⬆️ 🤖 Dependencies: Update ruff requirement from ^0.7.0 to >=0.7,<0.10

[dependabot]

Updates the requirements on ruff to permit the latest version.

Release notes

Sourced from ruff's releases.

0.9.1

Release Notes

Preview features

• [pycodestyle] Run too-many-newlines-at-end-of-file on each cell in notebooks (W391) (#15308)
• [ruff] Omit diagnostic for shadowed private function parameters in used-dummy-variable (RUF052) (#15376)

Rule changes

• [flake8-bugbear] Improve assert-raises-exception message (B017) (#15389)

Formatter

• Preserve trailing end-of line comments for the last string literal in implicitly concatenated strings (#15378)

Server

• Fix a bug where the server and client notebooks were out of sync after reordering cells (#15398)

Bug fixes

• [flake8-pie] Correctly remove wrapping parentheses (PIE800) (#15394)
• [pyupgrade] Handle comments and multiline expressions correctly (UP037) (#15337)

Contributors

• @​AntoineD
• @​InSyncWithFoo
• @​MichaReiser
• @​calumy
• @​dcreager
• @​dhruvmanila
• @​dylwil3
• @​sharkdp
• @​tjkuson

Install ruff 0.9.1

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.9.1/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy ByPass -c "irm https://github.com/astral-sh/ruff/releases/download/0.9.1/ruff-installer.ps1 | iex"

... (truncated)

Changelog

Sourced from ruff's changelog.

0.9.1

Preview features

• [pycodestyle] Run too-many-newlines-at-end-of-file on each cell in notebooks (W391) (#15308)
• [ruff] Omit diagnostic for shadowed private function parameters in used-dummy-variable (RUF052) (#15376)

Rule changes

• [flake8-bugbear] Improve assert-raises-exception message (B017) (#15389)

Formatter

• Preserve trailing end-of line comments for the last string literal in implicitly concatenated strings (#15378)

Server

• Fix a bug where the server and client notebooks were out of sync after reordering cells (#15398)

Bug fixes

• [flake8-pie] Correctly remove wrapping parentheses (PIE800) (#15394)
• [pyupgrade] Handle comments and multiline expressions correctly (UP037) (#15337)

0.9.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

Ruff now formats your code according to the 2025 style guide. As a result, your code might now get formatted differently. See the formatter section for a detailed list of changes.

This release doesn’t remove or remap any existing stable rules.

Stabilization

The following rules have been stabilized and are no longer in preview:

• stdlib-module-shadowing (A005). This rule has also been renamed: previously, it was called builtin-module-shadowing.
• builtin-lambda-argument-shadowing (A006)
• slice-to-remove-prefix-or-suffix (FURB188)
• boolean-chained-comparison (PLR1716)
• decimal-from-float-literal (RUF032)
• post-init-default (RUF033)
• useless-if-else (RUF034)

The following behaviors have been stabilized:

• pytest-parametrize-names-wrong-type (PT006): Detect pytest.parametrize calls outside decorators and calls with keyword arguments.

... (truncated)

Commits

• 12f86f3 Ruff 0.9.1 (#15407)
• 2b28d56 Associate a trailing end-of-line comment in a parenthesized implicit concaten...
• adca7bd Remove pygments pin (#15404)
• 6b98a26 [red-knot] Support assert_type (#15194)
• c874638 [red-knot] Move tuple-containing-Never tests to Markdown (#15402)
• c364b58 [flake8-pie] Correctly remove wrapping parentheses (PIE800) (#15394)
• 73d424e Fix outdated doc for handling the default file types with the pre-commit hook...
• 6e9ff44 Insert the cells from the start position (#15398)
• f2c3ddc [red-knot] Move intersection type tests to Markdown (#15396)
• b861551 Remove unnecessary backticks (#15393)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by Sourcery

Build:

• Update the ruff dependency constraint to >=0.7,<0.10.

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request updates the ruff dependency to allow versions greater than or equal to 0.7.0 and less than 0.10.0. This change allows the project to use the latest features and bug fixes from ruff.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change	Details	Files
Update ruff dependency	Updated the ruff version specifier from "^0.7.0" to ">=0.7,<0.10"	pyproject.toml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time. You can also use
  this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

We have skipped reviewing this pull request. Here's why:

• It seems to have been created by a bot (hey, dependabot[bot]!). We assume it knows what it's doing!
• We don't review packaging changes - Let us know if you'd like us to change this.

[llamapreview]

Auto Pull Request Review from LlamaPReview

1. Overview

1.1 Core Changes

• Primary purpose and scope: This PR updates the ruff dependency to allow versions greater than or equal to 0.7.0 and less than 0.10.0. This change enables the project to leverage the latest features and bug fixes from ruff.
• Key components modified: The pyproject.toml file is modified to update the ruff dependency version.
• Cross-component impacts: This change primarily impacts the linting and code quality checks performed by ruff. It may affect the build and CI/CD pipelines if there are breaking changes or new features introduced in the updated versions.
• Business value alignment: Ensuring the use of the latest linting tools helps maintain code quality and adherence to best practices, which aligns with the business goal of having robust and maintainable code.

1.2 Technical Architecture

• System design modifications: None.
• Component interaction changes: None.
• Integration points impact: None.
• Dependency changes and implications: The ruff dependency is updated to a broader version range (>=0.7,<0.10). This change allows for more frequent updates and access to the latest features and bug fixes. However, it also introduces the risk of encountering breaking changes or new issues in future versions within the specified range.

2. Deep Technical Analysis

2.1 Code Logic Analysis

pyproject.toml - tool.poetry.group.dev.dependencies

• Submitted PR Code:

  -ruff = "^0.7.0"
  +ruff = ">=0.7,<0.10"

• Analysis:
  • Current logic and potential issues: The current change updates the ruff dependency to a broader version range. This allows for more flexibility in updating ruff but also introduces the risk of encountering breaking changes or new issues in future versions within the specified range.
  • Edge cases and error handling: There are no specific edge cases or error handling considerations in this change. However, it is essential to monitor the behavior of ruff after updates to ensure it does not introduce new issues.
  • Cross-component impact: This change primarily impacts the linting and code quality checks performed by ruff. It may affect the build and CI/CD pipelines if there are breaking changes or new features introduced in the updated versions.
  • Business logic considerations: Ensuring the use of the latest linting tools helps maintain code quality and adherence to best practices, which aligns with the business goal of having robust and maintainable code.
• LlamaPReview Suggested Improvements: None.
• Improvement rationale: None.

2.2 Implementation Quality

• Code Structure:

  • Organization and modularity: The change is well-organized and isolated to the dependency management section of the pyproject.toml file.
  • Design pattern adherence: N/A.
  • Reusability aspects: N/A.
  • Maintainability factors: The change improves maintainability by allowing for more frequent updates to ruff, ensuring access to the latest features and bug fixes.

• Error Handling:

  • Exception scenarios coverage: N/A.
  • Recovery mechanisms: N/A.
  • Logging and monitoring: It is crucial to monitor the behavior of ruff after updates to ensure it does not introduce new issues.
  • User experience impact: Updating ruff may introduce new linting rules or change the behavior of existing ones, which could impact the user experience during development.

• Performance Considerations:

  • Resource utilization: N/A.
  • Scalability aspects: N/A.
  • Bottleneck analysis: N/A.
  • Optimization opportunities: N/A.

3. Risk Assessment

3.1 Critical Issues

🔴 P0 (Must Fix):

• Issue: Potential breaking changes in future ruff versions within the specified range.
• Impact:
  • Technical implications: New versions of ruff may introduce breaking changes or new issues that could affect the build and CI/CD pipelines.
  • Business consequences: Issues introduced by ruff updates could impact development productivity and code quality.
  • User experience effects: Developers may encounter new linting rules or changes in the behavior of existing ones, which could impact their workflow.
• Resolution:
  • Specific code changes: Consider pinning the ruff version to a specific minor version (e.g., >=0.7,<0.8) to minimize the risk of encountering breaking changes.
  • Configuration updates: Monitor the release notes and changelogs of ruff for any breaking changes or new issues.
  • Testing requirements: Ensure that the CI/CD pipeline includes tests to catch any issues introduced by ruff updates.

3.2 Important Improvements

🟡 P1 (Should Fix):

• Issue: Lack of monitoring for ruff updates.
• Current Impact:
  • Performance implications: N/A.
  • Maintenance overhead: Without monitoring, it may be challenging to identify and address issues introduced by ruff updates promptly.
  • Future scalability: Ensuring that ruff updates do not introduce issues is crucial for maintaining code quality and development productivity.
• Suggested Solution:
  • Implementation approach: Set up monitoring and alerting for ruff updates to catch any issues introduced by new versions promptly.
  • Migration strategy: Include monitoring as part of the CI/CD pipeline to automatically detect and alert on any issues introduced by ruff updates.
  • Testing considerations: Ensure that the monitoring and alerting system is tested as part of the CI/CD pipeline.

3.3 Minor Suggestions

🟢 P2 (Consider):

• Area: Documentation of the ruff dependency update.
• Improvement Opportunity:
  • Code quality enhancement: Document the rationale behind the ruff dependency update and the potential risks and benefits.
  • Best practice alignment: Ensure that the documentation follows best practices for dependency management.
  • Documentation updates: Update the project's documentation to reflect the change in the ruff dependency and provide guidance on monitoring and addressing issues introduced by updates.

4. Requirements Analysis

4.1 Functional Coverage

• Requirements mapping:
  • Implemented features: The PR updates the ruff dependency to a broader version range, allowing for more frequent updates and access to the latest features and bug fixes.
  • Missing elements: None.
  • Edge cases handling: None.
• Business Logic:
  • Use case coverage: The change ensures that the project can leverage the latest linting tools to maintain code quality and adherence to best practices.
  • Business rule implementation: N/A.
  • Data flow correctness: N/A.

4.2 Non-functional Aspects

• Performance metrics: N/A.
• Security considerations: Ensure that the updated versions of ruff do not introduce any security vulnerabilities.
• Scalability factors: N/A.
• Maintainability aspects: The change improves maintainability by allowing for more frequent updates to ruff, ensuring access to the latest features and bug fixes.

5. Testing Strategy

• Test Coverage:
  • Unit test requirements: Ensure that the CI/CD pipeline includes tests to catch any issues introduced by ruff updates.
  • Integration test scenarios: Test the integration of ruff with the build and CI/CD pipelines to ensure that updates do not introduce any issues.
  • Edge case validation: Validate that the updated versions of ruff do not introduce any new issues or breaking changes.
• Quality Metrics:
  • Current coverage: The PR includes CI/CD results that indicate the overall state is success, with some tests skipped or failed.
  • Critical paths: Ensure that the CI/CD pipeline includes tests to catch any issues introduced by ruff updates.
  • Performance benchmarks: N/A.

6. Final Assessment

6.1 Key Action Items

1. Critical Changes (P0):

   • Consider pinning the ruff version to a specific minor version (e.g., >=0.7,<0.8) to minimize the risk of encountering breaking changes.
   • Monitor the release notes and changelogs of ruff for any breaking changes or new issues.
   • Ensure that the CI/CD pipeline includes tests to catch any issues introduced by ruff updates.

2. Important Improvements (P1):

   • Set up monitoring and alerting for ruff updates to catch any issues introduced by new versions promptly.
   • Include monitoring as part of the CI/CD pipeline to automatically detect and alert on any issues introduced by ruff updates.
   • Ensure that the monitoring and alerting system is tested as part of the CI/CD pipeline.

3. Suggested Enhancements (P2):

   • Document the rationale behind the ruff dependency update and the potential risks and benefits.
   • Update the project's documentation to reflect the change in the ruff dependency and provide guidance on monitoring and addressing issues introduced by updates.

6.2 Overall Evaluation

• Technical assessment: The PR updates the ruff dependency to a broader version range, allowing for more frequent updates and access to the latest features and bug fixes. However, it also introduces the risk of encountering breaking changes or new issues in future versions within the specified range.
• Business impact: Ensuring the use of the latest linting tools helps maintain code quality and adherence to best practices, which aligns with the business goal of having robust and maintainable code.
• Risk evaluation: There is a risk of encountering breaking changes or new issues in future versions of ruff within the specified range. It is crucial to monitor the behavior of ruff after updates to ensure it does not introduce new issues.
• Implementation quality: The change is well-organized and isolated to the dependency management section of the pyproject.toml file. The change improves maintainability by allowing for more frequent updates to ruff, ensuring access to the latest features and bug fixes.

---

💡 LlamaPReview Community
Have feedback on this AI Code review tool? Join our GitHub Discussions to share your thoughts and help shape the future of LlamaPReview.