chore(deps): update all dependencies

Open renovate[bot] opened this issue 1 year ago • 0 comments

This PR contains the following updates:

Package	Change	Type	Update
bandit (source, changelog)	`1.7.7` -> `1.7.8`	dev-dependencies	patch
black (changelog)	`24.2.0` -> `24.4.2`	dev-dependencies	minor
mypy (source, changelog)	`1.8.0` -> `1.10.0`	dev-dependencies	minor
pytest (changelog)	`8.0.2` -> `8.2.1`	dev-dependencies	minor
pytest-cov (changelog)	`4.1.0` -> `5.0.0`	dev-dependencies	major
python	`3.12.2` -> `3.12.3`		patch
python	`3.12.2-slim-bookworm` -> `3.12.3-slim-bookworm`	final	patch
ruff (source, changelog)	`0.3.0` -> `0.4.4`	dev-dependencies	minor

Release Notes

PyCQA/bandit (bandit)

`v1.7.8`

Compare Source

What's Changed

Incorrect tag naming in readme by @lukehinds in https://github.com/PyCQA/bandit/pull/1105
Utilize PyPI's trusted publishing by @ericwb in https://github.com/PyCQA/bandit/pull/1107
Bump sigstore/cosign-installer from 3.3.0 to 3.4.0 by @dependabot in https://github.com/PyCQA/bandit/pull/1109
Add 1.7.7 to versions of bug template by @ericwb in https://github.com/PyCQA/bandit/pull/1110
Use datetime to avoid updating copyright year by @ericwb in https://github.com/PyCQA/bandit/pull/1112
filter data is safe for tarfile extractall by @etienneschalk in https://github.com/PyCQA/bandit/pull/1111
Bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by @dependabot in https://github.com/PyCQA/bandit/pull/1115
[B605] Add functions that are vulnerable to shell injection. by @shihai1991 in https://github.com/PyCQA/bandit/pull/1116
Add a SARIF output formatter by @ericwb in https://github.com/PyCQA/bandit/pull/1113

New Contributors

@etienneschalk made their first contribution in https://github.com/PyCQA/bandit/pull/1111
@shihai1991 made their first contribution in https://github.com/PyCQA/bandit/pull/1116

Full Changelog: https://github.com/PyCQA/bandit/compare/1.7.7...1.7.8

psf/black (black)

`v24.4.2`

Compare Source

This is a bugfix release to fix two regressions in the new f-string parser introduced in 24.4.1.

Parser

Fix regression where certain complex f-strings failed to parse (#4332)

Performance

Fix bad performance on certain complex string literals (#4331)

`v24.4.1`

Compare Source

Highlights

Add support for the new Python 3.12 f-string syntax introduced by PEP 701 (#3822)

Stable style

Fix crash involving indented dummy functions containing newlines (#4318)

Parser

Add support for type parameter defaults, a new syntactic feature added to Python 3.13 by PEP 696 (#4327)

Integrations

Github Action now works even when git archive is skipped (#4313)

`v24.4.0`

Compare Source

Stable style

Fix unwanted crashes caused by AST equivalency check (#4290)

Preview style

if guards in case blocks are now wrapped in parentheses when the line is too long. (#4269)
Stop moving multiline strings to a new line unless inside brackets (#4289)

Integrations

Add a new option use_pyproject to the GitHub Action psf/black. This will read the Black version from pyproject.toml. (#4294)

This release is a milestone: it fixes Black's first CVE security vulnerability. If you run Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings, you are strongly encouraged to upgrade immediately to fix CVE-2024-21503.

This release also fixes a bug in Black's AST safety check that allowed Black to make incorrect changes to certain f-strings that are valid in Python 3.12 and higher.

