fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
anyio (changelog)	>=4.12.1 → >=4.13.0			project.dependencies	minor
python (source)	>=3.14 → >=3.14.3			requires-python	patch
python-telegram-bot (changelog)	>=22.6 → >=22.7			project.dependencies	minor
ruff (source, changelog)	>=0.15.2 → >=0.15.8			dependency-groups	patch

---

Release Notes

agronholm/anyio (anyio)

v4.13.0

Compare Source

• Dropped support for Python 3.9
• Added a ttl parameter to the anyio.functools.lru_cache wrapper (#​1073; PR by @​Graeme22)
• Widened the type annotations of file I/O streams to accept IO[bytes] instead of just BinaryIO (#​1078)
• Fixed anyio.Path not being compatible with Python 3.15 due to the removal of pathlib.Path.is_reserved() and the addition of pathlib.Path.__vfspath__() (#​1061; PR by @​veeceey)
• Fixed the BrokenResourceError raised by the asyncio SocketStream not having the original exception as its cause (#​1055; PR by @​veeceey)
• Fixed the TypeError raised when using "func" as a parameter name in pytest.mark.parametrize when using the pytest plugin (#​1068; PR by @​JohnnyDeuss)
• Fixed the pytest plugin not running tests that had the anyio marker added programmatically via pytest_collection_modifyitems (#​422; PR by @​chbndrhnns)
• Fixed cancellation exceptions leaking from a CancelScope on asyncio when they are contained in an exception group alongside non-cancellation exceptions (#​1091; PR by @​gschaffner)
• Fixed Condition.wait() not passing on a notification when the task is cancelled but already received a notification
• Fixed inverted condition in the process pool shutdown phase which would cause still-running pooled processes not to be terminated (#​1074; PR by @​bysiber)

python/cpython (python)

v3.14.3

Compare Source

v3.14.2

Compare Source

v3.14.1

Compare Source

python-telegram-bot/python-telegram-bot (python-telegram-bot)

v22.7

Compare Source

We've just released v22.7.
Thank you to everyone who contributed to this release.
As usual, upgrade using pip install -U python-telegram-bot.

The release notes can be found here.

astral-sh/ruff (ruff)

v0.15.8

Compare Source

Released on 2026-03-26.

Preview features

• [ruff] New rule unnecessary-if (RUF050) (#​24114)
• [ruff] New rule useless-finally (RUF072) (#​24165)
• [ruff] New rule f-string-percent-format (RUF073): warn when using % operator on an f-string (#​24162)
• [pyflakes] Recognize frozendict as a builtin for Python 3.15+ (#​24100)

Bug fixes

• [flake8-async] Use fully-qualified anyio.lowlevel import in autofix (ASYNC115) (#​24166)
• [flake8-bandit] Check tuple arguments for partial paths in S607 (#​24080)
• [pyflakes] Skip undefined-name (F821) for conditionally deleted variables (#​24088)
• E501/W505/formatter: Exclude nested pragma comments from line width calculation (#​24071)
• Fix %foo? parsing in IPython assignment expressions (#​24152)
• analyze graph: resolve string imports that reference attributes, not just modules (#​24058)

Rule changes

• [eradicate] ignore ty: ignore comments in ERA001 (#​24192)
• [flake8-bandit] Treat sys.executable as trusted input in S603 (#​24106)
• [flake8-self] Recognize Self annotation and self assignment in SLF001 (#​24144)
• [pyflakes] F507: Fix false negative for non-tuple RHS in %-formatting (#​24142)
• [refurb] Parenthesize generator arguments in FURB142 fixer (#​24200)

Performance

• Speed up diagnostic rendering (#​24146)

Server

• Warn when Markdown files are skipped due to preview being disabled (#​24150)

Documentation

• Clarify extend-ignore and extend-select settings documentation (#​24064)
• Mention AI policy in PR template (#​24198)

Other changes

• Use trusted publishing for NPM packages (#​24171)

Contributors

• @​bitloi
• @​Sim-hu
• @​mvanhorn
• @​chinar-amrutkar
• @​markjm
• @​RenzoMXD
• @​vivekkhimani
• @​seroperson
• @​moktamd
• @​charliermarsh
• @​ntBre
• @​zanieb
• @​dylwil3
• @​MichaReiser

v0.15.7

Compare Source

Released on 2026-03-19.

Preview features

• Display output severity in preview (#​23845)
• Don't show noqa hover for non-Python documents (#​24040)

Rule changes

• [pycodestyle] Recognize pyrefly: as a pragma comment (E501) (#​24019)

Server

• Don't return code actions for non-Python documents (#​23905)

Documentation

• Add company AI policy to contributing guide (#​24021)
• Document editor features for Markdown code formatting (#​23924)
• [pylint] Improve phrasing (PLC0208) (#​24033)

Other changes

• Use PEP 639 license information (#​19661)

Contributors

• @​tmimmanuel
• @​DimitriPapadopoulos
• @​amyreese
• @​statxc
• @​dylwil3
• @​hunterhogan
• @​renovate

v0.15.6

Compare Source

Released on 2026-03-12.

Preview features

• Add support for lazy import parsing (#​23755)
• Add support for star-unpacking of comprehensions (PEP 798) (#​23788)
• Reject semantic syntax errors for lazy imports (#​23757)
• Drop a few rules from the preview default set (#​23879)
• [airflow] Flag Variable.get() calls outside of task execution context (AIR003) (#​23584)
• [airflow] Flag runtime-varying values in DAG/task constructor arguments (AIR304) (#​23631)
• [flake8-bugbear] Implement delattr-with-constant (B043) (#​23737)
• [flake8-tidy-imports] Add TID254 to enforce lazy imports (#​23777)
• [flake8-tidy-imports] Allow users to ban lazy imports with TID254 (#​23847)
• [isort] Retain lazy keyword when sorting imports (#​23762)
• [pyupgrade] Add from __future__ import annotations automatically (UP006) (#​23260)
• [refurb] Support newline parameter in FURB101 for Python 3.13+ (#​23754)
• [ruff] Add os-path-commonprefix (RUF071) (#​23814)
• [ruff] Add unsafe fix for os-path-commonprefix (RUF071) (#​23852)
• [ruff] Limit RUF036 to typing contexts; make it unsafe for non-typing-only (#​23765)
• [ruff] Use starred unpacking for RUF017 in Python 3.15+ (#​23789)

Bug fixes

• Fix --add-noqa creating unwanted leading whitespace (#​23773)
• Fix --add-noqa breaking shebangs (#​23577)
• [formatter] Fix lambda body formatting for multiline calls and subscripts (#​23866)
• [formatter] Preserve required annotation parentheses in annotated assignments (#​23865)
• [formatter] Preserve type-expression parentheses in the formatter (#​23867)
• [flake8-annotations] Fix stack overflow in ANN401 on quoted annotations with escape sequences (#​23912)
• [pep8-naming] Check naming conventions in match pattern bindings (N806, N815, N816) (#​23899)
• [perflint] Fix comment duplication in fixes (PERF401, PERF403) (#​23729)
• [pyupgrade] Properly trigger super change in nested class (UP008) (#​22677)
• [ruff] Avoid syntax errors in RUF036 fixes (#​23764)

Rule changes

• [flake8-bandit] Flag S501 with requests.request (#​23873)
• [flake8-executable] Fix WSL detection in non-Docker containers (#​22879)
• [flake8-print] Ignore pprint calls with stream= (#​23787)

Documentation

• Update docs for Markdown code block formatting (#​23871)
• [flake8-bugbear] Fix misleading description for B904 (#​23731)

Contributors

• @​zsol
• @​carljm
• @​ntBre
• @​Bortlesboat
• @​sososonia-cyber
• @​chirizxc
• @​leandrobbraga
• @​11happy
• @​Acelogic
• @​anishgirianish
• @​amyreese
• @​xvchris
• @​charliermarsh
• @​getehen
• @​Dev-iL

v0.15.5

Compare Source

Released on 2026-03-05.

Preview features

• Discover Markdown files by default in preview mode (#​23434)
• [perflint] Extend PERF102 to comprehensions and generators (#​23473)
• [refurb] Fix FURB101 and FURB103 false positives when I/O variable is used later (#​23542)
• [ruff] Add fix for none-not-at-end-of-union (RUF036) (#​22829)
• [ruff] Fix false positive for re.split with empty string pattern (RUF055) (#​23634)

Bug fixes

• [fastapi] Handle callable class dependencies with __call__ method (FAST003) (#​23553)
• [pydocstyle] Fix numpy section ordering (D420) (#​23685)
• [pyflakes] Fix false positive for names shadowing re-exports (F811) (#​23356)
• [pyupgrade] Avoid inserting redundant None elements in UP045 (#​23459)

Documentation

• Document extension mapping for Markdown code formatting (#​23574)
• Update default Python version examples (#​23605)

Other changes

• Publish releases to Astral mirror (#​23616)

Contributors

• @​amyreese
• @​stakeswky
• @​chirizxc
• @​anishgirianish
• @​bxff
• @​zsol
• @​charliermarsh
• @​ntBre
• @​kar-ganap

v0.15.4

Compare Source

Released on 2026-02-26.

This is a follow-up release to 0.15.3 that resolves a panic when the new rule PLR1712 was enabled with any rule that analyzes definitions, such as many of the ANN or D rules.

Bug fixes

• Fix panic on access to definitions after analyzing definitions (#​23588)
• [pyflakes] Suppress false positive in F821 for names used before del in stub files (#​23550)

Documentation

• Clarify first-party import detection in Ruff (#​23591)
• Fix incorrect import-heading example (#​23568)

Contributors

• @​stakeswky
• @​ntBre
• @​thejcannon
• @​GeObts

v0.15.3

Compare Source

Released on 2026-02-26.

Preview features

• Drop explicit support for .qmd file extension (#​23572)

  This can now be enabled instead by setting the extension option:

  # ruff.toml
  extension = { qmd = "markdown" }
  
  # pyproject.toml
  [tool.ruff]
  extension = { qmd = "markdown" }

• Include configured extensions in file discovery (#​23400)

• [flake8-bandit] Allow suspicious imports in TYPE_CHECKING blocks (S401-S415) (#​23441)

• [flake8-bugbear] Allow B901 in pytest hook wrappers (#​21931)

• [flake8-import-conventions] Add missing conventions from upstream (ICN001, ICN002) (#​21373)

• [pydocstyle] Add rule to enforce docstring section ordering (D420) (#​23537)

• [pylint] Implement swap-with-temporary-variable (PLR1712) (#​22205)

• [ruff] Add unnecessary-assign-before-yield (RUF070) (#​23300)

• [ruff] Support file-level noqa in RUF102 (#​23535)

• [ruff] Suppress diagnostic for invalid f-strings before Python 3.12 (RUF027) (#​23480)

• [flake8-bandit] Don't flag BaseLoader/CBaseLoader as unsafe (S506) (#​23510)

Bug fixes

• Avoid infinite loop between I002 and PYI025 (#​23352)
• [pyflakes] Fix false positive for @overload from lint.typing-modules (F811) (#​23357)
• [pyupgrade] Fix false positive for TypeVar default before Python 3.12 (UP046) (#​23540)
• [pyupgrade] Fix handling of \N in raw strings (UP032) (#​22149)

Rule changes

• Render sub-diagnostics in the GitHub output format (#​23455)

• [flake8-bugbear] Tag certain B007 diagnostics as unnecessary (#​23453)

• [ruff] Ignore unknown rule codes in RUF100 (#​23531)

  These are now flagged by RUF102 instead.

Documentation

• Fix missing settings links for several linters (#​23519)
• Update isort action comments heading (#​23515)
• [pydocstyle] Fix double comma in description of D404 (#​23440)

Other changes

• Update the Python module (notably find_ruff_bin) for parity with uv (#​23406)

Contributors

• @​zanieb
• @​o1x3
• @​assadyousuf
• @​kar-ganap
• @​denyszhak
• @​amyreese
• @​carljm
• @​anishgirianish
• @​Bnyro
• @​danparizher
• @​ntBre
• @​gcomneno
• @​jaap3
• @​stakeswky

---

Configuration

📅 Schedule: Branch creation - "on monday" in timezone UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.