Bump pytest from 8.4.1 to 9.0.2

[dependabot]

Bumps pytest from 8.4.1 to 9.0.2.

Release notes

Sourced from pytest's releases.

9.0.2

pytest 9.0.2 (2025-12-06)

Bug fixes

• #13896: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.

  You may enable it again by passing -p terminalprogress. We may enable it by default again once compatibility improves in the future.

  Additionally, when the environment variable TERM is dumb, the escape codes are no longer emitted, even if the plugin is enabled.

• #13904: Fixed the TOML type of the tmp_path_retention_count settings in the API reference from number to string.

• #13946: The private config.inicfg attribute was changed in a breaking manner in pytest 9.0.0. Due to its usage in the ecosystem, it is now restored to working order using a compatibility shim. It will be deprecated in pytest 9.1 and removed in pytest 10.

• #13965: Fixed quadratic-time behavior when handling unittest subtests in Python 3.10.

Improved documentation

• #4492: The API Reference now contains cross-reference-able documentation of pytest's command-line flags <command-line-flags>.

9.0.1

pytest 9.0.1 (2025-11-12)

Bug fixes

• #13895: Restore support for skipping tests via raise unittest.SkipTest.
• #13896: The terminal progress plugin added in pytest 9.0 is now automatically disabled when iTerm2 is detected, it generated desktop notifications instead of the desired functionality.
• #13904: Fixed the TOML type of the verbosity settings in the API reference from number to string.
• #13910: Fixed UserWarning: Do not expect file_or_dir on some earlier Python 3.12 and 3.13 point versions.

Packaging updates and notes for downstreams

• #13933: The tox configuration has been adjusted to make sure the desired version string can be passed into its package_env through the SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST environment variable as a part of the release process -- by webknjaz.

Contributor-facing changes

• #13891, #13942: The CI/CD part of the release automation is now capable of creating GitHub Releases without having a Git checkout on disk -- by bluetech and webknjaz.
• #13933: The tox configuration has been adjusted to make sure the desired version string can be passed into its package_env through the SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST environment variable as a part of the release process -- by webknjaz.

... (truncated)

Commits

• 3d10b51 Prepare release version 9.0.2
• 188750b Merge pull request #14030 from pytest-dev/patchback/backports/9.0.x/1e4b01d1f...
• b7d7bef Merge pull request #14014 from bluetech/compat-note
• bd08e85 Merge pull request #14013 from pytest-dev/patchback/backports/9.0.x/922b60377...
• bc78386 Add CLI options reference documentation (#13930)
• 5a4e398 Fix docs typo (#14005) (#14008)
• d7ae6df Merge pull request #14006 from pytest-dev/maintenance/update-plugin-list-tmpl...
• 556f6a2 pre-commit: fix rst-lint after new release (#13999) (#14001)
• c60fbe6 Fix quadratic-time behavior when handling unittest subtests in Python 3.10 ...
• 73d9b01 Merge pull request #13995 from nicoddemus/patchback/backports/9.0.x/1b5200c0f...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Resolves #13896
Resolves #13904
Resolves #13946
Resolves #13965
Resolves #4492
Resolves #13895
Resolves #13910
Resolves #13933
Resolves #13891
Resolves #13942
Resolves #14030
Resolves #14014
Resolves #14013
Resolves #13930
Resolves #14005
Resolves #14008
Resolves #14006
Resolves #13999
Resolves #14001
Resolves #13995

[github-actions]

🤖 Claude Code Review

---

🔍 PR Code Review: pytest Version Bump (8.4.1 → 9.0.2)

Summary

This PR updates pytest from version 8.4.1 to 9.0.2 in development-requirements.txt. This is a dependency version update with no code changes.

---

✅ Code Quality

• ✅ Code follows style guide: N/A - No code changes, only dependency version update
• ✅ No commented-out code: N/A - No code changes
• ✅ Meaningful variable names: N/A - No code changes
• ✅ DRY principle followed: N/A - No code changes
• ✅ Identify Defects: No defects identified. The version bump appears to be a minor/patch update in the pytest 9.x series
• ✅ Project memory configuration: No .claude/CLAUDE.md file exists in this repository

✅ Testing

• ✅ Unit tests for new functions: N/A - Dependency update only
• ✅ Integration tests for new endpoints: N/A - Dependency update only
• ✅ Edge cases covered: N/A - Dependency update only
• ⚠️ Test coverage > 80%: Cannot verify without running tests. The pytest upgrade should be validated by running the existing test suite to ensure compatibility.

Recommendation: Ensure CI/CD pipeline runs all tests successfully with the new pytest version.

⚠️ Documentation

• ❌ CHANGELOG.md updated: development-requirements.txt:15 - The CHANGELOG.md was not updated to reflect this dependency upgrade. While this is a development dependency, significant version updates (8.x → 9.x) should be documented.

Location: CHANGELOG.md:9-13 currently shows placeholder content for version 1.0.0

Recommendation: Add an entry like:

### Changed in 1.0.0
- Updated pytest from 8.4.1 to 9.0.2 in development dependencies

• ✅ Readme updated if needed: N/A - Development dependency change doesn't require README updates
• ✅ API docs updated: N/A - No API changes
• ✅ Inline comments for complex logic: N/A - No code changes
• ✅ Markdown follows CommonMark: N/A - No markdown changes in this PR

✅ Security

• ✅ No hardcoded credentials: No credentials in diff
• ✅ Input validation implemented: N/A - No code changes
• ✅ Proper error handling: N/A - No code changes
• ✅ No sensitive data in logs: N/A - No code changes
• ✅ No license files (.lic) checked in: No .lic files found in repository

---

📋 Overall Assessment

Status: ✅ APPROVED with minor documentation suggestion

This is a straightforward dependency update with minimal risk. The change is appropriate and follows standard dependency management practices.

Required Actions:

• ❌ Update CHANGELOG.md to document the pytest version bump

Recommendations:

1. Verify all tests pass with pytest 9.0.2
2. Review pytest 9.0.2 release notes for any breaking changes or new features that might affect the test suite
3. Consider if any pytest deprecation warnings appear that should be addressed

Risk Level: LOW - Development dependency only, doesn't affect production code

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

I'll analyze this pull request diff against the provided checklist.

Code Review Analysis

Code Quality

✅ Code follows style guide

• The changes are primarily configuration and documentation updates
• Markdown formatting appears to follow CommonMark specification
• YAML files follow consistent formatting patterns
• Python configuration in pyproject.toml follows standard conventions

✅ No commented-out code

• No commented-out code blocks found in the diff

✅ Meaningful variable names

• Not applicable - minimal code changes, mostly configuration

✅ DRY principle followed

• Configuration is well-organized and consolidated in pyproject.toml
• Dependency groups are properly structured to avoid duplication

✅ Identify Defects

• No obvious bugs, logic errors, or security vulnerabilities detected
• Migration from separate requirements files to pyproject.toml dependency groups is correctly implemented

❌ Project memory claude configuration (./.claude/CLAUDE.md)

• Line 23: Contains potentially environment-specific command: python -m pip install --group all .
• However, this is actually a general installation command that works across environments, so this is acceptable
• The file appropriately documents project-level information without local environment specifics

Testing

⚠️ Unit tests for new functions

• Not applicable - no new functions added, only configuration changes

⚠️ Integration tests for new endpoints

• Not applicable - no new endpoints

⚠️ Edge cases covered

• Not applicable - configuration changes only

⚠️ Test coverage > 80%

• Cannot determine from diff - no test changes included
• This is acceptable since only configuration/documentation changed

Documentation

✅ Readme updated if needed

• Not included in diff, but changes don't require README updates

✅ API docs updated

• Not applicable - no API changes

✅ Inline comments for complex logic

• Not applicable - minimal code changes

✅ CHANGELOG.md updated

• Updated in CHANGELOG.md:13-15 with new reference links following CommonMark and Keep a Changelog standards

✅ Markdown files follow CommonMark specification

• CHANGELOG.md: Properly formatted with reference-style links
• CONTRIBUTING.md: Well-structured with reference links at bottom
• CODE_OF_CONDUCT.md: Updated to Contributor Covenant 3.0, properly formatted
• SECURITY.md: New file, properly formatted
• .claude/CLAUDE.md: Properly formatted with code blocks and headings

Security

✅ No hardcoded credentials

• No credentials found in the diff

✅ Input validation implemented

• Not applicable - configuration changes only

✅ Proper error handling

• Not applicable - no new error-prone code

✅ No sensitive data in logs

• Not applicable

✅ No license files (.lic) or AQAAAD strings

• No problematic license files detected
• The changes reference legitimate license agreement PDFs in pyproject.toml

Summary

Overall Assessment: ✅ APPROVED with minor observations

This PR represents a solid modernization of the project structure:

Key Improvements:

1. Consolidation of requirements files into pyproject.toml with proper dependency groups
2. Updated Code of Conduct to Contributor Covenant 3.0 (CODE_OF_CONDUCT.md)
3. Enhanced CONTRIBUTING.md with better reference links
4. Added SECURITY.md for vulnerability reporting
5. Improved GitHub Actions workflows with concurrency controls and updated triggers
6. Better organized .claude/ configuration files
7. Updated dependabot configuration with cooldown periods
8. Consistent workflow naming conventions (capitalized titles)

Notable Changes:

• Migration from Python 3.9 to 3.10 minimum version (pyproject.toml and .github/workflows/pylint.yaml:23)
• Pylint workflow now only runs on PRs, not all pushes (.github/workflows/pylint.yaml:3-5)
• Better organized dependency groups supporting Python 3.10-3.13

No Issues Found:

• No security vulnerabilities
• No code quality concerns
• Documentation properly updated
• Configuration changes are appropriate and well-structured

---

Automated code review analyzing defects and coding standards