Stable style

Don't move comments along with delimiters, which could cause crashes (#4248)
Strengthen AST safety check to catch more unsafe changes to strings. Previous versions of Black would incorrectly format the contents of certain unusual f-strings containing nested strings with the same quote type. Now, Black will crash on such strings until support for the new f-string syntax is implemented. (#4270)
Fix a bug where line-ranges exceeding the last code line would not work as expected (#4273)

Performance

Fix catastrophic performance on docstrings that contain large numbers of leading tab characters. This fixes CVE-2024-21503. (#4278)

Documentation

Note what happens when --check is used with --quiet (#4236)

python/mypy (mypy)

`v1.10.0`

Compare Source

`v1.9.0`

Compare Source

pytest-dev/pytest (pytest)

`v8.2.1`

Compare Source

pytest 8.2.1 (2024-05-19)

Improvements

#12334: Support for Python 3.13 (beta1 at the time of writing).

Bug Fixes

#12120: Fix [PermissionError]{.title-ref} crashes arising from directories which are not selected on the command-line.
#12191: Keyboard interrupts and system exits are now properly handled during the test collection.
#12300: Fixed handling of 'Function not implemented' error under squashfuse_ll, which is a different way to say that the mountpoint is read-only.
#12308: Fix a regression in pytest 8.2.0 where the permissions of automatically-created .pytest_cache directories became rwx------ instead of the expected rwxr-xr-x.

Trivial/Internal Changes

#12333: pytest releases are now attested using the recent Artifact Attestation support from GitHub, allowing users to verify the provenance of pytest's sdist and wheel artifacts.

`v8.2.0`

Compare Source

pytest 8.2.0 (2024-04-27)

Deprecations

#12069: A deprecation warning is now raised when implementations of one of the following hooks request a deprecated py.path.local parameter instead of the pathlib.Path parameter which replaced it:
- pytest_ignore_collect{.interpreted-text role="hook"} - the path parameter - use collection_path instead.
- pytest_collect_file{.interpreted-text role="hook"} - the path parameter - use file_path instead.
- pytest_pycollect_makemodule{.interpreted-text role="hook"} - the path parameter - use module_path instead.
- pytest_report_header{.interpreted-text role="hook"} - the startdir parameter - use start_path instead.
- pytest_report_collectionfinish{.interpreted-text role="hook"} - the startdir parameter - use start_path instead.
The replacement parameters are available since pytest 7.0.0. The old parameters will be removed in pytest 9.0.0.

See legacy-path-hooks-deprecated{.interpreted-text role="ref"} for more details.

Features

#11871: Added support for reading command line arguments from a file using the prefix character @, like e.g.: pytest @tests.txt. The file must have one argument per line.

See Read arguments from file <args-from-file>{.interpreted-text role="ref"} for details.

Improvements

#11523: pytest.importorskip{.interpreted-text role="func"} will now issue a warning if the module could be found, but raised ImportError{.interpreted-text role="class"} instead of ModuleNotFoundError{.interpreted-text role="class"}.

The warning can be suppressed by passing exc_type=ImportError to pytest.importorskip{.interpreted-text role="func"}.

See import-or-skip-import-error{.interpreted-text role="ref"} for details.
#11728: For unittest-based tests, exceptions during class cleanup (as raised by functions registered with TestCase.addClassCleanup <unittest.TestCase.addClassCleanup>{.interpreted-text role="meth"}) are now reported instead of silently failing.
#11777: Text is no longer truncated in the short test summary info section when -vv is given.
#12112: Improved namespace packages detection when consider_namespace_packages{.interpreted-text role="confval"} is enabled, covering more situations (like editable installs).
#9502: Added PYTEST_VERSION{.interpreted-text role="envvar"} environment variable which is defined at the start of the pytest session and undefined afterwards. It contains the value of pytest.__version__, and among other things can be used to easily check if code is running from within a pytest run.

Bug Fixes

#12065: Fixed a regression in pytest 8.0.0 where test classes containing setup_method and tests using @staticmethod or @classmethod would crash with AttributeError: 'NoneType' object has no attribute 'setup_method'.

Now the request.instance <pytest.FixtureRequest.instance>{.interpreted-text role="attr"} attribute of tests using @staticmethod and @classmethod is no longer None, but a fresh instance of the class, like in non-static methods. Previously it was None, and all fixtures of such tests would share a single self.
#12135: Fixed issue where fixtures adding their finalizer multiple times to fixtures they request would cause unreliable and non-intuitive teardown ordering in some instances.
#12194: Fixed a bug with --importmode=importlib and --doctest-modules where child modules did not appear as attributes in parent modules.
#1489: Fixed some instances where teardown of higher-scoped fixtures was not happening in the reverse order they were initialized in.

Trivial/Internal Changes

#12069: pluggy>=1.5.0 is now required.
#12167: cache <cache>{.interpreted-text role="ref"}: create supporting files (CACHEDIR.TAG, .gitignore, etc.) in a temporary directory to provide atomic semantics.

`v8.1.2`

Compare Source

pytest 8.1.2 (2024-04-26)

Bug Fixes

#12114: Fixed error in pytest.approx{.interpreted-text role="func"} when used with [numpy]{.title-ref} arrays and comparing with other types.

`v8.1.1`

Compare Source

pytest 8.1.1 (2024-03-08)

::: {.note} ::: {.title} Note :::

This release is not a usual bug fix release -- it contains features and improvements, being a follow up to 8.1.0, which has been yanked from PyPI. :::

Features

#11475: Added the new consider_namespace_packages{.interpreted-text role="confval"} configuration option, defaulting to False.

If set to True, pytest will attempt to identify modules that are part of namespace packages when importing modules.
#11653: Added the new verbosity_test_cases{.interpreted-text role="confval"} configuration option for fine-grained control of test execution verbosity. See Fine-grained verbosity <pytest.fine_grained_verbosity>{.interpreted-text role="ref"} for more details.

Improvements

#10865: pytest.warns{.interpreted-text role="func"} now validates that warnings.warn{.interpreted-text role="func"} was called with a [str]{.title-ref} or a [Warning]{.title-ref}. Currently in Python it is possible to use other types, however this causes an exception when warnings.filterwarnings{.interpreted-text role="func"} is used to filter those warnings (see CPython #103577 for a discussion). While this can be considered a bug in CPython, we decided to put guards in pytest as the error message produced without this check in place is confusing.
#11311: When using --override-ini for paths in invocations without a configuration file defined, the current working directory is used as the relative directory.

Previoulsy this would raise an AssertionError{.interpreted-text role="class"}.
#11475: --import-mode=importlib <import-mode-importlib>{.interpreted-text role="ref"} now tries to import modules using the standard import mechanism (but still without changing :pysys.path{.interpreted-text role="data"}), falling back to importing modules directly only if that fails.

This means that installed packages will be imported under their canonical name if possible first, for example app.core.models, instead of having the module name always be derived from their path (for example .env310.lib.site_packages.app.core.models).
#11801: Added the iter_parents() <_pytest.nodes.Node.iter_parents>{.interpreted-text role="func"} helper method on nodes. It is similar to listchain <_pytest.nodes.Node.listchain>{.interpreted-text role="func"}, but goes from bottom to top, and returns an iterator, not a list.
#11850: Added support for sys.last_exc{.interpreted-text role="data"} for post-mortem debugging on Python>=3.12.
#11962: In case no other suitable candidates for configuration file are found, a pyproject.toml (even without a [tool.pytest.ini_options] table) will be considered as the configuration file and define the rootdir.
#11978: Add --log-file-mode option to the logging plugin, enabling appending to log-files. This option accepts either "w" or "a" and defaults to "w".

Previously, the mode was hard-coded to be "w" which truncates the file before logging.
#12047: When multiple finalizers of a fixture raise an exception, now all exceptions are reported as an exception group. Previously, only the first exception was reported.

Bug Fixes

#11475: Fixed regression where --importmode=importlib would import non-test modules more than once.
#11904: Fixed a regression in pytest 8.0.0 that would cause test collection to fail due to permission errors when using --pyargs.

This change improves the collection tree for tests specified using --pyargs, see 12043{.interpreted-text role="pull"} for a comparison with pytest 8.0 and <8.
#12011: Fixed a regression in 8.0.1 whereby setup_module xunit-style fixtures are not executed when --doctest-modules is passed.
#12014: Fix the stacklevel used when warning about marks used on fixtures.
#12039: Fixed a regression in 8.0.2 where tests created using tmp_path{.interpreted-text role="fixture"} have been collected multiple times in CI under Windows.

Improved Documentation

#11790: Documented the retention of temporary directories created using the tmp_path fixture in more detail.

Trivial/Internal Changes

#11785: Some changes were made to private functions which may affect plugins which access them:
- FixtureManager._getautousenames() now takes a Node itself instead of the nodeid.
- FixtureManager.getfixturedefs() now takes the Node itself instead of the nodeid.
- The _pytest.nodes.iterparentnodeids() function is removed without replacement. Prefer to traverse the node hierarchy itself instead. If you really need to, copy the function from the previous pytest release.
#12069: Delayed the deprecation of the following features to 9.0.0:
- node-ctor-fspath-deprecation{.interpreted-text role="ref"}.
- legacy-path-hooks-deprecated{.interpreted-text role="ref"}.
It was discovered after 8.1.0 was released that the warnings about the impeding removal were not being displayed, so the team decided to revert the removal.

This is the reason for 8.1.0 being yanked.

pytest 8.1.0 (YANKED)

::: {.note} ::: {.title} Note :::

This release has been yanked: it broke some plugins without the proper warning period, due to some warnings not showing up as expected.

See #12069. :::

`v8.1.0`

Compare Source

pytest 8.1.0 (YANKED)

[!IMPORTANT]
This release has been yanked: it broke some plugins without the proper warning period, due to some warnings not showing up as expected. See #12069.

Features

#11475: Added the new consider_namespace_packages{.interpreted-text role="confval"} configuration option, defaulting to False.

If set to True, pytest will attempt to identify modules that are part of namespace packages when importing modules.
#11653: Added the new verbosity_test_cases{.interpreted-text role="confval"} configuration option for fine-grained control of test execution verbosity. See Fine-grained verbosity <pytest.fine_grained_verbosity>{.interpreted-text role="ref"} for more details.

Improvements

#10865: pytest.warns{.interpreted-text role="func"} now validates that warnings.warn{.interpreted-text role="func"} was called with a [str]{.title-ref} or a [Warning]{.title-ref}. Currently in Python it is possible to use other types, however this causes an exception when warnings.filterwarnings{.interpreted-text role="func"} is used to filter those warnings (see CPython #103577 for a discussion). While this can be considered a bug in CPython, we decided to put guards in pytest as the error message produced without this check in place is confusing.
#11311: When using --override-ini for paths in invocations without a configuration file defined, the current working directory is used as the relative directory.

Previoulsy this would raise an AssertionError{.interpreted-text role="class"}.
#11475: --import-mode=importlib <import-mode-importlib>{.interpreted-text role="ref"} now tries to import modules using the standard import mechanism (but still without changing :pysys.path{.interpreted-text role="data"}), falling back to importing modules directly only if that fails.

This means that installed packages will be imported under their canonical name if possible first, for example app.core.models, instead of having the module name always be derived from their path (for example .env310.lib.site_packages.app.core.models).
#11801: Added the iter_parents() <_pytest.nodes.Node.iter_parents>{.interpreted-text role="func"} helper method on nodes. It is similar to listchain <_pytest.nodes.Node.listchain>{.interpreted-text role="func"}, but goes from bottom to top, and returns an iterator, not a list.
#11850: Added support for sys.last_exc{.interpreted-text role="data"} for post-mortem debugging on Python>=3.12.
#11962: In case no other suitable candidates for configuration file are found, a pyproject.toml (even without a [tool.pytest.ini_options] table) will be considered as the configuration file and define the rootdir.
#11978: Add --log-file-mode option to the logging plugin, enabling appending to log-files. This option accepts either "w" or "a" and defaults to "w".

Previously, the mode was hard-coded to be "w" which truncates the file before logging.
#12047: When multiple finalizers of a fixture raise an exception, now all exceptions are reported as an exception group. Previously, only the first exception was reported.

Bug Fixes

#11904: Fixed a regression in pytest 8.0.0 that would cause test collection to fail due to permission errors when using --pyargs.

This change improves the collection tree for tests specified using --pyargs, see 12043{.interpreted-text role="pull"} for a comparison with pytest 8.0 and <8.
#12011: Fixed a regression in 8.0.1 whereby setup_module xunit-style fixtures are not executed when --doctest-modules is passed.
#12014: Fix the stacklevel used when warning about marks used on fixtures.
#12039: Fixed a regression in 8.0.2 where tests created using tmp_path{.interpreted-text role="fixture"} have been collected multiple times in CI under Windows.

Improved Documentation

#11790: Documented the retention of temporary directories created using the tmp_path fixture in more detail.

Trivial/Internal Changes

#11785: Some changes were made to private functions which may affect plugins which access them:
- FixtureManager._getautousenames() now takes a Node itself instead of the nodeid.
- FixtureManager.getfixturedefs() now takes the Node itself instead of the nodeid.
- The _pytest.nodes.iterparentnodeids() function is removed without replacement. Prefer to traverse the node hierarchy itself instead. If you really need to, copy the function from the previous pytest release.

pytest-dev/pytest-cov (pytest-cov)

`v5.0.0`

Compare Source

Removed support for xdist rsync (now deprecated). Contributed by Matthias Reichenbach in #623 <https://github.com/pytest-dev/pytest-cov/pull/623>_.
Switched docs theme to Furo.
Various legacy Python cleanup and CI improvements. Contributed by Christian Clauss and Hugo van Kemenade in #630 <https://github.com/pytest-dev/pytest-cov/pull/630>, #631 <https://github.com/pytest-dev/pytest-cov/pull/631>, #632 <https://github.com/pytest-dev/pytest-cov/pull/632>_ and #633 <https://github.com/pytest-dev/pytest-cov/pull/633>_.
Added a pyproject.toml example in the docs. Contributed by Dawn James in #626 <https://github.com/pytest-dev/pytest-cov/pull/626>_.
Modernized project's pre-commit hooks to use ruff. Initial POC contributed by Christian Clauss in #584 <https://github.com/pytest-dev/pytest-cov/pull/584>_.

astral-sh/ruff (ruff)

`v0.4.4`

Compare Source

Preview features

[pycodestyle] Ignore end-of-line comments when determining blank line rules (#11342)
[pylint] Detect pathlib.Path.open calls in unspecified-encoding (PLW1514) (#11288)
[flake8-pyi] Implement PYI059 (generic-not-last-base-class) (#11233)
[flake8-pyi] Implement PYI062 (duplicate-literal-member) (#11269)

Rule changes

[flake8-boolean-trap] Allow passing booleans as positional-only arguments in code such as set(True) (#11287)
[flake8-bugbear] Ignore enum classes in cached-instance-method (B019) (#11312)

Server

Expand tildes when resolving Ruff server configuration file (#11283)
Fix ruff server hanging after Neovim closes (#11291)
Editor settings are used by default if no file-based configuration exists (#11266)

Bug fixes

[pylint] Consider with statements for too-many-branches (PLR0912) (#11321)
[flake8-blind-except, tryceratops] Respect logged and re-raised expressions in nested statements (BLE001, TRY201) (#11301)
Recognise assignments such as __all__ = builtins.list(["foo", "bar"]) as valid __all__ definitions (#11335)

`v0.4.3`

Compare Source

Enhancements

Add support for PEP 696 syntax (#11120)

Preview features

[refurb] Use function range for reimplemented-operator diagnostics (#11271)
[refurb] Ignore methods in reimplemented-operator (FURB118) (#11270)
[refurb] Implement fstring-number-format (FURB116) (#10921)
[ruff] Implement redirected-noqa (RUF101) (#11052)
[pyflakes] Distinguish between first-party and third-party imports for fix suggestions (#11168)

Rule changes

[flake8-bugbear] Ignore non-abstract class attributes when enforcing B024 (#11210)
[flake8-logging] Include inline instantiations when detecting loggers (#11154)
[pylint] Also emit PLR0206 for properties with variadic parameters (#11200)
[ruff] Detect duplicate codes as part of unused-noqa (RUF100) (#10850)

Formatter

Avoid multiline expression if format specifier is present (#11123)

LSP

Write ruff server setup guide for Helix (#11183)
ruff server no longer hangs after shutdown (#11222)
ruff server reads from a configuration TOML file in the user configuration directory if no local configuration exists (#11225)
ruff server respects per-file-ignores configuration (#11224)
ruff server: Support a custom TOML configuration file (#11140)
ruff server: Support setting to prioritize project configuration over editor configuration (#11086)

Bug fixes

Avoid debug assertion around NFKC renames (#11249)
[pyflakes] Prioritize redefined-while-unused over unused-import (#11173)
[ruff] Respect async expressions in comprehension bodies (#11219)
[pygrep_hooks] Fix blanket-noqa panic when last line has noqa with no newline (PGH004) (#11108)
[perflint] Ignore list-copy recommendations for async for loops (#11250)
[pyflakes] Improve invalid-print-syntax documentation (#11171)

Performance

Avoid allocations for isort module names (#11251)
Build a separate ARM wheel for macOS (#11149)

`v0.4.2`

Compare Source

Rule changes

[flake8-pyi] Allow for overloaded __exit__ and __aexit__ definitions (PYI036) (#11057)
[pyupgrade] Catch usages of "%s" % var and provide an unsafe fix (UP031) (#11019)
[refurb] Implement new rule that suggests min/max over sorted() (FURB192) (#10868)

Server

Fix an issue with missing diagnostics for Neovim and Helix (#11092)
Implement hover documentation for noqa codes (#11096)
Introduce common Ruff configuration options with new server settings (#11062)

Bug fixes

Use macos-12 for building release wheels to enable macOS 11 compatibility (#11146)
[flake8-blind-expect] Allow raise from in BLE001 (#11131)
[flake8-pyi] Allow simple assignments to None in enum class scopes (PYI026) (#11128)
[flake8-simplify] Avoid raising SIM911 for non-zip attribute calls (#11126)
[refurb] Avoid operator.itemgetter suggestion for single-item tuple (#11095)
[ruff] Respect per-file-ignores for RUF100 with no other diagnostics (#11058)
[ruff] Fix async comprehension false positive (RUF029) (#11070)

Documentation

[flake8-bugbear] Document explicitly disabling strict zip (B905) (#11040)
[flake8-type-checking] Mention lint.typing-modules in TCH001, TCH002, and TCH003 (#11144)
[isort] Improve documentation around custom isort sections (#11050)
[pylint] Fix documentation oversight for invalid-X-returns (#11094)

Performance

Use matchit to resolve per-file settings (#11111)

`v0.4.1`

Compare Source

Preview features

[pylint] Implement invalid-hash-returned (PLE0309) (#10961)
[pylint] Implement invalid-index-returned (PLE0305) (#10962)

Bug fixes

[pylint] Allow NoReturn-like functions for __str__, __len__, etc. (PLE0307) (#11017)
Parser: Use empty range when there's "gap" in token source (#11032)
[ruff] Ignore stub functions in unused-async (RUF029) (#11026)
Parser: Expect indented case block instead of match stmt (#11033)

`v0.4.0`

Compare Source

A new, hand-written parser

Ruff's new parser is >2x faster, which translates to a 20-40% speedup for all linting and formatting invocations. There's a lot to say about this exciting change, so check out the blog post for more details!

See #10036 for implementation details.

A new language server in Rust

With this release, we also want to highlight our new language server. ruff server is a Rust-powered language server that comes built-in with Ruff. It can be used with any editor that supports the Language Server Protocol (LSP). It uses a multi-threaded, lock-free architecture inspired by rust-analyzer and it will open the door for a lot of exciting features. It’s also faster than our previous Python-based language server -- but you probably guessed that already.

ruff server is only in alpha, but it has a lot of features that you can try out today:

Lints Python files automatically and shows quick-fixes when available
Formats Python files, with support for range formatting
Comes with commands for quickly performing actions: ruff.applyAutofix, ruff.applyFormat, and ruff.applyOrganizeImports
Supports source.fixAll and source.organizeImports source actions
Automatically reloads your project configuration when you change it

To setup ruff server with your editor, refer to the README.md.

