[pip][dev] (deps-dev): Bump the dev-dependencies group across 1 directory with 6 updates

[dependabot]

Bumps the dev-dependencies group with 6 updates in the / directory:

Package	From	To
junit-xml	1.8	1.9
mutmut	3.2.2	3.2.3
pyright	1.1.391	1.1.392.post0
pytest-github-actions-annotate-failures	0.2.0	0.3.0
ruff	0.8.6	0.9.2
virtualenv	20.28.1	20.29.1

Updates junit-xml from 1.8 to 1.9

Commits

• See full diff in compare view

Updates mutmut from 3.2.2 to 3.2.3

Changelog

Sourced from mutmut's changelog.

3.2.3

* Crash with error message on invalid imports for `src` module


Autodetect simpler project configurations with test_*.py in the dir directly


Handle filenames (as opposed to dirnames) in paths_to_mutate


Also copy setup.cfg and pyproject.toml by default


Handle single line paths_to_mutate

Commits

• 20d0a62 Release
• 548c0ed Remove testing of EOL python versions
• ec387be Crash with error message on invalid imports for src module
• c388a99 Autodetect simpler project configurations with test_*.py in the dir directly
• c8fd9f9 Handle filenames (as opposed to dirnames) in paths_to_mutate
• 1e809bf Merge pull request #357 from WillGibson/patch-1
• 772c413 Correct position of comma CONTRIBUTING.rst
• ca3e690 Merge pull request #356 from WillGibson/test-multiple-python-versions
• 98b5f5c Merge pull request #355 from WillGibson/initial-contributing-documentation
• 292b9c5 Temporarily lock to GitHub Actions unit test runner to ubuntu-22.04
• Additional commits viewable in compare view

Updates pyright from 1.1.391 to 1.1.392.post0

Commits

• 33dece9 chore: release v1.1.392.post0 (#331)
• f15e56f feat: bundle pyright inside wheel (#300)
• f5c7731 [pyright updated to 1.1.392] Update Version (#329)
• 08b251c CI: lower ubunutu version + bump macos + node 18 (#330)
• See full diff in compare view

Updates pytest-github-actions-annotate-failures from 0.2.0 to 0.3.0

Release notes

Sourced from pytest-github-actions-annotate-failures's releases.

Version 0.3.0

• Test on Python 3.13 #89
• Support pytest 7.4+ #97 (thanks to @​edgarrmondragon)
• Require Python 3.8+ #87 (thanks to @​edgarrmondragon)
• Require pytest 6+ #86 (thanks to @​edgarrmondragon)
• Speed up CI and testing #93
• Use Ruff formatter #96
• Use dependency-groups for tests #99
• Add GitHub Attestations #100

Full Changelog: pytest-dev/pytest-github-actions-annotate-failures@v0.2.0...v0.3.0

Changelog

Sourced from pytest-github-actions-annotate-failures's changelog.

0.3.0 (2025-01-17)

• Test on Python 3.13 #89
• Support pytest 7.4+ #97 (thanks to @​edgarrmondragon)
• Require Python 3.8+ #87 (thanks to @​edgarrmondragon)
• Require pytest 6+ #86 (thanks to @​edgarrmondragon)
• Speed up CI and testing #93
• Use Ruff formatter #96
• Use dependency-groups for tests #99
• Add GitHub Attestations #100

Commits

• f07eea3 ci: id-token, not token (#104)
• 739d5d4 ci: token permissions (#103)
• dfe556c ci: missing needs in deploy (#102)
• f5a1662 chore: release 0.3 (#101)
• 5da3a46 chore: prepare for 0.3 (#98)
• c3c29e9 ci: add github attestations (#100)
• 5f93cf9 chore: use dependency-groups (#99)
• b18bbb5 ci: add 3.13 (#89)
• fd623c1 fix: support Pytest 7.4+ (#97)
• e4336fb Bump Ruff and use formatter (#96)
• Additional commits viewable in compare view

Updates ruff from 0.8.6 to 0.9.2

Release notes

Sourced from ruff's releases.

0.9.2

Release Notes

Preview features

• [airflow] Fix typo "security_managr" to "security_manager" (AIR303) (#15463)
• [airflow] extend and fix AIR302 rules (#15525)
• [fastapi] Handle parameters with Depends correctly (FAST003) (#15364)
• [flake8-pytest-style] Implement pytest.warns diagnostics (PT029, PT030, PT031) (#15444)
• [flake8-pytest-style] Test function parameters with default arguments (PT028) (#15449)
• [flake8-type-checking] Avoid false positives for | in TC008 (#15201)

Rule changes

• [flake8-todos] Allow VSCode GitHub PR extension style links in missing-todo-link (TD003) (#15519)
• [pyflakes] Show syntax error message for F722 (#15523)

Formatter

• Fix curly bracket spacing around f-string expressions containing curly braces (#15471)
• Fix joining of f-strings with different quotes when using quote style Preserve (#15524)

Server

• Avoid indexing the same workspace multiple times (#15495)
• Display context for ruff.configuration errors (#15452)

Configuration

• Remove flatten to improve deserialization error messages (#15414)

Bug fixes

• Parse triple-quoted string annotations as if parenthesized (#15387)
• [fastapi] Update Annotated fixes (FAST002) (#15462)
• [flake8-bandit] Check for builtins instead of builtin (S102, PTH123) (#15443)
• [flake8-pathlib] Fix --select for os-path-dirname (PTH120) (#15446)
• [ruff] Fix false positive on global keyword (RUF052) (#15235)

Contributors

• @​AlexWaygood
• @​BurntSushi
• @​Daverball
• @​Garrett-R
• @​Glyphack
• @​InSyncWithFoo
• @​Lee-W
• @​MichaReiser
• @​cake-monotone

... (truncated)

Changelog

Sourced from ruff's changelog.

0.9.2

Preview features

• [airflow] Fix typo "security_managr" to "security_manager" (AIR303) (#15463)
• [airflow] extend and fix AIR302 rules (#15525)
• [fastapi] Handle parameters with Depends correctly (FAST003) (#15364)
• [flake8-pytest-style] Implement pytest.warns diagnostics (PT029, PT030, PT031) (#15444)
• [flake8-pytest-style] Test function parameters with default arguments (PT028) (#15449)
• [flake8-type-checking] Avoid false positives for | in TC008 (#15201)

Rule changes

• [flake8-todos] Allow VSCode GitHub PR extension style links in missing-todo-link (TD003) (#15519)
• [pyflakes] Show syntax error message for F722 (#15523)

Formatter

• Fix curly bracket spacing around f-string expressions containing curly braces (#15471)
• Fix joining of f-strings with different quotes when using quote style Preserve (#15524)

Server

• Avoid indexing the same workspace multiple times (#15495)
• Display context for ruff.configuration errors (#15452)

Configuration

• Remove flatten to improve deserialization error messages (#15414)

Bug fixes

• Parse triple-quoted string annotations as if parenthesized (#15387)
• [fastapi] Update Annotated fixes (FAST002) (#15462)
• [flake8-bandit] Check for builtins instead of builtin (S102, PTH123) (#15443)
• [flake8-pathlib] Fix --select for os-path-dirname (PTH120) (#15446)
• [ruff] Fix false positive on global keyword (RUF052) (#15235)

0.9.1

Preview features

• [pycodestyle] Run too-many-newlines-at-end-of-file on each cell in notebooks (W391) (#15308)
• [ruff] Omit diagnostic for shadowed private function parameters in used-dummy-variable (RUF052) (#15376)

Rule changes

• [flake8-bugbear] Improve assert-raises-exception message (B017) (#15389)

Formatter

... (truncated)

Commits

• 0a39348 Include build binaries
• 027f800 Comment out non-npm-publish jobs
• 425870d Upload npm publish logs when failed
• c20255a Bump version to 0.9.2 (#15529)
• 4203658 Fix joining of f-strings with different quotes when using quote style `Preser...
• fc9dd63 [airflow] extend and fix AIR302 rules (#15525)
• 79e52c7 [pyflakes] Show syntax error message for F722 (#15523)
• cf4ab7c Parse triple quoted string annotations as if parenthesized (#15387)
• d2656e8 [flake8-todos] Allow VSCode GitHub PR extension style links in `missing-tod...
• c53ee60 Typeshed-sync workflow: add appropriate labels, link directly to failing run ...
• Additional commits viewable in compare view

Updates virtualenv from 20.28.1 to 20.29.1

Release notes

Sourced from virtualenv's releases.

20.29.1

What's Changed

• release 20.29.0 by @​gaborbernat in pypa/virtualenv#2824
• Simplify Solution to --python command-line flag precedence by @​DK96-OS in pypa/virtualenv#2826
• Change PyInfo cache versioning mechanism by @​robsdedude in pypa/virtualenv#2827

New Contributors

• @​DK96-OS made their first contribution in pypa/virtualenv#2826

Full Changelog: pypa/virtualenv@20.29.0...20.29.1

20.29.0

What's Changed

• release 20.28.1 by @​gaborbernat in pypa/virtualenv#2818
• Makes --python command-line flag take precedence over env var by @​filiplajszczak in pypa/virtualenv#2821
• Add free-threaded Python support by @​robsdedude in pypa/virtualenv#2809
• Upgrade embeded setuptools by @​gaborbernat in pypa/virtualenv#2823

New Contributors

• @​filiplajszczak made their first contribution in pypa/virtualenv#2821
• @​robsdedude made their first contribution in pypa/virtualenv#2809

Full Changelog: pypa/virtualenv@20.28.1...20.29.0

Changelog

Sourced from virtualenv's changelog.

v20.29.1 (2025-01-17)

Bugfixes - 20.29.1

- Fix PyInfo cache incompatbility warnings - by :user:`robsdedude`. (:issue:`2827`)
v20.29.0 (2025-01-15)
Features - 20.29.0

• Add support for selecting free-threaded Python interpreters, e.g., python3.13t. (:issue:2809)

Bugfixes - 20.29.0

- Upgrade embedded wheels:

setuptools to 75.8.0 from 75.6.0 (:issue:2823)

Commits

• e07c0c3 release 20.29.1
• 61bee9f Add changelog for PyInfo fix
• fd0dc85 Change PyInfo cache versioning mechanism (#2827)
• 56ef466 Merge pull request #2826 from DK96-OS/cli-precedence-2285
• caf03a2 Merge pull request #2824 from pypa/release-20.29.0
• 0f6dc41 release 20.29.0
• ea5e5cb Upgrade embeded setuptools (#2823)
• b00d59c Add free-threaded Python support (#2809)
• bc7a91a Merge pull request #2821 from filiplajszczak/cli-precedence-2285
• 11995e7 Merge pull request #2819 from pypa/pre-commit-ci-update-config
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions