chore(deps): update all non-major dependencies

[renovate-coveooss]

DEF-160

This PR contains the following updates:

Package	Type	Update	Change
pylint (changelog)	dev-dependencies	minor	3.1.0 -> 3.2.2
pytest (changelog)	dev-dependencies	patch	8.2.0 -> 8.2.1

---

Release Notes

pylint-dev/pylint (pylint)

v3.2.2

Compare Source

What's new in Pylint 3.2.2?

Release date: 2024-05-20

False Positives Fixed

• Fix multiple false positives for generic class syntax added in Python 3.12 (PEP 695).

  Closes #​9406

• Exclude context manager without cleanup from
  contextmanager-generator-missing-cleanup checks.

  Closes #​9625

v3.2.1

Compare Source

What's new in Pylint 3.2.1?

Release date: 2024-05-18

False Positives Fixed

• Exclude if/else branches containing terminating functions (e.g. sys.exit())
  from possibly-used-before-assignment checks.

  Closes #​9627

• Don't emit typevar-name-incorrect-variance warnings for PEP 695 style TypeVars.
  The variance is inferred automatically by the type checker.
  Adding _co or _contra suffix can help to reason about TypeVar.

  Refs #​9638

• Fix a false positive for possibly-used-before-assignment when using
  typing.assert_never() (3.11+) to indicate exhaustiveness.

  Closes #​9643

Other Bug Fixes

• Fix a false negative for --ignore-patterns when the directory to be linted is specified using a dot(.) and all files are ignored instead of only the files whose name begin with a dot.

  Closes #​9273

• Restore "errors / warnings by module" section to report output (with -ry).

  Closes #​9145

• trailing-comma-tuple should now be correctly emitted when it was disabled globally
  but enabled via local message control, after removal of an over-optimisation.

  Refs #​9608

• Add --prefer-stubs=yes option to opt-in to the astroid 3.2 feature
  that prefers .pyi stubs over same-named .py files. This has the
  potential to reduce no-member errors but at the cost of more errors
  such as not-an-iterable from function bodies appearing as ....

  Defaults to no.

  Closes #​9626
  Closes #​9623

Internal Changes

• Update astroid version to 3.2.1. This solves some reports of RecursionError
  and also makes the prefer .pyi stubs feature in astroid 3.2.0 opt-in
  with the aforementioned --prefer-stubs=y option.

  Refs #​9139

v3.2.0

Compare Source

What's new in Pylint 3.2.0?

Release date: 2024-05-14

Of note: a github reporter, two new checks (possibly-used-before-assignment and contextmanager-generator-missing-cleanup), performance improvements, and an astroid upgrade providing support for @overload and .pyi stubs.

New Features

• Understand six.PY2 and six.PY3 for conditional imports.

  Closes #​3501

• A new github reporter has been added. This reporter returns the output of pylint in a format that
  Github can use to automatically annotate code. Use it with pylint --output-format=github on your Github Workflows.

  Closes #​9443.

New Checks

• Add check possibly-used-before-assignment when relying on names after an if/else
  switch when one branch failed to define the name, raise, or return.

  Closes #​1727

• Checks for generators that use contextmanagers that don't handle cleanup properly.
  Is meant to raise visibilty on the case that a generator is not fully exhausted and the contextmanager is not cleaned up properly.
  A contextmanager must yield a non-constant value and not handle cleanup for GeneratorExit.
  The using generator must attempt to use the yielded context value with x() as y and not just with x().

  Closes #​2832

False Negatives Fixed

• If and Try nodes are now checked for useless return statements as well.

  Closes #​9449.

• Fix false negative for property-with-parameters in the case of parameters which are positional-only, keyword-only, variadic positional or variadic keyword.

  Closes #​9584

False Positives Fixed

• pylint now understands the @overload decorator return values better.

  Closes #​4696
  Refs #​9606

Performance Improvements

• Ignored modules are now not checked at all, instead of being checked and then
  ignored. This should speed up the analysis of large codebases which have
  ignored modules.

  Closes #​9442

• ImportChecker's logic has been modified to avoid context files when possible. This makes it possible
  to cache module searches on astroid and reduce execution times.

  Refs #​9310.

• An internal check for trailing-comma-tuple being enabled for a file or not is now
  done once per file instead of once for each token.

  Refs #​9608.

v3.1.1

Compare Source

What's new in Pylint 3.1.1?

Release date: 2024-05-13

False Positives Fixed

• Treat attrs.define and attrs.frozen as dataclass decorators in
  too-few-public-methods check.

  Closes #​9345

• Fix a false positive with singledispatchmethod-function when a method is decorated with both functools.singledispatchmethod and staticmethod.

  Closes #​9531

• Fix a false positive for consider-using-dict-items when iterating using keys() and then deleting an item using the key as a lookup.

  Closes #​9554

pytest-dev/pytest (pytest)

v8.2.1

Compare Source

pytest 8.2.1 (2024-05-19)

Improvements

• #​12334: Support for Python 3.13 (beta1 at the time of writing).

Bug Fixes

• #​12120: Fix [PermissionError]{.title-ref} crashes arising from directories which are not selected on the command-line.
• #​12191: Keyboard interrupts and system exits are now properly handled during the test collection.
• #​12300: Fixed handling of 'Function not implemented' error under squashfuse_ll, which is a different way to say that the mountpoint is read-only.
• #​12308: Fix a regression in pytest 8.2.0 where the permissions of automatically-created .pytest_cache directories became rwx------ instead of the expected rwxr-xr-x.

Trivial/Internal Changes

• #​12333: pytest releases are now attested using the recent Artifact Attestation support from GitHub, allowing users to verify the provenance of pytest's sdist and wheel artifacts.

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" in timezone America/Toronto, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ❌ 2 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ✅ 0 package(s) with unknown licenses.

See the Details below.

License Issues

poetry.lock

Package	Version	License	Issue Type
astroid	3.2.2	LGPL-2.1	Incompatible License
pylint	3.2.2	GPL-2.0	Incompatible License

Allowed Licenses: 0BSD, Apache-2.0, Apache-2.0 AND MIT, Apache-2.0 AND BSD-3-Clause AND Python-2.0, Beerware, BlueOak-1.0.0, BSD-1-Clause, BSD-2-Clause, BSD-2-Clause-Patent, BSD-2-Clause-Views, BSD-2-Clause AND MIT, BSD-3-Clause, BSD-3-Clause-Attribution, BSD-3-Clause-Clear, BSL-1.0, CC-BY-3.0, CC-BY-4.0, CC0-1.0, CNRI-Python, curl, HPND, IBM-pibs, ImageMagick, ISC, JSON, MIT, MIT-0, MIT AND ISC, MIT AND Python-2.0, MIT-advertising, mpi-permissive, NCSA, ODC-By-1.0, PDDL-1.0, Plexus, PostgreSQL, PSF-2.0, Python-2.0, Python-2.0.1, SAX-PD, Unlicense, UPL-1.0, W3C, Wsuipa, WTFPL, X11, X11-distribute-modifications-variant, Xerox, Zlib, ZPL-2.1

OpenSSF Scorecard

Package	Version	Score	Details
pip/astroid	3.2.2	🟢 7.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 9 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/pylint	3.2.2	🟢 7.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 License 🟢 10 license file detected CII-Best-Practices 🟢 5 badge detected: Passing Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/pytest	8.2.1	🟢 6.4	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/astroid	3.1.0	🟢 7.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 9 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/pylint	3.1.0	🟢 7.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 License 🟢 10 license file detected CII-Best-Practices 🟢 5 badge detected: Passing Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/pytest	8.2.0	🟢 6.4	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0

Scanned Manifest Files

poetry.lock

• astroid@3.2.2
• pylint@3.2.2
• pytest@8.2.1
• astroid@3.1.0
• pylint@3.1.0
• pytest@8.2.0

pyproject.toml

• pylint@3.2.2
• pytest@8.2.1
• pylint@3.1.0
• pytest@8.2.0