Skip to content

Bump the all group with 4 updates#279

Merged
thomas-chauchefoin-tob merged 1 commit into
masterfrom
dependabot/uv/all-642ecba190
May 28, 2026
Merged

Bump the all group with 4 updates#279
thomas-chauchefoin-tob merged 1 commit into
masterfrom
dependabot/uv/all-642ecba190

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 28, 2026

Bumps the all group with 4 updates: ruff, ty, huggingface-hub and requests.

Updates ruff from 0.15.12 to 0.15.13

Release notes

Sourced from ruff's releases.

0.15.13

Release Notes

Released on 2026-05-14.

Preview features

  • Add a rule to flag lazy imports that are eagerly evaluated (#25016)
  • [pylint] Standardize diagnostic message (PLR0914, PLR0917) (#24996)

Bug fixes

  • Fix F811 false positive for class methods (#24933)
  • Fix setting selection for multi-folder workspace (#24819)
  • [eradicate] Fix false positive for lines with leading whitespace (ERA001) (#25122)
  • [flake8-pyi] Fix false positive for f-string debug specifier (PYI016) (#24098)

Rule changes

  • Always include panic payload in panic diagnostic message (#24873)
  • Restrict PYI034 for in-place operations to enclosing class (#24511)
  • Improve error message for parameters that are declared global (#24902)
  • Update known stdlib (#25103)

Performance

  • [isort] Avoid constructing glob::Patterns for literal known modules (#25123)

CLI

  • Add TOML examples to --config help text (#25013)
  • Colorize ruff check 'All checks passed' (#25085)

Configuration

  • Increase max allowed value of line-length setting (#24962)

Documentation

  • Add D203 to rules that conflict with the formatter (#25044)
  • Clarify COM819 and formatter interaction (#25045)
  • Clarify that NotImplemented is a value, not an exception (F901) (#25054)
  • Update number of lint rules supported (#24942)

Other changes

  • Simplify the playground's markdown template (#24924)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.13

Released on 2026-05-14.

Preview features

  • Add a rule to flag lazy imports that are eagerly evaluated (#25016)
  • [pylint] Standardize diagnostic message (PLR0914, PLR0917) (#24996)

Bug fixes

  • Fix F811 false positive for class methods (#24933)
  • Fix setting selection for multi-folder workspace (#24819)
  • [eradicate] Fix false positive for lines with leading whitespace (ERA001) (#25122)
  • [flake8-pyi] Fix false positive for f-string debug specifier (PYI016) (#24098)

Rule changes

  • Always include panic payload in panic diagnostic message (#24873)
  • Restrict PYI034 for in-place operations to enclosing class (#24511)
  • Improve error message for parameters that are declared global (#24902)
  • Update known stdlib (#25103)

Performance

  • [isort] Avoid constructing glob::Patterns for literal known modules (#25123)

CLI

  • Add TOML examples to --config help text (#25013)
  • Colorize ruff check 'All checks passed' (#25085)

Configuration

  • Increase max allowed value of line-length setting (#24962)

Documentation

  • Add D203 to rules that conflict with the formatter (#25044)
  • Clarify COM819 and formatter interaction (#25045)
  • Clarify that NotImplemented is a value, not an exception (F901) (#25054)
  • Update number of lint rules supported (#24942)

Other changes

  • Simplify the playground's markdown template (#24924)

Contributors

... (truncated)

Commits
  • 2afb467 Bump 0.15.13 (#25157)
  • 3008796 [ty] classify TypeVar semantic tokens as type parameters (#24891)
  • 79470e3 [isort] Avoid constructing glob::Patterns for literal known modules (#25123)
  • 2522549 Remove shellcheck from prek (#25154)
  • 7db7170 [ty] Support TypedDict key completions in incomplete, anonymous contexts (#25...
  • bb3dd53 [ty] Run full iteration analysis on narrowed typevars (#25143)
  • 828cdb7 [ty] Isolate file-watching test environment (#25151)
  • 89e1d86 [ty] Preserve TypedDict keys through dict unpacking (#24523)
  • 86f3064 [ty] Avoid accessing args[0] for static_assert (#25149)
  • ed819f9 [ty] Treat custom enum __new__ values as dynamic (#25136)
  • Additional commits viewable in compare view

Updates ty from 0.0.35 to 0.0.38

Release notes

Sourced from ty's releases.

0.0.38

Release Notes

Released on 2026-05-19.

Bug fixes

  • Fix panic in enum literal during cycle recovery (#25237)
  • Fix panic from lazy NewType base expansion during cycle recovery (#25234)
  • Fix class-body global lookup before class binding (#25224)
  • Handle aliased dict fallbacks in TypedDict unions (#25241)
  • Ignore _generate_next_value_ with custom construction hooks (#25210)

LSP server

  • Fix find references for except handlers (#25231)
  • Preserve delimiters when folding expressions (#24999)
  • Use incremental file walk on .gitignore changes (#25183)

Core type checking

  • Add first-class support for enum complements (#24961)
  • Allow known non-field writes on frozen dataclass subclasses (#25087)
  • Ignore generic specialization in layout compatibility checks (#25178)
  • Preserve short-circuit bindings in all condition consumers (#25160)
  • Support class decorators (#25091)
  • Support custom _generate_next_value_ methods in enums (#25196)

Contributors

Install ty 0.0.38

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ty/releases/download/0.0.38/ty-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ty/releases/download/0.0.38/ty-installer.ps1 | iex"

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.38

Released on 2026-05-19.

Bug fixes

  • Fix panic in enum literal during cycle recovery (#25237)
  • Fix panic from lazy NewType base expansion during cycle recovery (#25234)
  • Fix class-body global lookup before class binding (#25224)
  • Handle aliased dict fallbacks in TypedDict unions (#25241)
  • Ignore _generate_next_value_ with custom construction hooks (#25210)

LSP server

  • Fix find references for except handlers (#25231)
  • Preserve delimiters when folding expressions (#24999)
  • Use incremental file walk on .gitignore changes (#25183)

Core type checking

  • Add first-class support for enum complements (#24961)
  • Allow known non-field writes on frozen dataclass subclasses (#25087)
  • Ignore generic specialization in layout compatibility checks (#25178)
  • Preserve short-circuit bindings in all condition consumers (#25160)
  • Support class decorators (#25091)
  • Support custom _generate_next_value_ methods in enums (#25196)

Contributors

0.0.37

Released on 2026-05-16.

Bug fixes

  • Avoid unsound not in narrowing (#25161)
  • Fix async iteration over narrowed typevars (#25155)
  • Fix panic in double-inference for single starred positional TypedDict (#25176)
  • Fix panic in disjoint base check (#25187)
  • Fix panic in recursive binary inference (#25189)
  • Fix panic in cyclic __new__ (#25185)
  • Fix panic in reveal_protocol, reveal_mro, etc. with keyword arguments (#25179)
  • Fix panic in imported overload definition (#25168)

... (truncated)

Commits

Updates huggingface-hub from 1.14.0 to 1.16.0

Release notes

Sourced from huggingface-hub's releases.

[v1.16.0] Together goes multimodal on Inference Providers, CLI improvements, and token security

⚡ Together goes multimodal on Inference Providers

Together now supports five additional task types beyond chat and text-to-image on Inference Providers:

  • feature_extraction
  • text_to_speech
  • automatic_speech_recognition EDIT: hot-fix v1.16.1 removed this task (see huggingface/huggingface_hub#4248) to fix a dependency issue. We will add it back in a future release.
  • image_to_image
  • text_to_video
from huggingface_hub import InferenceClient
client = InferenceClient(provider="together")
Embeddings
embeddings = client.feature_extraction("Hello world", model="intfloat/multilingual-e5-large-instruct")
Text-to-speech
audio = client.text_to_speech("Hello world", model="hexgrad/Kokoro-82M", extra_body={'voice': 'af_heart'})
Text-to-video
video = client.text_to_video("A cat on the moon", model="Wan-AI/Wan2.2-T2V-A14B")

  • [Inference] Add embeddings, TTS, ASR, image-to-image and video tasks for Together by @​nbroad1881 in #4164

📚 Documentation: Inference guide

🔗 Centralized hf:// URI parsing

All scattered ad-hoc hf:// URI parsers throughout the codebase have been consolidated onto the new parse_hf_uri/parse_hf_mount helpers. This brings consistent parsing behavior, a new is_hf_uri public helper for validating URIs, and proper handling of @ in filenames (now treated as literal). The CLI error handler now catches HfUriError and displays a clean message instead of a raw traceback.

🚨 Breaking Changes

This migration includes several breaking changes: BucketUrl.handle has been renamed to BucketUrl.uri (type changed from str to HfUri, use .to_uri() for the string form), Volume.to_hf_handle() has been renamed to Volume.to_uri(), single-segment repo IDs (e.g. gpt2) are no longer supported in HfFileSystem paths or CLI -v flags — you must use the namespace/name format instead.

  • [Core] Migrate hf:// URI parsing to centralized parse_hf_uri by @​Wauplin in #4189

📚 Documentation: CLI guide | Buckets guide

🖥️ CLI

Global --no-truncate flag for CLI tables

A new --no-truncate global formatting flag disables the ... shortening of scalar values in human-mode tables, letting you see full IDs, names, and other long text at a glance. List- and dict-valued columns (e.g. tags) remain shortened in human mode since they can be arbitrarily long; use --format json for those. When any cell is truncated, human tables now print a one-line hint at the bottom pointing you to the right flag.

# Show full scalar values in table output
hf models ls --no-truncate
</tr></table>

... (truncated)

Commits
  • c68a383 Release: v1.16.0
  • fa7fc45 Release: v1.16.0.rc0
  • 06d6990 [Jobs] Add ephemeral_storage field to JobHardware (#4233)
  • 2618a54 [CLI] Surface job runtime fields in ps + inspect (#4211)
  • 356b712 [CI] make test_model_info_with_security for robust (#4246)
  • 609e64a [CLI] Raise error when both --local-dir and --cache-dir are provided (#4245)
  • b4fd28d [Download] Fix snapshot bar inflation on http_get retry (#4209)
  • a117e68 [CLI] Expose linked repos in PaperInfo (#4240)
  • 22f75cd [Internal] Silence ty invalid-type-form on WebhooksServer annotations (#4242)
  • 25d27f5 [Inference] Add embeddings, TTS, ASR, image-to-image and video tasks for Toge...
  • Additional commits viewable in compare view

Updates requests from 2.34.1 to 2.34.2

Release notes

Sourced from requests's releases.

v2.34.2

2.34.2 (2026-05-14)

  • Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14

Changelog

Sourced from requests's changelog.

2.34.2 (2026-05-14)

  • Moved headers input type back to Mapping to avoid invariance issues with MutableMapping and inferred dict types. Users calling Request.headers.update() may need to narrow typing in their code. (#7441)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the all group with 4 updates
97798b4 
Bumps the all group with 4 updates: [ruff](https://github.com/astral-sh/ruff), [ty](https://github.com/astral-sh/ty), [huggingface-hub](https://github.com/huggingface/huggingface_hub) and [requests](https://github.com/psf/requests).


Updates `ruff` from 0.15.12 to 0.15.13
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.12...0.15.13)

Updates `ty` from 0.0.35 to 0.0.38
- [Release notes](https://github.com/astral-sh/ty/releases)
- [Changelog](https://github.com/astral-sh/ty/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ty@0.0.35...0.0.38)

Updates `huggingface-hub` from 1.14.0 to 1.16.0
- [Release notes](https://github.com/huggingface/huggingface_hub/releases)
- [Commits](huggingface/huggingface_hub@v1.14.0...v1.16.0)

Updates `requests` from 2.34.1 to 2.34.2
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.34.1...v2.34.2)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.15.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: ty
  dependency-version: 0.0.38
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: huggingface-hub
  dependency-version: 1.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: requests
  dependency-version: 2.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 28, 2026
@dependabot dependabot Bot requested a review from ESultanik as a code owner May 28, 2026 12:48
@dependabot dependabot Bot added the python:uv Pull requests that update python:uv code label May 28, 2026
@thomas-chauchefoin-tob thomas-chauchefoin-tob merged commit 38068f4 into master May 28, 2026
9 checks passed
@thomas-chauchefoin-tob thomas-chauchefoin-tob deleted the dependabot/uv/all-642ecba190 branch May 28, 2026 14:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ESultanik ESultanik Awaiting requested review from ESultanik ESultanik is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@thomas-chauchefoin-tob