Bump the python-dependencies-dev group with 4 updates

[dependabot]

Bumps the python-dependencies-dev group with 4 updates: build, mypy, pre-commit and ruff.

Updates build from 1.4.3 to 1.4.4

Release notes

Sourced from build's releases.

1.4.4

What's Changed

• 🐛 fix(release): generate consistent CHANGELOG heading levels by @​gaborbernat in pypa/build#1032
• docs: move source links by @​henryiii in pypa/build#1034
• revert: drop PEP 660 change by @​henryiii in pypa/build#1039
• fix: ignore installed when running pip by @​henryiii in pypa/build#1040
• fix: revert part of #973 by @​henryiii in pypa/build#1044
• chore: report coverage failure lines by @​henryiii in pypa/build#1046
• tests: fix issue with uv run by @​henryiii in pypa/build#1048
• docs: reorganize testing docs for copy/paste by @​abitrolly in pypa/build#1043
• tests: keep environment from leaking in Python 3.15 by @​henryiii in pypa/build#1049
• docs: fix issue with changelog generation by @​henryiii in pypa/build#1050

Full Changelog: pypa/build@1.4.3...1.4.4

Changelog

Sourced from build's changelog.

#################### 1.4.4 (2026-04-22) ####################

---

Bugfixes

---

• Fix release pipeline generating CHANGELOG.rst entries with inconsistent heading levels, which broke sphinx -W and pinned Read the Docs stable at 1.4.0 - by :user:gaborbernat. (:issue:1031)
• Revert :pr:1039 from build 1.4.3, no longer check direct_url (for now) - by :user:henryiii (:issue:1039)
• Add --ignore-installed to pip install command to prevent issues with packages already present in the isolated build environment - by :user:henryiii (:issue:1037) (:issue:1040)
• Partial revert of :pr:973, keeping log messages in one entry, multiple lines. (:issue:1044)

---

Miscellaneous

---

• :issue:1048, :issue:1049

#################### 1.4.3 (2026-04-10) ####################

---

Features

---

• Add kind parameter to log messages to separate semantic and representation - by :user:abitrolly (:issue:973)

---

Bugfixes

---

• Strip PYTHONPATH from the environment during isolated builds to prevent host packages from leaking into the build
  • by :user:gaborbernat (:issue:405)
• Pass --no-input to pip to prevent hidden credential prompts that cause hangs, and automatically set PIP_KEYRING_PROVIDER=subprocess (or UV_KEYRING_PROVIDER=subprocess for the uv installer) when the keyring CLI is on PATH -- by :user:gaborbernat (:issue:409)
• check_dependency now reports URL requirements as unmet instead of silently accepting them when a package with the same name is installed - by :user:gaborbernat (:issue:860)
• Fix misleading missing dependency error display where transitive dependency chains showed the top-level package on a separate line, making it appear as if the top-level package itself was missing - by :user:gaborbernat (:issue:875)
• Fix towncrier template to generate changelog categories in definition order - by :user:gaborbernat (:issue:1007)
• Resolve thread-safety races in the build API - by :user:gaborbernat (:issue:1015)
• Validate backend-path entries exist on disk with a clear error - by :user:gaborbernat (:issue:1016)

---

Miscellaneous

... (truncated)

Commits

• 70666a2 chore: prepare for 1.4.4
• 653d865 docs: fix issue with changelog generation (#1050)
• 373b9ee tests: keep environment from leaking in Python 3.15 (#1049)
• e37e2ae docs: reorganize testing docs for copy/paste (#1043)
• e9c194a tests: fix issue with uv run (#1048)
• 03b7d70 chore: report coverage failure lines (#1046)
• 2afa3b5 fix: revert part of #973 (#1044)
• b336f60 pre-commit: bump repositories (#1045)
• 6d8039a fix: ignore installed when running pip (#1040)
• ebf6eba revert: drop PEP 660 change (#1039)
• Additional commits viewable in compare view

Updates mypy from 1.20.1 to 1.20.2

Changelog

Sourced from mypy's changelog.

