deps: bump the pip-dependencies group with 15 updates

[dependabot]

Updates the requirements on markdown, mkdocs-material, pymdown-extensions, jinja2, mike, pytest, pytest-cov, ruff, mypy, numpy, scipy, pandas, typing-extensions, sqlalchemy and python-dotenv to permit the latest version.
Updates markdown from 3.7 to 3.10.2

Release notes

Sourced from markdown's releases.

Release 3.10.2

Fixed

• Fix a regression related to comment handling (#1590).
• More reliable fix for </ (#1593).

Release 3.10.1

Fixed

• Ensure nested elements inside inline comments are properly unescaped (#1571).
• Make the docs build successfully with mkdocstrings-python 2.0 (#1575).
• Fix infinite loop when multiple bogus or unclosed HTML comments appear in input (#1578).
• Fix another infinite loop when handling bad comments (#1586).

Release 3.10.0

Changed

• Officially support Python 3.14 and PyPy 3.11 and drop support for Python 3.9 and PyPy 3.9.

Fixed

• Fix an HTML comment parsing case in some Python versions that can cause an infinite loop (#1554).
• Revert the default behavior of USE_DEFINITION_ORDER (to True). The new behavior introduced in 3.9.0 is experimental and results are inconsistent. It should not have been made the default behavior (#1561).

Release 3.9.0

Changed

• Footnotes are now ordered by the occurrence of their references in the document. A new configuration option for the footnotes extension, USE_DEFINITION_ORDER, has been added to support restoring the previous behavior of ordering footnotes by the occurrence of definitions (#1367).

Fixed

• Ensure inline processing iterates through elements in document order (#1546).
• Fix handling of incomplete HTML tags in code spans in Python 3.14 (#1547).

Release 3.8.2

Fixed

• Fix codecs deprecation in Python 3.14.
• Fix issue with unclosed comment parsing in Python 3.14.
• Fix issue with unclosed declarations in Python 3.14.
• Fix issue with unclosed HTML tag <foo and Python 3.14.

Release 3.8.1

... (truncated)

Changelog

Sourced from markdown's changelog.

[3.10.2] - 2026-02-09

Fixed

• Fix a regression related to comment handling (#1590).
• More reliable fix for </ (#1593).

[3.10.1] - 2026-01-21

Fixed

• Ensure nested elements inside inline comments are properly unescaped (#1571).
• Make the docs build successfully with mkdocstrings-python 2.0 (#1575).
• Fix infinite loop when multiple bogus or unclosed HTML comments appear in input (#1578).
• Fix another infinite loop when handling bad comments (#1586).

[3.10.0] - 2025-11-03

Changed

• Officially support Python 3.14 and PyPy 3.11 and drop support for Python 3.9 and PyPy 3.9.

Fixed

• Fix an HTML comment parsing case in some Python versions that can cause an infinite loop (#1554).
• Revert the default behavior of USE_DEFINITION_ORDER (to True). The new behavior introduced in 3.9.0 is experimental and results are inconsistent. It should not have been made the default behavior (#1561).

[3.9.0] - 2025-09-04

Changed

• Footnotes are now ordered by the occurrence of their references in the document. A new configuration option for the footnotes extension, USE_DEFINITION_ORDER, has been added to support restoring the previous behavior of ordering footnotes by the occurrence of definitions (#1367).

Fixed

• Ensure inline processing iterates through elements in document order (#1546).
• Fix handling of incomplete HTML tags in code spans in Python 3.14 (#1547).

[3.8.2] - 2025-06-19

Fixed

• Fix codecs deprecation in Python 3.14 (#1537).

... (truncated)

Commits

• e7a0efb Bump version to 3.10.2
• 6301833 Document HTML sanitation policy
• 7f29f1a More reliable fix for </
• c438647 Fix regression of special comments
• e5fa5b8 Bump version to 3.10.1
• f925349 More HTML fixes
• 9933a0a Revert "Allow reference links with backticks"
• 07dfa4e Allow reference links with backticks
• fb6b27a Fix infinite loop when text contains multiple unclosed comments
• 89112c2 Make the docs build successfully with mkdocstrings-python 2.0
• Additional commits viewable in compare view

Updates mkdocs-material from 9.5.44 to 9.7.6

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.7.6

[!WARNING]

Material for MkDocs is in maintenance mode

Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs until November 2026.

Read the full announcement on our blog

Changes

• Automatically disable MkDocs 2.0 warning for forks of MkDocs

mkdocs-material-9.7.5

[!WARNING]

Material for MkDocs is in maintenance mode

Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs until November 2026.

Read the full announcement on our blog

Changes

• Limited version range of mkdocs to <2
• Updated MkDocs 2.0 incompatibility warning (clarify relation with MkDocs)

mkdocs-material-9.7.4

[!WARNING]

Material for MkDocs is in maintenance mode

Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs until November 2026.

Read the full announcement on our blog

Changes

• Hardened social cards plugin by switching to sandboxed environment (recommended by @​caveeroo)
• Updated MkDocs 2.0 incompatibility warning

... (truncated)

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.7.6 (2026-03-19)

• Automatically disable MkDocs 2.0 warning for forks of MkDocs

mkdocs-material-9.7.5 (2026-03-10)

• Limited version range of mkdocs to <2
• Updated MkDocs 2.0 incompatibility warning (clarify relation with MkDocs)

mkdocs-material-9.7.4 (2026-03-03)

• Hardened social cards plugin by switching to sandboxed environment
• Updated MkDocs 2.0 incompatibility warning

mkdocs-material-9.7.3 (2026-02-24)

• Fixed #8567: Print MkDocs 2.0 incompatibility warning to stderr

mkdocs-material-9.7.2 (2026-02-18)

• Opened up version ranges of optional dependencies for forward-compatibility
• Added warning to 'mkdocs build' about impending MkDocs 2.0 incompatibility

mkdocs-material-9.7.1 (2025-12-18)

• Updated requests to 2.30+ to mitigate CVE in urllib
• Fixed privacy plugin not picking up protocol-relative URLs
• Fixed #8542: false positives and negatives captured in privacy plugin

mkdocs-material-9.7.0 (2025-11-11)

⚠️ Material for MkDocs is now in maintenance mode

This is the last release of Material for MkDocs that will receive new features. Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs for 12 months at least.

Read the full announcement on our blog: https://squidfunk.github.io/mkdocs-material/blog/2025/11/05/zensical/

This release includes all features that were previously exclusive to the Insiders edition. These features are now freely available to everyone.

Note on deprecated plugins: The projects and typeset plugins are included in this release, but must be considered deprecated. Both plugins proved unsustainable to maintain and represent architectural dead ends. They are provided as-is without ongoing support.

Changes:

... (truncated)

Commits

• 6c52ed6 Prepare 9.7.6 release
• 51d9b76 Automatically disable MkDocs 2.0 warning for forks of MkDocs
• 6f9a48b Updated links
• 00b9933 Prepare 9.7.5 release
• 37683d1 Updated blog post on MkDocs 2.0
• 199e315 Updated warning message to clarify relation to MkDocs
• 1025833 Limited version range of mkdocs to <2
• 1532f52 Added update log to blog post
• d0c8b28 Updated dependencies to fix vulnerabilities
• 71d4869 Updated blog post on MkDocs 2.0
• Additional commits viewable in compare view

Updates pymdown-extensions from 10.12 to 10.21.2

Release notes

Sourced from pymdown-extensions's releases.

10.21. 2

10.21.2

• FIX: Highlight: Latest Pygments versions cannot handle a "filename" for code block titles of None.

10.20.1

• FIX: Quotes: Ensure the first class for callouts (the alert type) is always rendered lowercase.

10.21

• NEW: Caption: Add support for specifying not only IDs but classes and arbitrary attributes. Initial work by @​joapuiib.
• FIX: MagicLink: Fix a matching pattern for Bitbucket repo.

10.20

• NEW: Quotes: New blockquotes extension added that uses a more modern approach when compared to Python Markdown's default. Quotes specifically will not group consecutive blockquotes together in the same lazy fashion that the default Python Markdown does which follows a more modern trend to how parsers these days handle block quotes.

  In addition, Quotes also provides an optional feature to enable specifying callouts/alerts in the style used by GitHub and Obsidian.

10.19.1

• FIX: Arithmatex: Fix issue where block $$ math used inline within a paragraph could result in nested math parsing.

10.19

• NEW: Emoji: Update Twemoji to use Unicode 16.
• NEW: Critic: Roll back view mode deprecation as some still like to use it, though further enhancements to this mode are not planned.

10.18

• NEW: Critic: view mode has been deprecated. To avoid warnings or future issues, explicitly set mode to either accept or reject. In the future, the new default will be accept and the view mode will be removed entirely.
• FIX: Block Admonition: important should have always been available as a default.

10.17.2

• FIX: Blocks: Blocks extensions will now better handle nesting of indented style Admonitions, Details, and Tabbed and other non-conflicting blocks.

10.17.1

• FIX: Fix an issue where Highlight can override another extension in the "registered" list in Python Markdown.

... (truncated)

Commits

• a4fdd73 Skip tag 10.21.1 has we accidentally already used it
• 8afb4cd Docs: Update JS deps
• 7bf5b29 Pygments needs a non-None value for code block title (#2863)
• 20b11eb Fix some spelling and formatting
• c9edba3 Docs: strengthen Snippets warning and add security considerations
• 6d92b68 Bump version
• baeca0e Docs: update JS deps
• bf2a237 Add classes and attributes to captions (#2844)
• 5c69e05 Fix bitbucket reference (#2835)
• fa4a066 Fix spelling
• Additional commits viewable in compare view

Updates jinja2 from 3.1.4 to 3.1.6

Release notes

Sourced from jinja2's releases.

3.1.6

This is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.6/ Changes: https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6

• The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. GHSA-cpwx-vrp4-4pq7

3.1.5

This is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.5/ Changes: https://jinja.palletsprojects.com/changes/#version-3-1-5 Milestone: https://github.com/pallets/jinja/milestone/16?closed=1

• The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. GHSA-q2x7-8rv6-6q7h
• Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. #1792, GHSA-gmj6-6f8f-6699
• Sandbox does not allow clear and pop on known mutable sequence types. #2032
• Calling sync render for an async template uses asyncio.run. #1952
• Avoid unclosed auto_aiter warnings. #1960
• Return an aclose-able AsyncGenerator from Template.generate_async. #1960
• Avoid leaving root_render_func() unclosed in Template.generate_async. #1960
• Avoid leaving async generators unclosed in blocks, includes and extends. #1960
• The runtime uses the correct concat function for the current environment when calling block references. #1701
• Make |unique async-aware, allowing it to be used after another async-aware filter. #1781
• |int filter handles OverflowError from scientific notation. #1921
• Make compiling deterministic for tuple unpacking in a {% set ... %} call. #2021
• Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. #2025
• Fix copy/pickle support for the internal missing object. #2027
• Environment.overlay(enable_async) is applied correctly. #2061
• The error message from FileSystemLoader includes the paths that were searched. #1661
• PackageLoader shows a clearer error message when the package does not contain the templates directory. #1705
• Improve annotations for methods returning copies. #1880
• urlize does not add mailto: to values like @a@b. #1870
• Tests decorated with @pass_context can be used with the |select filter. #1624
• Using set for multiple assignment (a, b = 1, 2) does not fail when the target is a namespace attribute. #1413
• Using set in all branches of {% if %}{% elif %}{% else %} blocks does not cause the variable to be considered initially undefined. #1253

Changelog

Sourced from jinja2's changelog.

Version 3.1.6

Released 2025-03-05

• The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. :ghsa:cpwx-vrp4-4pq7

Version 3.1.5

Released 2024-12-21

• The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. :ghsa:q2x7-8rv6-6q7h
• Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. :issue:1792, :ghsa:gmj6-6f8f-6699
• Sandbox does not allow clear and pop on known mutable sequence types. :issue:2032
• Calling sync render for an async template uses asyncio.run. :pr:1952
• Avoid unclosed auto_aiter warnings. :pr:1960
• Return an aclose-able AsyncGenerator from Template.generate_async. :pr:1960
• Avoid leaving root_render_func() unclosed in Template.generate_async. :pr:1960
• Avoid leaving async generators unclosed in blocks, includes and extends. :pr:1960
• The runtime uses the correct concat function for the current environment when calling block references. :issue:1701
• Make |unique async-aware, allowing it to be used after another async-aware filter. :issue:1781
• |int filter handles OverflowError from scientific notation. :issue:1921
• Make compiling deterministic for tuple unpacking in a {% set ... %} call. :issue:2021
• Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. :issue:2025
• Fix copy/pickle support for the internal missing object. :issue:2027
• Environment.overlay(enable_async) is applied correctly. :pr:2061
• The error message from FileSystemLoader includes the paths that were searched. :issue:1661
• PackageLoader shows a clearer error message when the package does not contain the templates directory. :issue:1705
• Improve annotations for methods returning copies. :pr:1880
• urlize does not add mailto: to values like @a@b. :pr:1870

... (truncated)

Commits

• 1520688 release version 3.1.6
• 90457bb Merge commit from fork
• 065334d attr filter uses env.getattr
• 033c200 start version 3.1.6
• bc68d4e use global contributing guide (#2070)
• 247de5e use global contributing guide
• ab8218c use project advisory link instead of global
• b4ffc8f release version 3.1.5 (#2066)
• 877f6e5 release version 3.1.5
• 8d58859 remove test pypi
• Additional commits viewable in compare view

Updates mike from 2.1.3 to 2.1.4

Release notes

Sourced from mike's releases.

v2.1.4

Bug fixes

• Use built-in importlib in Python 3.10 and greater

Changelog

Sourced from mike's changelog.

v2.1.4 (2026-03-07)

Bug fixes

• Use built-in importlib in Python 3.10 and greater

---

Commits

• fd2c5dc Update version to 2.1.4
• 6bad205 Update copyright year
• 9e5f876 Remove deprecated license classifier
• 80c47ab Be more consistent with newlines in CHANGES.md
• 11d4160 Use built-in importlib in Python 3.10 and greater
• bdda184 Improve selection of unit test suites on command line
• d8a9b49 Add CI for Python 3.14 and remove old workarounds
• 97deaed Update copyright
• 64298e2 Update Python version for linting
• e6f523a Test Python 3.12 and 3.13
• Additional commits viewable in compare view

Updates pytest to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

• #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

• #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

  Previously this resulted in an internal assertion failure during plugin loading.

  Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

• #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

• #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

• #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

• #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
• #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
• #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
• #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

• #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

  -- by aleguy02

Commits

• a7d58d7 Prepare release version 9.0.3
• 089d981 Merge pull request #14366 from bluetech/revert-14193-backport
• 8127eaf Revert "Fix: assertrepr_compare respects dict insertion order (#14050) (#14193)"
• 99a7e60 Merge pull request #14363 from pytest-dev/patchback/backports/9.0.x/95d8423bd...
• ddee02a Merge pull request #14343 from bluetech/cve-2025-71176-simple
• 74eac69 doc: Update training info (#14298) (#14301)
• f92dee7 Merge pull request #14267 from pytest-dev/patchback/backports/9.0.x/d6fa26c62...
• 7ee58ac Merge pull request #12378 from Pierre-Sassoulas/fix-implicit-str-concat-and-d...
• 37da870 Merge pull request #14259 from mitre88/patch-4 (#14268)
• c34bfa3 Add explanation for string context diffs (#14257) (#14266)
• Additional commits viewable in compare view

Updates pytest-cov to 7.1.0

Changelog

Sourced from pytest-cov's changelog.

7.1.0 (2026-03-21)

• Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See [#641](https://github.com/pytest-dev/pytest-cov/issues/641) <https://github.com/pytest-dev/pytest-cov/issues/641>_.

• Improve handling of ResourceWarning from sqlite3.

  The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.

  With this fix one can suppress ResourceWarning from sqlite3 from command line::

  pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

• Various improvements to documentation. Contributed by Art Pelling in [#718](https://github.com/pytest-dev/pytest-cov/issues/718) <https://github.com/pytest-dev/pytest-cov/pull/718>_ and "vivodi" in [#738](https://github.com/pytest-dev/pytest-cov/issues/738) <https://github.com/pytest-dev/pytest-cov/pull/738>. Also closed [#736](https://github.com/pytest-dev/pytest-cov/issues/736) <https://github.com/pytest-dev/pytest-cov/issues/736>.

• Fixed some assertions in tests. Contributed by in Markéta Machová in [#722](https://github.com/pytest-dev/pytest-cov/issues/722) <https://github.com/pytest-dev/pytest-cov/pull/722>_.

• Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

7.0.0 (2025-09-09)

• Dropped support for subprocesses measurement.

  It was a feature added long time ago when coverage lacked a nice way to measure subprocesses created in tests. It relied on a .pth file, there was no way to opt-out and it created bad interations with coverage's new patch system <https://coverage.readthedocs.io/en/latest/config.html#run-patch>_ added in 7.10 <https://coverage.readthedocs.io/en/7.10.6/changes.html#version-7-10-0-2025-07-24>_.

  To migrate to this release you might need to enable the suprocess patch, example for .coveragerc:

  .. code-block:: ini

  [run] patch = subprocess

  This release also requires at least coverage 7.10.6.

• Switched packaging to have metadata completely in pyproject.toml and use hatchling <https://pypi.org/project/hatchling/>_ for building. Contributed by Ofek Lev in [#551](https://github.com/pytest-dev/pytest-cov/issues/551) <https://github.com/pytest-dev/pytest-cov/pull/551>_ with some extras in [#716](https://github.com/pytest-dev/pytest-cov/issues/716) <https://github.com/pytest-dev/pytest-cov/pull/716>_.

• Removed some not really necessary testing deps like six.

... (truncated)

Commits

• 66c8a52 Bump version: 7.0.0 → 7.1.0
• f707662 Make the examples use pypy 3.11.
• 6049a78 Make context test use the old ctracer (seems the new sysmon tracer behaves di...
• 8ebf20b Update changelog.
• 861d30e Remove the backup context manager - shouldn't be needed since coverage 5.0, ...
• fd4c956 Pass the precision on the nulled total (seems that there's some caching goion...
• 78c9c4e Only run the 3.9 on older deps.
• 4849a92 Punctuation.
• 197c35e Update changelog and hopefully I don't forget to publish release again :))
• 14dc1c9 Update examples to use 3.11 and make the adhoc layout example look a bit more...
• Additional commits viewable in compare view

Updates ruff to 0.15.10

Release notes

Sourced from ruff's releases.

0.15.10

Release Notes

Released on 2026-04-09.

Preview features

• [flake8-logging] Allow closures in except handlers (LOG004) (#24464)
• [flake8-self] Make SLF diagnostics robust to non-self-named variables (#24281)
• [flake8-simplify] Make the fix for collapsible-if safe in preview (SIM102) (#24371)

Bug fixes

• Avoid emitting multi-line f-string elements before Python 3.12 (#24377)
• Avoid syntax error from E502 fixes in f-strings and t-strings (#24410)
• Strip form feeds from indent passed to dedent_to (#24381)
• [pyupgrade] Fix panic caused by handling of octals (UP012) (#24390)
• Reject multi-line f-string elements before Python 3.12 (#24355)

Rule changes

• [ruff] Treat f-string interpolation as potential side effect (RUF019) (#24426)

Server

• Add support for custom file extensions (#24463)

Documentation

• Document adding fixes in CONTRIBUTING.md (#24393)
• Fix JSON typo in settings example (#24517)

Contributors

• @​charliermarsh
• @​dylwil3
• @​silverstein
• @​anishgirianish
• @​shizukushq
• @​zanieb
• @​AlexWaygood

Install ruff 0.15.10

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.10/ruff-installer.sh | sh

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.10

Released on 2026-04-09.

Preview features

• [flake8-logging] Allow closures in except handlers (LOG004) (#24464)
• [flake8-self] Make SLF diagnostics robust to non-self-named variables (#24281)
• [flake8-simplify] Make the fix for collapsible-if safe in preview (SIM102) (#24371)

Bug fixes

• Avoid emitting multi-line f-string elements before Python 3.12 (#24377)
• Avoid syntax error from E502 fixes in f-strings and t-strings (#24410)
• Strip form feeds from indent passed to dedent_to (#24381)
• [pyupgrade] Fix panic caused by handling of octals (UP012) (#24390)
• Reject multi-line f-string elements before Python 3.12 (#24355)

Rule changes

• [ruff] Treat f-string interpolation as potential side effect (RUF019) (#24426)

Server

• Add support for custom file extensions (#24463)

Documentation

• Document adding fixes in CONTRIBUTING.md (#24393)
• Fix JSON typo in settings example (#24517)

Contributors

• @​charliermarsh
• @​dylwil3
• @​silverstein
• @​anishgirianish
• @​shizukushq
• @​zanieb
• @​AlexWaygood

0.15.9

Released on 2026-04-02.

Preview features

• [pyflakes] Flag annotated variable redeclarations as F811 in preview mode (#24244)
• [ruff] Allow dunder-named assignments in non-strict mode for RUF067 (#24089)

... (truncated)

Commits

• 252f761 Bump 0.15.10 (#24519)
• 37a1ec8 [ty] Fix assignability of intersections with bounded typevars (#24502)
• f518cc9 [ty] Allow partially stringified type[…] annotations (#24518)
• 16c4090 docs: fix JSON typo in settings example (#24517)
• 99d97bd [ty] Tighten up a few edge cases in Concatenate type-expression parsing (#2...
• 2714e34 [ty] Enable pull-diagnostics by default in E2E tests (#24516)
• d8bc700 LSP: Add support for custom extensions (#24463)
• a45f96d [ty] stop special-casing str constructor (#24514)
• 87a0f01 [ruff] Treat f-string interpolation as potential side effect in RUF019 (#24426)
• e9ba848 [ty] Fix excess subscript argument inference for non-generic types (#24354)
• Additional commits viewable in compare view

Updates mypy to 1.20.1

Changelog

Sourced from mypy's changelog.

Mypy 1.20.1

• Always disable sync in SQLite cache (Ivan Levkivskyi, PR 21184)
• Temporarily skip few base64 tests (Ivan Levkivskyi, PR 21193)
• Revert dict.__or__ typeshed change (Ivan Levkivskyi, PR 21186)
• Fix narrowing for match case with variadic tuples (Shantanu, PR 21192)
• Avoid narrowing type[T] in type calls (Shantanu, PR 21174)
• Fix regression for catching empty tuple in except (Shantanu, PR 21153)
• Fix reachability for frozenset and dict view narrowing (Shantanu, PR 21151)
• Fix narrowing with chained comparison (Shantanu, PR 21150)
• Avoid narrowing to unreachable at module level (Shantanu, PR 21144)
• Allow dangerous identity comparisons to Any typed variables (Shantanu, PR 21142)
• --warn-unused-config should not be a strict flag (Ivan Levkivskyi, PR 21139)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

• A5rocks
• Aaron Wieczorek
• Adam Turner
• Ali Hamdan
• asce
• BobTheBuidler
• Brent Westbrook
• Brian Schubert
• bzoracler
• Chris Burroughs
• Christoph Tyralla
• Colin Watson
• Donghoon Nam
• E. M. Bray
• Emma Smith
• Ethan Sarp
• George Ogden
• getzze
• grayjk
• Gregor Riepl
• Ivan Levkivskyi
• James Hilliard
• James Le Cuirot
• Jeremy Nimmer
• Joren Hammudoglu
• Kai (Kazuya Ito)
• kaushal trivedi
• Kevin Kannammalil
• Lukas Geiger
• Łukasz Langa
• Marc Mueller
• Michael R. Crusoe
• michaelm-openai

... (truncated)

Commits

• c60e8bf Bump version to 1.20.1
• 842e492 Always disable sync in SQLite cache (#21184)
• e82a046 Temporarily skip few base64 tests (#21193)
• f7fa418 Revert dict.or typeshed change (#21186)
• a2e8ee1 Fix narrowing for match case with variadic tuples (#21192)
• 521f88f Avoid narrowing type[T] in type calls (#21174)
• a4876e9 Fix regression for catching empty tuple in except (#21153)
• 6fccffc Fix reachability for frozenset and dict view narrowing (#21151)
• de50419 Fix narrowing with chained comparison (#21150)
• eafcf18 Avoid narrowing to unreachable at module level (#21144)
• Additional commits viewable in compare view

Updates numpy to 2.2.6

Release notes

Sourced from numpy's releases.

v2.2.6 (May 17, 2025)

NumPy 2.2.6 Release Notes

NumPy 2.2.6 is a patch release that fixes bugs found after the 2.2.5 release. It is a mix of typing fixes/improvements as well as the normal bug fixes and some CI maintenance.

This release supports Python versions 3.10-3.13.

Contributors

A total of 8 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Charles Harris
• Ilhan Polat
• Joren Hammudoglu
• Marco Gorelli +
• Matti Picus
• Nathan Goldbaum
• Peter Hawkins
• Sayed Adel

Pull requests merged

A total of 11 pull requests were merged for this release.

• #28778: MAINT: Prepare 2.2.x for further development
• #28851: BLD: Update vendor-meson to fix module_feature conflicts arguments...
• #28852: BUG: fix heap buffer overflow in np.strings.find
• #28853: TYP: fix NDArray[floating] + float return type
• #28864: BUG: fix stringdtype singleton thread safety
• #28865: MAINT: use OpenBLAS 0.3.29
• #28889: MAINT: from_dlpack thread safety fixes
• #28913: TYP: Fix non-existent CanIndex annotation in ndarray.setfield
• #28915: MAINT: Avoid dereferencing/strict aliasing warnings
• #28916: BUG: Fix missing check for PyErr_Occurred() in _pyarray_correlate.
• #28966: TYP: reject complex scalar types in ndarray.__ifloordiv__

Checksums

MD5

259343f056061f6eadb2f4b8999d06d4  numpy-2.2.6-cp310-cp310-macosx_10_9_x86_64.whl
16fa85488e149489ce7ee044d7b0d307  numpy-2.2.6-cp310-cp310-macosx_11_0_arm64.whl
f01b7aea9d2b76b1eeb49766e615d689  numpy-2.2.6-cp310-cp310-macosx_14_0_arm64.whl
f2ddc2b22517f6e31caa1372b12c2499  numpy-2.2.6-cp310-cp310-macosx_14_0_x86_64.whl
52190e22869884f0870eb3df7a283ca9  numpy-2.2.6-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
8f382b9ca6770db600edd5ea2447a925  numpy-2.2.6-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
e604aae2ef6e01fb92ecc39aca0424d9  numpy-2.2.6-cp310-cp310-musllinux_1_2_aarch64.whl

... (truncated)

Commits

• 2b686f6 Merge pull request #28980 from charris/prepare-2.2.6
• ed41828 REL: Prepare for the NumPy 2.2.6 release [wheel build]
• 83e4e7f Merge pull request #28966 from charris/backport-28958
• 248f0cb TYP: add rejection-tests for complex ndarray floordiv
• 5bad9da TYP: reject complex scalar types in ndarray.__ifloordiv__
• 6c42775 Merge pull request #28915 from charris/backport-28892
• 4277e7c Merge pull request #28916 from charris/backport-28898
• bd1c863 BUG: Fix missing check for PyErr_Occurred() in _pyarray_correlate. (

[f1i3g3]

@alex98247, меняем numpy?
Версии отличаются значительно.

[f1i3g3]

Надо бы ещё сделать так, чтобы я в ревьюверы автоматически добавлялся.