chore(deps): update all dependencies

[renovate]

Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more here.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update	Pending
ansible-creator (changelog)	25.8.0 -> 25.9.0			project.dependencies	minor
ansible-navigator (changelog)	25.8.0 -> 25.9.0			project.dependencies	minor
astral-sh/ruff-pre-commit	v0.13.0 -> v0.13.1			repository	patch
black (changelog)	25.1.0 -> 25.9.0			dependency-groups	minor
coverage	7.10.5 -> 7.10.6			dependency-groups	patch
django (changelog)	>4.1,<5.2 -> >5.2,<6			project.optional-dependencies	minor
django-stubs (changelog)	5.2.2 -> 5.2.5			dependency-groups	patch
mypy (changelog)	1.17.1 -> 1.18.2			dependency-groups	minor
pre-commit/mirrors-mypy	v1.17.1 -> v1.18.1			repository	minor	v1.18.2
	All locks refreshed				lockFileMaintenance
ansible-lint (changelog)	25.8.2 -> 25.9.0			project.dependencies	minor
molecule (changelog)	25.7.0 -> 25.9.0			project.dependencies	minor
pydoclint	0.6.10 -> 0.7.3			dependency-groups	minor
pytest (changelog)	8.4.1 -> 8.4.2			dependency-groups	patch
ruff (source, changelog)	0.12.11 -> 0.13.1			dependency-groups	minor
toml-sort	0.24.2 -> 0.24.3			dependency-groups	patch
tox (changelog)	4.28.4 -> 4.30.2			dependency-groups	minor
types-pyyaml (changelog)	6.0.12.20250822 -> 6.0.12.20250915			dependency-groups	patch
types-requests (changelog)	2.32.4.20250809 -> 2.32.4.20250913			dependency-groups	patch

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

---

Release Notes

ansible/ansible-creator (ansible-creator)

v25.9.0

Compare Source

Fixes

• Revert patterns 'add' command (#​468) @​alisonlhart
• Fix action and module plugin scaffolding (#​462) @​shatakshiiii
• fix: remove tox.ini and adopt pep-735 (#​460) @​ssbarnea

Maintenance

• chore(deps): update all dependencies (#​467) @​renovate[bot]
• chore(deps): update all dependencies (#​465) @​renovate[bot]
• chore: replace dependabot with renovate (#​464) @​ssbarnea
• Add test for validate pattern name (#​434) @​shatakshiiii
• Bump actions/setup-python from 5 to 6 (#​461) @​dependabot[bot]
• chore: use mise on readthedocs pipeline (#​459) @​ssbarnea
• Bump the dependencies group across 1 directory with 25 updates (#​456) @​dependabot[bot]

ansible/ansible-navigator (ansible-navigator)

v25.9.0

Compare Source

Fixes

• fix: ruff, mypy and pylint violations (#​2040) @​ssbarnea
• fix: replace dependabot with renovate (#​2035) @​ssbarnea

Maintenance

• chore(deps): update all dependencies (#​2041) @​renovate[bot]
• chore(deps): update all dependencies (#​2039) @​renovate[bot]
• chore(deps): update all dependencies (#​2036) @​renovate[bot]
• Bump the dependencies group across 1 directory with 30 updates (#​2029) @​dependabot[bot]
• Configure Renovate (#​2028) @​renovate[bot]
• Bump codecov/codecov-action from 5.5.0 to 5.5.1 (#​2030) @​dependabot[bot]
• Bump actions/setup-python from 5 to 6 (#​2031) @​dependabot[bot]
• [pre-commit.ci] pre-commit autoupdate (#​2032) @​pre-commit-ci[bot]
• Bump codecov/codecov-action from 5.4.3 to 5.5.0 (#​2024) @​dependabot[bot]
• [pre-commit.ci] pre-commit autoupdate (#​2027) @​pre-commit-ci[bot]
• [pre-commit.ci] pre-commit autoupdate (#​2023) @​pre-commit-ci[bot]

astral-sh/ruff-pre-commit (astral-sh/ruff-pre-commit)

v0.13.1

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.13.1

psf/black (black)

v25.9.0

Compare Source

Highlights

• Remove support for pre-python 3.7 await/async as soft keywords/variable names
  (#​4676)

Stable style

• Fix crash while formatting a long del statement containing tuples (#​4628)
• Fix crash while formatting expressions using the walrus operator in complex with
  statements (#​4630)
• Handle # fmt: skip followed by a comment at the end of file (#​4635)
• Fix crash when a tuple appears in the as clause of a with statement (#​4634)
• Fix crash when tuple is used as a context manager inside a with statement (#​4646)
• Fix crash when formatting a \ followed by a \r followed by a comment (#​4663)
• Fix crash on a \\r\n (#​4673)
• Fix crash on await ... (where ... is a literal Ellipsis) (#​4676)
• Fix crash on parenthesized expression inside a type parameter bound (#​4684)
• Fix crash when using line ranges excluding indented single line decorated items
  (#​4670)

Preview style

• Fix a bug where one-liner functions/conditionals marked with # fmt: skip would still
  be formatted (#​4552)
• Improve multiline_string_handling with ternaries and dictionaries (#​4657)
• Fix a bug where string_processing would not split f-strings directly after
  expressions (#​4680)
• Wrap the in clause of comprehensions across lines if necessary (#​4699)
• Remove parentheses around multiple exception types in except and except* without
  as. (#​4720)
• Add \r style newlines to the potential newlines to normalize file newlines both from
  and to (#​4710)

Parser

• Rewrite tokenizer to improve performance and compliance (#​4536)
• Fix bug where certain unusual expressions (e.g., lambdas) were not accepted in type
  parameter bounds and defaults. (#​4602)

Performance

• Avoid using an extra process when running with only one worker (#​4734)

Integrations

• Fix the version check in the vim file to reject Python 3.8 (#​4567)
• Enhance GitHub Action psf/black to read Black version from an additional section in
  pyproject.toml: [project.dependency-groups] (#​4606)
• Build gallery docker image with python3-slim and reduce image size (#​4686)

Documentation

• Add FAQ entry for windows emoji not displaying (#​4714)

nedbat/coveragepy (coverage)

v7.10.6

Compare Source

• Fix: source directories were not properly communicated to subprocesses
  that ran in different directories, as reported in issue 1499_. This is now
  fixed.

• Performance: Alex Gaynor continues fine-tuning <pull 2038_>_ the speed of
  combination, especially with many contexts.

.. _issue 1499: #​1499
.. _pull 2038: #​2038

.. _changes_7-10-5:

django/django (django)

v5.2.6

Compare Source

v5.2.5

Compare Source

v5.2.4

Compare Source

v5.2.3

Compare Source

v5.2.2

Compare Source

v5.2.1

Compare Source

v5.2

Compare Source

v5.1.12

Compare Source

typeddjango/django-stubs (django-stubs)

v5.2.5

Compare Source

What's Changed

• Fix regression that some places do not accept _StrPromise returned by reverse_lazy by @​sobolevn in #​2814
• Fix regression of .order_by to accept any Combinable by @​sobolevn in #​2816

Full Changelog: typeddjango/django-stubs@5.2.4...5.2.5

v5.2.4

Compare Source

What's Changed

• Fix TestClient.get regression by @​sobolevn in #​2812

Full Changelog: typeddjango/django-stubs@5.2.3...5.2.4

v5.2.3

Compare Source

What's Changed

• Refine Model._meta.get_field("field_name") type inference by @​UnknownPlatypus in #​2748
• Adds check for too many positional arguments in __init__ calls by @​UnknownPlatypus in #​2749
• Improve settings.TEMPLATE types by @​UnknownPlatypus in #​2741
• Change partition input to any iterable by @​bewing in #​2752
• content_type_extra contains bytes, not str by @​alexmv in #​2754
• Allow passing None to migrations.AlterOrderWithRespectTo by @​niklasmohrin in #​2759
• Annotate return type of reverse_lazy() by @​pgcd in #​2766
• Change FormMixin.success_url to _StrOrPromise by @​pgcd in #​2769
• More lazy urls by @​ngnpope in #​2770
• Allow all error types to BaseForm.add_error() in documentation by @​CarrotManMatt in #​2774
• Remove OrderedDict usage, this is the default since py 3.6 by @​UnknownPlatypus in #​2780
• Simpler get_current_module util by @​UnknownPlatypus in #​2781
• Initial support for to_attr inferrence in Prefetch calls by @​UnknownPlatypus in #​2779
• Reuse get_class_init_argument_by_name in resolve_many_to_many_arguments by @​UnknownPlatypus in #​2782
• Simplify parsing of bool call arguments by @​UnknownPlatypus in #​2783
• Improve Model inference from custom QuerySet/Manager by @​UnknownPlatypus in #​2784
• Declare Prefetch as generic and do specialization in the plugin by @​UnknownPlatypus in #​2786
• Update Meta.permissions type by @​UnknownPlatypus in #​2787
• Support star arg in prefetch_related calls by @​UnknownPlatypus in #​2789
• Auto inherit from TypedModelMeta by @​UnknownPlatypus in #​2788
• Improve .select_related stubs by @​UnknownPlatypus in #​2792
• Handle .prefetch_related(..., to_attr="foo") conflict with .annotate(foo=...) by @​UnknownPlatypus in #​2791
• Detect invalid to_attr target (alredy defined fields) by @​UnknownPlatypus in #​2794
• Improve type for order_by / defer / only / distinct / order_by / explain / dates / datetimes by @​UnknownPlatypus in #​2795
• Improve prefetch_related types with an overload by @​UnknownPlatypus in #​2793
• Detect more incompatible to_attr targets by @​UnknownPlatypus in #​2797
• Update django to 5.2.6 by @​sobolevn in #​2805
• Add lookup validation in prefetch related by @​UnknownPlatypus in #​2804
• Update mypy configuration by @​ngnpope in #​2799
• Validate select_related lookups by @​UnknownPlatypus in #​2806
• Bump mypy to 1.18.1 by @​sobolevn in #​2810

New Contributors

• @​bewing made their first contribution in #​2752
• @​niklasmohrin made their first contribution in #​2759
• @​pgcd made their first contribution in #​2766
• @​CarrotManMatt made their first contribution in #​2774
• @​CodingWithSaksham made their first contribution in #​2802

Full Changelog: typeddjango/django-stubs@5.2.2...5.2.3

python/mypy (mypy)

v1.18.2

Compare Source

• Fix crash on recursive alias (Ivan Levkivskyi, PR 19845)
• Add additional guidance for stubtest errors when runtime is object.__init__ (Stephen Morton, PR 19733)
• Fix handling of None values in f-string expressions in mypyc (BobTheBuidler, PR 19846)

v1.18.1

Compare Source

pre-commit/mirrors-mypy (pre-commit/mirrors-mypy)

v1.18.1

Compare Source

ansible/ansible-lint (ansible-lint)

v25.9.0

Compare Source

Fixes

• Remove patterns validation checks (#​4772) @​alisonlhart
• Reapply "fix: adopt uv.lock and dependency-groups (#​4757)" (#​4761) @​Qalthos
• Revert "fix: adopt uv.lock and dependency-groups (#​4757)" (#​4760) @​Qalthos
• fix: adopt uv.lock and dependency-groups (#​4757) @​ssbarnea
• fix: avoid warnings about PATH with uv installations (#​4714) @​SecT0uch
• fix: clarify error message related to --fix arguments (#​4720) @​simonLeary42
• fix: change patterns schema location (#​4755) @​ssbarnea
• fix: recognize Debian 14 (Forky) as a platform (#​4726) @​mcdonnnj
• Prevent false positive pattern detection in filenames containing "pattern.json" (#​4743) @​shatakshiiii
• Require ansible-core 2.19 when used as a pre-commit hook (#​4744) @​ssbarnea
• Exclude non-linted files in summary (#​4725) @​simonLeary42
• Fix rule summary for error messages (#​4740) @​simonLeary42

Maintenance

• chore(deps): update all dependencies (#​4773) @​renovate[bot]
• chore(deps): update all dependencies (#​4771) @​renovate[bot]
• chore(deps): update all dependencies (#​4770) @​renovate[bot]
• chore(deps): update all dependencies (#​4769) @​renovate[bot]
• chore(deps): update all dependencies (#​4768) @​renovate[bot]
• chore(deps): update all dependencies (#​4766) @​renovate[bot]
• chore: replace prettier with biome (#​4765) @​ssbarnea
• chore: fix renovate config (#​4764) @​ssbarnea
• chore: configure renovate (#​4753) @​ssbarnea
• chore: update hook configs (#​4752) @​ssbarnea
• chore: pre-commit autoupdate (#​4708) @​pre-commit-ci[bot]
• Bump codecov/codecov-action from 5.4.3 to 5.5.0 (#​4738) @​dependabot[bot]
• Bump actions/checkout from 4 to 5 (#​4718) @​dependabot[bot]
• Bump actions/download-artifact from 4 to 5 (#​4711) @​dependabot[bot]
• Jinja test fixes (#​4742) @​anusshukla

ansible-community/molecule (molecule)

v25.9.0

Compare Source

Enhancements

• Add documentation links to molecule login error message (#​4536) @​cidrblock
• Set Click standalone_mode=False by default (#​4537) @​cidrblock
• Replace ImmediateExit with sysexit_with_message for direct exits (#​4534) @​cidrblock
• Add sysexit_from_exception, restore sysexit_with_message (#​4538) @​Qalthos
• Debug the galaxy.yml missing (#​4533) @​cidrblock
• Add environment variable support for report and command-borders (#​4530) @​cidrblock
• Debug missing galaxy.yml file not warning (#​4531) @​cidrblock
• Remove non-functional html report (#​4528) @​cidrblock
• Bump the dependencies group in /.config with 14 updates (#​4527) @​dependabot[bot]
• Refactor configuration docs (#​4529) @​cidrblock
• README and index updates (#​4526) @​cidrblock
• Add kubevirt driver support to molecule.json (#​4492) @​gokberkgunduzz
• Note other examples as pre ansible-native (#​4525) @​cidrblock
• Convert Podman example to ansible-native configuration (#​4524) @​cidrblock
• Update native inventory example (#​4523) @​cidrblock
• Remove indent (#​4522) @​cidrblock
• Improve playbook doc (#​4521) @​cidrblock
• Add missing doc from PR 4519 (#​4520) @​cidrblock
• Add testing philosophy documentation (#​4504) @​cidrblock
• Add comprehensive getting started guides for collections and playbooks (#​4519) @​cidrblock
• Add comprehensive ansible-native documentation and workflow reference (#​4518) @​cidrblock
• Remove experimental shared inventory support (#​4516) @​cidrblock
• Add shared_state configuration documentation (#​4517) @​cidrblock
• Add shared_state configuration option with CLI override support (#​4514) @​cidrblock
• Fix KeyError command_borders in login and reset commands (#​4515) @​cidrblock
• Introduce centralized ansible configuration section and simplify init command (#​4509) @​cidrblock
• Bump actions/checkout from 4 to 5 (#​4511) @​dependabot[bot]
• Enable ansible_args for user-provided create/destroy playbooks (#​4505) @​cidrblock
• Add always-on one-line execution summary with improved formatting (#​4506) @​cidrblock
• Add --all flag support to molecule reset command (#​4503) @​cidrblock
• Improve messaging terminology: replace 'Completed' with 'Executed' (#​4507) @​cidrblock
• Add collection-aware scenario discovery and creation (#​4499) @​cidrblock
• refactor: introduce ImmediateExit exception for clean error handling (#​4501) @​cidrblock
• Reverted: Add MOLECULE_SHARED_INVENTORY_DIR environment variable and playbook variable (#​4500) @​cidrblock
• Add experimental --command-borders flag for visual command output separation (#​4496) @​cidrblock
• Add Ansible-style Scenario Recap to Report Output (#​4494) @​cidrblock
• Remove extra line whem an action has no completions (#​4493) @​cidrblock
• Implement Action Completion Reporting System (#​4490) @​cidrblock

Fixes

• Improve default templates for converge and verify (#​4476) @​dragetd
• Update getting-started-playbooks.md (#​4546) @​sdunne

Maintenance

• Bump the dependencies group across 1 directory with 24 updates (#​4549) @​dependabot[bot]
• chore: configure renovate (#​4552) @​ssbarnea
• chore: pre-commit autoupdate (#​4548) @​pre-commit-ci[bot]
• Replace to_bool calls with boolean function (#​4542) @​cidrblock
• Collapse utils module into single util.py file (#​4541) @​cidrblock
• Replace util.print_as_yaml with ansi_output.print_matrix (#​4540) @​cidrblock
• Refactor print_environment_vars to use logging instead of console (#​4539) @​cidrblock
• Bump the dependencies group across 1 directory with 20 updates (#​4508) @​dependabot[bot]
• chore: pre-commit autoupdate (#​4498) @​pre-commit-ci[bot]
• Add StrEnum compatibility layer for Python 3.10 (#​4491) @​cidrblock

jsh9/pydoclint (pydoclint)

v0.7.3

Compare Source

• Fixed
  • Fixed comment handling in type hints to properly ignore inline comments
    when comparing type annotations between function signatures and docstrings
• Full diff
  • jsh9/pydoclint@0.7.2...0.7.3

v0.7.2

Compare Source

• Fixed
  • Fixed comment handling in type hints to properly ignore inline comments
    when comparing type annotations between function signatures and docstrings
• Full diff
  • jsh9/pydoclint@0.7.2...0.7.3

v0.7.1

Compare Source

• Fixed
  • A bug where false positive arg names are reported in the violation message
• Added
  • Support for checking class attribute default values (numpy and Google
    styles only)
• Full diff
  • jsh9/pydoclint@0.7.1...0.7.2

v0.7.0

Compare Source

• Added
  • Support for --check-arg-default for Google style
• Full diff
  • jsh9/pydoclint@0.7.0...0.7.1

v0.6.11

Compare Source

• Added
  • A new config option --check-arg-default (default: False) to check
    consistency of argument defaults (between docstring and function signature)
• Changed
  • Replace Prettier with: yamlfix,
    mdformat, and
    pretty-format-json
• Full diff
  • jsh9/pydoclint@0.6.11...0.7.0

pytest-dev/pytest (pytest)

v8.4.2

Compare Source

astral-sh/ruff (ruff)

v0.13.1

Compare Source

Released on 2025-09-18.

Preview features

• [flake8-simplify] Detect unnecessary None default for additional key expression types (SIM910) (#​20343)
• [flake8-use-pathlib] Add fix for PTH123 (#​20169)
• [flake8-use-pathlib] Fix PTH101, PTH104, PTH105, PTH121 fixes (#​20143)
• [flake8-use-pathlib] Make PTH111 fix unsafe because it can change behavior (#​20215)
• [pycodestyle] Fix E301 to only trigger for functions immediately within a class (#​19768)
• [refurb] Mark single-item-membership-test fix as always unsafe (FURB171) (#​20279)

Bug fixes

• Handle t-strings for token-based rules and suppression comments (#​20357)
• [flake8-bandit] Fix truthiness: dict-only ** displays not truthy for shell (S602, S604, S609) (#​20177)
• [flake8-simplify] Fix diagnostic to show correct method name for str.rsplit calls (SIM905) (#​20459)
• [flynt] Use triple quotes for joined raw strings with newlines (FLY002) (#​20197)
• [pyupgrade] Fix false positive when class name is shadowed by local variable (UP008) (#​20427)
• [pyupgrade] Prevent infinite loop with I002 and UP026 (#​20327)
• [ruff] Recognize t-strings, generators, and lambdas in invalid-index-type (RUF016) (#​20213)

Rule changes

• [RUF102] Respect rule redirects in invalid rule code detection (#​20245)
• [flake8-bugbear] Mark the fix for unreliable-callable-check as always unsafe (B004) (#​20318)
• [ruff] Allow dataclass attribute value instantiation from nested frozen dataclass (RUF009) (#​20352)

CLI

• Add fixes to output-format=sarif (#​20300)
• Treat panics as fatal diagnostics, sort panics last (#​20258)

Documentation

• [ruff] Add analyze.string-imports-min-dots to settings (#​20375)
• Update README.md with Albumentations new repository URL (#​20415)

Other changes

• Bump MSRV to Rust 1.88 (#​20470)
• Enable inline noqa for multiline strings in playground (#​20442)

Contributors

• @​chirizxc
• @​danparizher
• @​IDrokin117
• @​amyreese
• @​AlexWaygood
• @​dylwil3
• @​njhearp
• @​woodruffw
• @​dcreager
• @​TaKO8Ki
• @​BurntSushi
• @​salahelfarissi
• @​MichaReiser

v0.13.0

Compare Source

Check out the blog post for a migration
guide and overview of the changes!

Breaking changes

• Several rules can now add from __future__ import annotations automatically

  TC001, TC002, TC003, RUF013, and UP037 now add from __future__ import annotations as part of their fixes when the
  lint.future-annotations setting is enabled. This allows the rules to move
  more imports into TYPE_CHECKING blocks (TC001, TC002, and TC003),
  use PEP 604 union syntax on Python versions before 3.10 (RUF013), and
  unquote more annotations (UP037).

• Full module paths are now used to verify first-party modules

  Ruff now checks that the full path to a module exists on disk before
  categorizing it as a first-party import. This change makes first-party
  import detection more accurate, helping to avoid false positives on local
  directories with the same name as a third-party dependency, for example. See
  the FAQ
  section on import categorization for more details.

• Deprecated rules must now be selected by exact rule code

  Ruff will no longer activate deprecated rules selected by their group name
  or prefix. As noted below, the two remaining deprecated rules were also
  removed in this release, so this won't affect any current rules, but it will
  still affect any deprecations in the future.

• The deprecated macOS configuration directory fallback has been removed

  Ruff will no longer look for a user-level configuration file at
  ~/Library/Application Support/ruff/ruff.toml on macOS. This feature was
  deprecated in v0.5 in favor of using the XDG
  specification
  (usually resolving to ~/.config/ruff/ruff.toml), like on Linux. The
  fallback and accompanying deprecation warning have now been removed.

Removed Rules

The following rules have been removed:

• pandas-df-variable-name (PD901)
• non-pep604-isinstance (UP038)

Stabilization

The following rules have been stabilized and are no longer in preview:

• airflow-dag-no-schedule-argument
  (AIR002)
• airflow3-removal (AIR301)
• airflow3-moved-to-provider
  (AIR302)
• airflow3-suggested-update
  (AIR311)
• airflow3-suggested-to-move-to-provider
  (AIR312)
• long-sleep-not-forever (ASYNC116)
• f-string-number-format (FURB116)
• os-symlink (PTH211)
• generic-not-last-base-class
  (PYI059)
• redundant-none-literal (PYI061)
• pytest-raises-ambiguous-pattern
  (RUF043)
• unused-unpacked-variable
  (RUF059)
• useless-class-metaclass-type
  (UP050)

The following behaviors have been stabilized:

• assert-raises-exception (B017)
  now checks for direct calls to unittest.TestCase.assert_raises and pytest.raises instead of
  only the context manager forms.
• missing-trailing-comma (COM812)
  and prohibited-trailing-comma
  (COM819) now check for trailing commas in PEP 695 type parameter lists.
• raw-string-in-exception (EM101)
  now also checks for byte strings in exception messages.
• [invalid-mock-access](https://docs.astral.sh/ruff/rules/invalid-m