Update patch dependencies

[renovate[bot]]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
astral-sh/ruff-pre-commit	repository	patch	v0.4.6 -> v0.4.8
github/codeql-action	action	patch	v3.25.7 -> v3.25.8
pytest (changelog)	dev	patch	8.2.1 -> 8.2.2
ruff (source, changelog)	dev	patch	0.4.6 -> 0.4.8
safety	dev	patch	3.2.0 -> 3.2.3
step-security/harden-runner	action	patch	v2.8.0 -> v2.8.1
xdoctest	dev	patch	1.1.3 -> 1.1.5
zricethezav/gitleaks	repository	patch	v8.18.2 -> v8.18.3

---

[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

---

Release Notes

astral-sh/ruff-pre-commit (astral-sh/ruff-pre-commit)

### [`v0.4.8`](https://togithub.com/astral-sh/ruff-pre-commit/releases/tag/v0.4.8) [Compare Source](https://togithub.com/astral-sh/ruff-pre-commit/compare/v0.4.7...v0.4.8) See: https://github.com/astral-sh/ruff/releases/tag/v0.4.8 ### [`v0.4.7`](https://togithub.com/astral-sh/ruff-pre-commit/releases/tag/v0.4.7) [Compare Source](https://togithub.com/astral-sh/ruff-pre-commit/compare/v0.4.6...v0.4.7) See: https://github.com/astral-sh/ruff/releases/tag/v0.4.7

github/codeql-action (github/codeql-action)

### [`v3.25.8`](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8)

pytest-dev/pytest (pytest)

### [`v8.2.2`](https://togithub.com/pytest-dev/pytest/releases/tag/8.2.2) [Compare Source](https://togithub.com/pytest-dev/pytest/compare/8.2.1...8.2.2) # pytest 8.2.2 (2024-06-04) ## Bug Fixes - [#​12355](https://togithub.com/pytest-dev/pytest/issues/12355): Fix possible catastrophic performance slowdown on a certain parametrization pattern involving many higher-scoped parameters. - [#​12367](https://togithub.com/pytest-dev/pytest/issues/12367): Fix a regression in pytest 8.2.0 where unittest class instances (a fresh one is created for each test) were not released promptly on test teardown but only on session teardown. - [#​12381](https://togithub.com/pytest-dev/pytest/issues/12381): Fix possible "Directory not empty" crashes arising from concurent cache dir (`.pytest_cache`) creation. Regressed in pytest 8.2.0. ## Improved Documentation - [#​12290](https://togithub.com/pytest-dev/pytest/issues/12290): Updated Sphinx theme to use Furo instead of Flask, enabling Dark mode theme. - [#​12356](https://togithub.com/pytest-dev/pytest/issues/12356): Added a subsection to the documentation for debugging flaky tests to mention lack of thread safety in pytest as a possible source of flakyness. - [#​12363](https://togithub.com/pytest-dev/pytest/issues/12363): The documentation webpages now links to a canonical version to reduce outdated documentation in search engine results.

astral-sh/ruff (ruff)

### [`v0.4.8`](https://togithub.com/astral-sh/ruff/blob/HEAD/CHANGELOG.md#048) [Compare Source](https://togithub.com/astral-sh/ruff/compare/v0.4.7...v0.4.8) ##### Performance - Linter performance has been improved by around 10% on some microbenchmarks by refactoring the lexer and parser to maintain synchronicity between them ([#​11457](https://togithub.com/astral-sh/ruff/pull/11457)) ##### Preview features - \[`flake8-bugbear`] Implement `return-in-generator` (`B901`) ([#​11644](https://togithub.com/astral-sh/ruff/pull/11644)) - \[`flake8-pyi`] Implement `PYI063` ([#​11699](https://togithub.com/astral-sh/ruff/pull/11699)) - \[`pygrep_hooks`] Check blanket ignores via file-level pragmas (`PGH004`) ([#​11540](https://togithub.com/astral-sh/ruff/pull/11540)) ##### Rule changes - \[`pyupgrade`] Update `UP035` for Python 3.13 and the latest version of `typing_extensions` ([#​11693](https://togithub.com/astral-sh/ruff/pull/11693)) - \[`numpy`] Update `NPY001` rule for NumPy 2.0 ([#​11735](https://togithub.com/astral-sh/ruff/pull/11735)) ##### Server - Formatting a document with syntax problems no longer spams a visible error popup ([#​11745](https://togithub.com/astral-sh/ruff/pull/11745)) ##### CLI - Add RDJson support for `--output-format` flag ([#​11682](https://togithub.com/astral-sh/ruff/pull/11682)) ##### Bug fixes - \[`pyupgrade`] Write empty string in lieu of panic when fixing `UP032` ([#​11696](https://togithub.com/astral-sh/ruff/pull/11696)) - \[`flake8-simplify`] Simplify double negatives in `SIM103` ([#​11684](https://togithub.com/astral-sh/ruff/pull/11684)) - Ensure the expression generator adds a newline before `type` statements ([#​11720](https://togithub.com/astral-sh/ruff/pull/11720)) - Respect per-file ignores for blanket and redirected noqa rules ([#​11728](https://togithub.com/astral-sh/ruff/pull/11728)) ### [`v0.4.7`](https://togithub.com/astral-sh/ruff/blob/HEAD/CHANGELOG.md#047) [Compare Source](https://togithub.com/astral-sh/ruff/compare/v0.4.6...v0.4.7) ##### Preview features - \[`flake8-pyi`] Implement `PYI064` ([#​11325](https://togithub.com/astral-sh/ruff/pull/11325)) - \[`flake8-pyi`] Implement `PYI066` ([#​11541](https://togithub.com/astral-sh/ruff/pull/11541)) - \[`flake8-pyi`] Implement `PYI057` ([#​11486](https://togithub.com/astral-sh/ruff/pull/11486)) - \[`pyflakes`] Enable `F822` in `__init__.py` files by default ([#​11370](https://togithub.com/astral-sh/ruff/pull/11370)) ##### Formatter - Fix incorrect placement of trailing stub function comments ([#​11632](https://togithub.com/astral-sh/ruff/pull/11632)) ##### Server - Respect file exclusions in `ruff server` ([#​11590](https://togithub.com/astral-sh/ruff/pull/11590)) - Add support for documents not exist on disk ([#​11588](https://togithub.com/astral-sh/ruff/pull/11588)) - Add Vim and Kate setup guide for `ruff server` ([#​11615](https://togithub.com/astral-sh/ruff/pull/11615)) ##### Bug fixes - Avoid removing newlines between docstring headers and rST blocks ([#​11609](https://togithub.com/astral-sh/ruff/pull/11609)) - Infer indentation with imports when logical indent is absent ([#​11608](https://togithub.com/astral-sh/ruff/pull/11608)) - Use char index rather than position for indent slice ([#​11645](https://togithub.com/astral-sh/ruff/pull/11645)) - \[`flake8-comprehension`] Strip parentheses around generators in `C400` ([#​11607](https://togithub.com/astral-sh/ruff/pull/11607)) - Mark `repeated-isinstance-calls` as unsafe on Python 3.10 and later ([#​11622](https://togithub.com/astral-sh/ruff/pull/11622))

pyupio/safety (safety)

### [`v3.2.3`](https://togithub.com/pyupio/safety/blob/HEAD/CHANGELOG.md#323---2024-06-10) [Compare Source](https://togithub.com/pyupio/safety/compare/3.2.2...3.2.3) - Increase request timeout to 30 seconds ([#​535](https://togithub.com/pyupio/safety/issues/535)) - fix: fail on none severities ([#​534](https://togithub.com/pyupio/safety/issues/534)) ### [`v3.2.2`](https://togithub.com/pyupio/safety/blob/HEAD/CHANGELOG.md#322---2024-06-07) [Compare Source](https://togithub.com/pyupio/safety/compare/3.2.1...3.2.2) - fix: include scan template in build ([#​531](https://togithub.com/pyupio/safety/issues/531)) ### [`v3.2.1`](https://togithub.com/pyupio/safety/blob/HEAD/CHANGELOG.md#321---2024-06-04) [Compare Source](https://togithub.com/pyupio/safety/compare/3.2.0...3.2.1) - fix: include all templates in the manifest ([#​529](https://togithub.com/pyupio/safety/issues/529)) - fix: use available email verification claims ([#​528](https://togithub.com/pyupio/safety/issues/528))

step-security/harden-runner (step-security/harden-runner)

