pip: bump the pip-updates group across 1 directory with 12 updates

[dependabot]

Updates the requirements on anyio, certifi, cffi, charset-normalizer, click, cryptography, idna, pycparser, pydantic, pyyaml, ruff and black to permit the latest version.
Updates anyio from 4.10.0 to 4.11.0

Release notes

Sourced from anyio's releases.

4.11.0

• Added support for cancellation reasons (the reason parameter to CancelScope.cancel()) (#975)
• Bumped the minimum version of Trio to v0.31.0
• Added the ability to enter the event loop from foreign (non-worker) threads by passing the return value of anyio.lowlevel.current_token() to anyio.from_thread.run() and anyio.from_thread.run_sync() as the token keyword argument (#256)
• Added pytest option (anyio_mode = "auto") to make the pytest plugin automatically handle all async tests (#971)
• Added the anyio.Condition.wait_for() method for feature parity with asyncio (#974)
• Changed the default type argument of anyio.abc.TaskStatus from Any to None (#964)
• Fixed TCP listener behavior to guarantee the same ephemeral port is used for all socket listeners when local_port=0 (#857; PR by @​11kkw and @​agronholm)
• Fixed inconsistency between Trio and asyncio where a TCP stream that previously raised a BrokenResourceError on send() would still raise BrokenResourceError after the stream was closed on asyncio, but ClosedResourceError on Trio. They now both raise a ClosedResourceError in this scenario. (#671)

Changelog

Sourced from anyio's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

UNRELEASED

• Set None as the default type argument for anyio.abc.TaskStatus
• Added support for uvloop=True on Windows via the winloop_ implementation ([#960](https://github.com/agronholm/anyio/issues/960) <https://github.com/agronholm/anyio/pull/960>_; PR by @​Vizonex)

.. _winloop: https://github.com/Vizonex/Winloop

4.11.0

• Added support for cancellation reasons (the reason parameter to CancelScope.cancel()) ([#975](https://github.com/agronholm/anyio/issues/975) <https://github.com/agronholm/anyio/pull/975>_)
• Bumped the minimum version of Trio to v0.31.0
• Added the ability to enter the event loop from foreign (non-worker) threads by passing the return value of anyio.lowlevel.current_token() to anyio.from_thread.run() and anyio.from_thread.run_sync() as the token keyword argument ([#256](https://github.com/agronholm/anyio/issues/256) <https://github.com/agronholm/anyio/issues/256>_)
• Added pytest option (anyio_mode = "auto") to make the pytest plugin automatically handle all async tests ([#971](https://github.com/agronholm/anyio/issues/971) <https://github.com/agronholm/anyio/pull/971>_)
• Added the anyio.Condition.wait_for() method for feature parity with asyncio ([#974](https://github.com/agronholm/anyio/issues/974) <https://github.com/agronholm/anyio/pull/974>_)
• Changed the default type argument of anyio.abc.TaskStatus from Any to None ([#964](https://github.com/agronholm/anyio/issues/964) <https://github.com/agronholm/anyio/pull/964>_)
• Fixed TCP listener behavior to guarantee the same ephemeral port is used for all socket listeners when local_port=0 ([#857](https://github.com/agronholm/anyio/issues/857) <https://github.com/agronholm/anyio/issues/857>_; PR by @​11kkw and @​agronholm)
• Fixed inconsistency between Trio and asyncio where a TCP stream that previously raised a BrokenResourceError on send() would still raise BrokenResourceError after the stream was closed on asyncio, but ClosedResourceError on Trio. They now both raise a ClosedResourceError in this scenario. ([#671](https://github.com/agronholm/anyio/issues/671) <https://github.com/agronholm/anyio/issues/671>_)

4.10.0

• Added the feed_data() method to the BufferedByteReceiveStream class, allowing users to inject data directly into the buffer

• Added various class methods to wrap existing sockets as listeners or socket streams:

  • SocketListener.from_socket()
  • SocketStream.from_socket()
  • UNIXSocketStream.from_socket()
  • UDPSocket.from_socket()

... (truncated)

Commits

• 08737af Bumped up the version
• 8bb9fe0 Fixed the inconsistent exception on sending to a closed TCP stream (#980)
• 9637093 [pre-commit.ci] pre-commit autoupdate (#981)
• f1bc6ee Fixed changelog entry formatting
• 0b58964 Mentioned the sub-interpreter support in the README
• 1ed112c Ensure same port is used for IPv4/IPv6 when creating TCP listener with local_...
• aceeee0 Re-enabled coverage reporting on macOS
• 6b890dc Reworded a changelog entry and added PR links to others
• 944257d Updated pre-commit modules
• 087975f Fixed a documentation style (#976)
• Additional commits viewable in compare view

Updates certifi from 2025.8.3 to 2025.10.5

Commits

• fb14ac4 2025.10.05 (#371)
• 2c7c7ee Add Python 3.14 classifier in setup.py
• 1a5cb7b Bump actions/setup-python from 5.6.0 to 6.0.0 (#367)
• dea5960 Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 (#366)
• 83566b7 Bump actions/checkout from 4.2.2 to 5.0.0
• ca2e121 Bump actions/download-artifact from 4.3.0 to 5.0.0
• See full diff in compare view

Updates cffi from 1.17.1 to 2.0.0

Release notes

Sourced from cffi's releases.

v2.0.0

What's Changed

• Add Python 3.14 support.
• Add CPython free-threaded support (3.14t+ only) - huge thanks to the folks at Quansight Labs for all the work to get this one sorted!
• Drop Python <= 3.8 support.
• Fix order dependency affecting nested type size calculation (#148).

Full Changelog: python-cffi/cffi@v1.17.1...v2.0.0

v2.0.0b1

What's Changed

• Add Python 3.14 support.
• Add CPython free-threaded support (3.14t+ only).
• Drop Python <= 3.8 support.
• Fix order dependency affecting nested type size calculation (#148).

Full Changelog: python-cffi/cffi@v1.17.1...v2.0.0b1

Commits

• 6366c01 release 2.0.0 (#196)
• 95c8476 2.0.0 post beta backports (#195)
• 195cbda Release 2.0.0b1 (#183)
• b4bbe79 fix version test to support beta
• 7ed073d Add support for the free-threaded build (#178)
• 67a170d Change the license from MIT to MIT-no-attribution, which is the same without ...
• 92645ec Add Python 3.14 support/testing (#177)
• 2b81170 doc: update test commands in Section Testing/development tips (#158)
• 25172b8 doc: update year (#153)
• b57a92c issue 147: force-compute nested structs before parent structs. Occurs mainly...
• Additional commits viewable in compare view

Updates charset-normalizer from 3.4.3 to 3.4.4

Release notes

Sourced from charset-normalizer's releases.

Version 3.4.4

3.4.4 (2025-10-13)

Changed

• Bound setuptools to a specific constraint setuptools>=68,<=81.
• Raised upper bound of mypyc for the optional pre-built extension to v1.18.2

Removed

• setuptools-scm as a build dependency.

Misc

• Enforced hashes in dev-requirements.txt and created ci-requirements.txt for security purposes.
• Additional pre-built wheels for riscv64, s390x, and armv7l architectures.
• Restore multiple.intoto.jsonl in GitHub releases in addition to individual attestation file per wheel.

Changelog

Sourced from charset-normalizer's changelog.

3.4.4 (2025-10-13)

Changed

• Bound setuptools to a specific constraint setuptools>=68,<=81.
• Raised upper bound of mypyc for the optional pre-built extension to v1.18.2

Removed

• setuptools-scm as a build dependency.

Misc

• Enforced hashes in dev-requirements.txt and created ci-requirements.txt for security purposes.
• Additional pre-built wheels for riscv64, s390x, and armv7l architectures.
• Restore multiple.intoto.jsonl in GitHub releases in addition to individual attestation file per wheel.

Commits

• b30ffdc 🔧 fix checksum step in cd.yml
• d3fbfcf 🔧 fix cd.yml
• dafbb95 Release 3.4.4 (#658)
• 1f18ffa ⬆️ raise mypy upper bound to 1.18.2
• ef4ac69 Merge branch 'release-3.4.4' of github.com:jawah/charset_normalizer into rele...
• 4b35dda 📝 write changelog for 3.4.4
• 0ec6452 🔧 update cd.yml workflow (add riscv64, s390x and armv7l)
• f341ede ⬆️ upgrade dependencies (dev, ci)
• a308841 📝 write changelog for 3.4.4
• 9c906da 🔧 update cd.yml workflow (add riscv64, s390x and armv7l)
• Additional commits viewable in compare view

Updates click from 8.1.8 to 8.3.0

Release notes

Sourced from click's releases.

8.3.0

This is the Click 8.3.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.

We encourage everyone to upgrade. You can read more about our Version Support Policy on our website.

PyPI: https://pypi.org/project/click/8.3.0/ Changes: https://click.palletsprojects.com/page/changes/#version-8-3-0 Milestone https://github.com/pallets/click/milestone/27

• Improved flag option handling: Reworked the relationship between flag_value and default parameters for better consistency:

  • The default parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)
  • Exception: flag options with default=True maintain backward compatibility by defaulting to their flag_value
  • The default parameter can now be any type (bool, None, etc.)
  • Fixes inconsistencies reported in: #1992 #2514 #2610 #3024 #3030

• Allow default to be set on Argument for nargs = -1. #2164 #3030

• Show correct auto complete value for nargs option in combination with flag option #2813

• Show correct auto complete value for nargs option in combination with flag option #2813

• Fix handling of quoted and escaped parameters in Fish autocompletion. #2995 #3013

• Lazily import shutil. #3023

• Properly forward exception information to resources registered with click.core.Context.with_resource(). #2447 #3058

• Fix regression related to EOF handling in CliRunner. #2939 #2940

8.2.2

This is the Click 8.2.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.2.2/ Changes: https://click.palletsprojects.com/page/changes/#version-8-2-2 Milestone: https://github.com/pallets/click/milestone/25

• Fix reconciliation of default, flag_value and type parameters for flag options, as well as parsing and normalization of environment variables. #2952 #2956
• Fix typing issue in BadParameter and MissingParameter exceptions for the parameter param_hint that did not allow for a sequence of string where the underlying functino _join_param_hints allows for it. #2777 #2990
• Use the value of Enum choices to render their default value in help screen. #2911 #3004
• Fix completion for the Z shell (zsh) for completion items containing colons. #2703 #2846
• Don't include envvar in error hint when not configured. #2971 #2972

... (truncated)

Changelog

Sourced from click's changelog.

Version 8.3.0

Released 2025-09-17

• Improved flag option handling: Reworked the relationship between flag_value and default parameters for better consistency:

  • The default parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)
  • Exception: flag options with default=True maintain backward compatibility by defaulting to their flag_value
  • The default parameter can now be any type (bool, None, etc.)
  • Fixes inconsistencies reported in: :issue:1992 :issue:2514 :issue:2610 :issue:3024 :pr:3030

• Allow default to be set on Argument for nargs = -1. :issue:2164 :pr:3030

• Show correct auto complete value for nargs option in combination with flag option :issue:2813

• Fix handling of quoted and escaped parameters in Fish autocompletion. :issue:2995 :pr:3013

• Lazily import shutil. :pr:3023

• Properly forward exception information to resources registered with click.core.Context.with_resource(). :issue:2447 :pr:3058

• Fix regression related to EOF handling in CliRunner. :issue:2939 :pr:2940

Version 8.2.2

Released 2025-07-31

• Fix reconciliation of default, flag_value and type parameters for flag options, as well as parsing and normalization of environment variables. :issue:2952 :pr:2956
• Fix typing issue in BadParameter and MissingParameter exceptions for the parameter param_hint that did not allow for a sequence of string where the underlying function _join_param_hints allows for it. :issue:2777 :pr:2990
• Use the value of Enum choices to render their default value in help screen. Refs :issue:2911 :pr:3004
• Fix completion for the Z shell (zsh) for completion items containing colons. :issue:2703 :pr:2846
• Don't include envvar in error hint when not configured. :issue:2971 :pr:2972
• Fix a rare race in click.testing.StreamMixer's finalization that manifested as a ValueError on close in a multi-threaded test session. :issue:2993 :pr:2991

Version 8.2.1

Released 2025-05-20

... (truncated)

Commits

• 00fadb8 Release version 8.3.0
• 2a0e3ba testing/CliRunner: Fix regression related to EOF introduced in 262bdf0 (#2940)
• e11a1ef Merge branch 'main' into fix-cli-runner-prompt-eof-handling
• 36deba8 Forward exception information to resources registered in a context (#3058)
• f2cae7a #2447 Add summary of PR to changelog for 8.3.x
• 7c7ec36 #2447 Split resource exception handling tests in single and nested
• 92129c5 #2447 Added exception forwarding to context tests
• 555fa9b #2447 Forward exception data to exit stack when calling __exit__
• 16fe802 Add more tests on Enum rendering (#3053)
• d36de6f Add more tests on Enum rendering their item's names and not values
• Additional commits viewable in compare view

Updates cryptography from 45.0.7 to 46.0.2

Changelog

Sourced from cryptography's changelog.

46.0.2 - 2025-09-30

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.4.
.. _v46-0-1:
46.0.1 - 2025-09-16

• Fixed an issue where users installing via pip on Python 3.14 development versions would not properly install a dependency.
• Fixed an issue building the free-threaded macOS 3.14 wheels.

.. _v46-0-0:

46.0.0 - 2025-09-16

* **BACKWARDS INCOMPATIBLE:** Support for Python 3.7 has been removed.
* Support for OpenSSL < 3.0 is deprecated and will be removed in the next
  release.
* Support for ``x86_64`` macOS (including publishing wheels) is deprecated
  and will be removed in two releases. We will switch to publishing an
  ``arm64`` only wheel for macOS.
* Support for 32-bit Windows (including publishing wheels) is deprecated
  and will be removed in two releases. Users should move to a 64-bit
  Python installation.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.3.
* We now build ``ppc64le`` ``manylinux`` wheels and publish them to PyPI.
* We now build ``win_arm64`` (Windows on Arm) wheels and publish them to PyPI.
* Added support for free-threaded Python 3.14.
* Removed the deprecated ``get_attribute_for_oid`` method on
  :class:`~cryptography.x509.CertificateSigningRequest`. Users should use
  :meth:`~cryptography.x509.Attributes.get_attribute_for_oid` instead.
* Removed the deprecated ``CAST5``, ``SEED``, ``IDEA``, and ``Blowfish``
  classes from the cipher module. These are still available in
  :doc:`/hazmat/decrepit/index`.
* In X.509, when performing a PSS signature with a SHA-3 hash, it is now
  encoded with the official NIST SHA3 OID.
.. _v45-0-7:

Commits

• 99efe5a bump version for 46.0.2 (#13531)
• e735cfc release 46.0.1 (#13450)
• 4e457ff Explicitly specify python in mac uv build invocation (#13447)
• 2726efd Depend on CFFI 2.0.0 or newer on Python > 3.8 (#13448)
• 6223062 release 46.0.0 (#13446)
• 563c491 Update comment for pyopenssl-release tag (#13445)
• d2f6f7f Bump downstream dependencies in CI (#13439)
• e7ab02b we'll ship this with 3.5.3 why not (#13442)
• 0b68a4b Another pair of bump dependencies fix (#13444)
• e076d08 Attempt to fix commit message for bump downstreams (#13440)
• Additional commits viewable in compare view

Updates idna from 3.10 to 3.11

Changelog

Sourced from idna's changelog.

3.11 (2025-10-12)

• Update to Unicode 16.0.0, including significant changes to UTS46 processing. As a result of Unicode ending support for it, transitional processing no longer has an effect and returns the same result.
• Add support for Python 3.14, lowest supported version is Python 3.8.
• Various updates to packaging, including PEP 740 support.

Commits

• ad949ee Release v3.11
• cae4ba7 Second release candidate for 3.11
• 8adb305 Add space in RST link
• 74cb2b6 Release candidate for 3.11
• 05dab09 Format idna-data with ruff
• 90eac78 Apply ruff formatting
• a31ce7e Remove errant test vectors
• 81f0333 Omit vectors known to be broken in test suite
• a0f3257 Merge branch 'master' into unicode-16-uts46-changes
• 38d9886 Remove extra UTS46 test vector
• Additional commits viewable in compare view

Updates pycparser from 2.22 to 2.23

Release notes

Sourced from pycparser's releases.

release_v2.23

What's Changed

• Allow abstract declarator "static" (GH issue #539) by @​gperciva in eliben/pycparser#545
• Add support for Python 3.13 by @​hugovk in eliben/pycparser#550
• Add dirent and socket typedefs. by @​MegaManSec in eliben/pycparser#558
• Support for labels with no statement by @​ignatirabo in eliben/pycparser#562
• Accept empty 'case' or 'default' labels by @​ignatirabo in eliben/pycparser#564
• fix: preserve parentheses for statement exprs by @​zawan-ila in eliben/pycparser#566
• fix: hex float types by @​zawan-ila in eliben/pycparser#567
• Explicit error for comments, with README link by @​cellularmitosis in eliben/pycparser#569
• showemptyattrs option on Node.show() by @​cellularmitosis in eliben/pycparser#570
• Add fake typedefs for GNU Extension 128-bit integers. by @​dj-wednesday in eliben/pycparser#577
• Typedef for __kernel_sa_family_t in linux/socket.h by @​crosser in eliben/pycparser#578

New Contributors

• @​gperciva made their first contribution in eliben/pycparser#545
• @​MegaManSec made their first contribution in eliben/pycparser#558
• @​ignatirabo made their first contribution in eliben/pycparser#562
• @​zawan-ila made their first contribution in eliben/pycparser#566
• @​cellularmitosis made their first contribution in eliben/pycparser#569
• @​dj-wednesday made their first contribution in eliben/pycparser#577
• @​crosser made their first contribution in eliben/pycparser#578

Full Changelog: eliben/pycparser@release_v2.22...release_v2.23

Commits

• 5b60167 Prepare for release 2.23
• 7b24736 Typedef for __kernel_sa_family_t in _fake_typedefs.h (#578)
• 90184f1 Add fake typedefs for GNU Extension 128-bit integers. (#577)
• f04fdcd showemptyattrs option on Node.show() (#570)
• 156eae7 Explicit error for comments, with README link (#569)
• 2215299 fix: hex float types (#567)
• 037bd31 fix: preserve parentheses for statement exprs (#566)
• 9cecc09 Accept empty 'case' or 'default' labels (#564)
• 7ae671d Support for labels with no statement (#562)
• 42b5423 Add dirent and socket typedefs. (#558)
• Additional commits viewable in compare view

Updates pydantic from 2.11.7 to 2.12.2

Release notes

Sourced from pydantic's releases.

v2.12.2 2025-10-14

v2.12.2 (2025-10-14)

What's Changed

Fixes

• Release a new pydantic-core version, as a corrupted CPython 3.10 manylinux2014_aarch64 wheel got uploaded (pydantic-core#1843).
• Fix issue with recursive generic models with a parent model class by @​Viicos in #12398

Full Changelog: pydantic/pydantic@v2.12.1...v2.12.2

v2.12.1 2025-10-13

v2.12.1 (2025-10-13)

GitHub release

What's Changed

This is the first 2.12 patch release, addressing most (but not all yet) regressions from the initial 2.12.0 release.

Fixes

• Do not evaluate annotations when inspecting validators and serializers by @​Viicos in #12355
• Make sure None is converted as NoneType in Python 3.14 by @​Viicos in #12370
• Backport V1 runtime warning when using Python 3.14 by @​Viicos in #12367
• Fix error message for invalid validator signatures by @​Viicos in #12366
• Populate field name in ValidationInfo for validation of default value by @​Viicos in pydantic-core#1826
• Encode credentials in MultiHostUrl builder by @​willswire in pydantic-core#1829
• Respect field serializers when using serialize_as_any serialization flag by @​davidhewitt in pydantic-core#1829
• Fix various RootModel serialization issues by @​davidhewitt in pydantic-core#1836

New Contributors

• @​willswire made their first contribution in pydantic-core#1829

Full Changelog: pydantic/pydantic@v2.12.0...v2.12.1

v2.12.0 2025-10-07

v2.12.0 (2025-10-07)

[!NOTE] Check out the blog post for release highlights. Several minor changes (considered non-breaking changes according to our versioning policy) are also included in this release. Make sure to look into them before upgrading.

... (truncated)

Changelog

Sourced from pydantic's changelog.

v2.12.2 (2025-10-14)

GitHub release

What's Changed

Fixes

• Release a new pydantic-core version, as a corrupted CPython 3.10 manylinux2014_aarch64 wheel got uploaded (pydantic-core#1843).
• Fix issue with recursive generic models with a parent model class by @​Viicos in #12398

v2.12.1 (2025-10-13)

GitHub release

What's Changed

This is the first 2.12 patch release, addressing most (but not all yet) regressions from the initial 2.12.0 release.

Fixes

• Do not evaluate annotations when inspecting validators and serializers by @​Viicos in #12355
• Make sure None is converted as NoneType in Python 3.14 by @​Viicos in #12370
• Backport V1 runtime warning when using Python 3.14 by @​Viicos in #12367
• Fix error message for invalid validator signatures by @​Viicos in #12366
• Populate field name in ValidationInfo for validation of default value by @​Viicos in pydantic-core#1826
• Encode credentials in MultiHostUrl builder by @​willswire in pydantic-core#1829
• Respect field serializers when using serialize_as_any serialization flag by @​davidhewitt in pydantic-core#1829
• Fix various RootModel serialization issues by @​davidhewitt in pydantic-core#1836

New Contributors

• @​willswire made their first contribution in pydantic-core#1829

v2.12.0 (2025-10-07)

GitHub release

What's Changed

This is the final 2.12 release. It features the work of 20 external contributors and provides useful new features, along with initial Python 3.14 support. Several minor changes (considered non-breaking changes according to our versioning policy) are also included in this release. Make sure to look into them before upgrading.

Note that Pydantic V1 is not compatible with Python 3.14 and greater.

Changes (see the alpha and beta releases for additional changes since 2.11):

Packaging

... (truncated)

Commits

• 1e616a3 Prepare release v2.12.2
• dc302e2 Fix issue with recursive generic models with a parent model class
• 6876485 Bump pydantic-core to v2.41.4
• b4076c6 Prepare release 2.12.1
• b67f072 Bump pydantic-core to v2.41.3
• 529f7dd Fix error message for invalid validator signatures
• 445fa79 Backport V1 runtime warning
• b3dba9b Make sure None is converted as NoneType in Python 3.14
• 1e8c41e Do not evaluate annotations when inspecting validators and serializers
• e2a199f Upgrade dependencies for 3.14
• Additional commits viewable in compare view

Updates pyyaml from 6.0.2 to 6.0.3

Release notes

Sourced from pyyaml's releases.

6.0.3

What's Changed

• Support for Python 3.14 and free-threading (experimental).

Full Changelog: yaml/pyyaml@6.0.2...6.0.3

Changelog

Sourced from pyyaml's changelog.

6.0.3 (2025-09-25)

• yaml/pyyaml#864 -- Support for Python 3.14 and free-threading (experimental)

Commits

• 49790e7 Release 6.0.3 (#889)
• See full diff in compare view

Updates ruff to 0.14.0

Release notes

Sourced from ruff's releases.

0.14.0

Release Notes

Released on 2025-10-07.

Breaking changes

• Update default and latest Python versions for 3.14 (#20725)

Preview features

• [flake8-bugbear] Include certain guaranteed-mutable expressions: tuples, generators, and assignment expressions (B006) (#20024)
• [refurb] Add fixes for FURB101 and FURB103 (#20520)
• [ruff] Extend FA102 with listed PEP 585-compatible APIs (#20659)

Bug fixes

• [flake8-annotations] Fix return type annotations to handle shadowed builtin symbols (ANN201, ANN202, ANN204, ANN205, ANN206) (#20612)
• [flynt] Fix f-string quoting for mixed quote joiners (FLY002) (#20662)
• [isort] Fix inserting required imports before future imports (I002) (#20676)
• [ruff] Handle argfile expansion errors gracefully (#20691)
• [ruff] Skip RUF051 if else/elif block is present (#20705)
• [ruff] Improve handling of intermixed comments inside from-imports (#20561)

Documentation

• [flake8-comprehensions] Clarify fix safety documentation (C413) (#20640)

Contributors

• @​danparizher
• @​terror
• @​TaKO8Ki
• @​ntBre
• @​njhearp
• @​amyreese
• @​IDrokin117
• @​chirizxc

Install ruff 0.14.0

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.14.0/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

</tr></table> 

... (truncated)

Changelog

Sourced from ruff's changelog.

0.14.0

Released on 2025-10-07.

Breaking changes

• Update default and latest Python versions for 3.14 (#20725)

Preview features

• [flake8-bugbear] Include certain guaranteed-mutable expressions: tuples, generators, and assignment expressions (B006) (#20024)
• [refurb] Add fixes for FURB101 and FURB103 (#20520)
• [ruff] Extend FA102 with listed PEP 585-compatible APIs (#20659)

Bug fixes

• [flake8-annotations] Fix return type annotations to handle shadowed builtin symbols (ANN201, ANN202, ANN204, ANN205, ANN206) (#20612)
• [flynt] Fix f-string quoting for mixed quote joiners (FLY002) (#20662)
• [isort] Fix inserting required imports before future imports (I002) (#20676)
• [ruff] Handle argfile expansion errors gracefully (#20691)
• [ruff] Skip RUF051 if else/elif block is present (#20705)
• [ruff] Improve handling of intermixed comments inside from-imports (#20561)

Documentation

• [flake8-comprehensions] Clarify fix safety documentation (C413) (#20640)

Contributors

• @​danparizher
• @​terror
• @​TaKO8Ki
• @​ntBre
• @​njhearp
• @​amyreese
• @​IDrokin117
• @​chirizxc

0.13.x

See changelogs/0.13.x

0.12.x

See changelogs/0.12.x

0.11.x

See changelogs/0.11.x

... (truncated)

Commits

• beea8cd Bump 0.14.0 (#20751)
• 416e956 [ty] Infer better specializations of unions with None (etc) (#20749)
• 88c0ce3 Update default and latest Python versions for 3.14 (#20725)
• 8fb29ea [ruff] improve handling of intermixed comments inside from-imports (#20561)
• 23ebfe7 [ty] Fix tiny mistake in protocol tests (#20743)
• f90d646 [ty] Make infer_method_information less confusing (#20740)
• 15af4c0 Move --show-settings snapshots to separate files (#20741)
• 76f8e5b Refactor Rust lint test structure to use RuffTestFixture (#20689)
• b66a3e7 [refurb] Add fixes for FURB101, FURB103 (#20520)
• 70f51e9 [ty] Print display of types when a property test fails (#20720)
• Additional commits viewable in compare view

Updates black to 25.9.0

Release notes

Sourced from black's releases.

25.9.0

Highlights

• Remove support for pre-python 3.7 await/async as soft keywords/variable names (#4676)

Stable style

• Fix crash while formatting a long del statement containing tuples (#4628)
• Fix crash while formatting expressions using the walrus operator in complex with statements (#4630)
• Handle # fmt: skip followed by a comment at the end of file (#4635)
• Fix crash when a tuple appears in the asDescription has been truncated

[JohnGarbutt]

@dependabot rebase