⬆️ deps: Update dependencies (non-major)

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
pyo3	dependencies	minor	0.23.0 -> 0.24.0
ruff (source, changelog)	project.optional-dependencies	minor	==0.9.9 -> ==0.11.0

---

Release Notes

pyo3/pyo3 (pyo3)

v0.24.0

Compare Source

Packaging

• Add supported CPython/PyPy versions to cargo package metadata. #​4756
• Bump target-lexicon dependency to 0.13. #​4822
• Add optional jiff dependency to add conversions for jiff datetime types. #​4823
• Bump minimum supported inventory version to 0.3.5. #​4954

Added

• Add PyIterator::send method to allow sending values into a python generator. #​4746
• Add PyCallArgs trait for passing arguments into the Python calling protocol. This enabled using a faster calling convention for certain types, improving performance. #​4768
• Add #[pyo3(default = ...'] option for #[derive(FromPyObject)] to set a default value for extracted fields of named structs. #​4829
• Add #[pyo3(into_py_with = ...)] option for #[derive(IntoPyObject, IntoPyObjectRef)]. #​4850
• Add uuid to/from python conversions. #​4864
• Add FFI definitions PyThreadState_GetFrame and PyFrame_GetBack. #​4866
• Optimize last for BoundListIterator, BoundTupleIterator and BorrowedTupleIterator. #​4878
• Optimize Iterator::count() for PyDict, PyList, PyTuple & PySet. #​4878
• Optimize nth, nth_back, advance_by and advance_back_by for BoundTupleIterator #​4897
• Add support for types.GenericAlias as pyo3::types::PyGenericAlias. #​4917
• Add MutextExt trait to help avoid deadlocks with the GIL while locking a std::sync::Mutex. #​4934
• Add #[pyo3(rename_all = "...")] option for #[derive(FromPyObject)]. #​4941

Changed

• Optimize nth, nth_back, advance_by and advance_back_by for BoundListIterator. #​4810
• Use DerefToPyAny in blanket implementations of From<Py<T>> and From<Bound<'py, T>> for PyObject. #​4593
• Map io::ErrorKind::IsADirectory/NotADirectory to the corresponding Python exception on Rust 1.83+. #​4747
• PyAnyMethods::call and friends now require PyCallArgs for their positional arguments. #​4768
• Expose FFI definitions for PyObject_Vectorcall(Method) on the stable abi on 3.12+. #​4853
• #[pyo3(from_py_with = ...)] now take a path rather than a string literal #​4860
• Format Python traceback in impl Debug for PyErr. #​4900
• Convert PathBuf & Path into Python pathlib.Path instead of PyString. #​4925
• Relax parsing of exotic Python versions. #​4949
• PyO3 threads now hang instead of pthread_exit trying to acquire the GIL when the interpreter is shutting down. This mimics the Python 3.14 behavior and avoids undefined behavior and crashes. #​4874

Removed

• Remove implementations of Deref for PyAny and other "native" types. #​4593
• Remove implicit default of trailing optional arguments (see #​2935) #​4729
• Remove the deprecated implicit eq fallback for simple enums. #​4730

Fixed

• Correct FFI definition of PyIter_Send to return a PySendResult. #​4746
• Fix a thread safety issue in the runtime borrow checker used by mutable pyclass instances on the free-threaded build. #​4948

astral-sh/ruff (ruff)

v0.11.0

Compare Source

This is a follow-up to release 0.10.0. Because of a mistake in the release process, the requires-python inference changes were not included in that release. Ruff 0.11.0 now includes this change as well as the stabilization of the preview behavior for PGH004.

Breaking changes

• Changes to how the Python version is inferred when a target-version is not specified (#​16319)

  In previous versions of Ruff, you could specify your Python version with:

  • The target-version option in a ruff.toml file or the [tool.ruff] section of a pyproject.toml file.
  • The project.requires-python field in a pyproject.toml file with a [tool.ruff] section.

  These options worked well in most cases, and are still recommended for fine control of the Python version. However, because of the way Ruff discovers config files, pyproject.toml files without a [tool.ruff] section would be ignored, including the requires-python setting. Ruff would then use the default Python version (3.9 as of this writing) instead, which is surprising when you've attempted to request another version.

  In v0.10, config discovery has been updated to address this issue:

  • If Ruff finds a ruff.toml file without a target-version, it will check
    for a pyproject.toml file in the same directory and respect its
    requires-python version, even if it does not contain a [tool.ruff]
    section.
  • If Ruff finds a user-level configuration, the requires-python field of the closest pyproject.toml in a parent directory will take precedence.
  • If there is no config file (ruff.tomlor pyproject.toml with a
    [tool.ruff] section) in the directory of the file being checked, Ruff will
    search for the closest pyproject.toml in the parent directories and use its
    requires-python setting.

Stabilization

The following behaviors have been stabilized:

• blanket-noqa (PGH004): Also detect blanked file-level noqa comments (and not just line level comments).

Preview features

• [syntax-errors] Tuple unpacking in for statement iterator clause before Python 3.9 (#​16558)

v0.10.0

Compare Source

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

• Changes to how the Python version is inferred when a target-version is not specified (#​16319)

  Because of a mistake in the release process, the requires-python inference changes are not included in this release and instead shipped as part of 0.11.0.
  You can find a description of this change in the 0.11.0 section.

• Updated TYPE_CHECKING behavior (#​16669)

  Previously, Ruff only recognized typechecking blocks that tested the typing.TYPE_CHECKING symbol. Now, Ruff recognizes any local variable named TYPE_CHECKING. This release also removes support for the legacy if 0: and if False: typechecking checks. Use a local TYPE_CHECKING variable instead.

• More robust noqa parsing (#​16483)

  The syntax for both file-level and in-line suppression comments has been unified and made more robust to certain errors. In most cases, this will result in more suppression comments being read by Ruff, but there are a few instances where previously read comments will now log an error to the user instead. Please refer to the documentation on Error suppression for the full specification.

• Avoid unnecessary parentheses around with statements with a single context manager and a trailing comment (#​14005)

  This change fixes a bug in the formatter where it introduced unnecessary parentheses around with statements with a single context manager and a trailing comment. This change may result in a change in formatting for some users.

• Bump alpine default tag to 3.21 for derived Docker images (#​16456)

  Alpine 3.21 was released in Dec 2024 and is used in the official Alpine-based Python images. Now the ruff:alpine image will use 3.21 instead of 3.20 and ruff:alpine3.20 will no longer be updated.

Deprecated Rules

The following rules have been deprecated:

• non-pep604-isinstance (UP038)
• suspicious-xmle-tree-usage (S320)

Remapped rules

The following rules have been remapped to new rule codes:

• [unsafe-markup-use]: RUF035 to S704

Stabilization

The following rules have been stabilized and are no longer in preview:

• batched-without-explicit-strict (B911)
• unnecessary-dict-comprehension-for-iterable (C420)
• datetime-min-max (DTZ901)
• fast-api-unused-path-parameter (FAST003)
• root-logger-call (LOG015)
• len-test (PLC1802)
• shallow-copy-environ (PLW1507)
• os-listdir (PTH208)
• invalid-pathlib-with-suffix (PTH210)
• invalid-assert-message-literal-argument (RUF040)
• unnecessary-nested-literal (RUF041)
• unnecessary-cast-to-int (RUF046)
• map-int-version-parsing (RUF048)
• if-key-in-dict-del (RUF051)
• unsafe-markup-use (S704). This rule has also been renamed from RUF035.
• split-static-string (SIM905)
• runtime-cast-value (TC006)
• unquoted-type-alias (TC007)
• non-pep646-unpack (UP044)

The following behaviors have been stabilized:

• bad-staticmethod-argument (PLW0211) invalid-first-argument-name-for-class-method (N804): __new__ methods are now no longer flagged by invalid-first-argument-name-for-class-method (N804) but instead by bad-staticmethod-argument (PLW0211)
• bad-str-strip-call (PLE1310): The rule now applies to objects which are known to have type str or bytes.
• custom-type-var-for-self (PYI019): More accurate detection of custom TypeVars replaceable by Self. The range of the diagnostic is now the full function header rather than just the return annotation.
• invalid-argument-name (N803): Ignore argument names of functions decorated with typing.override
• invalid-envvar-default (PLW1508): Detect default value arguments to os.environ.get with invalid type.
• pytest-raises-with-multiple-statements (PT012) pytest-warns-with-multiple-statements (PT031): Allow for statements with an empty body in pytest.raises and pytest.warns with statements.
• redundant-open-modes (UP015): The diagnostic range is now the range of the redundant mode argument where it previously was the range of the entire open call. You may have to replace your noqa comments when suppressing UP015.
• stdlib-module-shadowing (A005): Changes the default value of lint.flake8-builtins.strict-checking from true to false.
• type-none-comparison (FURB169): Now also recognizes type(expr) is type(None) comparisons where expr isn't a name expression.

The following fixes or improvements to fixes have been stabilized:

• repeated-equality-comparison (PLR1714) (#​16685)
• needless-bool (SIM103) (#​16684)
• unused-private-type-var (PYI018) (#​16682)

Server

• Remove logging output for ruff.printDebugInformation (#​16617)

Configuration

• [flake8-builtins] Deprecate the builtins- prefixed options in favor of the unprefixed options (e.g. builtins-allowed-modules is now deprecated in favor of allowed-modules) (#​16092)

Bug fixes

• [flake8-bandit] Fix mixed-case hash algorithm names (S324) (#​16552)

CLI

• [ruff] Fix last_tag/commits_since_last_tag for version command (#​16686)

v0.9.10

Compare Source

Preview features

• [ruff] Add new rule RUF059: Unused unpacked assignment (#​16449)
• [syntax-errors] Detect assignment expressions before Python 3.8 (#​16383)
• [syntax-errors] Named expressions in decorators before Python 3.9 (#​16386)
• [syntax-errors] Parenthesized keyword argument names after Python 3.8 (#​16482)
• [syntax-errors] Positional-only parameters before Python 3.8 (#​16481)
• [syntax-errors] Tuple unpacking in return and yield before Python 3.8 (#​16485)
• [syntax-errors] Type parameter defaults before Python 3.13 (#​16447)
• [syntax-errors] Type parameter lists before Python 3.12 (#​16479)
• [syntax-errors] except* before Python 3.11 (#​16446)
• [syntax-errors] type statements before Python 3.12 (#​16478)

Bug fixes

• Escape template filenames in glob patterns in configuration (#​16407)
• [flake8-simplify] Exempt unittest context methods for SIM115 rule (#​16439)
• Formatter: Fix syntax error location in notebooks (#​16499)
• [pyupgrade] Do not offer fix when at least one target is global/nonlocal (UP028) (#​16451)
• [flake8-builtins] Ignore variables matching module attribute names (A001) (#​16454)
• [pylint] Convert code keyword argument to a positional argument in fix for (PLR1722) (#​16424)

CLI

• Move rule code from description to check_name in GitLab output serializer (#​16437)

Documentation

• [pydocstyle] Clarify that D417 only checks docstrings with an arguments section (#​16494)

---

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.