.0

v1.36.2: (pyright 1.1.407)

Compare Source

What's Changed

• Fix out of bounds top-level activeParameter being set when an individual signature has an activeParameter by @​DetachHead in DetachHead#1681
• Add hint support to # pyright doc-level directives by @​finite-state-machine in DetachHead#1679
• fix basedpyright --writebaseline not working if there are changes to write but the total error count didn't change by @​DetachHead in DetachHead#1685

New Contributors

• @​finite-state-machine made their first contribution in DetachHead#1679

Full Changelog: DetachHead/basedpyright@v1.36.1...v1.36.2

v1.36.1: (pyright 1.1.407)

Compare Source

What's Changed

• fix an issue introduced in 1.36.0 that broke the browser version of basedpyright used in the playground by @​DetachHead in DetachHead#1675

Full Changelog: DetachHead/basedpyright@v1.36.0...v1.36.1

v1.36.0: (pyright 1.1.407)

Compare Source

What's Changed

• fail in CI if baseline file needs updating and add --baselinemode cli argument by @​DetachHead in DetachHead#1667
• Improve semantic tokens for Any, unknown, and unions by @​KurtBoehm in DetachHead#1670

Full Changelog: DetachHead/basedpyright@v1.35.0...v1.36.0

coveragepy/coveragepy (coverage)

v7.14.0

Compare Source

• Feature: now when running one of the reporting commands, if there are
  parallel data files that need combining, they will be implicitly combined
  before creating the report. There is no option to avoid the combination; let
  us know if you have a use case that requires it. Thanks, Tim Hatch <pull 2162_>. Closes issue 1781.

• Fix: the output from combine was too verbose, listing each file
  considered. Now it shows a single line with the counts of files combined,
  files skipped, and files with errors. The -q flag suppresses this line.
  The old detailed lines are available with the new --debug=combine option.

• Fix: running a Python file through a symlink now sets the sys.path correctly,
  matching regular Python behavior. Fixes issue 2157_.

• Fix: Collector.flush_data could fail with "RuntimeError: Set changed
  size during iteration" when a tracer in another thread added a line to the
  per-file set that add_lines (or add_arcs) was iterating. The values
  passed to CoverageData are now snapshotted via dict.copy() and
  set.copy(), which are atomic under the GIL. Thanks, Alex Vandiver <pull 2165_>_.

• Fix: the soft keyword lazy is now bolded in HTML reports.

• We are no longer testing eventlet support. Eventlet started issuing stern
  deprecation warnings that break our tests. Our support code is still there.

.. _issue 1781: #​1781
.. _issue 2157: #​2157
.. _pull 2162: #​2162
.. _pull 2165: #​2165

.. _changes_7-13-5:

v7.13.5

Compare Source

• Fix: issue 2138_ describes a memory leak that happened when repeatedly
  using the Coverage API with in-memory data. This is now fixed.

• Fix: the markdown-formatted coverage report didn't fully escape special
  characters in file paths (issue 2141). This would be very unlikely to
  cause a problem, but now it's done properly, thanks to Ellie Ayla <pull 2142_>.

• Fix: the C extension wouldn't build on VS2019, but now it does (issue 2145_).

.. _issue 2138: #​2138
.. _issue 2141: #​2141
.. _pull 2142: #​2142
.. _issue 2145: #​2145

.. _changes_7-13-4:

v7.13.4

Compare Source

• Fix: the third-party code fix in 7.13.3 required examining the parent
  directories where coverage was run. In the unusual situation that one of the
  parent directories is unreadable, a PermissionError would occur, as
  described in issue 2129_. This is now fixed.

• Fix: in test suites that change sys.path, coverage.py could fail with
  "RuntimeError: Set changed size during iteration" as described and fixed in
  pull 2130_. Thanks, Noah Fatsi.

• We now publish ppc64le wheels, thanks to Pankhudi Jain <pull 2121_>_.

.. _pull 2121: #​2121
.. _issue 2129: #​2129
.. _pull 2130: #​2130

.. _changes_7-13-3:

v7.13.3

Compare Source

• Fix: in some situations, third-party code was measured when it shouldn't have
  been, slowing down test execution. This happened with layered virtual
  environments such as uv sometimes makes. The problem is fixed, closing issue 2082_. Now any directory on sys.path that is inside a virtualenv is
  considered third-party code.

.. _issue 2082: #​2082

.. _changes_7-13-2:

v7.13.2

Compare Source

• Fix: when Python is installed via symlinks, for example with Homebrew, the
  standard library files could be incorrectly included in coverage reports.
  This is now fixed, closing issue 2115_.

• Fix: if a data file is created with no read permissions, the combine step
  would fail completely. Now a warning is issued and the file is skipped.
  Closes issue 2117_.

.. _issue 2115: #​2115
.. _issue 2117: #​2117

.. _changes_7-13-1:

v7.13.1

Compare Source

• Added: the JSON report now includes a "start_line" key for function and
  class regions, indicating the first line of the region in the source. Closes
  issue 2110_.

• Added: The debug data command now takes file names as arguments on the
  command line, so you can inspect specific data files without needing to set
  the COVERAGE_FILE environment variable.

• Fix: the JSON report used to report module docstrings as executed lines,
  which no other report did, as described in issue 2105_. This is now fixed,
  thanks to Jianrong Zhao.

• Fix: coverage.py uses a more disciplined approach to detecting where
  third-party code is installed, and avoids measuring it. This shouldn't change
  any behavior. If you find that it does, please get in touch.

• Performance: data files that will be combined now record their hash as part
  of the file name. This lets us skip duplicate data more quickly, speeding the
  combining step.

• Docs: added a section explaining more about what is considered a missing
  branch and how it is reported: :ref:branch_explain, as requested in issue 1597. Thanks to Ayisha Mohammed <pull 2092_>.

• Tests: the test suite misunderstood what core was being tested if
  COVERAGE_CORE wasn't set on 3.14+. This is now fixed, closing issue 2109_.

.. _issue 1597: #​1597
.. _pull 2092: #​2092
.. _issue 2105: #​2105
.. _issue 2109: #​2109
.. _issue 2110: #​2110

.. _changes_7-13-0:

v7.13.0

Compare Source

• Feature: coverage.py now supports :file:.coveragerc.toml configuration
  files. These files use TOML syntax and take priority over
  :file:pyproject.toml but lower priority than :file:.coveragerc files.
  Closes issue 1643_ thanks to Olena Yefymenko <pull 1952_>_.

• Fix: we now include a permanent .pth file which is installed with the code,
  fixing issue 2084. In 7.12.1b1 this was done incorrectly: it didn't work
  when using the source wheel (py3-none-any). This is now fixed. Thanks,
  Henry Schreiner <pull 2100_>.

• Deprecated: when coverage.py is installed, it creates three command entry
  points: coverage, coverage3, and coverage-3.10 (if installed for
  Python 3.10). The second and third of these are not needed and will
  eventually be removed. They still work for now, but print a message about
  their deprecation.

.. _issue 1643: #​1643
.. _pull 1952: #​1952
.. _pull 2100: #​2100

.. _changes_7-12-1b1:

python/mypy (mypy)

v1.20.2

Compare Source

v1.20.1

Compare Source

• Always disable sync in SQLite cache (Ivan Levkivskyi, PR 21184)
• Temporarily skip few base64 tests (Ivan Levkivskyi, PR 21193)
• Revert dict.__or__ typeshed change (Ivan Levkivskyi, PR 21186)
• Fix narrowing for match case with variadic tuples (Shantanu, PR 21192)
• Avoid narrowing type[T] in type calls (Shantanu, PR 21174)
• Fix regression for catching empty tuple in except (Shantanu, PR 21153)
• Fix reachability for frozenset and dict view narrowing (Shantanu, PR 21151)
• Fix narrowing with chained comparison (Shantanu, PR 21150)
• Avoid narrowing to unreachable at module level (Shantanu, PR 21144)
• Allow dangerous identity comparisons to Any typed variables (Shantanu, PR 21142)
• --warn-unused-config should not be a strict flag (Ivan Levkivskyi, PR 21139)

v1.20.0

Compare Source

v1.19.1

Compare Source

• Fix noncommutative joins with bounded TypeVars (Shantanu, PR 20345)
• Respect output format for cached runs by serializing raw errors in cache metas (Ivan Levkivskyi, PR 20372)
• Allow types.NoneType in match cases (A5rocks, PR 20383)
• Fix mypyc generator regression with empty tuple (BobTheBuidler, PR 20371)
• Fix crash involving Unpack-ed TypeVarTuple (Shantanu, PR 20323)
• Fix crash on star import of redefinition (Ivan Levkivskyi, PR 20333)
• Fix crash on typevar with forward ref used in other module (Ivan Levkivskyi, PR 20334)
• Fail with an explicit error on PyPy (Ivan Levkivskyi, PR 20389)

sdispater/pendulum (pendulum)

v3.2.0

Compare Source

Added

• Added support for Python 3.14 #​923
• Added upper limit to time-machine dependency #​931

Changed

• Dropped support for PyPy below PyPy3.11 #​937
• Optimize usage of re. methods #​741
• Fixed pendulum.parse not being marked as exported #​693
• Fixed pendulum.parse('now', tz='...') ignoring the timezone #​701
• Use pathlib to read Unix TZ data #​742
• Fixed Interval deepcopying #​850
• Fixed typo in end_of('century') docs #​910
• Bumped PyO3 to 0.27 #​922
• Fixed incorrect date offset calculation in Rust extensions #​918
• Changed locales and pytest to be lazy loaded #​926
• Fixed error of Duration deepcopy not including weeks #​933
• Fixed empty Durations not being an error in Python ISO8601 parser implementation #​903
• Fixed parsing invalid interval string #​860
• Fixed pluralization bug in Duration.in_words() #​826

Locales

• Added HI (Hindi) locale #​902

Removed

• Removed dependency on pytz #​911

pre-commit/pre-commit (pre-commit)

v4.6.0

Compare Source

==================

Features

• pre-commit hook-impl: allow --hook-dir to be missing to enable easier
  usage with git 2.54+ git hooks.
  • #​3662 PR by @​asottile.

Fixes

• pre-commit hook-impl: --hook-type is required.
  • #​3661 PR by @​asottile.

v4.5.1

Compare Source

==================

Fixes

• Fix language: python with repo: local without additional_dependencies.
  • #​3597 PR by @​asottile.

pytest-dev/pytest-cov (pytest-cov)

v7.1.0

Compare Source

• Fixed total coverage computation to always be consistent, regardless of reporting settings.
  Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on
  reporting options.
  See #&#8203;641 <https://github.com/pytest-dev/pytest-cov/issues/641>_.

• Improve handling of ResourceWarning from sqlite3.

  The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0).
  It checks if there is already existing plugin for this message by comparing filter regular expression.
  When filter is specified on command line the message is escaped and does not match an expected message.
  A check for an escaped regular expression is added to handle this case.

  With this fix one can suppress ResourceWarning from sqlite3 from command line::

  pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

• Various improvements to documentation.
  Contributed by Art Pelling in #&#8203;718 <https://github.com/pytest-dev/pytest-cov/pull/718>_ and
  "vivodi" in #&#8203;738 <https://github.com/pytest-dev/pytest-cov/pull/738>.
  Also closed #&#8203;736 <https://github.com/pytest-dev/pytest-cov/issues/736>.

• Fixed some assertions in tests.
  Contributed by in Markéta Machová in #&#8203;722 <https://github.com/pytest-dev/pytest-cov/pull/722>_.

• Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

astral-sh/ruff (ruff)

v0.15.13

Compare Source

Released on 2026-05-14.

Preview features

• Add a rule to flag lazy imports that are eagerly evaluated (#​25016)
• [pylint] Standardize diagnostic message (PLR0914, PLR0917) (#​24996)

Bug fixes

• Fix F811 false positive for class methods (#​24933)
• Fix setting selection for multi-folder workspace (#​24819)
• [eradicate] Fix false positive for lines with leading whitespace (ERA001) (#​25122)
• [flake8-pyi] Fix false positive for f-string debug specifier (PYI016) (#​24098)

Rule changes

• Always include panic payload in panic diagnostic message (#​24873)
• Restrict PYI034 for in-place operations to enclosing class (#​24511)
• Improve error message for parameters that are declared global (#​24902)
• Update known stdlib (#​25103)

Performance

• [isort] Avoid constructing glob::Patterns for literal known modules (#​25123)

CLI

• Add TOML examples to --config help text (#​25013)
• Colorize ruff check 'All checks passed' (#​25085)

Configuration

• Increase max allowed value of line-length setting (#​24962)

Documentation

• Add D203 to rules that conflict with the formatter (#​25044)
• Clarify COM819 and formatter interaction (#​25045)
• Clarify that NotImplemented is a value, not an exception (F901) (#​25054)
• Update number of lint rules supported (#​24942)

Other changes

• Simplify the playground's markdown template (#​24924)

Contributors

• @​MichaReiser
• @​brian-c11
• @​Andrej730
• @​denyszhak
• @​darestack
• @​sharkdp
• @​charliermarsh
• @​EkriirkE
• @​eyupcanakman
• @​Hrk84ya
• @​thernstig
• @​ntBre

v0.15.12

Compare Source

Released on 2026-04-24.

Preview features

• Implement #ruff:file-ignore file-level suppressions (#​23599)
• Implement #ruff:ignore logical-line suppressions (#​23404)
• Revert preview changes to displayed diagnostic severity in LSP (#​24789)
• [airflow] Implement task-branch-as-short-circuit (AIR004) (#​23579)
• [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#​24440)
• [pylint] Fix PLC2701 for type parameter scopes (#​24576)

Rule changes

• [pandas-vet] Suggest .array as well in PD011 (#​24805)

CLI

• Respect default Unix permissions for cache files (#​24794)

Documentation

• [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#​24749)
• [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#​24153)
• Improve rules table accessibility (#​24711)

Contributors

• @​dylwil3
• @​AlexWaygood
• @​woodruffw
• @​avasis-ai
• @​Dev-iL
• @​denyszhak
• @​ShipItAndPray
• @​anishgirianish
• @​augustelalande
• @​amyreese
• @​majiayu000

v0.15.11

Compare Source

Released on 2026-04-16.

Preview features

• [ruff] Ignore RUF029 when function is decorated with asynccontextmanager (#​24642)
• [airflow] Implement airflow-xcom-pull-in-template-string (AIR201) (#​23583)
• [flake8-bandit] Fix S103 false positives and negatives in mask analysis (#​24424)

Bug fixes

• [flake8-async] Omit overridden methods for ASYNC109 (#​24648)

Documentation

• [flake8-async] Add override mention to ASYNC109 docs (#​24666)
• Update Neovim config examples to use vim.lsp.config (#​24577)

Contributors

• @​augustelalande
• @​anishgirianish
• @​benberryallwood
• @​charliermarsh
• @​Dev-iL

v0.15.10

Compare Source

Released on 2026-04-09.

Preview features

• [flake8-logging] Allow closures in except handlers (LOG004) (#​24464)
• [flake8-self] Make SLF diagnostics robust to non-self-named variables (#​24281)
• [flake8-simplify] Make the fix for collapsible-if safe in preview (SIM102) (#​24371)

Bug fixes

• Avoid emitting multi-line f-string elements before Python 3.12 (#​24377)
• Avoid syntax error from E502 fixes in f-strings and t-strings (#​24410)
• Strip form feeds from indent passed to dedent_to (#​24381)
• [pyupgrade] Fix panic caused by handling of octals (UP012) (#​24390)
• Reject multi-line f-string elements before Python 3.12 (#​24355)

Rule changes

• [ruff] Treat f-string interpolation as potential side effect (RUF019) (#​24426)

Server

• Add support for custom file extensions (#​24463)

Documentation

• Document adding fixes in CONTRIBUTING.md (#​24393)
• Fix JSON typo in settings example (#​24517)

Contributors

• @​charliermarsh
• @​dylwil3
• @​silverstein
• @​anishgirianish
• @​shizukushq
• @​zanieb
• @​AlexWaygood

v0.15.9

Compare Source

Released on 2026-04-02.

Preview features

• [pyflakes] Flag annotated variable redeclarations as F811 in preview mode (#​24244)
• [ruff] Allow dunder-named assignments in non-strict mode for RUF067 (#​24089)

Bug fixes

• [flake8-errmsg] Avoid shadowing existing msg in fix for EM101 (#​24363)
• [flake8-simplify] Ignore pre-initialization references in SIM113 (#​24235)
• [pycodestyle] Fix W391 fixes for consecutive empty notebook cells (#​24236)
• [pyupgrade] Fix UP008 nested class matching (#​24273)
• [pyupgrade] Ignore strings with string-only escapes (UP012) (#​16058)
• [ruff] RUF072: skip formfeeds on dedent (#​24308)
• [ruff] Avoid re-using symbol in RUF024 fix (#​24316)
• [ruff] Parenthesize expression in RUF050 fix (#​24234)
• Disallow starred expressions as values of starred expressions (#​24280)

Rule changes

• [flake8-simplify] Suppress SIM105 for except* before Python 3.12 (#​23869)
• [pyflakes] Extend F507 to flag %-format strings with zero placeholders (#​24215)
• [pyupgrade] UP018 should detect more unnecessarily wrapped literals (UP018) (#​24093)
• [pyupgrade] Fix UP008 callable scope handling to support lambdas (#​24274)
• [ruff] RUF010: Mark fix as unsafe when it deletes a comment (#​24270)

Formatter

• Add nested-string-quote-style formatting option (#​24312)

Documentation

• [flake8-bugbear] Clarify RUF071 fix safety for non-path string comparisons (#​24149)
• [flake8-type-checking] Clarify import cycle wording for TC001/TC002/TC003 (#​24322)

Other changes

• Avoid rendering fix lines with trailing whitespace after | (#​24343)

Contributors

• @​charliermarsh
• @​MichaReiser
• @​tranhoangtu-it
• @​dylwil3
• @​zsol
• @​renovate
• @​bitloi
• @​danparizher
• @​chinar-amrutkar
• @​second-ed
• @​getehen
• @​Redovo1
• @​matthewlloyd
• @​zanieb
• @​InSyncWithFoo
• @​RenzoMXD

v0.15.8

Compare Source

Released on 2026-03-26.

Preview features

• [ruff] New rule unnecessary-if (RUF050) (#​24114)
• [ruff] New rule useless-finally (RUF072) (#​24165)
• [ruff] New rule f-string-percent-format (RUF073): warn when using % operator on an f-string (#​24162)
• [pyflakes] Recognize frozendict as a builtin for Python 3.15+ (#​24100)

Bug fixes

• [flake8-async] Use fully-qualified anyio.lowlevel import in autofix (ASYNC115) (#​24166)
• [flake8-bandit] Check tuple arguments for partial paths in S607 (#​24080)
• [pyflakes] Skip undefined-name (F821) for conditionally deleted variables (#​24088)
• E501/W505/formatter: Exclude nested pragma comments from line width calculation (#​24071)
• Fix %foo? parsing in IPython assignment expressions (#​24152)
• analyze graph: resolve string imports that reference attributes, not just modules (#​24058)

Rule changes

• [eradicate] ignore ty: ignore comments in ERA001 (#​24192)
• [flake8-bandit] Treat sys.executable as trusted input in S603 (#​24106)
• [flake8-self] Recognize Self annotation and self assignment in SLF001 (#​24144)
• [pyflakes] F507: Fix false negative for non-tuple RHS in %-formatting (#​24142)
• [refurb] Parenthesize generator arguments in FURB142 fixer (#​24200)

Performance

• Speed up diagnostic rendering (#​24146)

Server

• Warn when Markdown files are skipped due to preview being disabled (#​24150)

Documentation

• Clarify extend-ignore and extend-select settings documentation (#​24064)
• Mention AI policy in PR template (#​24198)

Other changes

• Use trusted publishing for NPM packages (#​24171)

Contributors

• @​bitloi
• @​Sim-hu
• @​mvanhorn
• @​chinar-amrutkar
• @​markjm
• @​RenzoMXD
• @​vivekkhimani
• @​seroperson
• @​moktamd
• @​charliermarsh
• @​ntBre
• @​zanieb
• @​dylwil3
• @​MichaReiser

v0.15.7

Compare Source

Released on 2026-03-19.

Preview features

• Display output severity in preview (#​23845)
• Don't show noqa hover for non-Python documents (#​24040)

Rule changes

• [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#​24019)

Server

• Don't return code actions for non-Python documents (#​23905)

Documentation

• Add company AI policy to contributing guide (#​24021)
• Document editor features for Markdown code formatting (#​23924)
• [pylint] Improve phrasing (PLC0208) (#​24033)

Other changes

• Use PEP 639 license information (#​19661)

Contributors

• @​tmimmanuel
• @​DimitriPapadopoulos
• @​amyreese
• @​statxc
• @​dylwil3
• @​hunterhogan
• @​renovate

v0.15.6

Compare Source

Released on 2026-03-12.

Preview features

• Add support for lazy import parsing (#​23755)
• Add support for star-unpack

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (in timezone America/Chicago)

• Branch creation
  • Between 12:00 AM and 03:59 AM (* 0-3 * * *)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 65.99%. Comparing base (eeb24a6) to head (c6421d7).

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #855   +/-   ##
=======================================
  Coverage   65.99%   65.99%           
=======================================
  Files          46       46           
  Lines        2926     2926           
  Branches      342      342           
=======================================
  Hits         1931     1931           
  Misses        954      954           
  Partials       41       41           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: poetry.lock

Updating dependencies
Resolving dependencies...

Creating virtualenv erasmus in /tmp/renovate/repos/github/bryanforbes/Erasmus/.venv

Because botus-receptus[sqlalchemy,uvloop] (25.6.1) @ git+https://github.com/bryanforbes/botus_receptus.git@v25.6.1 depends on pendulum (~3.1.0)
 and pendulum[test] (3.2.0) depends on pendulum (3.2.0), botus-receptus[sqlalchemy,uvloop] (25.6.1) @ git+https://github.com/bryanforbes/botus_receptus.git@v25.6.1 is incompatible with pendulum[test] (3.2.0).
So, because erasmus depends on both botus_receptus[sqlalchemy,uvloop] (25.6.1) @ git+https://github.com/bryanforbes/botus_receptus.git@v25.6.1 and pendulum[test] (3.2.0), version solving failed.