fix(deps): update dev dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
black (changelog)	>=26.1.0 → >=26.3.1
build (changelog)	>=1.4.0 → >=1.5.0
mypy (changelog)	>=1.19.1 → >=1.20.2
pytest (changelog)	>=9.0.2 → >=9.0.3
pytest-cov (changelog)	>=7.0.0 → >=7.1.0
ruff (source, changelog)	>=0.15.0 → >=0.15.12
types-pyyaml (changelog)	>=6.0.12.20250915 → >=6.0.12.20260510

---

Release Notes

psf/black (black)

v26.3.1

Compare Source

Stable style

• Prevent Jupyter notebook magic masking collisions from corrupting cells by using
  exact-length placeholders for short magics and aborting if a placeholder can no longer
  be unmasked safely (#​5038)

Configuration

• Always hash cache filename components derived from --python-cell-magics so custom
  magic names cannot affect cache paths (#​5038)

Blackd

• Disable browser-originated requests by default, add configurable origin allowlisting
  and request body limits, and bound executor submissions to improve backpressure
  (#​5039)

v26.3.0

Compare Source

Stable style

• Don't double-decode input, causing non-UTF-8 files to be corrupted (#​4964)
• Fix crash on standalone comment in lambda default arguments (#​4993)
• Preserve parentheses when # type: ignore comments would be merged with other
  comments on the same line, preventing AST equivalence failures (#​4888)

Preview style

• Fix bug where if guards in case blocks were incorrectly split when the pattern had
  a trailing comma (#​4884)
• Fix string_processing crashing on unassigned long string literals with trailing
  commas (one-item tuples) (#​4929)
• Simplify implementation of the power operator "hugging" logic (#​4918)

Packaging

• Fix shutdown errors in PyInstaller builds on macOS by disabling multiprocessing in
  frozen environments (#​4930)

Performance

• Introduce winloop for windows as an alternative to uvloop (#​4996)
• Remove deprecated function uvloop.install() in favor of uvloop.new_event_loop()
  (#​4996)
• Rename maybe_install_uvloop function to maybe_use_uvloop to simplify loop
  installation and creation of either a uvloop/winloop evenloop or default eventloop
  (#​4996)

Output

• Emit a clear warning when the target Python version is newer than the running Python
  version, since AST safety checks cannot parse newer syntax. Also replace the
  misleading "INTERNAL ERROR" message with an actionable error explaining the version
  mismatch (#​4983)

Blackd

• Introduce winloop to be used when windows in use which enables blackd to run faster on
  windows when winloop is installed. (#​4996)

Integrations

• Remove unused gallery script (#​5030)
• Harden parsing of black requirements in the GitHub Action when use_pyproject is
  enabled so that only version specifiers are accepted and direct references such as
  black @​ https://... are rejected. Users should upgrade to the latest version of the
  action as soon as possible. This update is received automatically when using
  psf/black@stable, and is independent of the version of Black installed by the
  action. (#​5031)

Documentation

• Expand preview style documentation with detailed examples for wrap_comprehension_in,
  simplify_power_operator_hugging, and wrap_long_dict_values_in_parens features
  (#​4987)
• Add detailed documentation for formatting Jupyter Notebooks (#​5009)

pypa/build (build)

v1.5.0

Compare Source

What's Changed

• ci: try to improve release docs by @​henryiii in #​1051
• feat: drop 3.9, require 3.10+ by @​henryiii in #​1036
• chore: tox toml by @​henryiii in #​1033
• fix: api should not ignore installed, only CLI by @​henryiii in #​1056

Full Changelog: pypa/build@1.4.4...1.5.0

v1.4.4

Compare Source

What's Changed

• 🐛 fix(release): generate consistent CHANGELOG heading levels by @​gaborbernat in #​1032
• docs: move source links by @​henryiii in #​1034
• revert: drop PEP 660 change by @​henryiii in #​1039
• fix: ignore installed when running pip by @​henryiii in #​1040
• fix: revert part of #​973 by @​henryiii in #​1044
• chore: report coverage failure lines by @​henryiii in #​1046
• tests: fix issue with uv run by @​henryiii in #​1048
• docs: reorganize testing docs for copy/paste by @​abitrolly in #​1043
• tests: keep environment from leaking in Python 3.15 by @​henryiii in #​1049
• docs: fix issue with changelog generation by @​henryiii in #​1050

Full Changelog: pypa/build@1.4.3...1.4.4

v1.4.3

Compare Source

What's Changed

• 🐛 fix(api): resolve thread-safety races in build API by @​gaborbernat in #​1015
• 🐛 fix(builder): validate backend-path entries exist on disk by @​gaborbernat in #​1016
• test: cover config settings build paths by @​terminalchai in #​992
• Add kind=(step, ) for root messages with * by @​abitrolly in #​973
• fix: correct changelog category ordering by @​gaborbernat in #​1017
• 🐛 fix(cli): show full dependency chain in missing deps error by @​gaborbernat in #​1019
• tests: fully annotate by @​henryiii in #​1020
• chore: lazy imports by @​henryiii in #​1021
• chore: adding more ruff codes by @​henryiii in #​1022
• tests: improve annotations by @​henryiii in #​1023
• 🧪 test(coverage): achieve 100% test coverage by @​gaborbernat in #​1018
• chore: add ruff PT by @​henryiii in #​1025
• chore: add ruff PYI by @​henryiii in #​1026
• chore: add ruff SIM/RET by @​henryiii in #​1028
• 🐛 fix(env): strip PYTHONPATH from isolated builds by @​gaborbernat in #​1024
• chore: use ruff ALL by @​henryiii in #​1029
• 🐛 fix(env): prevent pip credential hang with private indexes by @​gaborbernat in #​1030
• 🐛 fix(check_dependency): verify URL reqs via PEP 610 by @​gaborbernat in #​1027

New Contributors

• @​terminalchai made their first contribution in #​992

Full Changelog: pypa/build@1.4.2...1.4.3

v1.4.2

Compare Source

What's Changed

• fix(uv): always pass the python to use by @​henryiii in #​996
• 🐛 fix(release): detect pre-commit environment inconsistencies by @​gaborbernat in #​1001
• 🔧 fix(towncrier): match docstrfmt RST formatting expectations by @​gaborbernat in #​1002
• Fix _has_valid_outer_pip when pip is missing by @​notatallshaw in #​1003
• fix: release changelog issue by @​henryiii in #​1006

New Contributors

• @​notatallshaw made their first contribution in #​1003

Full Changelog: pypa/build@1.4.1...1.4.2

v1.4.1

Compare Source

What's Changed

• Fix documentation grammar and typos by @​DimitriPapadopoulos in #​979
• Allow setting build constraints by @​layday in #​963
• fix: pip hack workaround by @​henryiii in #​980
• 📚 docs: reorganize using Diataxis framework by @​gaborbernat in #​988
• ✨ feat(ci): automate releases and harden workflows by @​gaborbernat in #​991
• chore: avoid template injection zizmor issue by @​henryiii in #​994
• chore: fix PR template by @​henryiii in #​995
• chore: fix fix job by @​henryiii in #​997
• 🐛 fix(ci): resolve pre-release auth failure and change detection by @​gaborbernat in #​999
• 🐛 fix(deps): add pre-commit to release dependency group by @​gaborbernat in #​1000

Full Changelog: pypa/build@1.4.0...1.4.1

python/mypy (mypy)

v1.20.2

Compare Source

v1.20.1

Compare Source

• Always disable sync in SQLite cache (Ivan Levkivskyi, PR 21184)
• Temporarily skip few base64 tests (Ivan Levkivskyi, PR 21193)
• Revert dict.__or__ typeshed change (Ivan Levkivskyi, PR 21186)
• Fix narrowing for match case with variadic tuples (Shantanu, PR 21192)
• Avoid narrowing type[T] in type calls (Shantanu, PR 21174)
• Fix regression for catching empty tuple in except (Shantanu, PR 21153)
• Fix reachability for frozenset and dict view narrowing (Shantanu, PR 21151)
• Fix narrowing with chained comparison (Shantanu, PR 21150)
• Avoid narrowing to unreachable at module level (Shantanu, PR 21144)
• Allow dangerous identity comparisons to Any typed variables (Shantanu, PR 21142)
• --warn-unused-config should not be a strict flag (Ivan Levkivskyi, PR 21139)

v1.20.0

Compare Source

pytest-dev/pytest (pytest)

v9.0.3

Compare Source

pytest 9.0.3 (2026-04-07)

Bug fixes

• #​12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

• #​13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

  Previously this resulted in an internal assertion failure during plugin loading.

  Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

• #​13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

• #​14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

• #​14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

• #​13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
• #​13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
• #​14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
• #​14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

• #​12689: The test reports are now published to Codecov from GitHub Actions.
  The test statistics is visible on the web interface.

  -- by aleguy02

pytest-dev/pytest-cov (pytest-cov)

v7.1.0

Compare Source

• Fixed total coverage computation to always be consistent, regardless of reporting settings.
  Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on
  reporting options.
  See #&#8203;641 <https://github.com/pytest-dev/pytest-cov/issues/641>_.

• Improve handling of ResourceWarning from sqlite3.

  The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0).
  It checks if there is already existing plugin for this message by comparing filter regular expression.
  When filter is specified on command line the message is escaped and does not match an expected message.
  A check for an escaped regular expression is added to handle this case.

  With this fix one can suppress ResourceWarning from sqlite3 from command line::

  pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

• Various improvements to documentation.
  Contributed by Art Pelling in #&#8203;718 <https://github.com/pytest-dev/pytest-cov/pull/718>_ and
  "vivodi" in #&#8203;738 <https://github.com/pytest-dev/pytest-cov/pull/738>.
  Also closed #&#8203;736 <https://github.com/pytest-dev/pytest-cov/issues/736>.

• Fixed some assertions in tests.
  Contributed by in Markéta Machová in #&#8203;722 <https://github.com/pytest-dev/pytest-cov/pull/722>_.

• Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

astral-sh/ruff (ruff)

v0.15.12

Compare Source

Released on 2026-04-24.

Preview features

• Implement #ruff:file-ignore file-level suppressions (#​23599)
• Implement #ruff:ignore logical-line suppressions (#​23404)
• Revert preview changes to displayed diagnostic severity in LSP (#​24789)
• [airflow] Implement task-branch-as-short-circuit (AIR004) (#​23579)
• [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#​24440)
• [pylint] Fix PLC2701 for type parameter scopes (#​24576)

Rule changes

• [pandas-vet] Suggest .array as well in PD011 (#​24805)

CLI

• Respect default Unix permissions for cache files (#​24794)

Documentation

• [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#​24749)
• [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#​24153)
• Improve rules table accessibility (#​24711)

Contributors

• @​dylwil3
• @​AlexWaygood
• @​woodruffw
• @​avasis-ai
• @​Dev-iL
• @​denyszhak
• @​ShipItAndPray
• @​anishgirianish
• @​augustelalande
• @​amyreese
• @​majiayu000

v0.15.11

Compare Source

Released on 2026-04-16.

Preview features

• [ruff] Ignore RUF029 when function is decorated with asynccontextmanager (#​24642)
• [airflow] Implement airflow-xcom-pull-in-template-string (AIR201) (#​23583)
• [flake8-bandit] Fix S103 false positives and negatives in mask analysis (#​24424)

Bug fixes

• [flake8-async] Omit overridden methods for ASYNC109 (#​24648)

Documentation

• [flake8-async] Add override mention to ASYNC109 docs (#​24666)
• Update Neovim config examples to use vim.lsp.config (#​24577)

Contributors

• @​augustelalande
• @​anishgirianish
• @​benberryallwood
• @​charliermarsh
• @​Dev-iL

v0.15.10

Compare Source

Released on 2026-04-09.

Preview features

• [flake8-logging] Allow closures in except handlers (LOG004) (#​24464)
• [flake8-self] Make SLF diagnostics robust to non-self-named variables (#​24281)
• [flake8-simplify] Make the fix for collapsible-if safe in preview (SIM102) (#​24371)

Bug fixes

• Avoid emitting multi-line f-string elements before Python 3.12 (#​24377)
• Avoid syntax error from E502 fixes in f-strings and t-strings (#​24410)
• Strip form feeds from indent passed to dedent_to (#​24381)
• [pyupgrade] Fix panic caused by handling of octals (UP012) (#​24390)
• Reject multi-line f-string elements before Python 3.12 (#​24355)

Rule changes

• [ruff] Treat f-string interpolation as potential side effect (RUF019) (#​24426)

Server

• Add support for custom file extensions (#​24463)

Documentation

• Document adding fixes in CONTRIBUTING.md (#​24393)
• Fix JSON typo in settings example (#​24517)

Contributors

• @​charliermarsh
• @​dylwil3
• @​silverstein
• @​anishgirianish
• @​shizukushq
• @​zanieb
• @​AlexWaygood

v0.15.9

Compare Source

Released on 2026-04-02.

Preview features

• [pyflakes] Flag annotated variable redeclarations as F811 in preview mode (#​24244)
• [ruff] Allow dunder-named assignments in non-strict mode for RUF067 (#​24089)

Bug fixes

• [flake8-errmsg] Avoid shadowing existing msg in fix for EM101 (#​24363)
• [flake8-simplify] Ignore pre-initialization references in SIM113 (#​24235)
• [pycodestyle] Fix W391 fixes for consecutive empty notebook cells (#​24236)
• [pyupgrade] Fix UP008 nested class matching (#​24273)
• [pyupgrade] Ignore strings with string-only escapes (UP012) (#​16058)
• [ruff] RUF072: skip formfeeds on dedent (#​24308)
• [ruff] Avoid re-using symbol in RUF024 fix (#​24316)
• [ruff] Parenthesize expression in RUF050 fix (#​24234)
• Disallow starred expressions as values of starred expressions (#​24280)

Rule changes

• [flake8-simplify] Suppress SIM105 for except* before Python 3.12 (#​23869)
• [pyflakes] Extend F507 to flag %-format strings with zero placeholders (#​24215)
• [pyupgrade] UP018 should detect more unnecessarily wrapped literals (UP018) (#​24093)
• [pyupgrade] Fix UP008 callable scope handling to support lambdas (#​24274)
• [ruff] RUF010: Mark fix as unsafe when it deletes a comment (#​24270)

Formatter

• Add nested-string-quote-style formatting option (#​24312)

Documentation

• [flake8-bugbear] Clarify RUF071 fix safety for non-path string comparisons (#​24149)
• [flake8-type-checking] Clarify import cycle wording for TC001/TC002/TC003 (#​24322)

Other changes

• Avoid rendering fix lines with trailing whitespace after | (#​24343)

Contributors

• @​charliermarsh
• @​MichaReiser
• @​tranhoangtu-it
• @​dylwil3
• @​zsol
• @​renovate
• @​bitloi
• @​danparizher
• @​chinar-amrutkar
• @​second-ed
• @​getehen
• @​Redovo1
• @​matthewlloyd
• @​zanieb
• @​InSyncWithFoo
• @​RenzoMXD

v0.15.8

Compare Source

Released on 2026-03-26.

Preview features

• [ruff] New rule unnecessary-if (RUF050) (#​24114)
• [ruff] New rule useless-finally (RUF072) (#​24165)
• [ruff] New rule f-string-percent-format (RUF073): warn when using % operator on an f-string (#​24162)
• [pyflakes] Recognize frozendict as a builtin for Python 3.15+ (#​24100)

Bug fixes

• [flake8-async] Use fully-qualified anyio.lowlevel import in autofix (ASYNC115) (#​24166)
• [flake8-bandit] Check tuple arguments for partial paths in S607 (#​24080)
• [pyflakes] Skip undefined-name (F821) for conditionally deleted variables (#​24088)
• E501/W505/formatter: Exclude nested pragma comments from line width calculation (#​24071)
• Fix %foo? parsing in IPython assignment expressions (#​24152)
• analyze graph: resolve string imports that reference attributes, not just modules (#​24058)

Rule changes

• [eradicate] ignore ty: ignore comments in ERA001 (#​24192)
• [flake8-bandit] Treat sys.executable as trusted input in S603 (#​24106)
• [flake8-self] Recognize Self annotation and self assignment in SLF001 (#​24144)
• [pyflakes] F507: Fix false negative for non-tuple RHS in %-formatting (#​24142)
• [refurb] Parenthesize generator arguments in FURB142 fixer (#​24200)

Performance

• Speed up diagnostic rendering (#​24146)

Server

• Warn when Markdown files are skipped due to preview being disabled (#​24150)

Documentation

• Clarify extend-ignore and extend-select settings documentation (#​24064)
• Mention AI policy in PR template (#​24198)

Other changes

• Use trusted publishing for NPM packages (#​24171)

Contributors

• @​bitloi
• @​Sim-hu
• @​mvanhorn
• @​chinar-amrutkar
• @​markjm
• @​RenzoMXD
• @​vivekkhimani
• @​seroperson
• @​moktamd
• @​charliermarsh
• @​ntBre
• @​zanieb
• @​dylwil3
• @​MichaReiser

v0.15.7

Compare Source

Released on 2026-03-19.

Preview features

• Display output severity in preview (#​23845)
• Don't show noqa hover for non-Python documents (#​24040)

Rule changes

• [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#​24019)

Server

• Don't return code actions for non-Python documents (#​23905)

Documentation

• Add company AI policy to contributing guide (#​24021)
• Document editor features for Markdown code formatting (#​23924)
• [pylint] Improve phrasing (PLC0208) (#​24033)

Other changes

• Use PEP 639 license information (#​19661)

Contributors

• @​tmimmanuel
• @​DimitriPapadopoulos
• @​amyreese
• @​statxc
• @​dylwil3
• @​hunterhogan
• @​renovate

v0.15.6

Compare Source

Released on 2026-03-12.

Preview features

• Add support for lazy import parsing (#​23755)
• Add support for star-unpacking of comprehensions (PEP 798) (#​23788)
• Reject semantic syntax errors for lazy imports (#​23757)
• Drop a few rules from the preview default set (#​23879)
• [airflow] Flag Variable.get() calls outside of task execution context (AIR003) (#​23584)
• [airflow] Flag runtime-varying values in DAG/task constructor arguments (AIR304) (#​23631)
• [flake8-bugbear] Implement delattr-with-constant (B043) (#​23737)
• [flake8-tidy-imports] Add TID254 to enforce lazy imports (#​23777)
• [flake8-tidy-imports] Allow users to ban lazy imports with TID254 (#​23847)
• [isort] Retain lazy keyword when sorting imports (#​23762)
• [pyupgrade] Add from __future__ import annotations automatically (UP006) (#​23260)
• [refurb] Support newline parameter in FURB101 for Python 3.13+ (#​23754)
• [ruff] Add os-path-commonprefix (RUF071) (#​23814)
• [ruff] Add unsafe fix for os-path-commonprefix (RUF071) (#​23852)
• [ruff] Limit RUF036 to typing contexts; make it unsafe for non-typing-only (#​23765)
• [ruff] Use starred unpacking for RUF017 in Python 3.15+ (#​23789)

Bug fixes

• Fix --add-noqa creating unwanted leading whitespace (#​23773)
• Fix --add-noqa breaking shebangs (#​23577)
• [formatter] Fix lambda body formatting for multiline calls and subscripts (#​23866)
• [formatter] Preserve required annotation parentheses in annotated assignments (#​23865)
• [formatter] Preserve type-expression parentheses in the formatter (#​23867)
• [flake8-annotations] Fix stack overflow in ANN401 on quoted annotations with escape sequences (#​23912)
• [pep8-naming] Check naming conventions in match pattern bindings (N806, N815, N816) (#​23899)
• [perflint] Fix comment duplication in fixes (PERF401, PERF403) (#​23729)
• [pyupgrade] Properly trigger super change in nested class (UP008) (#​22677)
• [ruff] Avoid syntax errors in RUF036 fixes (#​23764)

Rule changes

• [flake8-bandit] Flag S501 with requests.request (#​23873)
• [flake8-executable] Fix WSL detection in non-Docker containers (#​22879)
• [flake8-print] Ignore pprint calls with stream= (#​23787)

Documentation

• Update docs for Markdown code block formatting (#​23871)
• [flake8-bugbear] Fix misleading description for B904 (#​23731)

Contributors

• @​zsol
• @​carljm
• @​ntBre
• @​Bortlesboat
• @​sososonia-cyber
• @​chirizxc
• @​leandrobbraga
• @​11happy
• @​Acelogic
• @​anishgirianish
• @​amyreese
• @​xvchris
• @​charliermarsh
• @​getehen
• @​Dev-iL

v0.15.5

Compare Source

Released on 2026-03-05.

Preview features

• Discover Markdown files by default in preview mode (#​23434)
• [perflint] Extend PERF102 to comprehensions and generators (#​23473)
• [refurb] Fix FURB101 and FURB103 false positives when I/O variable is used later (#​23542)
• [ruff] Add fix for none-not-at-end-of-union (RUF036) (#​22829)
• [ruff] Fix false positive for re.split with empty string pattern (RUF055) (#​23634)

Bug fixes

• [fastapi] Handle callable class dependencies with __call__ method (FAST003) (#​23553)
• [pydocstyle] Fix numpy section ordering (D420) (#​23685)
• [pyflakes] Fix false positive for names shadowing re-exports (F811) (#​23356)
• [pyupgrade] Avoid inserting redundant None elements in UP045 (#​23459)

Documentation

• Document extension mapping for Markdown code formatting (#​23574)
• Update default Python version examples (#​23605)

Other changes

• Publish releases to Astral mirror (#​23616)

Contributors

• @​amyreese
• @​stakeswky
• @​chirizxc
• @​anishgirianish
• @​bxff
• @​zsol
• @​charliermarsh
• @​ntBre
• @​kar-ganap

v0.15.4

Compare Source

Released on 2026-02-26.

This is a follow-up release to 0.15.3 that resolves a panic when the new rule PLR1712 was enabled with any rule that analyzes definitions, such as many of the ANN or D rules.

Bug fixes

• Fix panic on access to definitions after analyzing definitions (#​23588)
• [pyflakes] Suppress false positive in F821 for names used before del in stub files (#​23550)

Documentation

• Clarify first-party import detection in Ruff (#​23591)
• Fix incorrect import-heading example (#​23568)

Contributors

• @​stakeswky
• @​ntBre
• @​thejcannon
• @​GeObts

v0.15.3

Compare Source

Released on 2026-02-26.

Preview features

• Drop explicit support for .qmd file extension (#​23572)

  This can now be enabled instead by setting the extension option:

  # ruff.toml
  extension = { qmd = "markdown" }
  
  # pyproject.toml
  [tool.ruff]
  extension = { qmd = "markdown" }

• Include configured extensions in file discovery (#​23400)

• [flake8-bandit] Allow suspicious imports in TYPE_CHECKING blocks (S401-S415) (#​23441)

• [flake8-bugbear] Allow B901 in pytest hook wrappers (#​21931)

• [flake8-import-conventions] Add missing conventions from upstream (ICN001, ICN002) (#​21373)

• [pydocstyle] Add rule to enforce docstring section ordering (D420) (#​23537)

• [pylint] Implement swap-with-temporary-variable (PLR1712) (#​22205)

• [ruff] Add unnecessary-assign-before-yield (RUF070) (#​23300)

• [ruff] Support file-level noqa in RUF102 (#​23535)

• [ruff] Suppress diagnostic for invalid f-strings before Python 3.12 (RUF027) (#​23480)

• [flake8-bandit] Don't flag BaseLoader/CBaseLoader as unsafe (S506) (#​23510)

Bug fixes

• Avoid infinite loop between I002 and PYI025 (#​23352)
• [pyflakes] Fix false positive for @overload from lint.typing-modules (F811) (#​23357)
• [pyupgrade] Fix false positive for TypeVar default before Python 3.12 (UP046) (#​23540)
• [pyupgrade] Fix handling of \N in raw strings (UP032) (#​22149)

Rule changes

• Render sub-diagnostics in the GitHub output format (#​23455)

• [flake8-bugbear] Tag certain B007 diagnostics as unnecessary (#​23453)

• [ruff] Ignore unknown rule codes in RUF100 (#​23531)

  These are now flagged by RUF102 instead.

Documentation

• Fix missing settings links for several linters (#​23519)
• Update isort action comments heading (#​23515)
• [pydocstyle] Fix double comma in description of D404 (#​23440)

Other changes

• Update the Python module (notably find_ruff_bin) for parity with uv (#​23406)

Contributors

• @​zanieb
• @​o1x3
• @​assadyousuf
• @​kar-ganap
• @​denyszhak
• @​amyreese
• @​carljm
• @​anishgirianish
• @​Bnyro
• @​danparizher
• @​ntBre
• @​gcomneno
• @​jaap3
• @​stakeswky

v0.15.2

Compare Source

Released on 2026-02-19.

Preview features

• Expand the default rule set (#​23385)

  In preview, Ruff now enables a significantly expanded default rule set of 412
  rules, up from the stable default set of 59 rules. The new rules are mostly a
  superset of the stable defaults, with the exception of these rules, which are
  removed from the preview defaults:

  • multiple-imports-on-one-line (E401)
  • module-import-not-at-top-of-file (E402)
  • module-import-not-at-top-of-file (E701)
  • multiple-statements-on-one-line-semicolon (E702)
  • useless-semicolon (E703)
  • none-comparison (E711)
  • true-false-comparison (E712)
  • not-in-test (E713)
  • not-is-test (E714)
  • type-comparison (E721)
  • lambda-assignment (E731)
  • ambiguous-variable-name (E741)
  • ambiguous-class-name (E742)
  • ambiguous-function-name (E743)
  • undefined-local-with-import-star (F403)
  • undefined-local-with-import-star-usage (F405)
  • undefined-local-with-nested-import-star-usage (F406)
  • forward-annotation-syntax-error (F722)

  If you use preview and prefer the old defaults, you can restore them with
  configuration like:

  # ruff.toml
  
  [lint]
  select = ["E4", "E7", "E9", "F"]
  
  # pyproject.toml
  
  [tool.ruff.lint]
  select = ["E4", "E7", "E9", "F"]

  If you do give them a try, feel free to share your feedback in the GitHub
  discussion!

• [flake8-pyi] Also check string annotations (PYI041) (#​19023)

Bug fixes

• [flake8-async] Fix in_async_context logic ([#​23426](https://redirect.github.com

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.