Skip to content

Bump ruff from 0.12.11 to 0.13.0#2695

Merged
liquidsec merged 1 commit intodevfrom
dependabot/pip/dev/ruff-0.13.0
Sep 19, 2025
Merged

Bump ruff from 0.12.11 to 0.13.0#2695
liquidsec merged 1 commit intodevfrom
dependabot/pip/dev/ruff-0.13.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 15, 2025
edited
Loading

Bumps ruff from 0.12.11 to 0.13.0.

Release notes

Sourced from ruff's releases.

0.13.0

Release Notes

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

  • Several rules can now add from __future__ import annotations automatically

    TC001, TC002, TC003, RUF013, and UP037 now add from __future__ import annotations as part of their fixes when the lint.future-annotations setting is enabled. This allows the rules to move more imports into TYPE_CHECKING blocks (TC001, TC002, and TC003), use PEP 604 union syntax on Python versions before 3.10 (RUF013), and unquote more annotations (UP037).

  • Full module paths are now used to verify first-party modules

    Ruff now checks that the full path to a module exists on disk before categorizing it as a first-party import. This change makes first-party import detection more accurate, helping to avoid false positives on local directories with the same name as a third-party dependency, for example. See the FAQ section on import categorization for more details.

  • Deprecated rules must now be selected by exact rule code

    Ruff will no longer activate deprecated rules selected by their group name or prefix. As noted below, the two remaining deprecated rules were also removed in this release, so this won't affect any current rules, but it will still affect any deprecations in the future.

  • The deprecated macOS configuration directory fallback has been removed

    Ruff will no longer look for a user-level configuration file at ~/Library/Application Support/ruff/ruff.toml on macOS. This feature was deprecated in v0.5 in favor of using the XDG specification (usually resolving to ~/.config/ruff/ruff.toml), like on Linux. The fallback and accompanying deprecation warning have now been removed.

Removed Rules

The following rules have been removed:

Stabilization

The following rules have been stabilized and are no longer in preview:

The following behaviors have been stabilized:

... (truncated)

Changelog

Sourced from ruff's changelog.

0.13.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

  • Several rules can now add from __future__ import annotations automatically

    TC001, TC002, TC003, RUF013, and UP037 now add from __future__ import annotations as part of their fixes when the lint.future-annotations setting is enabled. This allows the rules to move more imports into TYPE_CHECKING blocks (TC001, TC002, and TC003), use PEP 604 union syntax on Python versions before 3.10 (RUF013), and unquote more annotations (UP037).

  • Full module paths are now used to verify first-party modules

    Ruff now checks that the full path to a module exists on disk before categorizing it as a first-party import. This change makes first-party import detection more accurate, helping to avoid false positives on local directories with the same name as a third-party dependency, for example. See the FAQ section on import categorization for more details.

  • Deprecated rules must now be selected by exact rule code

    Ruff will no longer activate deprecated rules selected by their group name or prefix. As noted below, the two remaining deprecated rules were also removed in this release, so this won't affect any current rules, but it will still affect any deprecations in the future.

  • The deprecated macOS configuration directory fallback has been removed

    Ruff will no longer look for a user-level configuration file at ~/Library/Application Support/ruff/ruff.toml on macOS. This feature was deprecated in v0.5 in favor of using the XDG specification (usually resolving to ~/.config/ruff/ruff.toml), like on Linux. The fallback and accompanying deprecation warning have now been removed.

Removed Rules

The following rules have been removed:

Stabilization

The following rules have been stabilized and are no longer in preview:

... (truncated)

Commits
  • a1fdd66 Bump 0.13.0 (#20336)
  • 8770b95 [ty] introduce DivergentType (#20312)
  • 65982a1 [ty] Use 'unknown' specialization for upper bound on Self (#20325)
  • 57d1f71 [ty] Simplify unions of enum literals and subtypes thereof (#20324)
  • 7a75702 Ignore deprecated rules unless selected by exact code (#20167)
  • 9ca632c Stabilize adding future import via config option (#20277)
  • 64fe7d3 [flake8-errmsg] Stabilize extending raw-string-in-exception (EM101) to ...
  • beeeb8d Stabilize the remaining Airflow rules (#20250)
  • b6fca52 [flake8-bugbear] Stabilize support for non-context-manager calls in `assert...
  • ac7f882 [flake8-commas] Stabilize support for trailing comma checks in type paramet...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Sep 15, 2025
@dependabot dependabot bot mentioned this pull request Sep 15, 2025
Closed
@github-actions
Copy link
Contributor

github-actions bot commented Sep 15, 2025
edited
Loading

📊 Performance Benchmark Report

Comparing dev (baseline) vs dependabot/pip/dev/ruff-0.13.0 (current)

📈 Detailed Results (All Benchmarks)

📋 Complete results for all benchmarks - includes both significant and insignificant changes

🧪 Test Name 📏 Base 📏 Current 📈 Change 🎯 Status
Bloom Filter Dns Mutation Tracking Performance 4.14ms 4.21ms +1.6%
Bloom Filter Large Scale Dns Brute Force 18.05ms 18.13ms +0.5%
Large Closest Match Lookup 350.59ms 356.83ms +1.8%
Realistic Closest Match Workload 188.82ms 195.87ms +3.7%
Event Validation Full Scan Startup Small Batch 443.60ms 457.42ms +3.1%
Event Validation Full Scan Startup Large Batch 779.98ms 790.70ms +1.4%
Make Event Autodetection Small 31.28ms 30.93ms -1.1%
Make Event Autodetection Large 317.22ms 316.85ms -0.1%
Make Event Explicit Types 13.92ms 13.78ms -1.0%
Excavate Single Thread Small 4.045s 4.066s +0.5%
Excavate Single Thread Large 9.373s 9.422s +0.5%
Excavate Parallel Tasks Small 4.251s 4.210s -1.0%
Excavate Parallel Tasks Large 7.317s 7.235s -1.1%
Is Ip Performance 3.18ms 3.12ms -1.9%
Make Ip Type Performance 11.49ms 11.39ms -0.8%
Mixed Ip Operations 4.52ms 4.47ms -1.1%
Typical Queue Shuffle 62.48µs 63.37µs +1.4%
Priority Queue Shuffle 705.36µs 712.45µs +1.0%

🎯 Performance Summary

No significant performance changes detected (all changes <10%)

🐍 Python Version 3.11.13

@dependabot
Bump ruff from 0.12.11 to 0.13.0
e2ec3e5 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.12.11 to 0.13.0.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.12.11...0.13.0)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.13.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/dev/ruff-0.13.0 branch from f33167d to e2ec3e5 Compare September 15, 2025 17:42
@liquidsec liquidsec merged commit 8d36796 into dev Sep 19, 2025
17 checks passed
@liquidsec liquidsec deleted the dependabot/pip/dev/ruff-0.13.0 branch September 19, 2025 20:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@liquidsec liquidsec liquidsec approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@liquidsec