anchore / yardstick

Compare vulnerability scanners results (to make them better!)
Apache License 2.0
15 stars 4 forks source link

chore(deps-dev): bump ruff from 0.4.5 to 0.4.6 #317

Closed dependabot[bot] closed 5 months ago

dependabot[bot] commented 5 months ago

Bumps ruff from 0.4.5 to 0.4.6.

Release notes

Sourced from ruff's releases.

v0.4.6

Changes

Breaking changes

  • Use project-relative paths when calculating GitLab fingerprints (#11532)

Preview features

  • [flake8-async] Sleep with >24 hour interval should usually sleep forever (ASYNC116) (#11498)

Rule changes

  • [numpy] Add missing functions to NumPy 2.0 migration rule (#11528)
  • [mccabe] Consider irrefutable pattern similar to if .. else for C901 (#11565)
  • Consider match-case statements for C901, PLR0912, and PLR0915 (#11521)
  • Remove empty strings when converting to f-string (UP032) (#11524)
  • [flake8-bandit] request-without-timeout should warn for requests.request (#11548)
  • [flake8-self] Ignore sunder accesses in flake8-self rules (#11546)
  • [pyupgrade] Lint for TypeAliasType usages (UP040) (#11530)

Server

  • Respect excludes in ruff server configuration discovery (#11551)
  • Use default settings if initialization options is empty or not provided (#11566)
  • ruff server correctly treats .pyi files as stub files (#11535)
  • ruff server searches for configuration in parent directories (#11537)
  • ruff server: An empty code action filter no longer returns notebook source actions (#11526)

Bug fixes

  • [flake8-logging-format] Fix autofix title in logging-warn (G010) (#11514)
  • [refurb] Avoid recommending operator.itemgetter with dependence on lambda arguments (#11574)
  • [flake8-simplify] Avoid recommending context manager in __enter__ implementations (#11575)
  • Create intermediary directories for --output-file (#11550)
  • Propagate reads on global variables (#11584)
  • Treat all singledispatch arguments as runtime-required (#11523)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.4.6

Breaking changes

  • Use project-relative paths when calculating GitLab fingerprints (#11532)

Preview features

  • [flake8-async] Sleep with >24 hour interval should usually sleep forever (ASYNC116) (#11498)

Rule changes

  • [numpy] Add missing functions to NumPy 2.0 migration rule (#11528)
  • [mccabe] Consider irrefutable pattern similar to if .. else for C901 (#11565)
  • Consider match-case statements for C901, PLR0912, and PLR0915 (#11521)
  • Remove empty strings when converting to f-string (UP032) (#11524)
  • [flake8-bandit] request-without-timeout should warn for requests.request (#11548)
  • [flake8-self] Ignore sunder accesses in flake8-self rules (#11546)
  • [pyupgrade] Lint for TypeAliasType usages (UP040) (#11530)

Server

  • Respect excludes in ruff server configuration discovery (#11551)
  • Use default settings if initialization options is empty or not provided (#11566)
  • ruff server correctly treats .pyi files as stub files (#11535)
  • ruff server searches for configuration in parent directories (#11537)
  • ruff server: An empty code action filter no longer returns notebook source actions (#11526)

Bug fixes

  • [flake8-logging-format] Fix autofix title in logging-warn (G010) (#11514)
  • [refurb] Avoid recommending operator.itemgetter with dependence on lambda arguments (#11574)
  • [flake8-simplify] Avoid recommending context manager in __enter__ implementations (#11575)
  • Create intermediary directories for --output-file (#11550)
  • Propagate reads on global variables (#11584)
  • Treat all singledispatch arguments as runtime-required (#11523)
Commits
  • 49a5a9c Bump version to v0.4.6 (#11585)
  • 69d9212 Propagate reads on global variables (#11584)
  • 4a30558 [flake8-bandit] request-without-timeout should warn for `requests.request...
  • 16acd49 Remove some unused pub functions (#11576)
  • 3989cb8 Make ruff_notebook a workspace dependency in ruff_server (#11572)
  • a38c05b Avoid recommending context manager in __enter__ implementations (#11575)
  • ab107ef Avoid recomending operator.itemgetter with dependence on lambda arg (#11574)
  • b36c713 Consider irrefutable pattern similar to if .. else for C901 (#11565)
  • 34a5063 Respect excludes in ruff server configuration discovery (#11551)
  • adc0a5d Rename document module to text_document (#11571)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 5 months ago

Superseded by #319.