Bump the python-packages group with 5 updates

[dependabot]

Bumps the python-packages group with 5 updates:

Package	From	To
greenlet	3.4.0	3.5.0
packaging	26.1	26.2
python-multipart	0.0.26	0.0.27
prek	0.3.10	0.3.11
ruff	0.15.11	0.15.12

Updates greenlet from 3.4.0 to 3.5.0

Changelog

Sourced from greenlet's changelog.

3.5.0 (2026-04-27)

• Remove the atexit callback. This callback caused greenlet APIs to become unavailable far too soon during interpreter shutdown. Now they remain available while all atexit callbacks run. Sometime after Py_IsFinalizing becomes true, they may begin misbehaving. Because the order in which C extensions are finalized is undefined, C extensions that are sensitive to this need to check the results of that function before invoking greenlet APIs. As a convenience, PyGreenlet_GetCurrent sets an exception and returns NULL when this happens (and greenlet.getcurrent begins returning None); other greenlet C API functions have undefined behaviour. Methods invoked directly on pre-existing greenlet.greenlet objects will continue to function at least until the greenlet C extension has been garbage collected and finalized.

  See PR 508 <https://github.com/python-greenlet/greenlet/pull/508>_.

Commits

• c7acc72 Preparing release 3.5.0
• d08f99b CHANGES: Update link from #507 to more full description in #508.
• fd3391e Merge pull request #508 from python-greenlet/issue507-remove-atexit
• 004e1e9 Remove the atexit callback.
• b784a69 Back to development: 3.4.1
• See full diff in compare view

Updates packaging from 26.1 to 26.2

Release notes

Sourced from packaging's releases.

26.2

What's Changed

Fixes:

• Fix incorrect sysconfig var name for pyemscripten by @​ryanking13 in pypa/packaging#1160
• Make Version, Specifier, SpecifierSet, Tag, Marker, and Requirement pickle-safe and backward-compatible with pickles created in 25.0-26.1 (including references to the removed packaging._structures module) by @​eachimei and @​henryiii in pypa/packaging#1163, pypa/packaging#1168, pypa/packaging#1170, and pypa/packaging#1171
• fix: re-export ExceptionGroup for now by @​henryiii in pypa/packaging#1164

Documentation:

• docs: add errors section and fix missing details by @​henryiii in pypa/packaging#1159
• docs(dev): document property-based test suite by @​r266-tech in pypa/packaging#1167
• Fix typo in DirectUrl documentation by @​sbidoul in pypa/packaging#1169
• docs(specifiers): add is_unsatisfiable() usage example by @​r266-tech in pypa/packaging#1166

Internal:

• Enable the auditor persona on zizmor by @​henryiii in pypa/packaging#1158
• Test new pickle guarantees by @​henryiii in pypa/packaging#1174
• Use native uv integration in rtd by @​henryiii in pypa/packaging#1175

New Contributors

• @​ryanking13 made their first contribution in pypa/packaging#1160
• @​eachimei made their first contribution in pypa/packaging#1163

Full Changelog: pypa/packaging@26.1...26.2

Changelog

Sourced from packaging's changelog.

26.2 - 2026-04-24

Fixes:

Fix incorrect sysconfig var name for pyemscripten in (:pull:1160)
Make Version, Specifier, SpecifierSet, Tag, Marker, and Requirement pickle-safe

and backward-compatible with pickles created in 25.0-26.1 (including references to the removed

packaging._structures module) (:pull:1163, :pull:1168, :pull:1170, :pull:1171)
Re-export ExceptionGroup in metadata for now in (:pull:1164)

Documentation:

Add errors section and fix missing details in (:pull:1159)
Document our property-based test suite in (:pull:1167)
Fix a DirectUrl typo in (:pull:1167)
Add example of is_unsatisfiable in (:pull:1166)

Internal:

Enable the auditor persona on zizmor in (:pull:1158)
Test new pickle guarantees in (:pull:1174)
Use new native ReadTheDocs uv integration in (:pull:1175)

Commits

• 84a87ee Bump for release
• 4a616b6 docs: a few more updates to prepare for 26.2 (#1176)
• 9de6f44 ci: use native uv integration in rtd (#1175)
• bc76e14 chore: update changelog for 26.2 (#1161)
• 3f00091 tests: add a pickle check (#1174)
• 48a8a06 fix: make Requirements/Markers pickle-safe (#1171)
• 823b44e fix: make Tags pickle-safe (#1170)
• 4bed32d fix: make Specifier / SpecifierSet pickle-safe (#1168)
• 963118e fix: re-export ExceptionGroup for now (#1164)
• 66e34a8 docs(specifiers): add is_unsatisfiable() usage example (#1166)
• Additional commits viewable in compare view

Updates python-multipart from 0.0.26 to 0.0.27

Release notes

Sourced from python-multipart's releases.

0.0.27

What's Changed

• Pass parse offsets via constructors by @​Kludex in Kludex/python-multipart#268
• Add multipart header limits by @​Kludex in Kludex/python-multipart#267

Full Changelog: Kludex/python-multipart@0.0.26...0.0.27

Changelog

Sourced from python-multipart's changelog.

0.0.27 (2026-04-27)

• Add multipart header limits #267.
• Pass parse offsets via constructors #268.

Commits

• 6d1d689 Version 0.0.27 (#272)
• 0b10220 Run CI on main branch pull requests (#271)
• 3e64f5f Add multipart header limits (#267)
• eb109cc Pass parse offsets via constructors (#268)
• 78e29ab Bump pytest from 9.0.2 to 9.0.3 (#266)
• b2ddd09 fuzz: Enhance fuzzing capabilities with new chunked and boundary tests (#264)
• See full diff in compare view

Updates prek from 0.3.10 to 0.3.11

Release notes

Sourced from prek's releases.

0.3.11

Release Notes

Released on 2026-04-27.

Highlights

Hook entries now have an explicit shell option for shell snippets. Set shell: sh, bash, pwsh, powershell, or cmd when an entry should be evaluated by that shell; leaving it unset keeps prek's direct argv execution.

prek auto-update can now filter tag candidates before choosing an update. Both options take glob patterns: use --include-tag to only consider matching tag names, and --exclude-tag to skip matching tags such as moving tags or prereleases.

Enhancements

• Add auto-update --exclude-repo <repo> to skip repos (#1983)
• Add auto-update --exit-code to exit with non-zero on updates (#2002)
• Add auto-update --include-tag <pattern>/--exclude-tag <pattern> to filter tags (#1984)
• Adds an explicit shell hook option for entries that should run as shell source (#2004)
• Make --hook-dir optional for hook-impl (#1989)
• Skip shim warning when --script-version is missing (#1990)

Bug fixes

• Install Ruby executable in gem bin (#2017)
• Use dedicated Android npm package (#1982)
• Use stable repo keys without breaking cached clones (#1995)

Documentation

• Explain prek name (#1980)
• Clarify pass_filenames concurrency docs (#1999)
• Reorganize documentation references (#2005)
• Clarify hook author manifest env docs (#1991)
• docs: add Sentry to users list (#1981)

Contributors

• @​j178

Install prek 0.3.11

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/j178/prek/releases/download/v0.3.11/prek-installer.sh | sh

... (truncated)

Changelog

Sourced from prek's changelog.

0.3.11

Released on 2026-04-27.

Highlights

Hook entries now have an explicit shell option for shell snippets. Set shell: sh, bash, pwsh, powershell, or cmd when an entry should be evaluated by that shell; leaving it unset keeps prek's direct argv execution.

prek auto-update can now filter tag candidates before choosing an update. Both options take glob patterns: use --include-tag to only consider matching tag names, and --exclude-tag to skip matching tags such as moving tags or prereleases.

Enhancements

• Add auto-update --exclude-repo <repo> to skip repos (#1983)
• Add auto-update --exit-code to exit with non-zero on updates (#2002)
• Add auto-update --include-tag <pattern>/--exclude-tag <pattern> to filter tags (#1984)
• Adds an explicit shell hook option for entries that should run as shell source (#2004)
• Make --hook-dir optional for hook-impl (#1989)
• Skip shim warning when --script-version is missing (#1990)

Bug fixes

• Install Ruby executable in gem bin (#2017)
• Use dedicated Android npm package (#1982)
• Use stable repo keys without breaking cached clones (#1995)

Documentation

• Explain prek name (#1980)
• Clarify pass_filenames concurrency docs (#1999)
• Reorganize documentation references (#2005)
• Clarify hook author manifest env docs (#1991)
• docs: add Sentry to users list (#1981)

Contributors

• @​j178

Commits

• 8e731a9 Bump version to 0.3.11 (#2018)
• 24302f7 Install Ruby executable in gem bin (#2017)
• adf72c6 Update Rust crate rayon to v1.12.0 (#2015)
• 95b8874 Update Rust crate webpki-root-certs to v1.0.7 (#2014)
• 2692d83 Update Rust crate libc to v0.2.185 (#2013)
• 1477025 Update Rust crate tokio to v1.52.1 (#2016)
• efaf804 Update Rust crate clap_complete to v4.6.2 (#2012)
• 12033f7 Update Rust crate clap to v4.6.1 (#2011)
• 96ebb94 Update Rust crate assert_cmd to v2.2.1 (#2010)
• 55da2dc Update GitHub Actions (#2008)
• Additional commits viewable in compare view

Updates ruff from 0.15.11 to 0.15.12

Release notes

Sourced from ruff's releases.

0.15.12

Release Notes

Released on 2026-04-24.

Preview features

• Implement #ruff:file-ignore file-level suppressions (#23599)
• Implement #ruff:ignore logical-line suppressions (#23404)
• Revert preview changes to displayed diagnostic severity in LSP (#24789)
• [airflow] Implement task-branch-as-short-circuit (AIR004) (#23579)
• [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#24440)
• [pylint] Fix PLC2701 for type parameter scopes (#24576)

Rule changes

• [pandas-vet] Suggest .array as well in PD011 (#24805)

CLI

• Respect default Unix permissions for cache files (#24794)

Documentation

• [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#24749)
• [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#24153)
• Improve rules table accessibility (#24711)

Contributors

• @​dylwil3
• @​AlexWaygood
• @​woodruffw
• @​avasis-ai
• @​Dev-iL
• @​denyszhak
• @​ShipItAndPray
• @​anishgirianish
• @​augustelalande
• @​amyreese
• @​majiayu000

Install ruff 0.15.12

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.12/ruff-installer.sh | sh

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.12

Released on 2026-04-24.

Preview features

• Implement #ruff:file-ignore file-level suppressions (#23599)
• Implement #ruff:ignore logical-line suppressions (#23404)
• Revert preview changes to displayed diagnostic severity in LSP (#24789)
• [airflow] Implement task-branch-as-short-circuit (AIR004) (#23579)
• [flake8-bugbear] Fix break/continue handling in loop-iterator-mutation (B909) (#24440)
• [pylint] Fix PLC2701 for type parameter scopes (#24576)

Rule changes

• [pandas-vet] Suggest .array as well in PD011 (#24805)

CLI

• Respect default Unix permissions for cache files (#24794)

Documentation

• [pylint] Fix PLR0124 description not to claim self-comparison always returns the same value (#24749)
• [pyupgrade] Expand docs on reusable TypeVars and scoping (UP046) (#24153)
• Improve rules table accessibility (#24711)

Contributors

• @​dylwil3
• @​AlexWaygood
• @​woodruffw
• @​avasis-ai
• @​Dev-iL
• @​denyszhak
• @​ShipItAndPray
• @​anishgirianish
• @​augustelalande
• @​amyreese
• @​majiayu000

Commits

• 66f93cf Bump 0.15.12 (#24815)
• 476a4d0 [ty] Complete support for more detailed diagnostics on possibly unbound error...
• ed669ea Implement #ruff:file-ignore file-level suppressions (#23599)
• e73d952 [ty] Include inferred type in invalid-key concise diagnostic for union/inte...
• 80feb29 [ty] report only dead annotation-only locals as unused (#24811)
• 0fbf2bc Drop deprecated license classifier (#24808)
• 43b174c [ty] Infer lambda parameter types with Callable type context (#24317)
• 4f449ae [ty] Add error context for intersection types (#24772)
• 5b4e753 [ty] Add support for goto in literal enum member inlay hint (#24792)
• e7cc762 [ty] Add error context for TypedDict assignments (#24790)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Coverage Report •

File	Stmts	Miss	Branch	BrPart	Cover	Missing
TOTAL	7995	995	1260	221	87%

report-only-changed-files is enabled. No files were changed during this commit :)