chore(deps): bump the all-dependencies group across 1 directory with 10 updates

[dependabot]

Bumps the all-dependencies group with 10 updates in the / directory:

Package	From	To
instructor	1.14.4	1.14.5
langfuse	3.12.1	4.0.1
openai	2.15.0	2.29.0
scrapy	2.14.1	2.14.2
sqlmodel	0.0.31	0.0.37
alembic	1.18.1	1.18.4
pytest-cov	7.0.0	7.1.0
ruff	0.14.14	0.15.7
ty	0.0.14	0.0.24
prek	0.3.0	0.3.6

Updates instructor from 1.14.4 to 1.14.5

Release notes

Sourced from instructor's releases.

v1.14.5

Changes

• fix(metadata): populate author field for PyPI stats

Separate author names from emails so hatchling populates the Author metadata field correctly. pypistats.org reads this field and was showing "None" because the names were only in author_email.

Changelog

Sourced from instructor's changelog.

Changelog

All notable changes to this project will be documented in this file. The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

Commits

• 63b729d fix(metadata): populate author field for PyPI stats
• 848f1af fix(deps): move dev dependencies to correct section (#2030)
• a3ad1a5 docs(agents): note uv run --with (#2029)
• 61c2663 fix(genai): preserve thought_signature in validation retries (#2001)
• 3fe0c76 Pr formatting guidelines (#2015)
• 96ca9fe Rawresponse attribute error (#2012)
• See full diff in compare view

Updates langfuse from 3.12.1 to 4.0.1

Release notes

Sourced from langfuse's releases.

v3.160.0

What's Changed

• fix(eval-templates): apply next base path to URL by @​hassiebp in langfuse/langfuse#12596
• fix(evals): show alert if variable mapping drifts between template and config by @​marliessophie in langfuse/langfuse#12616
• chore: Shard additional worker queues by @​maxdeichmann in langfuse/langfuse#12583
• feat(otel): pydantic gen ai.system instructions mapping by @​jannikmaierhoefer in langfuse/langfuse#12442
• fix(traces): split IO columns into separate CTE to reduce memory usage by @​sumerman in langfuse/langfuse#12619
• fix(evals): never apply default view if table controls are hidden by @​marliessophie in langfuse/langfuse#12625
• feat(worker): send email to project admins on blob storage export failure by @​sumerman in langfuse/langfuse#12617
• chore: disable ai feat by @​maxdeichmann in langfuse/langfuse#12632
• chore(eslint): add next-check to ignore by @​hassiebbot in langfuse/langfuse#12634
• fix(metadata): write attributes to metadata in direct write + S3 /evals write for non-langfuse-SDK-spans by @​marliessophie in langfuse/langfuse#12631
• fix(otel): fix event metadata scope missing by @​nimarb in langfuse/langfuse#12633
• feat(models): add gemini-live-2.5-flash-native-audio model pricing by @​Tkgmuuuu in langfuse/langfuse#12607
• fix(events): deduplicate redundant metadata keys consistently by @​Steffen911 in langfuse/langfuse#12630
• fix(otel): reduce Prisma OTEL span noise via ignoreSpanTypes by @​Steffen911 in langfuse/langfuse#12638

New Contributors

• @​Tkgmuuuu made their first contribution in langfuse/langfuse#12607

Full Changelog: langfuse/langfuse@v3.159.0...v3.160.0

v3.159.0

What's Changed

Features

• feat(evals): add docs link for backfilling on observation-level LLM-a… by @​annabellscha in langfuse/langfuse#12567
• feat: replay ingestion events v2 by @​Steffen911 in langfuse/langfuse#12319
• feat(web): show sync status badge and error alert in blob storage settings by @​sumerman in langfuse/langfuse#12575
• feat(prompts): add "Select all N / Clear" links and search+create input for custom labels by @​gtabidze in langfuse/langfuse#12496

Fixes

• fix(prompt-management): allow unicode prompt variables by @​aditya-mitra in langfuse/langfuse#12173
• fix(playground): dont cut off selected tools/schemas by @​nimarb in langfuse/langfuse#12593
• fix(invoice-table): fix type by @​nimarb in langfuse/langfuse#12594
• fix(api): return 404 instead of 501 for v2 APIs on self-hosted by @​Steffen911 in langfuse/langfuse#12610

Perf

• perf: avoid FINAL on traces table in traces.metrics endpoint by @​6matt in langfuse/langfuse#12546

Chores

• chore(deps): bump use-query-params to 2.2.2 by @​nimarb in langfuse/langfuse#12585
• chore(deps): bump turbo to 2.8.16 by @​nimarb in langfuse/langfuse#12586
• chore(deps): upgrade to tailwind v4 by @​nimarb in langfuse/langfuse#12590
• docs: add sdk upgrade note to v4 beta popup by @​jannikmaierhoefer in langfuse/langfuse#12611

... (truncated)

Commits

• See full diff in compare view

Updates openai from 2.15.0 to 2.29.0

Release notes

Sourced from openai's releases.

v2.29.0

2.29.0 (2026-03-17)

Full Changelog: v2.28.0...v2.29.0

Features

• api: 5.4 nano and mini model slugs (3b45666)
• api: add /v1/videos endpoint to batches create method (c0e7a16)
• api: add defer_loading field to ToolFunction (3167595)
• api: add in and nin operators to ComparisonFilter type (664f02b)

Bug Fixes

• deps: bump minimum typing-extensions version (a2fb2ca)
• pydantic: do not pass by_alias unless set (8ebe8fb)

Chores

• internal: tweak CI branches (96ccc3c)

v2.28.0

2.28.0 (2026-03-13)

Full Changelog: v2.27.0...v2.28.0

Features

• api: custom voices (50dc060)

v2.27.0

2.27.0 (2026-03-13)

Full Changelog: v2.26.0...v2.27.0

Features

• api: api update (60ab24a)
• api: manual updates (b244b09)
• api: manual updates (d806635)
• api: sora api improvements: character api, video extensions/edits, higher resolution exports. (58b70d3)

Bug Fixes

• api: repair merged videos resource (742d8ee)

... (truncated)

Changelog

Sourced from openai's changelog.

2.29.0 (2026-03-17)

Full Changelog: v2.28.0...v2.29.0

Features

• api: 5.4 nano and mini model slugs (3b45666)
• api: add /v1/videos endpoint to batches create method (c0e7a16)
• api: add defer_loading field to ToolFunction (3167595)
• api: add in and nin operators to ComparisonFilter type (664f02b)

Bug Fixes

• deps: bump minimum typing-extensions version (a2fb2ca)
• pydantic: do not pass by_alias unless set (8ebe8fb)

Chores

• internal: tweak CI branches (96ccc3c)

2.28.0 (2026-03-13)

Full Changelog: v2.27.0...v2.28.0

Features

• api: custom voices (50dc060)

2.27.0 (2026-03-13)

Full Changelog: v2.26.0...v2.27.0

Features

• api: api update (60ab24a)
• api: manual updates (b244b09)
• api: manual updates (d806635)
• api: sora api improvements: character api, video extensions/edits, higher resolution exports. (58b70d3)

Bug Fixes

• api: repair merged videos resource (742d8ee)

Chores

• internal: codegen related update (4e6498e)

... (truncated)

Commits

• acd0c54 release: 2.29.0
• 2c67256 feat(api): 5.4 nano and mini model slugs
• bc96310 feat(api): add in and nin operators to ComparisonFilter type
• cf8e9e7 chore(internal): tweak CI branches
• 11f50b6 fix(deps): bump minimum typing-extensions version
• 02b3071 fix(pydantic): do not pass by_alias unless set
• fdf7f83 codegen metadata
• 28bda04 codegen metadata
• f857bdc feat(api): add defer_loading field to ToolFunction
• c9ccb8f feat(api): add /v1/videos endpoint to batches create method
• Additional commits viewable in compare view

Updates scrapy from 2.14.1 to 2.14.2

Release notes

Sourced from scrapy's releases.

2.14.2

• Values from the Referrer-Policy header of HTTP responses are no longer executed as Python callables. See the cwxj-rr6w-m6w7 security advisory for details.
• In line with the standard, 301 redirects of POST requests are converted into GET requests.

Full Changelog

Changelog

Sourced from scrapy's changelog.

Scrapy 2.14.2 (2026-03-12)

Security bug fixes

-   Values from the ``Referrer-Policy`` header of HTTP responses are no longer
    executed as Python callables. See the `cwxj-rr6w-m6w7`_ security advisory
    for details.
.. _cwxj-rr6w-m6w7: https://github.com/scrapy/scrapy/security/advisories/GHSA-cwxj-rr6w-m6w7



In line with the standard <https://fetch.spec.whatwg.org/#http-redirect-fetch>__, 301 redirects of

POST requests are converted into GET requests.
Converting to a GET request implies not only a method change, but also

omitting the body and Content-* headers in the redirect request. On

cross-origin redirects (for example, cross-domain redirects), this is

effectively a security bug fix for scenarios where the body contains

secrets.


Deprecations

-   Passing a response URL string as the first positional argument to
    :meth:`scrapy.spidermiddlewares.referer.RefererMiddleware.policy` is
    deprecated. Pass a :class:`~scrapy.http.Response` instead.
The parameter has also been renamed to ``response`` to reflect this change.
The old parameter name (``resp_or_url``) is deprecated.

New features



Added a new setting, :setting:REFERER_POLICIES, to allow customizing

supported referrer policies.

Bug fixes

-   Made additional redirect scenarios convert to ``GET`` in line with the
    `standard <https://fetch.spec.whatwg.org/#http-redirect-fetch>`__:
-   Only ``POST`` 302 redirects are converted into ``GET`` requests; other
    methods are preserved.

-   ``HEAD`` 303 redirects are not converted into ``GET`` requests.

-   ``GET`` 303 redirects do not have their body or standard ``Content-*``

</tr></table>

</code></pre>

</blockquote>

<p>... (truncated)</p>

</details>

<details>

<summary>Commits</summary>
<ul>

<li><a href="https://github.com/scrapy/scrapy/commit/498b4fc1a431c71ea699b2d7e0bd518c7ceca302&quot;&gt;&lt;code&gt;498b4fc&lt;/code&gt;&lt;/a> Bump version: 2.14.1 → 2.14.2</li>

<li><a href="https://github.com/scrapy/scrapy/commit/378bb68039876c5e77b293cccd80eb5f306afd7e&quot;&gt;&lt;code&gt;378bb68&lt;/code&gt;&lt;/a> Proofread the release notes</li>

<li><a href="https://github.com/scrapy/scrapy/commit/8e28f938d29a496c3bf9fbffb212e1808213d9c4&quot;&gt;&lt;code&gt;8e28f93&lt;/code&gt;&lt;/a> Make test_no_warning_when_referer_middleware_present less brittle</li>

<li><a href="https://github.com/scrapy/scrapy/commit/886131c7b2f2e792fc139e5660f908239836388c&quot;&gt;&lt;code&gt;886131c&lt;/code&gt;&lt;/a> Run pre-commit</li>

<li><a href="https://github.com/scrapy/scrapy/commit/945b787a263586cb5803c01c6da57daad8997ae5&quot;&gt;&lt;code&gt;945b787&lt;/code&gt;&lt;/a> Merge remote-tracking branch 'cwxj-rr6w-m6w7/fix-referer-policy-handling' int...</li>

<li><a href="https://github.com/scrapy/scrapy/commit/8974580e438d18a105b8a0475e90bce2f1eb4dca&quot;&gt;&lt;code&gt;8974580&lt;/code&gt;&lt;/a> Reword the release note entry to consider the 301 redirect fix a security bug...</li>

<li><a href="https://github.com/scrapy/scrapy/commit/ba3d7bc7a8329d26862fcae248ececa386c1548a&quot;&gt;&lt;code&gt;ba3d7bc&lt;/code&gt;&lt;/a> Remove the non-standard 307/308 handling, and align other aspects with the st...</li>

<li><a href="https://github.com/scrapy/scrapy/commit/04db6a542407666de586d277acb1a651c389354e&quot;&gt;&lt;code&gt;04db6a5&lt;/code&gt;&lt;/a> Add a docstring to _load_policy_class()</li>

<li><a href="https://github.com/scrapy/scrapy/commit/a39545195ea41f22d7bfdc3eab83ef564480e516&quot;&gt;&lt;code&gt;a395451&lt;/code&gt;&lt;/a> allow to override → allow overriding</li>

<li><a href="https://github.com/scrapy/scrapy/commit/842d0becf0f36152a1090c62c0e5d9c950241975&quot;&gt;&lt;code&gt;842d0be&lt;/code&gt;&lt;/a> Rename test function</li>

<li>Additional commits viewable in <a href="https://github.com/scrapy/scrapy/compare/2.14.1...2.14.2&quot;&gt;compare view</a></li>

</ul>

</details>
<br />

Updates sqlmodel from 0.0.31 to 0.0.37

Release notes
Sourced from sqlmodel's releases.

0.0.37
Internal

👷 Fix build CI to not attempt to build sqlmodel-slim. PR #1773 by @​tiangolo.

0.0.35
Breaking Changes

➖ Drop support for Python 3.9. PR #1766 by @​tiangolo.

Internal

🔨 Add script to remove Python 3.9 files, migrate to Python 3.10. PR #1767 by @​tiangolo.
⬆ Bump prek from 0.3.2 to 0.3.3. PR #1761 by @​dependabot[bot].
⬆ Bump typer from 0.23.1 to 0.23.2. PR #1760 by @​dependabot[bot].

0.0.34
Internal

👷 Enable tests with lower and upper bound versions. PR #1735 by @​tiangolo.
⬆ Bump ruff from 0.15.0 to 0.15.1. PR #1758 by @​dependabot[bot].
⬆ Bump typer from 0.23.0 to 0.23.1. PR #1759 by @​dependabot[bot].
⬆ Bump typer from 0.21.2 to 0.23.0. PR #1756 by @​dependabot[bot].
⬆ Bump fastapi from 0.128.7 to 0.128.8. PR #1755 by @​dependabot[bot].

0.0.33
Docs

✏️ Fix typos in inline comment in expression.py. PR #1747 by @​veeceey.
📝 Fix async example in session.execute() docstring & deprecation message. PR #1643 by @​DanielLeviLucas.
📝 Update management-tasks.md to be in line with management-tasks.md in FastAPI repo. PR #1743 by @​YuriiMotov.

Internal

🔨 Update build script for sqlmodel-slim. PR #1754 by @​tiangolo.
⬆ Bump fastapi from 0.128.6 to 0.128.7. PR #1751 by @​dependabot[bot].
⬆ Bump typer from 0.21.1 to 0.21.2. PR #1752 by @​dependabot[bot].
👷 Update build setup for sqlmodel-slim, deprecate it, and make it only depend on sqlmodel. PR #1753 by @​tiangolo.
⬆ Bump fastapi from 0.128.3 to 0.128.6. PR #1750 by @​dependabot[bot].
⬆ Bump fastapi from 0.128.1 to 0.128.3. PR #1746 by @​dependabot[bot].
⬆ Bump prek from 0.3.1 to 0.3.2. PR #1745 by @​dependabot[bot].
⬆ Bump fastapi from 0.128.0 to 0.128.1. PR #1742 by @​dependabot[bot].
✅ Update ValidationError schema in FastAPI-related tests to be compatible with FastAPI 0.128.1+. PR #1744 by @​YuriiMotov.
⬆ Bump ruff from 0.14.14 to 0.15.0. PR #1740 by @​dependabot[bot].
👷 Add generate-readme to pre-commit. PR #1741 by @​tiangolo.
👷 Run mypy by pre-commit. PR #1738 by @​YuriiMotov.
⬆ Bump prek from 0.3.0 to 0.3.1. PR #1739 by @​dependabot[bot].

0.0.32
Fixes


... (truncated)


Changelog
Sourced from sqlmodel's changelog.

0.0.37
Internal

👷 Fix build CI to not attempt to build sqlmodel-slim. PR #1773 by @​tiangolo.

0.0.36
Internal

➖ Drop support for sqlmodel-slim, no more versions will be released, use only sqmodel. PR #1772 by @​tiangolo.

0.0.35
Breaking Changes

➖ Drop support for Python 3.9. PR #1766 by @​tiangolo.

Internal

🔨 Add script to remove Python 3.9 files, migrate to Python 3.10. PR #1767 by @​tiangolo.
⬆ Bump prek from 0.3.2 to 0.3.3. PR #1761 by @​dependabot[bot].
⬆ Bump typer from 0.23.1 to 0.23.2. PR #1760 by @​dependabot[bot].

0.0.34
Internal

👷 Enable tests with lower and upper bound versions. PR #1735 by @​tiangolo.
⬆ Bump ruff from 0.15.0 to 0.15.1. PR #1758 by @​dependabot[bot].
⬆ Bump typer from 0.23.0 to 0.23.1. PR #1759 by @​dependabot[bot].
⬆ Bump typer from 0.21.2 to 0.23.0. PR #1756 by @​dependabot[bot].
⬆ Bump fastapi from 0.128.7 to 0.128.8. PR #1755 by @​dependabot[bot].

0.0.33
Docs

✏️ Fix typos in inline comment in expression.py. PR #1747 by @​veeceey.
📝 Fix async example in session.execute() docstring & deprecation message. PR #1643 by @​DanielLeviLucas.
📝 Update management-tasks.md to be in line with management-tasks.md in FastAPI repo. PR #1743 by @​YuriiMotov.

Internal

🔨 Update build script for sqlmodel-slim. PR #1754 by @​tiangolo.
⬆ Bump fastapi from 0.128.6 to 0.128.7. PR #1751 by @​dependabot[bot].
⬆ Bump typer from 0.21.1 to 0.21.2. PR #1752 by @​dependabot[bot].
👷 Update build setup for sqlmodel-slim, deprecate it, and make it only depend on sqlmodel. PR #1753 by @​tiangolo.
⬆ Bump fastapi from 0.128.3 to 0.128.6. PR #1750 by @​dependabot[bot].
⬆ Bump fastapi from 0.128.1 to 0.128.3. PR #1746 by @​dependabot[bot].



... (truncated)


Commits

aa48bf5 🔖 Release version 0.0.37
1ecbba6 📝 Update release notes
8fabd10 👷 Fix build CI to not attempt to build sqlmodel-slim (#1773)
5f79efd 🔖 Release version 0.0.36
43cc7d3 📝 Update release notes
248a0b9 ➖ Drop support for sqlmodel-slim, no more versions will be released, use on...
3e123f7 🔖 Release version 0.0.35
f0a77e4 📝 Update release notes
06b5a01 🔨 Add script to remove Python 3.9 files, migrate to Python 3.10 (#1767)
17fc7f5 📝 Update release notes
Additional commits viewable in compare view




Updates alembic from 1.18.1 to 1.18.4

Release notes
Sourced from alembic's releases.

1.18.4
Released: February 10, 2026
bug


[bug] [operations] Reverted the behavior of Operations.add_column() that would
automatically render the "PRIMARY KEY" keyword inline when a
Column with primary_key=True is added. The automatic
behavior, added in version 1.18.2, is now opt-in via the new
Operations.add_column.inline_primary_key parameter. This
change restores the ability to render a PostgreSQL SERIAL column, which is
required to be primary_key=True, while not impacting the ability to
render a separate primary key constraint. This also provides consistency
with the Operations.add_column.inline_references parameter and
gives users explicit control over SQL generation.
To render PRIMARY KEY inline, use the
Operations.add_column.inline_primary_key parameter set to
True:
op.add_column(
"my_table",
Column("id", Integer, primary_key=True),
inline_primary_key=True
)References: #1232


1.18.3
Released: January 29, 2026
bug


[bug] [autogenerate] Fixed regression in version 1.18.0 due to #1771 where autogenerate
would raise NoReferencedTableError when a foreign key constraint
referenced a table that was not part of the initial table load, including
tables filtered out by the
EnvironmentContext.configure.include_name callable or tables
in remote schemas that were not included in the initial reflection run.
The change in #1771 was a performance optimization that eliminated
additional reflection queries for tables that were only referenced by
foreign keys but not explicitly included in the main reflection run.
However, this optimization inadvertently removed the creation of
Table objects for these referenced tables, causing autogenerate
to fail when processing foreign key constraints that pointed to them.
The fix creates placeholder Table objects for foreign key targets




... (truncated)


Commits

See full diff in compare view




Updates pytest-cov from 7.0.0 to 7.1.0

Changelog
Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)


Fixed total coverage computation to always be consistent, regardless of reporting settings.
Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on
reporting options.
See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.


Improve handling of ResourceWarning from sqlite3.
The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0).
It checks if there is already existing plugin for this message by comparing filter regular expression.
When filter is specified on command line the message is escaped and does not match an expected message.
A check for an escaped regular expression is added to handle this case.
With this fix one can suppress ResourceWarning from sqlite3 from command line::
pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...


Various improvements to documentation.
Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and
"vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>.
Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.


Fixed some assertions in tests.
Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.


Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).





Commits

66c8a52 Bump version: 7.0.0 → 7.1.0
f707662 Make the examples use pypy 3.11.
6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
8ebf20b Update changelog.
861d30e Remove the backup context manager  - shouldn't be needed since coverage 5.0, ...
fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
78c9c4e Only run the 3.9 on older deps.
4849a92 Punctuation.
197c35e Update changelog and hopefully I don't forget to publish release again :))
14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
Additional commits viewable in compare view




Updates ruff from 0.14.14 to 0.15.7

Release notes
Sourced from ruff's releases.

0.15.7
Release Notes
Released on 2026-03-19.
Preview features

Display output severity in preview (#23845)
Don't show noqa hover for non-Python documents (#24040)

Rule changes

[pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)

Server

Don't return code actions for non-Python documents (#23905)

Documentation

Add company AI policy to contributing guide (#24021)
Document editor features for Markdown code formatting (#23924)
[pylint] Improve phrasing (PLC0208) (#24033)

Other changes

Use PEP 639 license information (#19661)

Contributors

@​tmimmanuel
@​DimitriPapadopoulos
@​amyreese
@​statxc
@​dylwil3
@​hunterhogan
@​renovate

Install ruff 0.15.7
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.7/ruff-installer.sh | sh

Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ruff/releases/download/0.15.7/ruff-installer.ps1 | iex"
</tr></table> 


... (truncated)


Changelog
Sourced from ruff's changelog.

0.15.7
Released on 2026-03-19.
Preview features

Display output severity in preview (#23845)
Don't show noqa hover for non-Python documents (#24040)

Rule changes

[pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)

Server

Don't return code actions for non-Python documents (#23905)

Documentation

Add company AI policy to contributing guide (#24021)
Document editor features for Markdown code formatting (#23924)
[pylint] Improve phrasing (PLC0208) (#24033)

Other changes

Use PEP 639 license information (#19661)

Contributors

@​tmimmanuel
@​DimitriPapadopoulos
@​amyreese
@​statxc
@​dylwil3
@​hunterhogan
@​renovate

0.15.6
Released on 2026-03-12.
Preview features

Add support for lazy import parsing (#23755)
Add support for star-unpacking of comprehensions (PEP 798) (#23788)
Reject semantic syntax errors for lazy imports (#23757)
Drop a few rules from the preview default set (#23879)
[airflow] Flag Variable.get() calls outside of task execution context (AIR003) (#23584)
[airflow] Flag runtime-varying values in DAG/task constructor arguments (AIR304) (#23631)
[flake8-bugbear] Implement delattr-with-constant (B043) (#23737)



... (truncated)


Commits

0ef39de Bump 0.15.7 (#24049)
beb543b [ty] ecosystem-analyzer: Fail on newly panicking projects (#24043)
378fe73 Don't show noqa hover for non-Python documents (#24040)
b5665bd [pylint] Improve phrasing (PLC0208) (#24033)
6e20f22 test: migrate show_settings and version tests to use CliTest (#23702)
f99b284 Drain file watcher events during test setup (#24030)
744c996 [ty] Filter out unsatisfiable inference attempts during generic call narrowin...
1616095 [ty] Avoid inferring intersection types for call arguments (#23933)
7f275f4 [ty] Pin mypy_primer in setup_primer_project.py (#24020)
7255e36 [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)
Additional commits viewable in compare view




Updates ty from 0.0.14 to 0.0.24

Release notes
Sourced from ty's releases.

0.0.24
Release Notes
Released on 2026-03-19.
Bug fixes

Ensure TypedDict subscripts for unknown keys return Unknown (#23926)
Fix overflow with recursive TypeIs (#23784)
Fix variance of frozen dataclass-transform models (#23931)

LSP server

Improve semantic token classification for attribute access on union types (#23841)

Core type checking

Improve performance and correctness by avoiding inferring intersection types for call arguments as a result of bidirectional inference (#23933)
Narrow keyword arguments when unpacking dictionary instances (#23436)
Discover /usr/local/lib dist-packages on Debian/Ubuntu (#23797)
Sync vendored typeshed stubs (#23963). Typeshed diff

Install ty 0.0.24
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ty/releases/download/0.0.24/ty-installer.sh | sh

Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ty/releases/download/0.0.24/ty-installer.ps1 | iex"

Download ty 0.0.24



File
Platform
Checksum




ty-aarch64-apple-darwin.tar.gz
Apple Silicon macOS
checksum


ty-x86_64-apple-darwin.tar.gz
Intel macOS
checksum


ty-aarch64-pc-windows-msvc.zip
ARM64 Windows
checksum


ty-i686-pc-windows-msvc.zip
x86 Windows
checksum


ty-x86_64-pc-windows-msvc.zip
x64 Windows
checksum


ty-aarch64-unknown-linux-gnu.tar.gz
ARM64 Linux
checksum


ty-i686-unknown-linux-gnu.tar.gz
x86 Linux
checksum


ty-powerpc64-unknown-linux-gnu.tar.gz
PPC64 Linux
checksum


ty-powerpc64le-unknown-linux-gnu.tar.gz
PPC64LE Linux
checksum


ty-s390x-unknown-linux-gnu.tar.gz
S390x Linux
checksum





... (truncated)


Changelog
Sourced from ty's changelog.

0.0.24
Released on 2026-03-19.
Bug fixes

Ensure TypedDict subscripts for unknown keys return Unknown (#23926)
Fix overflow with recursive TypeIs (#23784)
Fix variance of frozen dataclass-transform models (#23931)

LSP server

Improve semantic token classification for attribute access on union types (#23841)

Core type checking

Improve performance and correctness by avoiding inferring intersection types for call arguments as a result of bidirectional inference (#23933)
Narrow keyword arguments when unpacking dictionary instances (#23436)
Discover /usr/local/lib dist-packages on Debian/Ubuntu (#23797)
Sync vendored typeshed stubs (#23963). Typeshed diff

Performance

Introduce fast path for protocol non-assignability (#23952)
Improved generic-solver performance in cases involving overload sets (#23881)

Contributors

@​Geo5
@​ibraheemdev
@​charliermarsh
@​dcreager
@​ollema
@​sharkdp

0.0.23
Released on 2026-03-13.
Bug fixes

Fix false-positive diagnostics for PEP-604 union annotations on attribute targets on Python 3.9 when from __future__ import annotations is active (#23915)
dataclass_transform: Respect kw_only overwrites in dataclasses (#23930)
Fix too-many-cycle panics when inferring loop variables with Literal types (#23875)

Server

Fix folding range classification of lines starting with # (#23831)
Fix folding ranges for notebooks (#23830)



... (truncated)


Commits

8762330 Bump version to 0.0.24 (#3084)
a6f24e1 Update prek dependencies (#3045)
95150e7 Typing FAQ: New entry explaining invariance (#3073)
bc9e8a8 Remove the repository code of conduct in favor of the organization one (#3058)
3d12b2e Update astral-sh/setup-uv action to v7.6.0 (#3054)
64fe9c2 Update actions/attest-build-provenance action to v4 ...
Description has been truncated

[github-actions]

Coverage report

This PR does not seem to contain any modification to coverable code.

[codecov-commenter]

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.