build(deps): Bump the python-packages group across 1 directory with 4 updates

[dependabot]

Bumps the python-packages group with 4 updates in the / directory: sqlalchemy, ruff, mypy and matplotlib.

Updates sqlalchemy from 2.0.36 to 2.0.38

Release notes

Sourced from sqlalchemy's releases.

2.0.38

Released: February 6, 2025

engine

• [engine] [bug] Fixed event-related issue where invoking Engine.execution_options() on a Engine multiple times while making use of event-registering parameters such as isolation_level would lead to internal errors involving event registration.

  References: #12289

sql

• [sql] [bug] Reorganized the internals by which the .c collection on a FromClause gets generated so that it is resilient against the collection being accessed in concurrent fashion. An example is creating a Alias or Subquery and accessing it as a module level variable. This impacts the Oracle dialect which uses such module-level global alias objects but is of general use as well.

  References: #12302

• [sql] [bug] Fixed SQL composition bug which impacted caching where using a None value inside of an in_() expression would bypass the usual "expanded bind parameter" logic used by the IN construct, which allows proper caching to take place.

  References: #12314

postgresql

• [postgresql] [usecase] [asyncio] Added an additional asyncio.shield() call within the connection terminate process of the asyncpg driver, to mitigate an issue where terminate would be prevented from completing under the anyio concurrency library.

  References: #12077

• [postgresql] [bug] Adjusted the asyncpg connection wrapper so that the connection.transaction() call sent to asyncpg sends None for isolation_level if not otherwise set in the SQLAlchemy dialect/wrapper, thereby allowing asyncpg to make use of the server level setting for isolation_level in the absense of a client-level setting. Previously, this behavior of asyncpg was blocked by a hardcoded read_committed.

... (truncated)

Commits

• See full diff in compare view

Updates ruff from 0.8.0 to 0.9.7

Release notes

Sourced from ruff's releases.

0.9.7

Release Notes

Preview features

• Consider __new__ methods as special function type for enforcing class method or static method rules (#13305)
• [airflow] Improve the internal logic to differentiate deprecated symbols (AIR303) (#16013)
• [refurb] Manual timezone monkeypatching (FURB162) (#16113)
• [ruff] Implicit class variable in dataclass (RUF045) (#14349)
• [ruff] Skip singleton starred expressions for incorrectly-parenthesized-tuple-in-subscript (RUF031) (#16083)
• [refurb] Check for subclasses includes subscript expressions (FURB189) (#16155)

Rule changes

• [flake8-debugger] Also flag sys.breakpointhook and sys.__breakpointhook__ (T100) (#16191)
• [pycodestyle] Exempt site.addsitedir(...) calls (E402) (#16251)

Formatter

• Fix unstable formatting of trailing end-of-line comments of parenthesized attribute values (#16187)

Server

• Fix handling of requests received after shutdown message (#16262)
• Ignore source.organizeImports.ruff and source.fixAll.ruff code actions for a notebook cell (#16154)
• Include document specific debug info for ruff.printDebugInformation (#16215)
• Update server to return the debug info as string with ruff.printDebugInformation (#16214)

CLI

• Warn on invalid noqa even when there are no diagnostics (#16178)
• Better error messages while loading configuration extends (#15658)

Bug fixes

• [flake8-comprehensions] Handle trailing comma in C403 fix (#16110)
• [flake8-pyi] Avoid flagging custom-typevar-for-self on metaclass methods (PYI019) (#16141)
• [pydocstyle] Handle arguments with the same names as sections (D417) (#16011)
• [pylint] Correct ordering of arguments in fix for if-stmt-min-max (PLR1730) (#16080)
• [pylint] Do not offer fix for raw strings (PLE251) (#16132)
• [pyupgrade] Do not upgrade functional TypedDicts with private field names to the class-based syntax (UP013) (#16219)
• [pyupgrade] Handle micro version numbers correctly (UP036) (#16091)
• [pyupgrade] Unwrap unary expressions correctly (UP018) (#15919)
• [refurb] Correctly handle lengths of literal strings in slice-to-remove-prefix-or-suffix (FURB188) (#16237)
• [ruff] Skip RUF001 diagnostics when visiting string type definitions (#16122)

Documentation

• Add FAQ entry for source.* code actions in Notebook (#16212)
• Add SECURITY.md (#16224)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.9.7

Preview features

• Consider __new__ methods as special function type for enforcing class method or static method rules (#13305)
• [airflow] Improve the internal logic to differentiate deprecated symbols (AIR303) (#16013)
• [refurb] Manual timezone monkeypatching (FURB162) (#16113)
• [ruff] Implicit class variable in dataclass (RUF045) (#14349)
• [ruff] Skip singleton starred expressions for incorrectly-parenthesized-tuple-in-subscript (RUF031) (#16083)
• [refurb] Check for subclasses includes subscript expressions (FURB189) (#16155)

Rule changes

• [flake8-debugger] Also flag sys.breakpointhook and sys.__breakpointhook__ (T100) (#16191)
• [pycodestyle] Exempt site.addsitedir(...) calls (E402) (#16251)

Formatter

• Fix unstable formatting of trailing end-of-line comments of parenthesized attribute values (#16187)

Server

• Fix handling of requests received after shutdown message (#16262)
• Ignore source.organizeImports.ruff and source.fixAll.ruff code actions for a notebook cell (#16154)
• Include document specific debug info for ruff.printDebugInformation (#16215)
• Update server to return the debug info as string with ruff.printDebugInformation (#16214)

CLI

• Warn on invalid noqa even when there are no diagnostics (#16178)
• Better error messages while loading configuration extends (#15658)

Bug fixes

• [flake8-comprehensions] Handle trailing comma in C403 fix (#16110)
• [flake8-pyi] Avoid flagging custom-typevar-for-self on metaclass methods (PYI019) (#16141)
• [pydocstyle] Handle arguments with the same names as sections (D417) (#16011)
• [pylint] Correct ordering of arguments in fix for if-stmt-min-max (PLR1730) (#16080)
• [pylint] Do not offer fix for raw strings (PLE251) (#16132)
• [pyupgrade] Do not upgrade functional TypedDicts with private field names to the class-based syntax (UP013) (#16219)
• [pyupgrade] Handle micro version numbers correctly (UP036) (#16091)
• [pyupgrade] Unwrap unary expressions correctly (UP018) (#15919)
• [refurb] Correctly handle lengths of literal strings in slice-to-remove-prefix-or-suffix (FURB188) (#16237)
• [ruff] Skip RUF001 diagnostics when visiting string type definitions (#16122)

Documentation

• Add FAQ entry for source.* code actions in Notebook (#16212)
• Add SECURITY.md (#16224)

... (truncated)

Commits

• 54fccb3 Bump version to 0.9.7 (#16271)
• 8198668 [red-knot] MDTest: Use custom class names instead of builtins (#16269)
• fc6b03c Handle requests received after shutdown message (#16262)
• fb09d63 [red-knot] Prefix Type::call and dunder_call with try (#16261)
• 16d0625 Improve internal docs for various string-node APIs (#16256)
• 25920fe Rename ExprStringLiteral::as_unconcatenated_string() to `ExprStringLiteral:...
• 97d0659 Pass ParserOptions to the parser (#16220)
• cfc6941 [red-knot] Resolve references in eager nested scopes eagerly (#16079)
• f50849a Add text_len() methods to more *Prefix enums in ruff_python_ast (#16254)
• 55ea094 [red-knot] Allow any Ranged argument for report_lint and `report_diagnost...
• Additional commits viewable in compare view

Updates mypy from 1.13.0 to 1.15.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Different Property Getter and Setter Types

Mypy now supports using different types for property getter and setter.

class A:
    value: int
@property
def f(self) -> int:
    return self.value
@f.setter
def f(self, x: str | int) -> None:
    try:
        self.value = int(x)
    except ValueError:
        raise Exception(f"'{x}' is not a valid value for 'f'")

Contributed by Ivan Levkivskyi (PR 18510)

Selectively Disable Deprecated Warnings

It's now possible to selectively disable warnings generated from warnings.deprecated using the --deprecated-calls-exclude option.

# mypy --enable-error-code deprecated
#      --deprecated-calls-exclude=foo.A
import foo
foo.A().func()  # OK, the deprecated warning is ignored
file foo.py
from typing_extensions import deprecated
class A:
@​deprecated("Use A.func2 instead")
def func(self): pass

Contributed by Marc Mueller (PR 18641)

Mypy 1.15

We’ve just uploaded mypy 1.15 to the Python Package Index (PyPI).

... (truncated)

Commits

• 9397454 remove +dev from version ahead of final release
• 686b591 remove "unreleased" from 1.15 changelog entry
• cb4b243 Various small updates to 1.15 changelog (#18599)
• 1a26502 Prepare changelog for 1.15 release (#18583)
• d4515e4 Fix a few PR links in the changelog (#18586)
• f83b643 Add object self-type to tuple test fixture (#18592)
• ebc2cb8 Prevent crash on generic NamedTuple with unresolved typevar bound (#18585)
• 63c251e empty commit to trigger wheel rebuild
• c30573e Fix literal context for ternary expressions (for real) (#18545)
• 23d862d Fix isinstance with explicit (non generic) type alias (#18512)
• Additional commits viewable in compare view

Updates matplotlib from 3.9.2 to 3.10.0

Release notes

Sourced from matplotlib's releases.

REL: v3.10.0

Highlights of this release include:

- Preliminary support for free-threaded CPython 3.13
- New more-accessible color cycle
- Dark-mode diverging colormaps
- Exception handling control
- InsetIndicator artist
- FillBetweenPolyCollection
- Fill between 3D lines
- Data in 3D plots can now be dynamically clipped to the axes view limits
- Rotating 3d plots with the mouse
- Increased Figure limits with Agg renderer
- Subfigures no longer provisional
- Subfigures are now added in row-major order

Matplotlib v3.10.0rc1

This is the first release candidate for Matplotlib 3.10.0

REL: 3.9.4

This is the fourth bugfix release of the 3.9.x series.

This release contains two bug-fixes:

• Fix toolbar icons in GTK backend
• Fix Poly3DCollection initialization with list of lists

REL: 3.9.3

This is the third bugfix release of the 3.9.x series.

This release contains several bug-fixes and adjustments:

• Fix axline with extremely small slopes
• Fix axline with non-linear axis scales
• Fix minimumSizeHint with Qt backend
• Fix config directory usage when it's behind a symlink
• Fix draggable legend when blitting is enabled
• Fix high CPU utilization in the macosx backend
• Fix multiple hatch edgecolors passed to contourf
• Improve compatibility with pytest 8.2.0

Commits

• 8d64f03 REL: v3.10.0 release
• d9dfee8 [doc] Fix dead links
• 87a603f Update release notes for 3.10.0
• cdecf97 Update github stats for 3.10
• b8d19bd Merge pull request #29306 from meeseeksmachine/auto-backport-of-pr-29242-on-v...
• a42d0ed Backport PR #29242: DOC: Add kwdoc list to scatter() docstring
• 1900640 Merge pull request #29299 from QuLogic/merge-v39x
• 815389c Merge branch 'v3.9.x' into v3.10.x
• 73873c0 DOC: Create release notes for 3.9.4
• 9d17a2b DOC: Add Zenodo DOI for 3.9.4
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #11.