Mypy 1.20.1

• Always disable sync in SQLite cache (Ivan Levkivskyi, PR 21184)
• Temporarily skip few base64 tests (Ivan Levkivskyi, PR 21193)
• Revert dict.__or__ typeshed change (Ivan Levkivskyi, PR 21186)
• Fix narrowing for match case with variadic tuples (Shantanu, PR 21192)
• Avoid narrowing type[T] in type calls (Shantanu, PR 21174)
• Fix regression for catching empty tuple in except (Shantanu, PR 21153)
• Fix reachability for frozenset and dict view narrowing (Shantanu, PR 21151)
• Fix narrowing with chained comparison (Shantanu, PR 21150)
• Avoid narrowing to unreachable at module level (Shantanu, PR 21144)
• Allow dangerous identity comparisons to Any typed variables (Shantanu, PR 21142)
• --warn-unused-config should not be a strict flag (Ivan Levkivskyi, PR 21139)

Mypy 1.20.2

• Use WAL with SQLite cache and fix close (Shantanu, PR 21154)
• Adjust SQLite journal mode (Ivan Levkivskyi, PR 21217)
• Correctly aggregate narrowing information on parent expressions (Shantanu, PR 21206)
• Fix regression related to generic callables (Shantanu, PR 21208)
• Fix regression by avoiding widening types in some contexts (Shantanu, PR 21242)
• Fix slicing in non-strict optional mode (Shantanu, PR 21282)
• mypyc: Fix match statement semantics for "or" pattern (Shantanu, PR 21156)
• mypyc: Fix issue with module dunder attributes (Piotr Sawicki, PR 21275)
• Initial support for Python 3.15.0a8 (Marc Mueller, PR 21255)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

• A5rocks
• Aaron Wieczorek
• Adam Turner
• Ali Hamdan
• asce
• BobTheBuidler
• Brent Westbrook
• Brian Schubert
• bzoracler
• Chris Burroughs
• Christoph Tyralla
• Colin Watson
• Donghoon Nam
• E. M. Bray
• Emma Smith
• Ethan Sarp
• George Ogden
• getzze
• grayjk
• Gregor Riepl
• Ivan Levkivskyi

... (truncated)

Commits

• 145a062 Bump version to 1.20.2
• 81cd492 Fix slicing with nonstrict optional (#21282)
• 908d344 [mypyc] Set dunder attrs when adding module to sys.modules (#21275)
• ba28610 Initial support for Python 3.15.0a8 (#21255)
• 7b0e09f Fix match statement semantics for "or" pattern (#21156)
• 92b74f2 Avoid widening types in conditional_types (#21242)
• 0dcbfaa Fix is_overlapping_types for generic callables (#21208)
• 210f518 Correctly aggregate narrowing information on parent expressions (#21206)
• c34530e Only set journal mode in coordinator (#21217)
• 79a3ec6 Use WAL with SQLite cache, fix close (#21154)
• Additional commits viewable in compare view

Updates pre-commit from 4.5.1 to 4.6.0

Release notes

Sourced from pre-commit's releases.

pre-commit v4.6.0

Features

• pre-commit hook-impl: allow --hook-dir to be missing to enable easier usage with git 2.54+ git hooks.
  • #3662 PR by @​asottile.

Fixes

• pre-commit hook-impl: --hook-type is required.
  • #3661 PR by @​asottile.

Changelog

Sourced from pre-commit's changelog.

4.6.0 - 2026-04-21

Features

• pre-commit hook-impl: allow --hook-dir to be missing to enable easier usage with git 2.54+ git hooks.
  • #3662 PR by @​asottile.

Fixes

• pre-commit hook-impl: --hook-type is required.
  • #3661 PR by @​asottile.

Commits

• f35134b v4.6.0
• 2a51ffc Merge pull request #3662 from pre-commit/hook-impl-optional-hook-dir
• d7dee32 make --hook-dir optional for hook-impl
• 965aeb1 Merge pull request #3661 from pre-commit/hook-impl-required
• 2eacc06 --hook-type is required for hook-impl
• f5678bf Merge pull request #3657 from pre-commit/pre-commit-ci-update-config
• 054cc5b [pre-commit.ci] pre-commit autoupdate
• 5c0f302 Merge pull request #3652 from pre-commit/pre-commit-ci-update-config
• a5d9114 [pre-commit.ci] pre-commit autoupdate
• 129a1f5 Merge pull request #3641 from pre-commit/mxr-patch-1
• Additional commits viewable in compare view

Updates ruff from 0.15.10 to 0.15.12

Release notes

Sourced from ruff's releases.

0.15.12

Release Notes

Released on 2026-04-24.

Preview features

• Implement #ruff:file-ignore file-level suppressions (#23599)
• Implement #ruff:ignore logical-line suppressions (#23404)
• Revert preview changes to displayed diagnostic severity in LSP (#24789)
• [airflow] Implement task-branch-as-short-circuit (AIR004) (#23579)
• [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#24440)
• [pylint] Fix PLC2701 for type parameter scopes (#24576)

Rule changes

• [pandas-vet] Suggest .array as well in PD011 (#24805)

CLI

• Respect default Unix permissions for cache files (#24794)

Documentation

• [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#24749)
• [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#24153)
• Improve rules table accessibility (#24711)

Contributors

• @​dylwil3
• @​AlexWaygood
• @​woodruffw
• @​avasis-ai
• @​Dev-iL
• @​denyszhak
• @​ShipItAndPray
• @​anishgirianish
• @​augustelalande
• @​amyreese
• @​majiayu000

Install ruff 0.15.12

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.12/ruff-installer.sh | sh

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.12

Released on 2026-04-24.

Preview features

• Implement #ruff:file-ignore file-level suppressions (#23599)
• Implement #ruff:ignore logical-line suppressions (#23404)
• Revert preview changes to displayed diagnostic severity in LSP (#24789)
• [airflow] Implement task-branch-as-short-circuit (AIR004) (#23579)
• [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#24440)
• [pylint] Fix PLC2701 for type parameter scopes (#24576)

Rule changes

• [pandas-vet] Suggest .array as well in PD011 (#24805)

CLI

• Respect default Unix permissions for cache files (#24794)

Documentation

• [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#24749)
• [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#24153)
• Improve rules table accessibility (#24711)

Contributors

• @​dylwil3
• @​AlexWaygood
• @​woodruffw
• @​avasis-ai
• @​Dev-iL
• @​denyszhak
• @​ShipItAndPray
• @​anishgirianish
• @​augustelalande
• @​amyreese
• @​majiayu000

0.15.11

Released on 2026-04-16.

Preview features

• [ruff] Ignore RUF029 when function is decorated with asynccontextmanager (#24642)
• [airflow] Implement airflow-xcom-pull-in-template-string (AIR201) (#23583)
• [flake8-bandit] Fix S103 false positives and negatives in mask analysis (#24424)

... (truncated)

Commits

• 66f93cf Bump 0.15.12 (#24815)
• 476a4d0 [ty] Complete support for more detailed diagnostics on possibly unbound error...
• ed669ea Implement #ruff:file-ignore file-level suppressions (#23599)
• e73d952 [ty] Include inferred type in invalid-key concise diagnostic for union/inte...
• 80feb29 [ty] report only dead annotation-only locals as unused (#24811)
• 0fbf2bc Drop deprecated license classifier (#24808)
• 43b174c [ty] Infer lambda parameter types with Callable type context (#24317)
• 4f449ae [ty] Add error context for intersection types (#24772)
• 5b4e753 [ty] Add support for goto in literal enum member inlay hint (#24792)
• e7cc762 [ty] Add error context for TypedDict assignments (#24790)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 90.56%. Comparing base (049c411) to head (e948a21).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2368   +/-   ##
=======================================
  Coverage   90.56%   90.56%           
=======================================
  Files          75       75           
  Lines        5034     5034           
=======================================
  Hits         4559     4559           
  Misses        475      475           

Flag	Coverage Δ
project	90.56% <ø> (ø)
validator	90.56% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.