Preview features

[pycodestyle] Do not trigger E3 rules on defs following a function/method with a dummy body (#10704)
[pylint] Implement invalid-bytes-returned (E0308) (#10959)
[pylint] Implement invalid-length-returned (E0303) (#10963)
[pylint] Implement self-cls-assignment (W0642) (#9267)
[pylint] Omit stubs from invalid-bool and invalid-str-return-type (#11008)
[ruff] New rule unused-async (RUF029) to detect unneeded async keywords on functions (#9966)

Rule changes

[flake8-bandit] Allow urllib.request.urlopen calls with static Request argument (S310) (#10964)
[flake8-bugbear] Treat raise NotImplemented-only bodies as stub functions (B006) (#10990)
[flake8-slots] Respect same-file Enum subclasses (SLOT000) (#11006)
[pylint] Support inverted comparisons (PLR1730) (#10920)

Linter

Improve handling of builtin symbols in linter rules (#10919)
Improve display of rules in --show-settings (#11003)
Improve inference capabilities of the BuiltinTypeChecker (#10976)
Resolve classes and functions relative to script name (#10965)
Improve performance of RuleTable::any_enabled (#10971)

Server

This section is devoted to updates for our new language server, written in Rust.

Enable ruff-specific source actions (#10916)
Refreshes diagnostics for open files when file configuration is changed (#10988)
Important errors are now shown as popups (#10951)
Introduce settings for directly configuring the linter and formatter (#10984)
Resolve configuration for each document individually (#10950)
Write a setup guide for Neovim (#10987)

Configuration

Add RUFF_OUTPUT_FILE environment variable support (#10992)

Bug fixes

Avoid non-augmented-assignment for reversed, non-commutative operators (PLR6104) (#10909)
Limit commutative non-augmented-assignments to primitive data types (PLR6104) (#10912)
Respect per-file-ignores for RUF100 on blanket # noqa (#10908)
Consider if expression for parenthesized with items parsing (#11010)
Consider binary expr for parenthesized with items parsing (#11012)
Reset FOR_TARGET context for all kinds of parentheses (#11009)

`v0.3.7`

Compare Source

Preview features

[flake8-bugbear] Implement loop-iterator-mutation (B909) (#9578)
[pylint] Implement rule to prefer augmented assignment (PLR6104) (#9932)

Bug fixes

Avoid TOCTOU errors in cache initialization (#10884)
[pylint] Recode nan-comparison rule to W0177 (#10894)
[pylint] Reverse min-max logic in if-stmt-min-max (#10890)

`v0.3.6`

Compare Source

Preview features

[pylint] Implement bad-staticmethod-argument (PLW0211) (#10781)
[pylint] Implement if-stmt-min-max (PLR1730, PLR1731) (#10002)
[pyupgrade] Replace str,Enum multiple inheritance with StrEnum UP042 (#10713)
[refurb] Implement if-expr-instead-of-or-operator (FURB110) (#10687)
[refurb] Implement int-on-sliced-str (FURB166) (#10650)
[refurb] Implement write-whole-file (FURB103) (#10802)
[refurb] Support itemgetter in reimplemented-operator (FURB118) (#10526)
[flake8_comprehensions] Add sum/min/max to unnecessary comprehension check (C419) (#10759)

Rule changes

[pydocstyle] Require capitalizing docstrings where the first sentence is a single word (D403) (#10776)
[pycodestyle] Ignore annotated lambdas in class scopes (E731) (#10720)
[flake8-pyi] Various improvements to PYI034 (#10807)
[flake8-slots] Flag subclasses of call-based typing.NamedTuples as well as subclasses of collections.namedtuple() (SLOT002) (#10808)
[pyflakes] Allow forward references in class bases in stub files (F821) (#10779)
[pygrep-hooks] Improve blanket-noqa error message (PGH004) (#10851)

CLI

Support FORCE_COLOR env var (#10839)

