chore(deps): bump the all-dependencies group across 1 directory with 7 updates

[dependabot]

Bumps the all-dependencies group with 7 updates in the / directory:

Package	From	To
pytest-asyncio	1.3.0	1.4.0
hypothesis	6.152.6	6.155.1
types-setuptools	82.0.0.20260508	82.0.0.20260518
ruff	0.15.12	0.15.15
tox	4.53.1	4.55.0
uv	0.11.13	0.11.18
click	8.3.3	8.4.1

Updates pytest-asyncio from 1.3.0 to 1.4.0

Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio v1.4.0

1.4.0 - 2026-05-26

Deprecated

• Overriding the event_loop_policy fixture is deprecated. Use the pytest_asyncio_loop_factories hook instead. (#1419)

Added

• Added the pytest_asyncio_loop_factories hook to parametrize asyncio tests with custom event loop factories.

  The hook returns a mapping of factory names to loop factories, and pytest.mark.asyncio(loop_factories=[...]) selects a subset of configured factories per test. When a single factory is configured, test names are unchanged.

  Synchronous @pytest_asyncio.fixture functions now see the correct event loop when custom loop factories are configured, even when test code disrupts the current event loop (e.g., via asyncio.run() or asyncio.set_event_loop(None)). (#1164)

Changed

• Improved the readability of the warning message that is displayed when asyncio_default_fixture_loop_scope is unset (#1298)
• Only import asyncio.AbstractEventLoopPolicy for type checking to avoid raising a DeprecationWarning. (#1394)
• Updated minimum supported pytest version to v8.4.0. (#1397)

Fixed

• Fixed a ResourceWarning: unclosed event loop warning that could occur when a synchronous test called asyncio.run() or otherwise unset the current event loop after pytest-asyncio had run an async test or fixture. (#724)

Notes for Downstream Packagers

• Added dependency on sphinx-tabs >= 3.5 to organize documentation examples into tabs. (#1395)

pytest-asyncio v1.4.0a2

1.4.0a2 - 2026-05-02

Deprecated

• Overriding the event_loop_policy fixture is deprecated. Use the pytest_asyncio_loop_factories hook instead. (#1419)

Added

• Added the pytest_asyncio_loop_factories hook to parametrize asyncio tests with custom event loop factories.

  The hook returns a mapping of factory names to loop factories, and pytest.mark.asyncio(loop_factories=[...]) selects a subset of configured factories per test. When a single factory is configured, test names are unchanged on pytest 8.4+.

  Synchronous @pytest_asyncio.fixture functions now see the correct event loop when custom loop factories are configured, even when test code disrupts the current event loop (e.g., via asyncio.run() or asyncio.set_event_loop(None)). (#1164)

Changed

• Improved the readability of the warning message that is displayed when asyncio_default_fixture_loop_scope is unset (#1298)
• Only import asyncio.AbstractEventLoopPolicy for type checking to avoid raising a DeprecationWarning. (#1394)

... (truncated)

Commits

• 6e14cd2 chore: Prepare release of v1.4.0.
• 4b900fb Build(deps): Bump codecov/codecov-action from 6.0.0 to 6.0.1
• ab9f632 Build(deps): Bump zipp from 3.23.1 to 4.1.0
• a56fc77 Build(deps): Bump hypothesis from 6.152.6 to 6.152.8
• e8bae9b Build(deps): Bump requests from 2.34.0 to 2.34.2
• fc43340 Build(deps): Bump idna from 3.14 to 3.15
• 762eaf5 Build(deps): Bump jaraco-functools from 4.4.0 to 4.5.0
• b62e222 Build(deps): Bump click from 8.3.3 to 8.4.0
• 9190447 Build(deps): Bump pydantic from 2.13.3 to 2.13.4
• 82a393c ci: Remove unnecessary debug output.
• Additional commits viewable in compare view

Updates hypothesis from 6.152.6 to 6.155.1

Release notes

Sourced from hypothesis's releases.

Hypothesis for Python - version 6.152.9

This release substantially improves our internal distribution for generating integers. This release has the most visible effect on "integers()", but may incidentally improve other strategies which draw integers internally.