### [`v2.8.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.8.1) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.8.0...v2.8.1) #### What's Changed - Bug fix: Update isGitHubHosted implementation by [@​varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/425](https://togithub.com/step-security/harden-runner/pull/425) The previous implementation incorrectly identified large GitHub-hosted runners as self-hosted runners. As a result, harden-runner was not executing on these large GitHub-hosted runners. **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.8.1

Erotemic/xdoctest (xdoctest)

### [`v1.1.5`](https://togithub.com/Erotemic/xdoctest/blob/HEAD/CHANGELOG.md#Version-115---Unreleased) [Compare Source](https://togithub.com/Erotemic/xdoctest/compare/v1.1.4...v1.1.5) ##### Changed - Minor modification to `xdoctest --version-info` and exposed it in CLI help. ##### Fixed - `ub.modname_to_modpath` fixed in cases where editable installs use type annotations in their MAPPING definition. ### [`v1.1.4`](https://togithub.com/Erotemic/xdoctest/blob/HEAD/CHANGELOG.md#Version-114---Unreleased) [Compare Source](https://togithub.com/Erotemic/xdoctest/compare/v1.1.3...v1.1.4) ##### Fixed - Working around a `modname_to_modpath` issue.

zricethezav/gitleaks (zricethezav/gitleaks)

### [`v8.18.3`](https://togithub.com/gitleaks/gitleaks/releases/tag/v8.18.3) [Compare Source](https://togithub.com/zricethezav/gitleaks/compare/v8.18.2...v8.18.3) #### Changelog - [`39947b0`](https://togithub.com/zricethezav/gitleaks/commit/39947b0) extend FB access token discovery ([#​1407](https://togithub.com/zricethezav/gitleaks/issues/1407)) - [`79cac73`](https://togithub.com/zricethezav/gitleaks/commit/79cac73) tests: scalingo validation consistent test ([#​1359](https://togithub.com/zricethezav/gitleaks/issues/1359)) - [`247f423`](https://togithub.com/zricethezav/gitleaks/commit/247f423) add real (test) standard and restricted keys ([#​1375](https://togithub.com/zricethezav/gitleaks/issues/1375)) - [`821b232`](https://togithub.com/zricethezav/gitleaks/commit/821b232) Add Cloudflare API and Origin CA keys ([#​1374](https://togithub.com/zricethezav/gitleaks/issues/1374)) - [`57ac4b3`](https://togithub.com/zricethezav/gitleaks/commit/57ac4b3) Update "contributing guidelines" link ([#​1390](https://togithub.com/zricethezav/gitleaks/issues/1390)) - [`db69e82`](https://togithub.com/zricethezav/gitleaks/commit/db69e82) add update token from square ([#​1370](https://togithub.com/zricethezav/gitleaks/issues/1370)) - [`4b54328`](https://togithub.com/zricethezav/gitleaks/commit/4b54328) feat: facebook secret, access token, and page access token rules ([#​1372](https://togithub.com/zricethezav/gitleaks/issues/1372)) - [`979f213`](https://togithub.com/zricethezav/gitleaks/commit/979f213) update mailchimp with new tokens ([#​1376](https://togithub.com/zricethezav/gitleaks/issues/1376)) - [`59c0cc7`](https://togithub.com/zricethezav/gitleaks/commit/59c0cc7) Append ordered rules when extending ([#​1304](https://togithub.com/zricethezav/gitleaks/issues/1304)) - [`6c52f87`](https://togithub.com/zricethezav/gitleaks/commit/6c52f87) fix: age rule id with dashes ([#​1349](https://togithub.com/zricethezav/gitleaks/issues/1349)) - [`247a5e7`](https://togithub.com/zricethezav/gitleaks/commit/247a5e7) patching golang.org/x/text for CVE-2021-38561 and CVE-2022-32149 ([#​1342](https://togithub.com/zricethezav/gitleaks/issues/1342)) - [`8d23afd`](https://togithub.com/zricethezav/gitleaks/commit/8d23afd) Use latest base images. ([#​1334](https://togithub.com/zricethezav/gitleaks/issues/1334))

---

Configuration

📅 Schedule: Branch creation - "after 5pm every weekday,before 8am every weekday,every weekend" in timezone America/Chicago, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.