Configuration

Support negated patterns in [extend-]per-file-ignores (#10852)

Bug fixes

[flake8-import-conventions] Accept non-aliased (but correct) import in unconventional-import-alias (ICN001) (#10729)
[flake8-quotes] Add semantic model flag when inside f-string replacement field (#10766)
[pep8-naming] Recursively resolve TypeDicts for N815 violations (#10719)
[flake8-quotes] Respect Q00* ignores in flake8-quotes rules (#10728)
[flake8-simplify] Show negated condition in needless-bool diagnostics (SIM103) (#10854)
[ruff] Use within-scope shadowed bindings in asyncio-dangling-task (RUF006) (#10793)
[flake8-pytest-style] Fix single-tuple conversion in pytest-parametrize-values-wrong-type (PT007) (#10862)
[flake8-return] Ignore assignments to annotated variables in unnecessary-assign (RET504) (#10741)
[refurb] Do not allow any keyword arguments for read-whole-file in rb mode (FURB101) (#10803)
[pylint] Don't recommend decorating staticmethods with @singledispatch (PLE1519, PLE1520) (#10637)
[pydocstyle] Use section name range for all section-related docstring diagnostics (#10740)
Respect # noqa directives on __all__ openers (#10798)

`v0.3.5`

Compare Source

Preview features

[pylint] Implement modified-iterating-set (E4703) (#10473)
[refurb] Implement for-loop-set-mutations (FURB142) (#10583)
[refurb] Implement unnecessary-from-float (FURB164) (#10647)
[refurb] Implement verbose-decimal-constructor (FURB157) (#10533)

Rule changes

[flake8-comprehensions] Handled special case for C401 which also matches C416 (#10596)
[flake8-pyi] Mark unaliased-collections-abc-set-import fix as "safe" for more cases in stub files (PYI025) (#10547)
[numpy] Add row_stack to NumPy 2.0 migration rule (#10646)
[pycodestyle] Allow cell magics before an import (E402) (#10545)
[pycodestyle] Avoid blank line rules for the first logical line in cell (#10291)

Configuration

Respected nested namespace packages (#10541)
[flake8-boolean-trap] Add setting for user defined allowed boolean trap (#10531)

Bug fixes

Correctly handle references in __all__ definitions when renaming symbols in autofixes (#10527)
Track ranges of names inside __all__ definitions (#10525)
[flake8-bugbear] Avoid false positive for usage after continue (B031) (#10539)
[flake8-copyright] Accept commas in default copyright pattern (#9498)
[flake8-datetimez] Allow f-strings with %z for DTZ007 (#10651)
[flake8-pytest-style] Fix PT014 autofix for last item in list (#10532)
[flake8-quotes] Ignore Q000, Q001 when string is inside forward ref (#10585)
[isort] Always place non-relative imports after relative imports (#10669)
[isort] Respect Unicode characters in import sorting (#10529)
[pyflakes] Fix F821 false negatives when from __future__ import annotations is active (attempt 2) (#10524)
[pyflakes] Make unnecessary-lambda an always-unsafe fix (#10668)
[pylint] Fixed false-positive on the rule PLW1641 (eq-without-hash) (#10566)
[ruff] Fix panic in unused # noqa removal with multi-byte space (RUF100) (#10682)

Documentation

Add PR title format to CONTRIBUTING.md (#10665)
Fix list markup to include blank lines required (#10591)
Put flake8-logging next to the other flake8 plugins in registry (#10587)
[flake8-bandit] Update warning message for rule S305 to address insecure block cipher mode use (#10602)
[flake8-bugbear] Document use of anonymous assignment in useless-expression (#10551)
[flake8-datetimez] Clarify error messages and docs for DTZ rules (#10621)
[pycodestyle] Use same before vs. after numbers for space-around-operator (#10640)
[ruff] Change quadratic-list-summation docs to use iadd consistently (#10666)

`v0.3.4`

[Compare Source](https://

Configuration

📅 Schedule: Branch creation - "before 4am" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

Mar 07 '24 02:03 renovate[bot]