Bump the python-dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the python-dependencies group with 3 updates in the / directory: pydantic-settings, build and ruff.

Updates pydantic-settings from 2.12.0 to 2.13.1

Release notes

Sourced from pydantic-settings's releases.

v2.13.0

What's Changed

• fix: Deterministic alias selection when using validate_by_name by @​chbndrhnns in pydantic/pydantic-settings#707
• add deep merge functionality to config file sources by @​pmeier in pydantic/pydantic-settings#698
• Add support for AWS Secrets Manager VersionId parameter by @​jcyamacho in pydantic/pydantic-settings#708
• bugfix: Return None for inaccessible GCP Secret Manager secrets by @​zaphod72 in pydantic/pydantic-settings#712
• Bugfix for cli_kebab_case="all" and CliImplicitFlag[bool] by @​Digity101 in pydantic/pydantic-settings#702
• Unpack type alisases when looking for NoDecode by @​tselepakis in pydantic/pydantic-settings#695
• CliToggleFlag and CliDualFlag by @​kschwab in pydantic/pydantic-settings#717
• Fix for CLI duplicate enum field values. by @​kschwab in pydantic/pydantic-settings#722
• fixed load nested config from env by @​Sube-py in pydantic/pydantic-settings#723
• Add non-Path files support (for example Traversable) and open files using Path.open method by @​mahenzon in pydantic/pydantic-settings#724
• add one more traversable test by @​mahenzon in pydantic/pydantic-settings#725
• CLI fix fox external list args. by @​kschwab in pydantic/pydantic-settings#727
• fix: handle case-insensitive retrieval in GoogleSecretManagerSettingsSource by @​ezwiefel in pydantic/pydantic-settings#730
• CLI test fixes for help text formatting. by @​kschwab in pydantic/pydantic-settings#735
• Avoid conflicts with the NAME environment variable in WSL by @​kzrnm in pydantic/pydantic-settings#747
• fix: When restoring init kwargs, use deterministic order by @​chbndrhnns in pydantic/pydantic-settings#746
• Add env_prefix_target by @​kzrnm in pydantic/pydantic-settings#749
• Remove (default: …) in the help message for CliToggleFlag by @​kzrnm in pydantic/pydantic-settings#740
• Add support for CLI serialize styles. by @​kschwab in pydantic/pydantic-settings#755
• Add support for overriding default help on CLI internal parser. by @​kschwab in pydantic/pydantic-settings#758
• CLI format_help method support by @​kschwab in pydantic/pydantic-settings#759
• feat(gcp): support SecretVersion annotation for per-field secret versioning by @​ezwiefel in pydantic/pydantic-settings#763
• Allow snake_case_conversion with env_prefix for Azure Key Vault source by @​cstarkers in pydantic/pydantic-settings#762
• fix: Only override preferred_key when no value was found by @​chbndrhnns in pydantic/pydantic-settings#767
• Update deps by @​hramezani in pydantic/pydantic-settings#768
• CLI coerce numeric types. by @​kschwab in pydantic/pydantic-settings#769
• CLI Union Discriminator Choices in Help by @​kschwab in pydantic/pydantic-settings#764
• Add nested path support for yaml_config_section (fixes #772) by @​hugo-romero-mm in pydantic/pydantic-settings#773
• Prepare release 2.13.0 by @​hramezani in pydantic/pydantic-settings#777

New Contributors

• @​pmeier made their first contribution in pydantic/pydantic-settings#698
• @​jcyamacho made their first contribution in pydantic/pydantic-settings#708
• @​zaphod72 made their first contribution in pydantic/pydantic-settings#712
• @​Digity101 made their first contribution in pydantic/pydantic-settings#702
• @​Sube-py made their first contribution in pydantic/pydantic-settings#723
• @​mahenzon made their first contribution in pydantic/pydantic-settings#724
• @​kzrnm made their first contribution in pydantic/pydantic-settings#747
• @​cstarkers made their first contribution in pydantic/pydantic-settings#762
• @​hugo-romero-mm made their first contribution in pydantic/pydantic-settings#773

Full Changelog: pydantic/pydantic-settings@v2.12.0...v2.13.0

Commits

• e87d12d v2.13.1 (#790)
• acf8c14 Fix JSON decoding for parameterized PEP 695 type aliases (#780)
• 58b236a Fix AttributeError with nested env vars for dict fields (#785) (#786)
• 4933f06 Fix CLI parsing error for set field types since 2.13.0 (#787) (#788)
• bd0ebe6 Fix RecursionError with self-referential models in CliApp (#783)
• eb7840e Fix regression for bool fields since 2.13.0 (#784)
• 198e71c Prepare release 2.13.0 (#777)
• de71e84 Add nested path support for yaml_config_section (fixes #772) (#773)
• 0f8f951 CLI Union Discriminator Choices in Help (#764)
• ce9804c CLI coerce numeric types. (#769)
• Additional commits viewable in compare view

Updates build from 1.4.0 to 1.4.2

Release notes

Sourced from build's releases.

1.4.2

What's Changed

• fix(uv): always pass the python to use by @​henryiii in pypa/build#996
• 🐛 fix(release): detect pre-commit environment inconsistencies by @​gaborbernat in pypa/build#1001
• 🔧 fix(towncrier): match docstrfmt RST formatting expectations by @​gaborbernat in pypa/build#1002
• Fix _has_valid_outer_pip when pip is missing by @​notatallshaw in pypa/build#1003
• fix: release changelog issue by @​henryiii in pypa/build#1006

New Contributors

• @​notatallshaw made their first contribution in pypa/build#1003

Full Changelog: pypa/build@1.4.1...1.4.2

1.4.1

What's Changed

• Fix documentation grammar and typos by @​DimitriPapadopoulos in pypa/build#979
• Allow setting build constraints by @​layday in pypa/build#963
• fix: pip hack workaround by @​henryiii in pypa/build#980
• 📚 docs: reorganize using Diataxis framework by @​gaborbernat in pypa/build#988
• ✨ feat(ci): automate releases and harden workflows by @​gaborbernat in pypa/build#991
• chore: avoid template injection zizmor issue by @​henryiii in pypa/build#994
• chore: fix PR template by @​henryiii in pypa/build#995
• chore: fix fix job by @​henryiii in pypa/build#997
• 🐛 fix(ci): resolve pre-release auth failure and change detection by @​gaborbernat in pypa/build#999
• 🐛 fix(deps): add pre-commit to release dependency group by @​gaborbernat in pypa/build#1000

Full Changelog: pypa/build@1.4.0...1.4.1

Changelog

Sourced from build's changelog.

#################### 1.4.2 (2026-03-25) ####################

---

Bugfixes

---

• Ensure the uv installer uses the current version of Python, avoiding an issue if UV_PYTHON is set, for example. (:issue:977)
• Fix _has_valid_outer_pip returning True when pip is missing, causing build to try using a non-existent pip instead of falling back to virtualenv. (:issue:1003)

#################### 1.4.1 (2026-03-24) ####################

---

Features

---

• Allow setting build constraints - by :user:gaborbernat (:issue:963)
• Automate releases with pre-release workflow and trusted publishing - by :user:gaborbernat (:issue:991)

---

Documentation

---

• Fix documentation grammar and typos (:issue:979)
• Reorganize documentation using Diataxis framework - by :user:gaborbernat (:issue:988)
• Document release process and workflow security practices in contributing guide (:issue:991)

---

Miscellaneous

---

• :issue:991

---

Bugfixes

---

• Fix pip hack workaround - by :user:gaborbernat (:issue:980)

#################### 1.4.0 (2026-01-08) ####################

• Add --quiet flag (:pr:947)
• Add option to dump PEP 517 metadata with --metadata (:pr:940, :pr:943)

... (truncated)

Commits

• 7b7ae07 chore: prepare for 1.4.2
• 17f3b57 fix: release changelog issue (#1006)
• b945752 fix: _has_valid_outer_pip when pip is missing (#1003)
• 74ae997 🔧 fix(towncrier): match docstrfmt RST formatting expectations (#1002)
• 3786929 🐛 fix(release): detect pre-commit environment inconsistencies (#1001)
• 737bdb7 fix(uv): always pass the python to use (#996)
• bd88956 chore: prepare for 1.4.1
• 062e7e2 🐛 fix(deps): add pre-commit to release dependency group (#1000)
• 3d8e260 🐛 fix(ci): resolve pre-release auth failure and change detection (#999)
• f2a2610 chore: fix fix job (#997)
• Additional commits viewable in compare view

Updates ruff from 0.15.0 to 0.15.8

Release notes

Sourced from ruff's releases.

0.15.8

Release Notes

Released on 2026-03-26.

Preview features

• [ruff] New rule unnecessary-if (RUF050) (#24114)
• [ruff] New rule useless-finally (RUF072) (#24165)
• [ruff] New rule f-string-percent-format (RUF073): warn when using % operator on an f-string (#24162)
• [pyflakes] Recognize frozendict as a builtin for Python 3.15+ (#24100)

Bug fixes

• [flake8-async] Use fully-qualified anyio.lowlevel import in autofix (ASYNC115) (#24166)
• [flake8-bandit] Check tuple arguments for partial paths in S607 (#24080)
• [pyflakes] Skip undefined-name (F821) for conditionally deleted variables (#24088)
• E501/W505/formatter: Exclude nested pragma comments from line width calculation (#24071)
• Fix %foo? parsing in IPython assignment expressions (#24152)
• analyze graph: resolve string imports that reference attributes, not just modules (#24058)

Rule changes

• [eradicate] ignore ty: ignore comments in ERA001 (#24192)
• [flake8-bandit] Treat sys.executable as trusted input in S603 (#24106)
• [flake8-self] Recognize Self annotation and self assignment in SLF001 (#24144)
• [pyflakes] F507: Fix false negative for non-tuple RHS in %-formatting (#24142)
• [refurb] Parenthesize generator arguments in FURB142 fixer (#24200)

Performance

• Speed up diagnostic rendering (#24146)

Server

• Warn when Markdown files are skipped due to preview being disabled (#24150)

Documentation

• Clarify extend-ignore and extend-select settings documentation (#24064)
• Mention AI policy in PR template (#24198)

Other changes

• Use trusted publishing for NPM packages (#24171)

Contributors

• @​bitloi
• @​Sim-hu

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.8

Released on 2026-03-26.

Preview features

• [ruff] New rule unnecessary-if (RUF050) (#24114)
• [ruff] New rule useless-finally (RUF072) (#24165)
• [ruff] New rule f-string-percent-format (RUF073): warn when using % operator on an f-string (#24162)
• [pyflakes] Recognize frozendict as a builtin for Python 3.15+ (#24100)

Bug fixes

• [flake8-async] Use fully-qualified anyio.lowlevel import in autofix (ASYNC115) (#24166)
• [flake8-bandit] Check tuple arguments for partial paths in S607 (#24080)
• [pyflakes] Skip undefined-name (F821) for conditionally deleted variables (#24088)
• E501/W505/formatter: Exclude nested pragma comments from line width calculation (#24071)
• Fix %foo? parsing in IPython assignment expressions (#24152)
• analyze graph: resolve string imports that reference attributes, not just modules (#24058)

Rule changes

• [eradicate] ignore ty: ignore comments in ERA001 (#24192)
• [flake8-bandit] Treat sys.executable as trusted input in S603 (#24106)
• [flake8-self] Recognize Self annotation and self assignment in SLF001 (#24144)
• [pyflakes] F507: Fix false negative for non-tuple RHS in %-formatting (#24142)
• [refurb] Parenthesize generator arguments in FURB142 fixer (#24200)

Performance

• Speed up diagnostic rendering (#24146)

Server

• Warn when Markdown files are skipped due to preview being disabled (#24150)

Documentation

• Clarify extend-ignore and extend-select settings documentation (#24064)
• Mention AI policy in PR template (#24198)

Other changes

• Use trusted publishing for NPM packages (#24171)

Contributors

• @​bitloi
• @​Sim-hu
• @​mvanhorn

... (truncated)

Commits

• c2a8815 Release 0.15.8 (#24217)
• d444d52 [ty] Infer lambda expressions with Callable type context (#22633)
• 9622285 [ty] Autocomplete arguments if in arguments node (#24167)
• d812662 Use the release environment in publish-docs (#24214)
• eda2355 [ty] Show Final source in final assignment diagnostic (#24194)
• 929eb52 [ty] Enforce Final attribute assignment rules for annotated and augmented wri...
• 34998be [ty] Fix typo in comment (#24211)
• 560aca0 [ty] Minor simplifications to some benchmark code (#24209)
• 683bae5 [ty] Track non-terminal-call constraints in global scope (#23245)
• 4704c2a [ty] Remove unnecessary intermediate collection in `StaticClassLiteral::field...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions