Skip to content

Deps: Bump the python-packages group with 4 updates#93

Merged
greenbonebot merged 1 commit into
mainfrom
dependabot/pip/python-packages-d2bf97bf85
Sep 15, 2025
Merged

Deps: Bump the python-packages group with 4 updates#93
greenbonebot merged 1 commit into
mainfrom
dependabot/pip/python-packages-d2bf97bf85

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Sep 15, 2025

Copy link
Copy Markdown
Contributor

Bumps the python-packages group with 4 updates: mypy, psycopg, pydantic and ruff.

Updates mypy from 1.17.1 to 1.18.1

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Mypy 1.18

We’ve just uploaded mypy 1.18 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Mypy Performance Improvements

Mypy 1.18 includes numerous performance improvements, resulting in about 40% speedup compared to 1.17 when type checking mypy itself. In extreme cases, the improvement can be 10x or higher. The list below is an overview of the various mypy optimizations. Many mypyc improvements (discussed in a separate section below) also improve performance.

Type caching optimizations have a small risk of causing regressions. When reporting issues with unexpected inferred types, please also check if --disable-expression-cache will work around the issue, as it turns off some of these optimizations.

  • Improve self check performance by 1.8% (Jukka Lehtosalo, PR 19768, 19769, 19770)
  • Optimize fixed-format deserialization (Ivan Levkivskyi, PR 19765)
  • Use macros to optimize fixed-format deserialization (Ivan Levkivskyi, PR 19757)
  • Two additional micro‑optimizations (Ivan Levkivskyi, PR 19627)
  • Another set of micro‑optimizations (Ivan Levkivskyi, PR 19633)
  • Cache common types (Ivan Levkivskyi, PR 19621)
  • Skip more method bodies in third‑party libraries for speed (Ivan Levkivskyi, PR 19586)
  • Simplify the representation of callable types (Ivan Levkivskyi, PR 19580)
  • Add cache for types of some expressions (Ivan Levkivskyi, PR 19505)
  • Use cache for dictionary expressions (Ivan Levkivskyi, PR 19536)
  • Use cache for binary operations (Ivan Levkivskyi, PR 19523)
  • Cache types of type objects (Ivan Levkivskyi, PR 19514)
  • Avoid duplicate work when checking boolean operations (Ivan Levkivskyi, PR 19515)
  • Optimize generic inference passes (Ivan Levkivskyi, PR 19501)
  • Speed up the default plugin (Jukka Lehtosalo, PRs 19385 and 19462)
  • Remove nested imports from the default plugin (Ivan Levkivskyi, PR 19388)
  • Micro‑optimize type expansion (Jukka Lehtosalo, PR 19461)
  • Micro‑optimize type indirection (Jukka Lehtosalo, PR 19460)
  • Micro‑optimize the plugin framework (Jukka Lehtosalo, PR 19464)
  • Avoid temporary set creation in subtype checking (Jukka Lehtosalo, PR 19463)
  • Subtype checking micro‑optimization (Jukka Lehtosalo, PR 19384)
  • Return early where possible in subtype check (Stanislav Terliakov, PR 19400)
  • Deduplicate some types before joining (Stanislav Terliakov, PR 19409)
  • Speed up type checking by caching argument inference context (Jukka Lehtosalo, PR 19323)

... (truncated)

Commits

Updates psycopg from 3.2.9 to 3.2.10

Changelog

Sourced from psycopg's changelog.

.. currentmodule:: psycopg

.. index:: single: Release notes single: News

psycopg release notes

Future releases

Psycopg 3.3.0 (unreleased) ^^^^^^^^^^^^^^^^^^^^^^^^^^

.. rubric:: New top-level features

  • Add :ref:template strings queries \<template-strings> (:ticket:[#1054](https://github.com/psycopg/psycopg/issues/1054)).
  • Cursors are now iterators, not only iterables. This means you can call next(cur) to fetch the next row (:ticket:[#1064](https://github.com/psycopg/psycopg/issues/1064)).
  • Add Cursor.results() to iterate over the result sets of the queries executed though ~Cursor.executemany() or ~Cursor.execute() (:ticket:[#1080](https://github.com/psycopg/psycopg/issues/1080)).

.. rubric:: New libpq wrapper features

  • Add pq.PGconn.used_gssapi attribute and Capabilities.has_used_gssapi() function (:ticket:[#1138](https://github.com/psycopg/psycopg/issues/1138)).
  • Add ConnectionInfo.full_protocol_version attribute, Capabilities.has_full_protocol_version() function (:ticket:[#1079](https://github.com/psycopg/psycopg/issues/1079)).

.. rubric:: Other changes

  • Disable default GSSAPI preferential connection in the binary package (:ticket:[#1136](https://github.com/psycopg/psycopg/issues/1136)).

    .. warning::

    Please explicitly set the gssencmode_ connection parameter or the :envvar:PGGSSENCMODE environment variable to interact reliably with the GSSAPI.

  • Drop support for Python 3.8 (:ticket:[#976](https://github.com/psycopg/psycopg/issues/976)) and 3.9 (:ticket:[#1056](https://github.com/psycopg/psycopg/issues/1056)).

Psycopg 3.2.11 (unreleased) ^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Don't raise warning, and don't leak resources, if a builtin function is used as JSON dumper/loader function (:ticket:[#1165](https://github.com/psycopg/psycopg/issues/1165)).

... (truncated)

Commits
  • 6cc2adf chore: bump psycopg package version to 3.2.10
  • 4c2fd37 Merge branch 'pg18-3.2' into maint-3.2
  • 6ddad7b docs: mention PostgreSQL v18 support
  • 30bfdb9 ci: add PostgreSQL 18 to the test grid
  • 57236b8 chore: add PostgreSQL 18 exceptions
  • 970a307 fix: add ConnStatus.CONNECTION_AUTHENTICATING value
  • 6903a92 Merge branch 'fix-1091' into maint-3.2
  • 43ad961 docs: document the changes to notifies generator
  • eac8115 fix: raise a warning when notifies generator and handlers are used together
  • 5cc99d6 fix: collect notifies only if no handler was registered
  • Additional commits viewable in compare view

Updates pydantic from 1.10.22 to 2.11.9

Release notes

Sourced from pydantic's releases.

v2.11.9 2025-09-13

What's Changed

Fixes

Full Changelog: pydantic/pydantic@v2.11.8...v2.11.9

v2.11.8 2025-09-13

v2.11.8 (2025-09-13)

What's Changed

Fixes

Full Changelog: pydantic/pydantic@v2.11.7...v2.11.8

v2.11.7 2025-06-14

What's Changed

Fixes

Full Changelog: pydantic/pydantic@v2.11.6...v2.11.7

v2.11.6 2025-06-13

v2.11.6 (2025-06-13)

What's Changed

Fixes

Full Changelog: pydantic/pydantic@v2.11.5...v2.11.6

v2.11.5 2025-05-22

What's Changed

Fixes

... (truncated)

Changelog

Sourced from pydantic's changelog.

v2.11.9 (2025-09-13)

GitHub release

What's Changed

Fixes

v2.11.8 (2025-09-13)

GitHub release

What's Changed

Fixes

v2.11.7 (2025-06-14)

GitHub release

What's Changed

Fixes

  • Copy FieldInfo instance if necessary during FieldInfo build by @​Viicos in #11898

v2.11.6 (2025-06-13)

GitHub release

What's Changed

Fixes

v2.11.5 (2025-05-22)

GitHub release

What's Changed

Fixes

  • Check if FieldInfo is complete after applying type variable map by @​Viicos in #11855

... (truncated)

Commits
  • 9231095 Prepare release v2.11.9
  • f003a89 Backport v1.10.23 changes
  • 96b81dd Prepare release v2.11.8
  • 966f377 Fix mypy v2 plugin for upcoming 1.18 mypy release
  • 5f033e4 Prepare release v2.11.7
  • c3368b8 Copy FieldInfo instance if necessary during FieldInfo build (#11980)
  • 3987b23 Prepare release v2.11.6
  • dc7a9d2 Always store the original field assignment on FieldInfo
  • c284c27 Rebuild dataclass fields before schema generation
  • 5e6d1dc Prepare release v2.11.5
  • Additional commits viewable in compare view

Updates ruff from 0.12.12 to 0.13.0

Release notes

Sourced from ruff's releases.

0.13.0

Release Notes

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

  • Several rules can now add from __future__ import annotations automatically

    TC001, TC002, TC003, RUF013, and UP037 now add from __future__ import annotations as part of their fixes when the lint.future-annotations setting is enabled. This allows the rules to move more imports into TYPE_CHECKING blocks (TC001, TC002, and TC003), use PEP 604 union syntax on Python versions before 3.10 (RUF013), and unquote more annotations (UP037).

  • Full module paths are now used to verify first-party modules

    Ruff now checks that the full path to a module exists on disk before categorizing it as a first-party import. This change makes first-party import detection more accurate, helping to avoid false positives on local directories with the same name as a third-party dependency, for example. See the FAQ section on import categorization for more details.

  • Deprecated rules must now be selected by exact rule code

    Ruff will no longer activate deprecated rules selected by their group name or prefix. As noted below, the two remaining deprecated rules were also removed in this release, so this won't affect any current rules, but it will still affect any deprecations in the future.

  • The deprecated macOS configuration directory fallback has been removed

    Ruff will no longer look for a user-level configuration file at ~/Library/Application Support/ruff/ruff.toml on macOS. This feature was deprecated in v0.5 in favor of using the XDG specification (usually resolving to ~/.config/ruff/ruff.toml), like on Linux. The fallback and accompanying deprecation warning have now been removed.

Removed Rules

The following rules have been removed:

Stabilization

The following rules have been stabilized and are no longer in preview:

The following behaviors have been stabilized:

... (truncated)

Changelog

Sourced from ruff's changelog.

0.13.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

  • Several rules can now add from __future__ import annotations automatically

    TC001, TC002, TC003, RUF013, and UP037 now add from __future__ import annotations as part of their fixes when the lint.future-annotations setting is enabled. This allows the rules to move more imports into TYPE_CHECKING blocks (TC001, TC002, and TC003), use PEP 604 union syntax on Python versions before 3.10 (RUF013), and unquote more annotations (UP037).

  • Full module paths are now used to verify first-party modules

    Ruff now checks that the full path to a module exists on disk before categorizing it as a first-party import. This change makes first-party import detection more accurate, helping to avoid false positives on local directories with the same name as a third-party dependency, for example. See the FAQ section on import categorization for more details.

  • Deprecated rules must now be selected by exact rule code

    Ruff will no longer activate deprecated rules selected by their group name or prefix. As noted below, the two remaining deprecated rules were also removed in this release, so this won't affect any current rules, but it will still affect any deprecations in the future.

  • The deprecated macOS configuration directory fallback has been removed

    Ruff will no longer look for a user-level configuration file at ~/Library/Application Support/ruff/ruff.toml on macOS. This feature was deprecated in v0.5 in favor of using the XDG specification (usually resolving to ~/.config/ruff/ruff.toml), like on Linux. The fallback and accompanying deprecation warning have now been removed.

Removed Rules

The following rules have been removed:

Stabilization

The following rules have been stabilized and are no longer in preview:

... (truncated)

Commits
  • a1fdd66 Bump 0.13.0 (#20336)
  • 8770b95 [ty] introduce DivergentType (#20312)
  • 65982a1 [ty] Use 'unknown' specialization for upper bound on Self (#20325)
  • 57d1f71 [ty] Simplify unions of enum literals and subtypes thereof (#20324)
  • 7a75702 Ignore deprecated rules unless selected by exact code (#20167)
  • 9ca632c Stabilize adding future import via config option (#20277)
  • 64fe7d3 [flake8-errmsg] Stabilize extending raw-string-in-exception (EM101) to ...
  • beeeb8d Stabilize the remaining Airflow rules (#20250)
  • b6fca52 [flake8-bugbear] Stabilize support for non-context-manager calls in `assert...
  • ac7f882 [flake8-commas] Stabilize support for trailing comma checks in type paramet...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the python-packages group with 4 updates: [mypy](https://github.com/python/mypy), [psycopg](https://github.com/psycopg/psycopg), [pydantic](https://github.com/pydantic/pydantic) and [ruff](https://github.com/astral-sh/ruff).


Updates `mypy` from 1.17.1 to 1.18.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.17.1...v1.18.1)

Updates `psycopg` from 3.2.9 to 3.2.10
- [Changelog](https://github.com/psycopg/psycopg/blob/master/docs/news.rst)
- [Commits](psycopg/psycopg@3.2.9...3.2.10)

Updates `pydantic` from 1.10.22 to 2.11.9
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/v2.11.9/HISTORY.md)
- [Commits](pydantic/pydantic@v1.10.22...v2.11.9)

Updates `ruff` from 0.12.12 to 0.13.0
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.12.12...0.13.0)

---
updated-dependencies:
- dependency-name: mypy
  dependency-version: 1.18.1
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: psycopg
  dependency-version: 3.2.10
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: python-packages
- dependency-name: pydantic
  dependency-version: 2.11.9
  dependency-type: indirect
  update-type: version-update:semver-major
  dependency-group: python-packages
- dependency-name: ruff
  dependency-version: 0.13.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-packages
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Sep 15, 2025
@dependabot dependabot Bot requested review from a team as code owners September 15, 2025 04:12
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Sep 15, 2025
@greenbonebot greenbonebot enabled auto-merge (rebase) September 15, 2025 04:12
@greenbonebot greenbonebot merged commit a04ac48 into main Sep 15, 2025
8 of 11 checks passed
@greenbonebot greenbonebot deleted the dependabot/pip/python-packages-d2bf97bf85 branch September 15, 2025 05:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants