chore(deps): update all non-major dependencies

[renovate-coveooss]

DEF-160

This PR contains the following updates:

Package	Type	Update	Change
pylint (changelog)	dev-dependencies	minor	3.2.7 -> 3.3.0
vulture	dev-dependencies	minor	2.11 -> 2.12

---

Release Notes

pylint-dev/pylint (pylint)

v3.3.0

Compare Source

Release date: 2024-09-20

Changes requiring user actions

• We migrated symilar to argparse, from getopt, so the error and help output changed
  (for the better). We exit with 2 instead of sometime 1, sometime 2. The error output
  is not captured by the runner anymore. It's not possible to use a value for the
  boolean options anymore (--ignore-comments 1 should become --ignore-comments).

  Refs #​9731

New Features

• Add new declare-non-slot error which reports when a class has a __slots__ member and a type hint on the class is not present in __slots__.

  Refs #​9499

New Checks

• Added too-many-positional-arguments to allow distinguishing the configuration for too many
  total arguments (with keyword-only params specified after *) from the configuration
  for too many positional-or-keyword or positional-only arguments.

  As part of evaluating whether this check makes sense for your project, ensure you
  adjust the value of --max-positional-arguments.

  Closes #​9099

• Add using-exception-group-in-unsupported-version and
  using-generic-type-syntax-in-unsupported-version for uses of Python 3.11+ or
  3.12+ features on lower supported versions provided with --py-version.

  Closes #​9791

• Add using-assignment-expression-in-unsupported-version for uses of := (walrus operator)
  on Python versions below 3.8 provided with --py-version.

  Closes #​9820

• Add using-positional-only-args-in-unsupported-version for uses of positional-only args on
  Python versions below 3.8 provided with --py-version.

  Closes #​9823

• Add unnecessary-default-type-args to the typing extension to detect the use
  of unnecessary default type args for typing.Generator and typing.AsyncGenerator.

  Refs #​9938

False Negatives Fixed

• Fix computation of never-returning function: Never is handled in addition to NoReturn, and priority is given to the explicit --never-returning-functions option.

  Closes #​7565.

• Fix a false negative for await-outside-async when await is inside Lambda.

  Refs #​9653

• Fix a false negative for duplicate-argument-name by including positional-only, *args and **kwargs arguments in the check.

  Closes #​9669

• Fix false negative for multiple-statements when multiple statements are present on else and finally lines of try.

  Refs #​9759

• Fix false negatives when isinstance does not have exactly two arguments.
  pylint now emits a too-many-function-args or no-value-for-parameter
  appropriately for isinstance calls.

  Closes #​9847

Other Bug Fixes

• --enable with --disable=all now produces an error, when an unknown msg code is used. Internal pylint messages are no longer affected by --disable=all.

  Closes #​9403

• Impossible to compile regexes for paths in the configuration or argument given to pylint won't crash anymore but
  raise an argparse error and display the error message from re.compile instead.

  Closes #​9680

• Fix a bug where a tox.ini file with pylint configuration was ignored and it exists in the current directory.

  .cfg and .ini files containing a Pylint configuration may now use a section named [pylint]. This enhancement impacts the scenario where these file types are used as defaults when they are present and have not been explicitly referred to, using the --rcfile option.

  Closes #​9727

• Improve file discovery for directories that are not python packages.

  Closes #​9764

Other Changes

• Remove support for launching pylint with Python 3.8.
  Code that supports Python 3.8 can still be linted with the --py-version=3.8 setting.

  Refs #​9774

• Add support for Python 3.13.

  Refs #​9852

Internal Changes

• All variables, classes, functions and file names containing the word 'similar', when it was,
  in fact, referring to 'symilar' (the standalone program for the duplicate-code check) were renamed
  to 'symilar'.

  Closes #​9734

• Remove old-style classes (Python 2) code and remove check for new-style class since everything is new-style in Python 3. Updated doc for exception checker to remove reference to new style class.

  Refs #​9925

jendrikseipp/vulture (vulture)

v2.12

Compare Source

• Use ruff for linting and formatting (Anh Trinh, #​347, #​349).
• Replace tox by pre-commit for linting and formatting (Anh Trinh, #​349).
• Add --config flag to specify path to pyproject.toml configuration file (Glen Robertson, #​352).

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" in timezone America/Toronto, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ❌ 2 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ✅ 0 package(s) with unknown licenses.

See the Details below.

License Issues

poetry.lock

Package	Version	License	Issue Type
pylint	3.3.0	GPL-2.0-only AND GPL-2.0-or-later	Incompatible License
astroid	3.3.3	LGPL-2.1	Incompatible License

Allowed Licenses: 0BSD, Apache-2.0, Apache-2.0 AND MIT, Apache-2.0 AND BSD-3-Clause AND Python-2.0, Beerware, BlueOak-1.0.0, BSD-1-Clause, BSD-2-Clause, BSD-1-Clause AND BSD-2-Clause, BSD-2-Clause-Patent, BSD-2-Clause-Views, BSD-2-Clause AND MIT, BSD-3-Clause, BSD-3-Clause-Attribution, BSD-3-Clause-Clear, BSL-1.0, CC-BY-3.0, CC-BY-4.0, CC0-1.0, CNRI-Python, curl, HPND, IBM-pibs, ImageMagick, ISC, JSON, MIT, MIT-0, MIT AND ISC, MIT AND Python-2.0, MIT-advertising, mpi-permissive, NCSA, ODC-By-1.0, PDDL-1.0, Plexus, PostgreSQL, PSF-2.0, Python-2.0, Python-2.0.1, SAX-PD, Unlicense, UPL-1.0, W3C, Wsuipa, WTFPL, X11, X11-distribute-modifications-variant, Xerox, Zlib, ZPL-2.1

OpenSSF Scorecard

Package	Version	Score	Details
pip/astroid	3.3.3	🟢 7.7	Details Check Score Reason Code-Review 🟢 9 Found 22/23 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 9 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits
pip/pylint	3.3.0	🟢 7.2	Details Check Score Reason Code-Review 🟢 9 Found 19/20 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10 License 🟢 10 license file detected CII-Best-Practices 🟢 5 badge detected: Passing Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 9 security policy file detected Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits
pip/vulture	2.12	🟢 4.3	Details Check Score Reason Code-Review 🟢 3 Found 9/30 approved changesets -- score normalized to 3 Maintained 🟢 6 3 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 6 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/astroid	3.2.4	🟢 7.7	Details Check Score Reason Code-Review 🟢 9 Found 22/23 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 9 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits
pip/pylint	3.2.7	🟢 7.2	Details Check Score Reason Code-Review 🟢 9 Found 19/20 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10 License 🟢 10 license file detected CII-Best-Practices 🟢 5 badge detected: Passing Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 9 security policy file detected Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST 🟢 9 SAST tool detected but not run on all commits
pip/vulture	2.11	🟢 4.3	Details Check Score Reason Code-Review 🟢 3 Found 9/30 approved changesets -- score normalized to 3 Maintained 🟢 6 3 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 6 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Manifest Files

poetry.lock

• astroid@3.3.3
• pylint@3.3.0
• vulture@2.12
• astroid@3.2.4
• pylint@3.2.7
• vulture@2.11

pyproject.toml

• pylint@3.3.0
• vulture@2.12
• pylint@3.2.7
• vulture@2.11