Skip to content

Bump mypy from 1.19.1 to 1.20.0#103

Merged
docktermj merged 1 commit into
mainfrom
dependabot/pip/mypy-1.20.0
Apr 22, 2026
Merged

Bump mypy from 1.19.1 to 1.20.0#103
docktermj merged 1 commit into
mainfrom
dependabot/pip/mypy-1.20.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 22, 2026

Copy link
Copy Markdown
Contributor

Bumps mypy from 1.19.1 to 1.20.0.

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Enabling --local-partial-types by default

This flag affects the inference of types based on assignments in other scopes. For now, explicitly disabling this continues to be supported, but this support will be removed in the future as the legacy behaviour is hard to support with other current and future features in mypy, like the daemon or the new implementation of flexible redefinitions.

Contributed by Ivan Levkivskyi, Jukka Lehtosalo, Shantanu in PR 21163

Enabling --strict-bytes by default

Per PEP 688, mypy no longer treats bytearray and memoryview values as assignable to the bytes type.

Contributed by Shantanu in PR 18371

Drop Support for Targeting Python 3.9

Mypy no longer supports type checking code with --python-version 3.9. Use --python-version 3.10 or newer.

Contributed by Shantanu, Marc Mueller in PR 21243

Remove special casing of legacy bundled stubs

Mypy used to bundle stubs for a few packages in versions 0.812 and earlier. To navigate the transition, mypy used to report missing types for these packages even if --ignore-missing-imports was set. Mypy now consistently respects --ignore-missing-imports for all packages.

Contributed by Shantanu in PR 18372

Prevent assignment to None for non-Optional class variables with type comments

Mypy used to allow assignment to None for class variables when using type comments. This was a common idiom in Python 3.5 and earlier, prior to the introduction of variable annotations. However, this was a soundness hole and has now been removed.

Contributed by Shantanu in PR 20054

Mypy 1.20

We’ve just uploaded mypy 1.20.0 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

... (truncated)

Commits
  • 770d3ca Remove +dev from version
  • 4738ffa Changelog updates for 1.20 (#21109)
  • b4f07a7 Use 'native-parser' instead of 'native-parse' for optional dependency (#21115)
  • 7bec7b7 [mypyc] Document librt and librt.base64 (#21114)
  • c482596 --allow-redefinition-new is no longer experimental (#21110)
  • c916ca3 sdist: include misc/{diff-cache,apply-cache-diff}.py for `mypy/test/test_di...
  • b137e4e [mypyc] Speed up native-to-native imports within the same group (#21101)
  • 978b711 [mypyc] Fix range loop variable off-by-one after loop exit (#21098)
  • 67ada30 [stubtest] Check runtime availability of private types not marked `@type_chec...
  • bdef6ef librt cache tests: build respecting MYPY_TEST_PREFIX (#21097)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [mypy](https://github.com/python/mypy) from 1.19.1 to 1.20.0.
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.19.1...v1.20.0)

---
updated-dependencies:
- dependency-name: mypy
  dependency-version: 1.20.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Apr 22, 2026
@dependabot dependabot Bot requested a review from a team as a code owner April 22, 2026 05:03
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Apr 22, 2026
@github-actions

Copy link
Copy Markdown

🤖 Claude Code Review


Code Review: mypy 1.19.1 → 1.20.0 bump

This is a straightforward dependency version bump with a minimal diff.


Code Quality

✅ Style guide — Single-line change in pyproject.toml; nothing to evaluate against the style guide.

✅ No commented-out code — None present.

✅ Meaningful variable names — N/A.

✅ DRY principle — N/A.

✅ Defects — No logic errors introduced. The bump is pinned to an exact version (1.20.0), which is consistent with the project's pinning strategy for other lint tools. mypy 1.20.0 is a minor release; no known breaking changes affect typical usage.

⚠️ CLAUDE.md — No issues with the project instructions file itself. However, note that mypy does not have a Python-version–conditional pin (unlike isort, black, bandit, pylint) even though most other lint tools in this file do. This was already the case before this PR and is not introduced by it, but worth noting for consistency.


Testing

✅ Unit/integration tests — Not applicable for a dependency version bump.

✅ Test coverage — N/A.


Documentation

✅ README — No update needed for a tooling dependency bump.

✅ API docs — N/A.

✅ Inline comments — N/A.

❌ CHANGELOG.mdCHANGELOG.md (pyproject.toml line 21 links to it) has not been updated. The file currently only has a placeholder [1.0.0] - yyyy-mm-dd entry. Dependency bumps of dev/lint tooling are commonly captured under an Unreleased section or a dated entry per the project's Keep a Changelog convention. This should be addressed if the project follows that convention strictly.

✅ Markdown formatting — Existing markdown files appear properly formatted.


Security

✅ No hardcoded credentials — None present.

✅ Input validation / error handling — N/A.

✅ No sensitive data in logs — N/A.

✅ No license files (.lic / AQAAAD strings) — None detected.


Summary

Category Result
Code Quality
Testing ✅ N/A
Documentation ❌ CHANGELOG not updated
Security

One minor issue: CHANGELOG.md should be updated to record this dependency bump under an Unreleased or versioned section, consistent with the Keep a Changelog format the project declares it follows.

Automated code review analyzing defects and coding standards

@docktermj docktermj merged commit f8a4c67 into main Apr 22, 2026
12 checks passed
@docktermj docktermj deleted the dependabot/pip/mypy-1.20.0 branch April 22, 2026 12:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants