Bump the dev-dependencies group with 3 updates

[dependabot]

Bumps the dev-dependencies group with 3 updates: pytest, coverage and ruff.

Updates pytest from 8.4.2 to 9.0.1

Release notes

Sourced from pytest's releases.

9.0.1

pytest 9.0.1 (2025-11-12)

Bug fixes

• #13895: Restore support for skipping tests via raise unittest.SkipTest.
• #13896: The terminal progress plugin added in pytest 9.0 is now automatically disabled when iTerm2 is detected, it generated desktop notifications instead of the desired functionality.
• #13904: Fixed the TOML type of the verbosity settings in the API reference from number to string.
• #13910: Fixed UserWarning: Do not expect file_or_dir on some earlier Python 3.12 and 3.13 point versions.

Packaging updates and notes for downstreams

• #13933: The tox configuration has been adjusted to make sure the desired version string can be passed into its package_env through the SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST environment variable as a part of the release process -- by webknjaz.

Contributor-facing changes

• #13891, #13942: The CI/CD part of the release automation is now capable of creating GitHub Releases without having a Git checkout on disk -- by bluetech and webknjaz.
• #13933: The tox configuration has been adjusted to make sure the desired version string can be passed into its package_env through the SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST environment variable as a part of the release process -- by webknjaz.

9.0.0

pytest 9.0.0 (2025-11-05)

New features

• #1367: Support for subtests has been added.

  subtests <subtests> are an alternative to parametrization, useful in situations where the parametrization values are not all known at collection time.

  Example:

  def contains_docstring(p: Path) -> bool:
      """Return True if the given Python file contains a top-level docstring."""
      ...
  def test_py_files_contain_docstring(subtests: pytest.Subtests) -> None:
  for path in Path.cwd().glob("*.py"):
  with subtests.test(path=str(path)):
  assert contains_docstring(path)

... (truncated)

Commits

• d1b64aa Prepare release version 9.0.1
• 0a497c7 regendoc: remove CI environment variables (#13950) (#13951)
• a9f7e6e 🧪 Run gh release w/o Git in CI/CD (#13942) (#13947)
• 2682a66 Merge pull request #13944 from pytest-dev/patchback/backports/9.0.x/bef7d34f1...
• a999997 Merge pull request #13941 from nicoddemus/min-pre-commit-version
• 4bd63a0 Merge pull request #13935 from pytest-dev/patchback/backports/9.0.x/ce8b8a7b4...
• 15f93b3 Merge pull request #13933 from webknjaz/maintenance/tox-pep517-env-setuptools...
• 0fa11ae Merge pull request #13927 from pytest-dev/patchback/backports/9.0.x/3d8075743...
• fa45470 Merge pull request #13926 from pytest-dev/patchback/backports/9.0.x/d587e0cf8...
• b4e3973 Merge pull request #13922 from bluetech/fix-argparse-userwarning
• Additional commits viewable in compare view

Updates coverage from 7.11.0 to 7.12.0

Changelog

Sourced from coverage's changelog.

Version 7.12.0 — 2025-11-18

• The HTML report now shows separate coverage totals for statements and branches, as well as the usual combined coverage percentage. Thanks to Ryuta Otsuka for the discussion <issue 2081_>_ and the implementation <pull 2085_>_.

• The JSON report now includes separate coverage totals for statements and branches, thanks to Ryuta Otsuka <pull 2090_>_.

• Fix: except* clauses were not handled properly under the "sysmon" measurement core, causing KeyError exceptions as described in issue 2086_. This is now fixed.

• Fix: we now defend against aggressive mocking of open() that could cause errors inside coverage.py. An example of a failure is in issue 2083_.

• Fix: in unusual cases where a test suite intentionally exhausts the system's file descriptors to test handling errors in open(), coverage.py would fail when trying to open source files, as described in issue 2091_. This is now fixed.

• A small tweak to the HTML report: file paths now use thin spaces around slashes to make them easier to read.

.. _issue 2081: coveragepy/coveragepy#2081 .. _issue 2083: coveragepy/coveragepy#2083 .. _pull 2085: coveragepy/coveragepy#2085 .. _issue 2086: coveragepy/coveragepy#2086 .. _pull 2090: coveragepy/coveragepy#2090 .. _issue 2091: coveragepy/coveragepy#2091

.. _changes_7-11-3:

Version 7.11.3 — 2025-11-09

• Fix: the 7.11.1 changes meant that conflicts between a requested measurement core and other settings would raise an error. This was a breaking change from previous behavior, as reported in issue 2076_ and issue 2078_.

  The previous behavior has been restored: when the requested core conflicts with other settings, another core is used instead, and a warning is issued.

• For contributors: the repo has moved from Ned's nedbat GitHub account_ to the coveragepy GitHub organization_. The default branch has changed from master to main.

... (truncated)

Commits

• 63db2b1 docs: sample HTML for 7.12.0
• 598bbc3 docs: prep for 7.12.0
• 557dd15 feat: add statement and branch coverage percentages to JSON report (#2090)
• e18359c fix: don't crash if open() genuinely fails. #2091
• fff5e59 docs: thanks, Ryuta Otsuka #2085
• 97bf625 docs: support files for the sample html
• 8320b74 style(html): tweak the styling for the new stmt/branch stats #2085
• 7e08183 feat(templite): {% else %}
• 4abe253 feat: add statement and branch coverage columns to index.html report (#2085)
• ddbafa9 build: no longer need to work around a pytest/iTerm2 bug
• Additional commits viewable in compare view

Updates ruff from 0.14.3 to 0.14.7

Release notes

Sourced from ruff's releases.

0.14.7

Release Notes

Released on 2025-11-28.

Preview features

• [flake8-bandit] Handle string literal bindings in suspicious-url-open-usage (S310) (#21469)
• [pylint] Fix PLR1708 false positives on nested functions (#21177)
• [pylint] Fix suppression for empty dict without tuple key annotation (PLE1141) (#21290)
• [ruff] Add rule RUF066 to detect unnecessary class properties (#21535)
• [ruff] Catch more dummy variable uses (RUF052) (#19799)

Bug fixes

• [server] Set severity for non-rule diagnostics (#21559)
• [flake8-implicit-str-concat] Avoid invalid fix in (ISC003) (#21517)
• [parser] Fix panic when parsing IPython escape command expressions (#21480)

CLI

• Show partial fixability indicator in statistics output (#21513)

Contributors

• @​mikeleppane
• @​senekor
• @​ShaharNaveh
• @​JumboBear
• @​prakhar1144
• @​tsvikas
• @​danparizher
• @​chirizxc
• @​AlexWaygood
• @​MichaReiser

Install ruff 0.14.7

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.14.7/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/ruff/releases/download/0.14.7/ruff-installer.ps1 | iex"

... (truncated)

Changelog

Sourced from ruff's changelog.

0.14.7

Released on 2025-11-28.

Preview features

• [flake8-bandit] Handle string literal bindings in suspicious-url-open-usage (S310) (#21469)
• [pylint] Fix PLR1708 false positives on nested functions (#21177)
• [pylint] Fix suppression for empty dict without tuple key annotation (PLE1141) (#21290)
• [ruff] Add rule RUF066 to detect unnecessary class properties (#21535)
• [ruff] Catch more dummy variable uses (RUF052) (#19799)

Bug fixes

• [server] Set severity for non-rule diagnostics (#21559)
• [flake8-implicit-str-concat] Avoid invalid fix in (ISC003) (#21517)
• [parser] Fix panic when parsing IPython escape command expressions (#21480)

CLI

• Show partial fixability indicator in statistics output (#21513)

Contributors

• @​mikeleppane
• @​senekor
• @​ShaharNaveh
• @​JumboBear
• @​prakhar1144
• @​tsvikas
• @​danparizher
• @​chirizxc
• @​AlexWaygood
• @​MichaReiser

0.14.6

Released on 2025-11-21.

Preview features

• [flake8-bandit] Support new PySNMP API paths (S508, S509) (#21374)

Bug fixes

• Adjust own-line comment placement between branches (#21185)
• Avoid syntax error when formatting attribute expressions with outer parentheses, parenthesized value, and trailing comment on value (#20418)
• Fix panic when formatting comments in unary expressions (#21501)
• Respect fmt: skip for compound statements on a single line (#20633)
• [refurb] Fix FURB103 autofix (#21454)

... (truncated)

Commits

• ecab623 Bump 0.14.7 (#21684)
• 42f1521 [ty] Generic types aliases (implicit and PEP 613) (#21553)
• 594b7b0 [ty] Preserve quoting style when autofixing TypedDict keys (#21682)
• b5b4917 [ty] Fix override of final method summary (#21681)
• 0084e94 [ty] Fix subtyping of type[Any] / type[T] and protocols (#21678)
• 566c959 [ty] Rename ReferenceRequestHandler file (#21680)
• 8bcfc19 [ty] Implement typing.final for methods (#21646)
• c534bfa [ty] Implement patterns and typevars in the LSP (#21671)
• 5e1b2ee [ty] implement rendering of .. code:: lang in docstrings (#21665)
• 98681b9 [ty] Add db parameter to Parameters::new method (#21674)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[coveralls]

Pull Request Test Coverage Report for Build 19811926903

Details

• 0 of 0 changed or added relevant lines in 0 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage decreased (-1.4%) to 48.23%

---

Totals
Change from base Build 19138232249:	-1.4%
Covered Lines:	570
Relevant Lines:	1107

---

💛 - Coveralls

[coveralls]

Pull Request Test Coverage Report for Build 19811926903

Details

• 0 of 0 changed or added relevant lines in 0 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage decreased (-1.4%) to 48.23%

---

Totals
Change from base Build 19138232249:	-1.4%
Covered Lines:	570
Relevant Lines:	1107

---

💛 - Coveralls