Our integers distribution had two problems. First, it had jagged discontinuities at certain values where we switched sampling approaches. Second, it used a different distribution for bounded and unbounded ranges, which resulted in "st.integers()" and "st.integers(-264, 264)" producing very different distributions despite being semantically similar.

We now use a smooth distribution for both "st.integers()" and "st.integers(a, b)", which fixes both of these issues. This should substantially improve our testing power in certain cases.

The only way this release should be user-visible is that it finds more bugs! If this release is user-visible in other ways - for example, because it is slower, or produces a worse distribution in some cases - please open an issue.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.152.8

This release drops support for end-of-life Django 4.2.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.152.7

This patch improves our type hints for ".filter()" to work with "typing.TypeGuard". For example:

from typing import TypeGuard

from hypothesis import strategies as st

def is_str(x: object) -> TypeGuard[str]: return isinstance(x, str)

s = st.from_type(object).filter(is_str)

previously: SearchStrategy[object]

now: SearchStrategy[str]

reveal_type(s)

The canonical version of these notes (with links) is on readthedocs.

Commits

• 4afeada Bump hypothesis version to 6.155.1 and update changelog
• 1dafffb Merge pull request #4755 from Zac-HD/claude/nice-bardeen-xS6yA
• 78b2a01 Address review feedback on the overrun-repair branch
• ba3a206 Merge pull request #4757 from Zac-HD/cleanups
• 4f72f64 deflake tests?
• 4411487 crosshair tests cleanup
• b19b02e Bump hypothesis version to 6.155.0 and update changelog
• 05a605b Merge pull request #4756 from Zac-HD/claude/hopeful-einstein-zhwDO
• 5690ba9 Bump hypothesis version to 6.154.2 and update changelog
• 7e91ba0 Merge pull request #4751 from Zac-HD/claude/amazing-brahmagupta-6XQsP
• Additional commits viewable in compare view

Updates types-setuptools from 82.0.0.20260508 to 82.0.0.20260518

Commits

• See full diff in compare view

Updates ruff from 0.15.12 to 0.15.15

Release notes

Sourced from ruff's releases.

0.15.15

Release Notes

Released on 2026-05-28.

Preview features

• Fix Markdown closing fence handling (#25310)
• [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

• [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

• Avoid redundant TokenValue drops in the lexer (#25300)
• Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
• Use ThinVec in AST to shrink Stmt (#25361)

Documentation

• Fix line-length example for --config option (#25389)
• [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
• [mccabe] Improve example (C901) (#25287)
• [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
• [refurb] Document FURB192 exception change for empty sequences (#25317)
• [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

• Fix formatting of lambdas nested within f-strings (#25398)

Server

• Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

• Expand semantic syntax errors for invalid walruses (#25415)

Contributors

• @​chirizxc
• @​ntBre
• @​adityasingh2400
• @​charliermarsh
• @​fallintoplace
• @​martin-schlossarek
• @​MichaReiser

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.15

Released on 2026-05-28.

Preview features

• Fix Markdown closing fence handling (#25310)
• [pyflakes] Report duplicate imports in typing.TYPE_CHECKING block (F811) (#22560)

Bug fixes

• [pyflakes] Treat function-scope bare annotations as locals per PEP 526 (F821) (#21540)

Performance

• Avoid redundant TokenValue drops in the lexer (#25300)
• Reduce memory usage by dropping token-excess capacity and improve performance by approximating the initial tokens Vec size (#25354)
• Use ThinVec in AST to shrink Stmt (#25361)

Documentation

• Fix line-length example for --config option (#25389)
• [flake8-comprehensions] Document RecursionError edge case in __len__ (C416) (#25286)
• [mccabe] Improve example (C901) (#25287)
• [pyupgrade] Clarify fix safety docs (UP007, UP045) (#25288)
• [refurb] Document FURB192 exception change for empty sequences (#25317)
• [ruff] Document false negative for user-defined types (RUF013) (#25289)

Formatter

• Fix formatting of lambdas nested within f-strings (#25398)

Server

• Return code action for codeAction/resolve requests that contain no or no valid URL (#25365)

Other changes

• Expand semantic syntax errors for invalid walruses (#25415)

Contributors

• @​chirizxc
• @​ntBre
• @​adityasingh2400
• @​charliermarsh
• @​fallintoplace
• @​martin-schlossarek
• @​MichaReiser
• @​Ruchir28

... (truncated)

Commits

• db5aa0a Bump 0.15.15 (#25431)
• 366fe21 [ty] Improve diagnostics for syntax errors in forward annotations (#25158)
• e2e1e64 [ty] Remove excess capacity from more Salsa cached collections (#25411)
• 1bd77e1 [ty] Use diagnostic message as tie breaker when sorting (#25424)
• 7e1bc1e Add agent skills for working on ty (#25422)
• 574e107 Expand semantic syntax errors for invalid walruses (#25415)
• 4a7ca06 [ty] Display docs for matching parameter when hovering over the name of an ar...
• 5432709 Refine a few agents instructions (#25423)
• 3cb09eb [ty] Support typing.TypeForm (#25334)
• c8cd59f [ty] Infer class attributes assigned by metaclass initialization (#25342)
• Additional commits viewable in compare view

Updates tox from 4.53.1 to 4.55.0

Release notes

Sourced from tox's releases.

v4.55.0

What's Changed

• 👷 ci(schemastore): sync fork before pushing branch by @​gaborbernat in tox-dev/tox#3942
• feat: Also pass TERMINFO when in an interactive shell by @​edgarrmondragon in tox-dev/tox#3946
• 🐛 fix(pip): skip constrain_package_deps when constraints is set by @​gaborbernat in tox-dev/tox#3948

Full Changelog: tox-dev/tox@4.54.0...4.55.0

v4.54.0

What's Changed

• 🧪 test(conftest): strip broken nspkg.pth files under py3.15 by @​gaborbernat in tox-dev/tox#3937
• ✨ feat(packaging): declare tox.pytest deps via a testing extra by @​gaborbernat in tox-dev/tox#3940
• 🐛 fix(schema): cover every replace form in the TOML schema by @​gaborbernat in tox-dev/tox#3941

Full Changelog: tox-dev/tox@4.53.1...4.54.0

Changelog

Sourced from tox's changelog.

Features - 4.55.0

• Automatically pass the TERMINFO environment variable to tox subprocesses if the output is a TTY. This variable is used by Ghostty to communicate terminal capabilities to programs. (:issue:3946)

Bug fixes - 4.55.0

• When the constraints configuration option is set, constrain_package_deps and use_frozen_constraints are now ignored. Previously, both the user-provided constraints file and the auto-generated constraints file were passed to pip during install_package_deps, which could cause resolver conflicts when the same package appeared in both files - by :user:gaborbernat. (:issue:3945) (:issue:3945)

---

v4.54.0 (2026-05-12)

---

Features - 4.54.0

• Declare the runtime dependencies of the tox.pytest plugin (pytest, devpi-process and pytest-mock) under a new testing extra, so plugin authors can pull them in via tox[testing] - by :user:gaborbernat. (:issue:3938, :issue:3940)

Bug fixes - 4.54.0

• Extend the generated TOML schema to cover every replace table form (env, ref, posargs, glob, if), including conditional replacements used inside commands. A guard test asserts the schema stays in sync with the loader implementation so future replace types cannot be added without a corresponding schema entry. (:issue:3939)

---

v4.53.1 (2026-05-02)

---

Commits

• 928b7f0 release 4.55.0
• a43427f 🐛 fix(pip): skip constrain_package_deps when constraints is set (#3948)
• 27b68b3 [pre-commit.ci] pre-commit autoupdate (#3947)
• 4e6627c feat: Also pass TERMINFO when in an interactive shell (#3946)
• 10c431c [pre-commit.ci] pre-commit autoupdate (#3943)
• c86e876 👷 ci(schemastore): sync fork before pushing branch (#3942)
• 1f1fcc7 release 4.54.0
• b35c8ee 🐛 fix(schema): cover every replace form in the TOML schema (#3941)
• 6eb5c4f ✨ feat(packaging): declare tox.pytest deps via a testing extra (#3940)
• 1ad47dd 🧪 test(conftest): strip broken nspkg.pth files under py3.15 (#3937)
• Additional commits viewable in compare view

Updates uv from 0.11.13 to 0.11.18

Release notes

Sourced from uv's releases.

0.11.18

Release Notes

Released on 2026-06-01.

Performance

• Fix performance regression in unzip of local wheels (#19637)

Preview

• Add uv check to run ty from uv (#19605)

Bug fixes

• Update activation scripts with upstream fixes (#19628)

Other changes

• Bump MSRV to 1.94 (#19600)

Install uv 0.11.18

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.18/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.18/uv-installer.ps1 | iex"

Download uv 0.11.18

File	Platform	Checksum
uv-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
uv-x86_64-apple-darwin.tar.gz	Intel macOS	checksum
uv-aarch64-pc-windows-msvc.zip	ARM64 Windows	checksum
uv-i686-pc-windows-msvc.zip	x86 Windows	checksum
uv-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
uv-aarch64-unknown-linux-gnu.tar.gz	ARM64 Linux	checksum
uv-i686-unknown-linux-gnu.tar.gz	x86 Linux	checksum
uv-powerpc64le-unknown-linux-gnu.tar.gz	PPC64LE Linux	checksum
uv-riscv64gc-unknown-linux-gnu.tar.gz	RISCV Linux	checksum
uv-s390x-unknown-linux-gnu.tar.gz	S390x Linux	checksum
uv-x86_64-unknown-linux-gnu.tar.gz	x64 Linux	checksum

... (truncated)

Changelog

Sourced from uv's changelog.

0.11.18

Released on 2026-06-01.

Performance

• Fix performance regression in unzip of local wheels (#19637)

Preview

• Add uv check to run ty from uv (#19605)

Bug fixes

• Update activation scripts with upstream fixes (#19628)

Other changes

• Bump MSRV to 1.94 (#19600)

0.11.17

Released on 2026-05-28.

Enhancements

• Add a diagnostic for uv add with standard library modules (#19572)
• Expose uv workspace and its list subcommand in help output (#19533)
• Improve the "403 forbidden" hint to suggest ignore-error-codes when applicable (#19521)
• Skip direct URL lock freshness checks while offline (#19596)
• Add import-names and import-namespaces support to uv-build (PEP 794) (#19380)
• Add a --no-editable-package flag to various commands (#19584)
• Infer Python version requests from source trees in uv tool invocations (#19577)

Preview features

• Add module owners to uv workspace metadata (#19122)
• Do not allow uv venv --clear to remove non-virtual environments (#19595)

Bug fixes

• Improve the performance of large entries in tool.uv.conflicts (#19538)
• Avoid modifying the parent process' env with --env-file in uv run (#19567)
• Fix script environment creation for scripts with long filenames (#19539)
• Fix transitive Git archive dependencies in lockfiles (#19589)
• Preserve Git repository URLs in direct URL metadata (#19590)
• Support redirects in --check-url (#19594)
• Accept case-insensitive HTML tags in --find-links parsing (#19537)
• Reject duplicate script metadata blocks (#19544)
• Ban names like "python3" as script entry points (#19535, #19536)

... (truncated)

Commits

• e326669 Bump version to 0.11.18 (#19639)
• 6bc4fe6 Use --no-config during the release process (#19640)
• 94e66c3 [check] you're not special, ty (#19609)
• 5ba95e0 Fix performance regression in unzip of local wheels (#19637)
• ebd9dee Don't use --update with apt in CI (#19633)
• e91ebe8 Update activation scripts with upstream fixes (#19628)
• e5a0e18 Use Rust 1.94.0 features (#19612)
• f69c1b2 Add uv check to run ty from uv (#19605)
• 40cfa8e Add test coverage for both WSL1 and WSL2 (#19608)
• 81dabd5 Update Rust toolchain to 1.96 and MSRV to 1.94 (#19600)
• Additional commits viewable in compare view

Updates click from 8.3.3 to 8.4.1

Release notes

Sourced from click's releases.

8.4.1

This is the Click 8.4.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.4.1/ Changes: https://click.palletsprojects.com/page/changes/#version-8-4-1 Milestone: https://github.com/pallets/click/milestone/32?closed=1

• get_parameter_source() is available during eager callbacks and type conversion again. #3458 #3484
• Zsh completion scripts parse correctly on Windows. #3277 # 3466
• Shell completion of Choice Enum values produces a valid completion result. #3015
• Fix empty byte-string handling in echo. #3487
• Fix closed file error with echo_via_pager. #3449

8.4.0

This is the Click 8.4.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.

We encourage everyone to upgrade. You can read more about our Version Support Policy on our website.

PyPI: https://pypi.org/project/click/8.4.0/ Changes: https://click.palletsprojects.com/page/changes/#version-8-4-0 Milestone https://github.com/pallets/click/milestone/30

• ParamType typing improvements. #3371

  • :class:ParamType is now a generic abstract base class, parameterized by its converted value type.
  • :meth:~ParamType.convert return types are narrowed on all concrete types (str for :class:STRING, int for :class:INT, etc.).
  • :meth:~ParamType.to_info_dict returns specific :class:~typing.TypedDict subclasses instead of dict[str, Any].
  • :class:CompositeParamType and the number-range base are now generic with abstract methods.

• Refactor convert_type to extract type inference into a private _guess_type helper, and add :func:typing.overload signatures. #3372

• Parameter typing improvements. #2805

  • :class:Parameter is now an abstract base class, making explicit that it cannot be instantiated directly.
  • :attr:Parameter.name is now str instead of str | None. When expose_value=False, the name is set to "" instead of None.
  • The ctx parameter of :meth:Parameter.get_error_hint is now typed as Context | None, matching the runtime behavior.

• Split string values from default_map for parameters with nargs > 1 or :class:Tuple type, matching environment variable behavior.

... (truncated)

Changelog

Sourced from click's changelog.

Version 8.4.1

Released 2026-05-21

• get_parameter_source() is available during eager callbacks and type conversion again. :issue:3458 :issue:3484
• Zsh completion scripts parse correctly on Windows. :issue:3277 :pr:3466
• Shell completion of Choice Enum values produces a valid completion result. :issue:3015
• Fix empty byte-string handling in echo. :issue:3487
• Fix closed file error with echo_via_pager. :issue:3449

Version 8.4.0

Released 2026-05-17

• :class:ParamType typing improvements. :pr:3371

  • :class:ParamType is now a generic abstract base class, parameterized by its converted value type.
  • :meth:~ParamType.convert return types are narrowed on all concrete types (str for :class:STRING, int for :class:INT, etc.).
  • :meth:~ParamType.to_info_dict returns specific :class:~typing.TypedDict subclasses instead of dict[str, Any].
  • :class:CompositeParamType and the number-range base are now generic with abstract methods.

• Refactor convert_type to extract type inference into a private _guess_type helper, and add :func:typing.overload signatures. :pr:3372

• :class:Parameter typing improvements. :pr:2805

  • :class:Parameter is now an abstract base class, making explicit that it cannot be instantiated directly.
  • :attr:Parameter.name is now str instead of str | None. When expose_value=False, the name is set to "" instead of None.
  • The ctx parameter of :meth:Parameter.get_error_hint is now typed as Context | None, matching the runtime behavior.

• Split string values from default_map for parameters with nargs > 1 or :class:Tuple type, matching environment variable behavior. :issue:2745 :pr:3364

• Auto-detect type=UNPROCESSED for flag_value of non-basic types (not str, int, float, or bool), so programmer-provided Python objects like classes and enum members are passed through unchanged instead of being stringified. Previously type=click.UNPROCESSED had to be set explicitly. :issue:2012 :pr:3363

... (truncated)

Commits

• 6eeb50e release version 8.4.1
• 67921d5 change log and doc fixes (#3495)
• 9c41f46 Fix changelog and version admonitions
• 6cb3477 fix skip condition
• 5ee8e31 fix I/O operation on closed file error with CliRunner and echo_via_pager (#3482)
• becbde5 pager doesn't close std streams
• a5f5aa6 Handle empty bytes in echo (#3493)
• 4d3db84 handle empty bytes in echo
• d42f15b Fix get_parameter_source() during type conversion and eager callbacks (#3484)
• 0baa8db Document ctx.params bypass with test and doc
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions