Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump ruff from 0.7.4 to 0.8.1 #11349

Closed
wants to merge 1 commit into from
Closed

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 29, 2024

Bumps ruff from 0.7.4 to 0.8.1.

Release notes

Sourced from ruff's releases.

0.8.1

Release Notes

Preview features

  • Formatter: Avoid invalid syntax for format-spec with quotes for all Python versions (#14625)
  • Formatter: Consider quotes inside format-specs when choosing the quotes for an f-string (#14493)
  • Formatter: Do not consider f-strings with escaped newlines as multiline (#14624)
  • Formatter: Fix f-string formatting in assignment statement (#14454)
  • Formatter: Fix unnecessary space around power operator (**) in overlong f-string expressions (#14489)
  • [airflow] Avoid implicit schedule argument to DAG and @dag (AIR301) (#14581)
  • [flake8-builtins] Exempt private built-in modules (A005) (#14505)
  • [flake8-pytest-style] Fix pytest.mark.parametrize rules to check calls instead of decorators (#14515)
  • [flake8-type-checking] Implement runtime-cast-value (TC006) (#14511)
  • [flake8-type-checking] Implement unquoted-type-alias (TC007) and quoted-type-alias (TC008) (#12927)
  • [flake8-use-pathlib] Recommend Path.iterdir() over os.listdir() (PTH208) (#14509)
  • [pylint] Extend invalid-envvar-default to detect os.environ.get (PLW1508) (#14512)
  • [pylint] Implement len-test (PLC1802) (#14309)
  • [refurb] Fix bug where methods defined using lambdas were flagged by FURB118 (#14639)
  • [ruff] Auto-add r prefix when string has no backslashes for unraw-re-pattern (RUF039) (#14536)
  • [ruff] Implement invalid-assert-message-literal-argument (RUF040) (#14488)
  • [ruff] Implement unnecessary-nested-literal (RUF041) (#14323)
  • [ruff] Implement unnecessary-regular-expression (RUF055) (#14659)

Rule changes

  • Ignore more rules for stub files (#14541)
  • [pep8-naming] Eliminate false positives for single-letter names (N811, N814) (#14584)
  • [pyflakes] Avoid false positives in @no_type_check contexts (F821, F722) (#14615)
  • [ruff] Detect redirected-noqa in file-level comments (RUF101) (#14635)
  • [ruff] Mark fixes for unsorted-dunder-all and unsorted-dunder-slots as unsafe when there are complex comments in the sequence (RUF022, RUF023) (#14560)

Bug fixes

  • Avoid fixing code to None | None for redundant-none-literal (PYI061) and never-union (RUF020) (#14583, #14589)
  • [flake8-bugbear] Fix mutable-contextvar-default to resolve annotated function calls properly (B039) (#14532)
  • [flake8-pyi, ruff] Fix traversal of nested literals and unions (PYI016, PYI051, PYI055, PYI062, RUF041) (#14641)
  • [flake8-pyi] Avoid rewriting invalid type expressions in unnecessary-type-union (PYI055) (#14660)
  • [flake8-type-checking] Avoid syntax errors and type checking problem for quoted annotations autofix (TC003, TC006) (#14634)
  • [pylint] Do not wrap function calls in parentheses in the fix for unnecessary-dunder-call (PLC2801) (#14601)
  • [ruff] Handle attrs's auto_attribs correctly (RUF009) (#14520)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.8.1

Preview features

  • Formatter: Avoid invalid syntax for format-spec with quotes for all Python versions (#14625)
  • Formatter: Consider quotes inside format-specs when choosing the quotes for an f-string (#14493)
  • Formatter: Do not consider f-strings with escaped newlines as multiline (#14624)
  • Formatter: Fix f-string formatting in assignment statement (#14454)
  • Formatter: Fix unnecessary space around power operator (**) in overlong f-string expressions (#14489)
  • [airflow] Avoid implicit schedule argument to DAG and @dag (AIR301) (#14581)
  • [flake8-builtins] Exempt private built-in modules (A005) (#14505)
  • [flake8-pytest-style] Fix pytest.mark.parametrize rules to check calls instead of decorators (#14515)
  • [flake8-type-checking] Implement runtime-cast-value (TC006) (#14511)
  • [flake8-type-checking] Implement unquoted-type-alias (TC007) and quoted-type-alias (TC008) (#12927)
  • [flake8-use-pathlib] Recommend Path.iterdir() over os.listdir() (PTH208) (#14509)
  • [pylint] Extend invalid-envvar-default to detect os.environ.get (PLW1508) (#14512)
  • [pylint] Implement len-test (PLC1802) (#14309)
  • [refurb] Fix bug where methods defined using lambdas were flagged by FURB118 (#14639)
  • [ruff] Auto-add r prefix when string has no backslashes for unraw-re-pattern (RUF039) (#14536)
  • [ruff] Implement invalid-assert-message-literal-argument (RUF040) (#14488)
  • [ruff] Implement unnecessary-nested-literal (RUF041) (#14323)
  • [ruff] Implement unnecessary-regular-expression (RUF055) (#14659)

Rule changes

  • Ignore more rules for stub files (#14541)
  • [pep8-naming] Eliminate false positives for single-letter names (N811, N814) (#14584)
  • [pyflakes] Avoid false positives in @no_type_check contexts (F821, F722) (#14615)
  • [ruff] Detect redirected-noqa in file-level comments (RUF101) (#14635)
  • [ruff] Mark fixes for unsorted-dunder-all and unsorted-dunder-slots as unsafe when there are complex comments in the sequence (RUF022, RUF023) (#14560)

Bug fixes

  • Avoid fixing code to None | None for redundant-none-literal (PYI061) and never-union (RUF020) (#14583, #14589)
  • [flake8-bugbear] Fix mutable-contextvar-default to resolve annotated function calls properly (B039) (#14532)
  • [flake8-pyi, ruff] Fix traversal of nested literals and unions (PYI016, PYI051, PYI055, PYI062, RUF041) (#14641)
  • [flake8-pyi] Avoid rewriting invalid type expressions in unnecessary-type-union (PYI055) (#14660)
  • [flake8-type-checking] Avoid syntax errors and type checking problem for quoted annotations autofix (TC003, TC006) (#14634)
  • [pylint] Do not wrap function calls in parentheses in the fix for unnecessary-dunder-call (PLC2801) (#14601)
  • [ruff] Handle attrs's auto_attribs correctly (RUF009) (#14520)

0.8.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

  • Default to Python 3.9

... (truncated)

Commits
  • b3b2c98 Update CHANGELOG.md with the new commits for 0.8.1 (#14664)
  • abb3c6e [flake8-pyi] Avoid rewriting invalid type expressions in `unnecessary-type-...
  • 224fe75 [ruff] Implement unnecessary-regular-expression (RUF055) (#14659)
  • dc29f52 [flake8-pyi, ruff] Fix traversal of nested literals and unions (PYI016,...
  • d9cbf2f Avoids unnecessary overhead for TC004, when TC001-003 are disabled (#14657)
  • 3f6c65e [red-knot] Fix merged type after if-else without explicit else branch (#14621)
  • 976c37a Bump version to 0.8.1 (#14655)
  • a378ff3 [red-knot] Fix Boolean flags in mdtests (#14654)
  • d8bca0d Fix bug where methods defined using lambdas were flagged by FURB118 (#14639)
  • 6f1cf5b [red-knot] Minor fix in MRO tests (#14652)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Nov 29, 2024
Copy link

dryrunsecurity bot commented Nov 29, 2024

DryRun Security Summary

The pull request updates the version of the ruff package in the requirements-lint.txt file from 0.8.0 to 0.8.1, which is a minor version change typically indicating bug fixes or small improvements, and it's important to review any dependency updates, even minor ones, to ensure that there are no known security vulnerabilities in the new version.

Expand for full summary

Summary:

The changes in this pull request are focused on updating the version of the ruff package in the requirements-lint.txt file, which is likely a configuration file for a linting tool used in the project. The version update is from 0.8.0 to 0.8.1, which is a minor version change typically indicating bug fixes or small improvements rather than major feature changes.

From an application security perspective, this change appears to be a routine update to a linting tool dependency, which is generally a low-risk change. However, it's important to review any dependency updates, even minor ones, to ensure that there are no known security vulnerabilities in the new version. Additionally, it's a good practice to have a process in place to regularly review and update all project dependencies, including linting tools, to maintain the application's security posture.

Files Changed:

  • requirements-lint.txt: This file has been updated to change the ruff package version from 0.8.0 to 0.8.1. The ruff package is likely a linting tool used in the project, and this change represents a minor version update.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

Bumps [ruff](https://github.com/astral-sh/ruff) from 0.7.4 to 0.8.1.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.7.4...0.8.1)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/dev/ruff-0.8.1 branch from 37db3e9 to b3f8f9b Compare December 4, 2024 20:11
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 6, 2024

Superseded by #11382.

@dependabot dependabot bot closed this Dec 6, 2024
@dependabot dependabot bot deleted the dependabot/pip/dev/ruff-0.8.1 branch December 6, 2024 12:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants