deps: bump ruff from 0.15.15 to 0.15.17#20
Conversation
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.15.15 to 0.15.17. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.15.15...0.15.17) --- updated-dependencies: - dependency-name: ruff dependency-version: 0.15.17 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
helebest
left a comment
helebest
left a comment
There was a problem hiding this comment.
Automated Dependabot Review — APPROVED ✅
Step 1: Code Review
Changes: pyproject.toml (root dev dependency ruff>=0.15.15 → ruff>=0.15.17) and uv.lock (ruff package entry replaced with 0.15.17 wheels + new hashes; platform wheels for cffi/cryptography pruned consistently).
Consistency: The description correctly covers 0.15.16 and 0.15.17. Both pyproject.toml lower bound and lock hashes are updated together. Lock hashes match the published ruff 0.15.17 distribution on PyPI. ✓
Correctness: ruff 0.15.16 and 0.15.17 bring only additive changes: new rules (all in preview mode, not enabled unless opted in), bug fixes in existing rules, formatter improvements, and CLI quality-of-life features. No stable rules were removed or made stricter. The PLR2004 exemption for Python version comparisons and the NPY201 autofix removal are narrowings, not expansions — no new linting errors will be introduced in the current codebase. ✓
Security: No security advisories. Ruff is a dev-only linting tool with no runtime surface. ✓
Conventions: Dev tooling bump only; no production code or plugin contracts modified. ✓
Step 2: Regression Verification
CI ran the full test matrix on this branch.
Step 3: CI Results — PASSED ✅
| Check | Result |
|---|---|
| test (3.12) | ✅ success |
| test (3.13) | ✅ success |
| analyze | ✅ success |
| CodeQL | ✅ success |
Step 4: Merging
All steps passed. Squash-merging now.
Generated by Claude Code
1 participant
Bumps ruff from 0.15.15 to 0.15.17.
Release notes
Sourced from ruff's releases.
... (truncated)
Changelog
Sourced from ruff's changelog.
... (truncated)
Commits
7c645a9Bump 0.15.17 (#25872)f381eb1Prioritize human-readable names in CLI output (#25869)b9b4546Minor workflow simplification (#25870)1e77ba0[ty] MovePreformattedBlockScannerto format-agnostic location. (#25856)6f2b772[ty] Preserve nominal type of enum.property instances (#25849)be4777c[ty] Fix site-package error when multiple versions of pythons are installed i...53f6ff7Allow human-readable names in suppression comments (#25614)6740325[ty] Restrict uncached raw signature access (#25866)970b1bfAuto-update snapshots when syncing typeshed (#25841)0785793Fix handling ofignorecomments within adisable/enablepair (#25845)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)