Skip to content

chore(deps-dev): bump the deps group across 1 directory with 3 updates#80

Merged
zobweyt merged 1 commit into
mainfrom
dependabot/uv/main/deps-68e84771c2
Jul 18, 2026
Merged

chore(deps-dev): bump the deps group across 1 directory with 3 updates#80
zobweyt merged 1 commit into
mainfrom
dependabot/uv/main/deps-68e84771c2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 18, 2026

Copy link
Copy Markdown
Contributor

Bumps the deps group with 3 updates in the / directory: mkdocs-material, ruff and ty.

Updates mkdocs-material from 9.7.6 to 9.7.7

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.7.7

[!WARNING]

Material for MkDocs is approaching end of life

Material for MkDocs is scheduled to reach end of life on November 5, 2026. Until then, maintenance is limited to critical bug fixes and security updates.

The path forward is Zensical, our next-generation static site generator built from first principles. If you’re planning a new documentation project or thinking about your long-term setup, we encourage you to start exploring Zensical.

Organizations requiring support beyond this date can get in touch to discuss options.

Read the full announcement on our blog

Changes

  • Fixed a DOM-based XSS vulnerability in search suggestions

Thanks to @​p- for responsibly reporting this issue.

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.7.7 (2026-07-17)

  • Fixed DOM-based XSS vulnerability in search suggestions

mkdocs-material-9.7.6 (2026-03-19)

  • Automatically disable MkDocs 2.0 warning for forks of MkDocs

mkdocs-material-9.7.5 (2026-03-10)

  • Limited version range of mkdocs to <2
  • Updated MkDocs 2.0 incompatibility warning (clarify relation with MkDocs)

mkdocs-material-9.7.4 (2026-03-03)

  • Hardened social cards plugin by switching to sandboxed environment
  • Updated MkDocs 2.0 incompatibility warning

mkdocs-material-9.7.3 (2026-02-24)

  • Fixed #8567: Print MkDocs 2.0 incompatibility warning to stderr

mkdocs-material-9.7.2 (2026-02-18)

  • Opened up version ranges of optional dependencies for forward-compatibility
  • Added warning to 'mkdocs build' about impending MkDocs 2.0 incompatibility

mkdocs-material-9.7.1 (2025-12-18)

  • Updated requests to 2.30+ to mitigate CVE in urllib
  • Fixed privacy plugin not picking up protocol-relative URLs
  • Fixed #8542: false positives and negatives captured in privacy plugin

mkdocs-material-9.7.0 (2025-11-11)

⚠️ Material for MkDocs is now in maintenance mode

This is the last release of Material for MkDocs that will receive new features. Going forward, the Material for MkDocs team focuses on Zensical, a next-gen static site generator built from first principles. We will provide critical bug fixes and security updates for Material for MkDocs for 12 months at least.

Read the full announcement on our blog: https://squidfunk.github.io/mkdocs-material/blog/2025/11/05/zensical/

This release includes all features that were previously exclusive to the Insiders edition. These features are now freely available to everyone.

Note on deprecated plugins: The projects and typeset plugins are included in this release, but must be considered deprecated. Both plugins proved

... (truncated)

Commits

Updates ruff from 0.15.21 to 0.15.22

Release notes

Sourced from ruff's releases.

0.15.22

Release Notes

Released on 2026-07-16.

Preview features

  • [pycodestyle] Add an autofix for E402 (#22212)
  • [refurb] Allow subclassing builtins in stub files (FURB189) (#26812)
  • [ruff] Add rule to replace noqa comments with ruff:ignore (RUF105) (#26423)
  • [ruff] Add rule to use human-readable names in ruff:ignore comments (RUF106) (#26682)
  • [ruff] Add rule to use human-readable names in configuration selectors (RUF201) (#26772)

Bug fixes

  • [flake8-pyi] Fix false positive in __all__ (PYI053) (#26872)

Rule changes

  • [pylint] Ignore mutable type updates in redefined-loop-name (PLW2901) (#25733)

Performance

  • Avoid redundant lexer token bookkeeping (#26765)
  • Avoid redundant pending-indentation writes (#26774)
  • Avoid unnecessary identifier lookahead (#26525)
  • Reuse parser scratch buffers (#26798)

Documentation

  • Document argfile support (#26803)
  • [flake8-datetimez] Clarify naming guidance for datetime.today (DTZ002) (#26658)
  • [pycodestyle] Document E731 fix safety (#26847)
  • [ruff] Clarify intentional async contexts for unused-async (RUF029) (#26641)

Contributors

Install ruff 0.15.22

Install prebuilt binaries via shell script

</tr></table> 

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.22

Released on 2026-07-16.

Preview features

  • [pycodestyle] Add an autofix for E402 (#22212)
  • [refurb] Allow subclassing builtins in stub files (FURB189) (#26812)
  • [ruff] Add rule to replace noqa comments with ruff:ignore (RUF105) (#26423)
  • [ruff] Add rule to use human-readable names in ruff:ignore comments (RUF106) (#26682)
  • [ruff] Add rule to use human-readable names in configuration selectors (RUF201) (#26772)

Bug fixes

  • [flake8-pyi] Fix false positive in __all__ (PYI053) (#26872)

Rule changes

  • [pylint] Ignore mutable type updates in redefined-loop-name (PLW2901) (#25733)

Performance

  • Avoid redundant lexer token bookkeeping (#26765)
  • Avoid redundant pending-indentation writes (#26774)
  • Avoid unnecessary identifier lookahead (#26525)
  • Reuse parser scratch buffers (#26798)

Documentation

  • Document argfile support (#26803)
  • [flake8-datetimez] Clarify naming guidance for datetime.today (DTZ002) (#26658)
  • [pycodestyle] Document E731 fix safety (#26847)
  • [ruff] Clarify intentional async contexts for unused-async (RUF029) (#26641)

Contributors

Commits

Updates ty from 0.0.58 to 0.0.61

Release notes

Sourced from ty's releases.

0.0.61

Release Notes

Released on 2026-07-17.

Bug fixes

  • Avoid recursive protocol structural comparisons (#26721)

LSP server

  • Render Google docstrings as structured Markdown (#26599)

Library support

  • Pydantic: Collect field metadata through subscripted generic Annotated aliases (#26885)

Diagnostics

  • Avoid extending own-line suppressions in --add-ignore (#26808)

Core type checking

  • Derive descriptor setter domains for protocols (#26683)
  • Enforce declared receiver TypeVar domains (#26863)
  • Infer isinstance results for aliases and type variables (#26961)
  • Infer isinstance results for fixed class tuples (#26935)
  • Narrow inline list and set membership checks (#26955)
  • Narrow tagged unions by tag truthiness (#26887)
  • Narrow walrus expression values (#26949)
  • Project intersections in to_instance (#26892)
  • Remove inferable TypeVar artifacts recursively (#26787)
  • Respect mixin receiver domains in method overrides (#26941)
  • Support TypeVarTuple and Unpack (#25240)

Performance

  • Deduplicate completion labels (#26890)
  • Only collect expected types for files open in the editor (#25546)
  • Parallelize subtype hierarchy search (#26875)
  • Share heap-backed parser names with CharStr (#26594)
  • Use the new incremental checker from the ignore crate (#26933)

Contributors

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.61

Released on 2026-07-17.

Bug fixes

  • Avoid recursive protocol structural comparisons (#26721)

LSP server

  • Render Google docstrings as structured Markdown (#26599)

Library support

  • Pydantic: Collect field metadata through subscripted generic Annotated aliases (#26885)

Diagnostics

  • Avoid extending own-line suppressions in --add-ignore (#26808)

Core type checking

  • Derive descriptor setter domains for protocols (#26683)
  • Enforce declared receiver TypeVar domains (#26863)
  • Infer isinstance results for aliases and type variables (#26961)
  • Infer isinstance results for fixed class tuples (#26935)
  • Narrow inline list and set membership checks (#26955)
  • Narrow tagged unions by tag truthiness (#26887)
  • Narrow walrus expression values (#26949)
  • Project intersections in to_instance (#26892)
  • Remove inferable TypeVar artifacts recursively (#26787)
  • Respect mixin receiver domains in method overrides (#26941)
  • Support TypeVarTuple and Unpack (#25240)

Performance

  • Deduplicate completion labels (#26890)
  • Only collect expected types for files open in the editor (#25546)
  • Parallelize subtype hierarchy search (#26875)
  • Share heap-backed parser names with CharStr (#26594)
  • Use the new incremental checker from the ignore crate (#26933)

Contributors

... (truncated)

Commits

@dependabot dependabot Bot added dependencies: uv Dependabot alerts for uv priority: medium The work is medium prioritized status: review needed The work is pending review type: chore Maintenance tasks that don't affect production code or fix bugs labels Jul 18, 2026
@dependabot
dependabot Bot requested a review from zobweyt as a code owner July 18, 2026 03:04
@dependabot dependabot Bot added status: review needed The work is pending review priority: medium The work is medium prioritized dependencies: uv Dependabot alerts for uv type: chore Maintenance tasks that don't affect production code or fix bugs labels Jul 18, 2026
@github-actions

github-actions Bot commented Jul 18, 2026

Copy link
Copy Markdown
Contributor
PR Preview Action v1.8.1
Preview removed because the pull request was closed.
2026-07-18 11:20 UTC

@zobweyt

zobweyt commented Jul 18, 2026

Copy link
Copy Markdown
Owner

@dependabot rebase

@dependabot dependabot Bot changed the title chore(deps-dev): bump the deps group with 3 updates chore(deps-dev): bump the deps group across 1 directory with 3 updates Jul 18, 2026
Bumps the deps group with 3 updates in the / directory: [mkdocs-material](https://github.com/squidfunk/mkdocs-material), [ruff](https://github.com/astral-sh/ruff) and [ty](https://github.com/astral-sh/ty).


Updates `mkdocs-material` from 9.7.6 to 9.7.7
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](squidfunk/mkdocs-material@9.7.6...9.7.7)

Updates `ruff` from 0.15.21 to 0.15.22
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.21...0.15.22)

Updates `ty` from 0.0.58 to 0.0.61
- [Release notes](https://github.com/astral-sh/ty/releases)
- [Changelog](https://github.com/astral-sh/ty/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ty@0.0.58...0.0.61)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-version: 9.7.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: deps
- dependency-name: ruff
  dependency-version: 0.15.22
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: deps
- dependency-name: ty
  dependency-version: 0.0.61
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot force-pushed the dependabot/uv/main/deps-68e84771c2 branch from b8c8651 to 60d1061 Compare July 18, 2026 11:17
@zobweyt
zobweyt merged commit e0c5c9c into main Jul 18, 2026
8 checks passed
@dependabot
dependabot Bot deleted the dependabot/uv/main/deps-68e84771c2 branch July 18, 2026 11:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies: uv Dependabot alerts for uv priority: medium The work is medium prioritized status: review needed The work is pending review type: chore Maintenance tasks that don't affect production code or fix bugs

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant