Bump the group group across 1 directory with 5 updates

[dependabot]

Bumps the group group with 5 updates in the /python directory:

Package	From	To
tqdm	4.66.2	4.66.4
coverage	7.4.4	7.5.4
mypy	1.9.0	1.10.1
ruff	0.3.4	0.5.0
ssort	0.12.4	0.13.0

Updates tqdm from 4.66.2 to 4.66.4

Release notes

Sourced from tqdm's releases.

tqdm v4.66.4 stable

• rich: fix completion (#1395 <- #1306)
• minor framework updates & code tidy (#1578)

tqdm v4.66.3 stable

• cli: eval safety (fixes CVE-2024-34062, GHSA-g7vv-2v7x-gj9p)

Commits

• 7472295 bump version, merge pull request #1578 from tqdm/devel
• e84d488 tests: bump pre-commit
• 7c8753f Merge pull request #1395 from glensc/patch-1
• d7f469e Add display to close in rich module
• d774884 tidy super() calls
• 4e613f8 Merge pull request from GHSA-g7vv-2v7x-gj9p
• b53348c cli: eval safety
• See full diff in compare view

Updates coverage from 7.4.4 to 7.5.4

Changelog

Sourced from coverage's changelog.

Version 7.5.4 — 2024-06-22

• If you attempt to combine statement coverage data with branch coverage data, coverage.py used to fail with the message "Can't combine arc data with line data" or its reverse, "Can't combine line data with arc data." These messages used internal terminology, making it hard for people to understand the problem. They are now changed to mention "branch coverage data" and "statement coverage data."

• Fixed a minor branch coverage problem with wildcard match/case cases using names or guard clauses.

• Started testing on 3.13 free-threading (nogil) builds of Python. I'm not claiming full support yet. Closes issue 1799_.

.. _issue 1799: nedbat/coveragepy#1799

.. _changes_7-5-3:

Version 7.5.3 — 2024-05-28

• Performance improvements for combining data files, especially when measuring line coverage. A few different quadratic behaviors were eliminated. In one extreme case of combining 700+ data files, the time dropped from more than three hours to seven minutes. Thanks for Kraken Tech for funding the fix.

• Performance improvements for generating HTML reports, with a side benefit of reducing memory use, closing issue 1791_. Thanks to Daniel Diniz for helping to diagnose the problem.

.. _issue 1791: nedbat/coveragepy#1791

.. _changes_7-5-2:

Version 7.5.2 — 2024-05-24

• Fix: nested matches of exclude patterns could exclude too much code, as reported in issue 1779_. This is now fixed.

• Changed: previously, coverage.py would consider a module docstring to be an executable statement if it appeared after line 1 in the file, but not executable if it was the first line. Now module docstrings are never counted as executable statements. This can change coverage.py's count of the number of statements in a file, which can slightly change the coverage percentage reported.

... (truncated)

Commits

• 22c09c6 docs: sample HTML for 7.5.4
• 9e16381 docs: prep for 7.5.4
• fba9b9e docs: link issue 1799 from the changelog
• f124de8 build: no longer download kits to upload them
• 9516cf6 build: hash-pin all actions
• c6e0985 build: finish up the publish action
• 4a49458 build: get the latest dist run id for publishing
• fb15efa build: pin hashes for publishing actions
• c20af95 build: use the correct item: github.event.action
• ccbab15 build: dump all the github actions data
• Additional commits viewable in compare view

Updates mypy from 1.9.0 to 1.10.1

Changelog

Sourced from mypy's changelog.

Mypy 1.10.1

• Fix error reporting on cached run after uninstallation of third party library (Shantanu, PR 17420)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

• Alex Waygood
• Ali Hamdan
• Edward Paget
• Evgeniy Slobodkin
• Hashem
• hesam
• Hugo van Kemenade
• Ihor
• James Braza
• Jelle Zijlstra
• jhance
• Jukka Lehtosalo
• Loïc Simon
• Marc Mueller
• Matthieu Devlin
• Michael R. Crusoe
• Nikita Sobolev
• Oskari Lehto
• Riccardo Di Maio
• Richard Si
• roberfi
• Roman Solomatin
• Sam Xifaras
• Shantanu
• Spencer Brown
• Srinivas Lade
• Tamir Duberstein
• youkaichao

I’d also like to thank my employer, Dropbox, for supporting mypy development.

Mypy 1.9

We’ve just uploaded mypy 1.9 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Breaking Changes

Because the version of typeshed we use in mypy 1.9 doesn't support 3.7, neither does mypy 1.9. (Jared Hance, PR 16883)

... (truncated)

Commits

• c28b525 [1.10 backport] Fix error reporting on cached run after uninstallation of thi...
• 3faf0fc Remove +dev for version for release 1.10
• a5998d2 Update CHANGELOG.md (#17159)
• 62ea5b0 Various updates to changelog for 1.10 (#17158)
• 2f0864c Update CHANGELOG.md with draft for release 1.10 (#17150)
• e1443bb fix: incorrect returned type of access descriptors on unions of types (#16604)
• 5161ac2 Sync typeshed (#17124)
• e2fc1f2 Fix crash when expanding invalid Unpack in a Callable alias (#17028)
• 3ff6e47 Docs: docstrings in checker.py, ast_helpers.py (#16908)
• 732d98e Fix string formatting for string enums (#16555)
• Additional commits viewable in compare view

Updates ruff from 0.3.4 to 0.5.0

Release notes

Sourced from ruff's releases.

0.5.0

Release Notes

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

• Follow the XDG specification to discover user-level configurations on macOS (same as on other Unix platforms)
• Selecting ALL now excludes deprecated rules
• The released archives now include an extra level of nesting, which can be removed with --strip-components=1 when untarring.
• The release artifact's file name no longer includes the version tag. This enables users to install via /latest URLs on GitHub.
• The diagnostic ranges for some flake8-bandit rules were modified (#10667).

Deprecations

The following rules are now deprecated:

• syntax-error (E999): Syntax errors are now always shown

Remapped rules

The following rules have been remapped to new rule codes:

• blocking-http-call-in-async-function: ASYNC100 to ASYNC210
• open-sleep-or-subprocess-in-async-function: ASYNC101 split into ASYNC220, ASYNC221, ASYNC230, and ASYNC251
• blocking-os-call-in-async-function: ASYNC102 has been merged into ASYNC220 and ASYNC221
• trio-timeout-without-await: TRIO100 to ASYNC100
• trio-sync-call: TRIO105 to ASYNC105
• trio-async-function-with-timeout: TRIO109 to ASYNC109
• trio-unneeded-sleep: TRIO110 to ASYNC110
• trio-zero-sleep-call: TRIO115 to ASYNC115
• repeated-isinstance-calls: PLR1701 to SIM101

Stabilization

The following rules have been stabilized and are no longer in preview:

• mutable-fromkeys-value (RUF024)
• default-factory-kwarg (RUF026)
• django-extra (S610)
• manual-dict-comprehension (PERF403)
• print-empty-string (FURB105)
• readlines-in-for (FURB129)
• if-expr-min-max (FURB136)
• bit-count (FURB161)
• redundant-log-base (FURB163)
• regex-flag-alias (FURB167)
• isinstance-type-none (FURB168)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.5.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

• Follow the XDG specification to discover user-level configurations on macOS (same as on other Unix platforms)
• Selecting ALL now excludes deprecated rules
• The released archives now include an extra level of nesting, which can be removed with --strip-components=1 when untarring.
• The release artifact's file name no longer includes the version tag. This enables users to install via /latest URLs on GitHub.
• The diagnostic ranges for some flake8-bandit rules were modified (#10667).

Deprecations

The following rules are now deprecated:

• syntax-error (E999): Syntax errors are now always shown

Remapped rules

The following rules have been remapped to new rule codes:

• blocking-http-call-in-async-function: ASYNC100 to ASYNC210
• open-sleep-or-subprocess-in-async-function: ASYNC101 split into ASYNC220, ASYNC221, ASYNC230, and ASYNC251
• blocking-os-call-in-async-function: ASYNC102 has been merged into ASYNC220 and ASYNC221
• trio-timeout-without-await: TRIO100 to ASYNC100
• trio-sync-call: TRIO105 to ASYNC105
• trio-async-function-with-timeout: TRIO109 to ASYNC109
• trio-unneeded-sleep: TRIO110 to ASYNC110
• trio-zero-sleep-call: TRIO115 to ASYNC115
• repeated-isinstance-calls: PLR1701 to SIM101

Stabilization

The following rules have been stabilized and are no longer in preview:

• mutable-fromkeys-value (RUF024)
• default-factory-kwarg (RUF026)
• django-extra (S610)
• manual-dict-comprehension (PERF403)
• print-empty-string (FURB105)
• readlines-in-for (FURB129)
• if-expr-min-max (FURB136)
• bit-count (FURB161)
• redundant-log-base (FURB163)
• regex-flag-alias (FURB167)
• isinstance-type-none (FURB168)
• type-none-comparison (FURB169)

... (truncated)

Commits

• 244b923 Add necessary permissions for cargo-dist Docker build (#12072)
• a8b48fc Release v0.5.0 (#12068)
• 04c8597 [flake8-simplify] Stabilize detection of Yoda conditions for "constant" col...
• 4029a25 [Ruff v0.5] Stabilise 15 pylint rules (#12051)
• 0917ce1 Update documentation to mention etcetera crate instead of dirs for user c...
• 22cebdf Add server config to filter out syntax error diagnostics (#12059)
• 72b6c26 Simplify LinterResult, avoid cloning ParseError (#11903)
• 73851e7 Avoid displaying syntax error as log message (#11902)
• e7b4969 Remove E999 as a rule, disallow any disablement methods for syntax error (#...
• c98d8a0 [pyflakes] Stabilize detection of is comparisons to lists, etc. (F632) (#...
• Additional commits viewable in compare view

Updates ssort from 0.12.4 to 0.13.0

Release notes

Sourced from ssort's releases.

Release 0.13.0

Introduces support for python 3.12. All credit to @​ericbn.

Commits

• 2025243 Merge pull request #115 from ericbn/add-type-alias-support
• 20b3f63 Revert refactoring of _optional_nested_brackets
• ac899c9 Fix type parameter scopes
• 6e765f4 Add requirements processing for type parameter syntax
• e38c013 Support traversal of TypeAlias for Python 3.12
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions