Build(deps-dev): bump the minor-patch group across 1 directory with 2 updates

[dependabot]

Bumps the minor-patch group with 2 updates in the / directory: ruff and ty.

Updates ruff from 0.14.14 to 0.15.0

Release notes

Sourced from ruff's releases.

0.15.0

Release Notes

Released on 2026-02-03.

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

• Ruff now formats your code according to the 2026 style guide. See the formatter section below or in the blog post for a detailed list of changes.

• The linter now supports block suppression comments. For example, to suppress N803 for all parameters in this function:

  # ruff: disable[N803]
  def foo(
      legacyArg1,
      legacyArg2,
      legacyArg3,
      legacyArg4,
  ): ...
  # ruff: enable[N803]

  See the documentation for more details.

• The ruff:alpine Docker image is now based on Alpine 3.23 (up from 3.21).

• The ruff:debian and ruff:debian-slim Docker images are now based on Debian 13 "Trixie" instead of Debian 12 "Bookworm."

• Binaries for the ppc64 (64-bit big-endian PowerPC) architecture are no longer included in our releases. It should still be possible to build Ruff manually for this platform, if needed.

• Ruff now resolves all extended configuration files before falling back on a default Python version.

Stabilization

The following rules have been stabilized and are no longer in preview:

• blocking-http-call-httpx-in-async-function (ASYNC212)
• blocking-path-method-in-async-function (ASYNC240)
• blocking-input-in-async-function (ASYNC250)
• map-without-explicit-strict (B912)
• if-exp-instead-of-or-operator (FURB110)
• single-item-membership-test (FURB171)
• missing-maxsplit-arg (PLC0207)
• unnecessary-lambda (PLW0108)
• unnecessary-empty-iterable-within-deque-call (RUF037)
• in-empty-collection (RUF060)
• legacy-form-pytest-raises (RUF061)
• non-octal-permissions (RUF064)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.0

Released on 2026-02-03.

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

• Ruff now formats your code according to the 2026 style guide. See the formatter section below or in the blog post for a detailed list of changes.

• The linter now supports block suppression comments. For example, to suppress N803 for all parameters in this function:

  # ruff: disable[N803]
  def foo(
      legacyArg1,
      legacyArg2,
      legacyArg3,
      legacyArg4,
  ): ...
  # ruff: enable[N803]

  See the documentation for more details.

• The ruff:alpine Docker image is now based on Alpine 3.23 (up from 3.21).

• The ruff:debian and ruff:debian-slim Docker images are now based on Debian 13 "Trixie" instead of Debian 12 "Bookworm."

• Binaries for the ppc64 (64-bit big-endian PowerPC) architecture are no longer included in our releases. It should still be possible to build Ruff manually for this platform, if needed.

• Ruff now resolves all extended configuration files before falling back on a default Python version.

Stabilization

The following rules have been stabilized and are no longer in preview:

• blocking-http-call-httpx-in-async-function (ASYNC212)
• blocking-path-method-in-async-function (ASYNC240)
• blocking-input-in-async-function (ASYNC250)
• map-without-explicit-strict (B912)
• if-exp-instead-of-or-operator (FURB110)
• single-item-membership-test (FURB171)

... (truncated)

Commits

• ce5f7b6 Bump 0.15.0 (#23055)
• b4e40f5 [ty] Fix __contains__ to respect descriptors (#23056)
• 848cb72 [ty] Fix narrowing of nonlocal variables with conditional assignments (#22966)
• da7f33a [ty] Add a diagnostic for Final without assignment (#23001)
• e65f9a6 Document markdown formatting feature (#22990)
• c0c1b98 Format markdown code blocks with line-by-line regex parse (#22996)
• 9f8f3e1 Allow positional-only params with defaults in method overrides (#23037)
• ef83810 [ty] ecosystem-analyzer: Support bare git repositories (#23054)
• 54dfee4 Customize where the fix_title sub-diagnostic appears (#23044)
• b534607 2026 Ruff Formatter Style (#22735)
• Additional commits viewable in compare view

Updates ty from 0.0.14 to 0.0.16

Release notes

Sourced from ty's releases.

0.0.16

Release Notes

Released on 2026-02-10.

Bug fixes

• Allow stringified argument in PEP-613 alias to Optional (#23200)
• Fix fuzzer panic on slice expression in unclosed comprehension (#23146)
• Fix combinatorial explosion due to fixed-length tuple expansion in overload matching (#23190)
• Respect @no_type_check when combined with other decorators (#23177)
• Fix diagnostic location for an incorrect sub-call to a specialized ParamSpec (#23036)

LSP server

• Assign lower completions ranking to deprecated functions and classes (#23089)
• Change goto-def for class constructors to always go to class definition (#23071)
• Ensure diagnostic mode is consistent across projects inside the LSP server (#23121)
• Don't include the class Foo in autocomplete suggestions when the user is typing out Foo's bases (#23141)
• Fix parameter references across files via keyword args (#23012)
• Fix wrong inlay hints for overloaded function arguments (#23179)
• Support diagnostics in newly created files inside neovim (#23095)
• Exclude already-included classes when providing completion suggestions for class bases (#23085)

CLI

• Add support for TY_OUTPUT_FORMAT environment variable (#23123)
• Fall back to python3 found in $PATH if no environment is found (#22843)

Type checking

• Add inconsistent-mro autofix to move Generic[] to the end of the bases list (#22998)
• Add precise return-type inference for struct.unpack (#22562, #23130)
• Disallow TypeVars within ClassVars (#23184)
• Emit diagnostic on unbound call to abstract @classmethod or @staticmethod (#23182)
• Fix false-positive diagnostics when providing the total= keyword to TypedDict classes that had PEP-695 type parameters (#23114)
• Narrow both left- and right-hand operands where possible (#23084)
• Narrow chained operators (#23093)
• Narrow equality subscripts on either operand (#23104)
• Recognize __dataclass_transform__ to support SQLModel (#23070)
• Relax the attribute narrowing condition to support deeper-nested attribute type narrowing (#22440)
• Support constrained TypeVar compatibility across function boundaries (#23103)
• Support comparison methods (__gt__, etc.) where a parameter is annotated with a Literal type (#23100)
• Support partially specialized type context (#22748)
• Use type context when inferring constructor argument types (#23139)
• Validate TypedDict constructor calls for generic aliases and type[...] targets (#23113)

Performance

• Conservative narrowing places optimization (#22734)

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.16

Released on 2026-02-10.

Bug fixes

• Allow stringified argument in PEP-613 alias to Optional (#23200)
• Fix fuzzer panic on slice expression in unclosed comprehension (#23146)
• Fix combinatorial explosion due to fixed-length tuple expansion in overload matching (#23190)
• Respect @no_type_check when combined with other decorators (#23177)
• Fix diagnostic location for an incorrect sub-call to a specialized ParamSpec (#23036)

LSP server

• Assign lower completions ranking to deprecated functions and classes (#23089)
• Change goto-def for class constructors to always go to class definition (#23071)
• Ensure diagnostic mode is consistent across projects inside the LSP server (#23121)
• Don't include the class Foo in autocomplete suggestions when the user is typing out Foo's bases (#23141)
• Fix parameter references across files via keyword args (#23012)
• Fix wrong inlay hints for overloaded function arguments (#23179)
• Support diagnostics in newly created files inside neovim (#23095)
• Exclude already-included classes when providing completion suggestions for class bases (#23085)

CLI

• Add support for TY_OUTPUT_FORMAT environment variable (#23123)
• Fall back to python3 found in $PATH if no environment is found (#22843)

Type checking

• Add inconsistent-mro autofix to move Generic[] to the end of the bases list (#22998)
• Add precise return-type inference for struct.unpack (#22562, #23130)
• Disallow TypeVars within ClassVars (#23184)
• Emit diagnostic on unbound call to abstract @classmethod or @staticmethod (#23182)
• Fix false-positive diagnostics when providing the total= keyword to TypedDict classes that had PEP-695 type parameters (#23114)
• Narrow both left- and right-hand operands where possible (#23084)
• Narrow chained operators (#23093)
• Narrow equality subscripts on either operand (#23104)
• Recognize __dataclass_transform__ to support SQLModel (#23070)
• Relax the attribute narrowing condition to support deeper-nested attribute type narrowing (#22440)
• Support constrained TypeVar compatibility across function boundaries (#23103)
• Support comparison methods (__gt__, etc.) where a parameter is annotated with a Literal type (#23100)
• Support partially specialized type context (#22748)
• Use type context when inferring constructor argument types (#23139)
• Validate TypedDict constructor calls for generic aliases and type[...] targets (#23113)

Performance

• Conservative narrowing places optimization (#22734)

... (truncated)

Commits

• e96ea4c Bump version to 0.0.16 (#2779)
• b393d32 Update docker/login-action action to v3.7.0 (#2754)
• 532b111 Update actions/cache action to v5.0.3 (#2751)
• 61b0376 Update astral-sh/setup-uv action to v7.3.0 (#2753)
• 216f8dc Update prek dependencies (#2752)
• 044af7f FAQ: Why doesn't ty warn about missing type annotations? (#2721)
• eb43dff Bump version to 0.0.15 (#2717)
• 338058b Add instructions for how to run ty with Bazel (#2711)
• deed12c Fix ty version reporting in Docker distributions (#2702)
• 3f490fa Document configuration option for setting level for all rules (#2691)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dgarijo]

@francoto ?