Skip to content

deps(core-py): bump the all group across 1 directory with 3 updates#2224

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/core/wren-core-py/all-9382a09a9c
Open

deps(core-py): bump the all group across 1 directory with 3 updates#2224
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/core/wren-core-py/all-9382a09a9c

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 4, 2026
edited
Loading

Bumps the all group with 3 updates in the /core/wren-core-py directory: maturin, pytest and ruff.

Updates maturin from 1.9.4 to 1.13.3

Release notes

Sourced from maturin's releases.

v1.13.3

What's Changed

Full Changelog: PyO3/maturin@v1.13.2...v1.13.3

v1.13.2

What's Changed

New Contributors

Full Changelog: PyO3/maturin@v1.13.1...v1.13.2

v1.13.1

What's Changed

... (truncated)

Changelog

Sourced from maturin's changelog.

1.13.3

  • Fix: disable abi3 in pyo3 config for version-specific fallback builds (#3180)

1.13.2

  • Fix: resolve test failures in distro packaging environments (#3129)
  • Fix: redirect tracing output to stderr to avoid breaking PEP 517 (#3131)
  • Fix: skip interpreters with empty output for WSL2 cross-compile (#3137)
  • Fix: set explicit lib_name in pyo3 config for Android abi3 cross-compilation (#3130)
  • Chore: add sysconfig/cpython-freebsd-15.0-amd64.txt (#3140)
  • Quote python-version in generated GitHub Actions workflow
  • Update rustls-webpki
  • Fix: two-phase bridge detection for conditional abi3 features (#3144)
  • Update cargo-zigbuild to 0.22.2
  • Update pyo3 to 0.28.3
  • Treat pyo3 0.29.0+ as having Windows import lib support (raw-dylib) (#3145)
  • Fix bin bindings with external shared library dependencies (#3147)
  • Upgrade MSRV to 1.89.0 (#3149)
  • Musllinux oci image (#3152)
  • Remove Cirrus CI for FreeBSD (#3156)
  • Perf: defer stage_artifact copy-back, finalize via rename when unpatched (#3155)
  • Perf: eliminate stage_artifact double-copy, drop was_patched flag (#3157)
  • Fix release pipeline (#3158)
  • Auditwheel: copy unpatched cargo output back before in-place patching (#3159)
  • Develop: fail loudly when pip leaves a stale ~ install behind (#1922) (#3161)
  • Provide a link for the lib.name in Cargo.toml (#3167)
  • Fix duplicated version in changelog (#3171)
  • Switch to actions/attest from attest-build-provenance (#3169)
  • Switch generation to actions/attest action, upgrade to v4 (#3170)
  • Fix: avoid duplicate --interpreter panic in PEP 517 backend (#3175)
  • Add trusted publishing options to generate-ci (#3176)
  • Fix(sdist): handle symlinked Cargo.toml pointing outside project root (#3178)
  • Stop install cffi for Python 3.8 in Dockerfile
  • Fix: support pixi-managed virtualenvs in maturin develop (#3165)
  • Support PEP 783 pyemscripten_*_wasm32 wheel platform tag (#3163)

1.13.1

  • Fix: fall back to placeholder for abi3 when found interpreters are too old (#3126)

1.13.0

  • Refactor: unified interpreter resolution pipeline (#3032)
  • Refactor: decompose large modules into focused submodules (#3052)
  • Keep cargo build artifact at original path after staging (#3054)
  • Fix --strip conflicting with --include-debuginfo in develop (#3057)
  • Fix abi3 wheel producing version-specific tags for CPython below minimum (#3061)
  • Generate-ci: use uv pip for pytest steps to fix local wheel preference (#3063)
  • Update reflink-copy to 0.1.29 to fix sparc Linux builds

... (truncated)

Commits
  • 1f7e752 Release v1.13.3 (#3183)
  • 863c990 fix: disable abi3 in pyo3 config for version-specific fallback builds (#3180)
  • fd70e0d Release v1.13.2
  • 8058c01 Support PEP 783 pyemscripten_*_wasm32 wheel platform tag (#3163)
  • 211434c fix: support pixi-managed virtualenvs in maturin develop (#3165)
  • 8a5130d Stop install cffi for Python 3.8 in Dockerfile
  • 4ac4d99 fix(sdist): handle symlinked Cargo.toml pointing outside project root (#3178)
  • dd54ac9 Add trusted publishing options to generate-ci (#3176)
  • e6d39af fix: avoid duplicate --interpreter panic in PEP 517 backend (#3175)
  • 02ad7b3 build(deps): bump openssl from 0.10.78 to 0.10.79 (#3173)
  • Additional commits viewable in compare view

Updates pytest from 8.4.2 to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

  • #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

  • #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

    Previously this resulted in an internal assertion failure during plugin loading.

    Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

  • #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

  • #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

  • #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

  • #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
  • #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
  • #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
  • #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

  • #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

    -- by aleguy02

9.0.2

pytest 9.0.2 (2025-12-06)

Bug fixes

  • #13896: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.

    You may enable it again by passing -p terminalprogress. We may enable it by default again once compatibility improves in the future.

    Additionally, when the environment variable TERM is dumb, the escape codes are no longer emitted, even if the plugin is enabled.

  • #13904: Fixed the TOML type of the tmp_path_retention_count settings in the API reference from number to string.

  • #13946: The private config.inicfg attribute was changed in a breaking manner in pytest 9.0.0. Due to its usage in the ecosystem, it is now restored to working order using a compatibility shim. It will be deprecated in pytest 9.1 and removed in pytest 10.

... (truncated)

Commits

Updates ruff from 0.13.1 to 0.15.15

Release notes

Sourced from ruff's releases.

0.15.15

Release Notes

Released on 2026-05-28.

Preview features

  • Fix Markdown closing fence handling (#25310)
  • [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

  • [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

  • Avoid redundant TokenValue drops in the lexer (#25300)
  • Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
  • Use ThinVec in AST to shrink Stmt (#25361)

Documentation

  • Fix line-length example for --config option (#25389)
  • [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
  • [mccabe] Improve example (C901) (#25287)
  • [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
  • [refurb] Document FURB192 exception change for empty sequences (#25317)
  • [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

  • Fix formatting of lambdas nested within f-strings (#25398)

Server

  • Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

  • Expand semantic syntax errors for invalid walruses (#25415)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.15

Released on 2026-05-28.

Preview features

  • Fix Markdown closing fence handling (#25310)
  • [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

  • [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

  • Avoid redundant TokenValue drops in the lexer (#25300)
  • Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
  • Use ThinVec in AST to shrink Stmt (#25361)

Documentation

  • Fix line-length example for --config option (#25389)
  • [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
  • [mccabe] Improve example (C901) (#25287)
  • [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
  • [refurb] Document FURB192 exception change for empty sequences (#25317)
  • [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

  • Fix formatting of lambdas nested within f-strings (#25398)

Server

  • Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

  • Expand semantic syntax errors for invalid walruses (#25415)

Contributors

... (truncated)

Commits
  • db5aa0a Bump 0.15.15 (#25431)
  • 366fe21 [ty] Improve diagnostics for syntax errors in forward annotations (#25158)
  • e2e1e64 [ty] Remove excess capacity from more Salsa cached collections (#25411)
  • 1bd77e1 [ty] Use diagnostic message as tie breaker when sorting (#25424)
  • 7e1bc1e Add agent skills for working on ty (#25422)
  • 574e107 Expand semantic syntax errors for invalid walruses (#25415)
  • 4a7ca06 [ty] Display docs for matching parameter when hovering over the name of an ar...
  • 5432709 Refine a few agents instructions (#25423)
  • 3cb09eb [ty] Support typing.TypeForm (#25334)
  • c8cd59f [ty] Infer class attributes assigned by metaclass initialization (#25342)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added core dependencies Pull requests that update a dependency file python Pull requests that update Python code labels May 4, 2026
@dependabot dependabot Bot changed the title deps(core-py): bump the all group in /core/wren-core-py with 3 updates deps(core-py): bump the all group across 1 directory with 3 updates May 8, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/core/wren-core-py/all-9382a09a9c branch 3 times, most recently from c2fa360 to b3b800b Compare May 15, 2026 11:31
@dependabot dependabot Bot force-pushed the dependabot/pip/core/wren-core-py/all-9382a09a9c branch from b3b800b to 405df13 Compare May 22, 2026 11:34
@dependabot
deps(core-py): bump the all group across 1 directory with 3 updates
ff40484 
Bumps the all group with 3 updates in the /core/wren-core-py directory: [maturin](https://github.com/pyo3/maturin), [pytest](https://github.com/pytest-dev/pytest) and [ruff](https://github.com/astral-sh/ruff).


Updates `maturin` from 1.9.4 to 1.13.3
- [Release notes](https://github.com/pyo3/maturin/releases)
- [Changelog](https://github.com/PyO3/maturin/blob/main/Changelog.md)
- [Commits](PyO3/maturin@v1.9.4...v1.13.3)

Updates `pytest` from 8.4.2 to 9.0.3
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.4.2...9.0.3)

Updates `ruff` from 0.13.1 to 0.15.15
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.13.1...0.15.15)

---
updated-dependencies:
- dependency-name: maturin
  dependency-version: 1.13.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: pytest
  dependency-version: 9.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: ruff
  dependency-version: 0.15.12
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/core/wren-core-py/all-9382a09a9c branch from 405df13 to ff40484 Compare May 29, 2026 12:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

core dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants