Skip to content

GHA: Bump the pip-dependencies group in /.github/workflows with 2 updates#433

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/pip/dot-github/workflows/pip-dependencies-02a7cee4b9
Open

GHA: Bump the pip-dependencies group in /.github/workflows with 2 updates#433
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/pip/dot-github/workflows/pip-dependencies-02a7cee4b9

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 2, 2026

Bumps the pip-dependencies group in /.github/workflows with 2 updates: codespell and ruff.

Updates codespell from 2.4.1 to 2.4.2

Release notes

Sourced from codespell's releases.

v2.4.2

Highlights

  • Fixed compatibility with chardet 7+

What's Changed

... (truncated)

Commits
  • 2ccb47f Compat with chardet 7 (#3886)
  • 4ec53bf [pre-commit.ci] pre-commit autoupdate
  • 2a4acba Bump actions/download-artifact from 7 to 8
  • be17cac Bump actions/upload-artifact from 6 to 7
  • 04a0712 Bump ruff (#3879)
  • 583d879 avoide->avoid, avoided, avoids,
  • 1f59f34 Add correction for 'foudation' to 'foundation'
  • e047fda Add spelling correction for gather and variants.
  • b5cd66d respondant->respondent
  • 92125a3 Add detection of ivoice and variants.
  • Additional commits viewable in compare view

Updates ruff from 0.14.10 to 0.15.7

Release notes

Sourced from ruff's releases.

0.15.7

Release Notes

Released on 2026-03-19.

Preview features

  • Display output severity in preview (#23845)
  • Don't show noqa hover for non-Python documents (#24040)

Rule changes

  • [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)

Server

  • Don't return code actions for non-Python documents (#23905)

Documentation

  • Add company AI policy to contributing guide (#24021)
  • Document editor features for Markdown code formatting (#23924)
  • [pylint] Improve phrasing (PLC0208) (#24033)

Other changes

  • Use PEP 639 license information (#19661)

Contributors

Install ruff 0.15.7

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.7/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ruff/releases/download/0.15.7/ruff-installer.ps1 | iex"
</tr></table>

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.7

Released on 2026-03-19.

Preview features

  • Display output severity in preview (#23845)
  • Don't show noqa hover for non-Python documents (#24040)

Rule changes

  • [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)

Server

  • Don't return code actions for non-Python documents (#23905)

Documentation

  • Add company AI policy to contributing guide (#24021)
  • Document editor features for Markdown code formatting (#23924)
  • [pylint] Improve phrasing (PLC0208) (#24033)

Other changes

  • Use PEP 639 license information (#19661)

Contributors

0.15.6

Released on 2026-03-12.

Preview features

  • Add support for lazy import parsing (#23755)
  • Add support for star-unpacking of comprehensions (PEP 798) (#23788)
  • Reject semantic syntax errors for lazy imports (#23757)
  • Drop a few rules from the preview default set (#23879)
  • [airflow] Flag Variable.get() calls outside of task execution context (AIR003) (#23584)
  • [airflow] Flag runtime-varying values in DAG/task constructor arguments (AIR304) (#23631)
  • [flake8-bugbear] Implement delattr-with-constant (B043) (#23737)

... (truncated)

Commits
  • 0ef39de Bump 0.15.7 (#24049)
  • beb543b [ty] ecosystem-analyzer: Fail on newly panicking projects (#24043)
  • 378fe73 Don't show noqa hover for non-Python documents (#24040)
  • b5665bd [pylint] Improve phrasing (PLC0208) (#24033)
  • 6e20f22 test: migrate show_settings and version tests to use CliTest (#23702)
  • f99b284 Drain file watcher events during test setup (#24030)
  • 744c996 [ty] Filter out unsatisfiable inference attempts during generic call narrowin...
  • 1616095 [ty] Avoid inferring intersection types for call arguments (#23933)
  • 7f275f4 [ty] Pin mypy_primer in setup_primer_project.py (#24020)
  • 7255e36 [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#24019)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
GHA: Bump the pip-dependencies group
02df394 
Bumps the pip-dependencies group in /.github/workflows with 2 updates: [codespell](https://github.com/codespell-project/codespell) and [ruff](https://github.com/astral-sh/ruff).


Updates `codespell` from 2.4.1 to 2.4.2
- [Release notes](https://github.com/codespell-project/codespell/releases)
- [Commits](codespell-project/codespell@v2.4.1...v2.4.2)

Updates `ruff` from 0.14.10 to 0.15.7
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.10...0.15.7)

---
updated-dependencies:
- dependency-name: codespell
  dependency-version: 2.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-dependencies
- dependency-name: ruff
  dependency-version: 0.15.7
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Apr 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants