chore(deps): update dependency ruff to >=0.11,<0.12

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
ruff (source, changelog)	>=0.9.2,<0.10 -> >=0.11,<0.12

---

Release Notes

astral-sh/ruff (ruff)

v0.11.0

Compare Source

This is a follow-up to release 0.10.0. Because of a mistake in the release process, the requires-python inference changes were not included in that release. Ruff 0.11.0 now includes this change as well as the stabilization of the preview behavior for PGH004.

Breaking changes

• Changes to how the Python version is inferred when a target-version is not specified (#​16319)

  In previous versions of Ruff, you could specify your Python version with:

  • The target-version option in a ruff.toml file or the [tool.ruff] section of a pyproject.toml file.
  • The project.requires-python field in a pyproject.toml file with a [tool.ruff] section.

  These options worked well in most cases, and are still recommended for fine control of the Python version. However, because of the way Ruff discovers config files, pyproject.toml files without a [tool.ruff] section would be ignored, including the requires-python setting. Ruff would then use the default Python version (3.9 as of this writing) instead, which is surprising when you've attempted to request another version.

  In v0.10, config discovery has been updated to address this issue:

  • If Ruff finds a ruff.toml file without a target-version, it will check
    for a pyproject.toml file in the same directory and respect its
    requires-python version, even if it does not contain a [tool.ruff]
    section.
  • If Ruff finds a user-level configuration, the requires-python field of the closest pyproject.toml in a parent directory will take precedence.
  • If there is no config file (ruff.tomlor pyproject.toml with a
    [tool.ruff] section) in the directory of the file being checked, Ruff will
    search for the closest pyproject.toml in the parent directories and use its
    requires-python setting.

Stabilization

The following behaviors have been stabilized:

• blanket-noqa (PGH004): Also detect blanked file-level noqa comments (and not just line level comments).

Preview features

• [syntax-errors] Tuple unpacking in for statement iterator clause before Python 3.9 (#​16558)

v0.10.0

Compare Source

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

• Changes to how the Python version is inferred when a target-version is not specified (#​16319)

  In previous versions of Ruff, you could specify your Python version with:

  • The target-version option in a ruff.toml file or the [tool.ruff] section of a pyproject.toml file.
  • The project.requires-python field in a pyproject.toml file with a [tool.ruff] section.

  These options worked well in most cases, and are still recommended for fine control of the Python version. However, because of the way Ruff discovers config files, pyproject.toml files without a [tool.ruff] section would be ignored, including the requires-python setting. Ruff would then use the default Python version (3.9 as of this writing) instead, which is surprising when you've attempted to request another version.

  In v0.10, config discovery has been updated to address this issue:

  • If Ruff finds a ruff.toml file without a target-version, it will check
    for a pyproject.toml file in the same directory and respect its
    requires-python version, even if it does not contain a [tool.ruff]
    section.
  • If Ruff finds a user-level configuration, the requires-python field of the closest pyproject.toml in a parent directory will take precedence.
  • If there is no config file (ruff.tomlor pyproject.toml with a
    [tool.ruff] section) in the directory of the file being checked, Ruff will
    search for the closest pyproject.toml in the parent directories and use its
    requires-python setting.

• Updated TYPE_CHECKING behavior (#​16669)

  Previously, Ruff only recognized typechecking blocks that tested the typing.TYPE_CHECKING symbol. Now, Ruff recognizes any local variable named TYPE_CHECKING. This release also removes support for the legacy if 0: and if False: typechecking checks. Use a local TYPE_CHECKING variable instead.

• More robust noqa parsing (#​16483)

  The syntax for both file-level and in-line suppression comments has been unified and made more robust to certain errors. In most cases, this will result in more suppression comments being read by Ruff, but there are a few instances where previously read comments will now log an error to the user instead. Please refer to the documentation on Error suppression for the full specification.

• Avoid unnecessary parentheses around with statements with a single context manager and a trailing comment (#​14005)

  This change fixes a bug in the formatter where it introduced unnecessary parentheses around with statements with a single context manager and a trailing comment. This change may result in a change in formatting for some users.

• Bump alpine default tag to 3.21 for derived Docker images (#​16456)

  Alpine 3.21 was released in Dec 2024 and is used in the official Alpine-based Python images. Now the ruff:alpine image will use 3.21 instead of 3.20 and ruff:alpine3.20 will no longer be updated.

Deprecated Rules

The following rules have been deprecated:

• non-pep604-isinstance (UP038)
• suspicious-xmle-tree-usage (S320)

Remapped rules

The following rules have been remapped to new rule codes:

• [unsafe-markup-use]: RUF035 to S704

Stabilization

The following rules have been stabilized and are no longer in preview:

• batched-without-explicit-strict (B911)
• unnecessary-dict-comprehension-for-iterable (C420)
• datetime-min-max (DTZ901)
• fast-api-unused-path-parameter (FAST003)
• root-logger-call (LOG015)
• len-test (PLC1802)
• shallow-copy-environ (PLW1507)
• os-listdir (PTH208)
• invalid-pathlib-with-suffix (PTH210)
• invalid-assert-message-literal-argument (RUF040)
• unnecessary-nested-literal (RUF041)
• unnecessary-cast-to-int (RUF046)
• map-int-version-parsing (RUF048)
• if-key-in-dict-del (RUF051)
• unsafe-markup-use (S704). This rule has also been renamed from RUF035.
• split-static-string (SIM905)
• runtime-cast-value (TC006)
• unquoted-type-alias (TC007)
• non-pep646-unpack (UP044)

The following behaviors have been stabilized:

• bad-staticmethod-argument (PLW0211) invalid-first-argument-name-for-class-method (N804): __new__ methods are now no longer flagged by invalid-first-argument-name-for-class-method (N804) but instead by bad-staticmethod-argument (PLW0211)
• bad-str-strip-call (PLE1310): The rule now applies to objects which are known to have type str or bytes.
• blanket-noqa (PGH004): Also detect blanked file-level noqa comments (and not just line level comments).
• custom-type-var-for-self (PYI019): More accurate detection of custom TypeVars replaceable by Self. The range of the diagnostic is now the full function header rather than just the return annotation.
• invalid-argument-name (N803): Ignore argument names of functions decorated with typing.override
• invalid-envvar-default (PLW1508): Detect default value arguments to os.environ.get with invalid type.
• pytest-raises-with-multiple-statements (PT012) pytest-warns-with-multiple-statements (PT031): Allow for statements with an empty body in pytest.raises and pytest.warns with statements.
• redundant-open-modes (UP015): The diagnostic range is now the range of the redundant mode argument where it previously was the range of the entire open call. You may have to replace your noqa comments when suppressing UP015.
• stdlib-module-shadowing (A005): Changes the default value of lint.flake8-builtins.strict-checking from true to false.
• type-none-comparison (FURB169): Now also recognizes type(expr) is type(None) comparisons where expr isn't a name expression.

The following fixes or improvements to fixes have been stabilized:

• repeated-equality-comparison (PLR1714) (#​16685)
• needless-bool (SIM103) (#​16684)
• unused-private-type-var (PYI018) (#​16682)

Server

• Remove logging output for ruff.printDebugInformation (#​16617)

Configuration

• [flake8-builtins] Deprecate the builtins- prefixed options in favor of the unprefixed options (e.g. builtins-allowed-modules is now deprecated in favor of allowed-modules) (#​16092)

Bug fixes

• [flake8-bandit] Fix mixed-case hash algorithm names (S324) (#​16552)

CLI

• [ruff] Fix last_tag/commits_since_last_tag for version command (#​16686)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 84.12%. Comparing base (604839b) to head (1514408).
Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #94   +/-   ##
=======================================
  Coverage   84.12%   84.12%           
=======================================
  Files          28       28           
  Lines        2388     2388           
=======================================
  Hits         2009     2009           
  Misses        379      379           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.