Skip to content

build(deps): bump ruff from 0.14.6 to 0.14.7#20337

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/ruff-0.14.7
Closed

build(deps): bump ruff from 0.14.6 to 0.14.7#20337
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/ruff-0.14.7

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 9, 2025
edited by cursor bot
Loading

Bumps ruff from 0.14.6 to 0.14.7.

Release notes

Sourced from ruff's releases.

0.14.7

Release Notes

Released on 2025-11-28.

Preview features

  • [flake8-bandit] Handle string literal bindings in suspicious-url-open-usage (S310) (#21469)
  • [pylint] Fix PLR1708 false positives on nested functions (#21177)
  • [pylint] Fix suppression for empty dict without tuple key annotation (PLE1141) (#21290)
  • [ruff] Add rule RUF066 to detect unnecessary class properties (#21535)
  • [ruff] Catch more dummy variable uses (RUF052) (#19799)

Bug fixes

  • [server] Set severity for non-rule diagnostics (#21559)
  • [flake8-implicit-str-concat] Avoid invalid fix in (ISC003) (#21517)
  • [parser] Fix panic when parsing IPython escape command expressions (#21480)

CLI

  • Show partial fixability indicator in statistics output (#21513)

Contributors

Install ruff 0.14.7

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.14.7/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/ruff/releases/download/0.14.7/ruff-installer.ps1 | iex"

... (truncated)

Changelog

Sourced from ruff's changelog.

0.14.7

Released on 2025-11-28.

Preview features

  • [flake8-bandit] Handle string literal bindings in suspicious-url-open-usage (S310) (#21469)
  • [pylint] Fix PLR1708 false positives on nested functions (#21177)
  • [pylint] Fix suppression for empty dict without tuple key annotation (PLE1141) (#21290)
  • [ruff] Add rule RUF066 to detect unnecessary class properties (#21535)
  • [ruff] Catch more dummy variable uses (RUF052) (#19799)

Bug fixes

  • [server] Set severity for non-rule diagnostics (#21559)
  • [flake8-implicit-str-concat] Avoid invalid fix in (ISC003) (#21517)
  • [parser] Fix panic when parsing IPython escape command expressions (#21480)

CLI

  • Show partial fixability indicator in statistics output (#21513)

Contributors

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note

Bumps ruff dev dependency from 0.14.6 to 0.14.7 in poetry.lock.

Written by Cursor Bugbot for commit 1b9d7e7. This will update automatically on new commits. Configure here.

@dependabot
build(deps): bump ruff from 0.14.6 to 0.14.7
1b9d7e7 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.14.6 to 0.14.7.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.6...0.14.7)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.14.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added Changed Required label for PR that categorizes merge commit message as "Changed" for changelog dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 9, 2025
@dependabot dependabot bot requested a review from a team as a code owner December 9, 2025 20:09
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code Changed Required label for PR that categorizes merge commit message as "Changed" for changelog labels Dec 9, 2025
@socket-security
Copy link

socket-security bot commented Dec 9, 2025

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedpypi/​ruff@​0.14.6 ⏵ 0.14.7100100100100100

View full report

@coveralls-official
Copy link

coveralls-official bot commented Dec 9, 2025

Pull Request Test Coverage Report for Build 20077014077

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • 30 unchanged lines in 9 files lost coverage.
  • Overall coverage increased (+0.01%) to 90.805%
Files with Coverage Reduction New Missed Lines %
chia/full_node/full_node.py 1 87.28%
chia/_tests/simulation/test_simulation.py 1 96.47%
chia/timelord/timelord_api.py 1 93.02%
chia/wallet/util/wallet_sync_utils.py 1 85.57%
chia/data_layer/data_layer.py 3 86.22%
chia/server/server.py 3 85.18%
chia/wallet/wallet_node.py 4 86.76%
chia/server/address_manager.py 7 92.83%
chia/server/node_discovery.py 9 80.32%
Totals Coverage Status
Change from base Build 20075942353: 0.01%
Covered Lines: 102749
Relevant Lines: 112980
💛 - Coveralls

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 16, 2025

Superseded by #20353.

@dependabot dependabot bot closed this Dec 16, 2025
@dependabot dependabot bot deleted the dependabot/pip/ruff-0.14.7 branch December 16, 2025 20:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Changed Required label for PR that categorizes merge commit message as "Changed" for changelog dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants