Skip to content

build: bump ty from 0.0.14 to 0.0.17#94

Merged
BKDDFS merged 1 commit intodevfrom
dependabot/uv/dev/ty-0.0.17
Feb 16, 2026
Merged

build: bump ty from 0.0.14 to 0.0.17#94
BKDDFS merged 1 commit intodevfrom
dependabot/uv/dev/ty-0.0.17

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 13, 2026

Bumps ty from 0.0.14 to 0.0.17.

Release notes

Sourced from ty's releases.

0.0.17

Release Notes

Released on 2026-02-13.

Bug fixes

  • Avoid Literal promotion for constrained TypeVars with Literal bounds (#23209)
  • Fix false positives in TypeVar shadowing checks (#23222)

Core type checking

  • Support generic protocols (#21902)
  • Perform control-flow analysis in loops (#22794)
  • Support typing.Self in attribute annotations (#23108)
  • Support type narrowing in situations with calls to NoReturn functions (#23109)
  • Support type narrowing and reachability analysis based on os.name checks (#23230)
  • Detect overrides of Final class variables in subclasses (#23180)
  • Fix bound method access on None (#23246)
  • Fix method calls on subclasses of Any (#23248)
  • Disallow type variables within PEP-695 type variable bounds and constraints (#22982)
  • Emit error for attribute access on union where some elements lack the attribute (#23042)
  • Emit error for invalid typevar defaults (#23194)
  • Improve display of ParamSpecs in some situations (#23211)

LSP server

  • Add hover and go-to-declaration support for subscript literals (#22837)
  • Assign lower completion ranking to deprecated names in auto import (#23188)
  • Improve spans of references to submodules imported in an __init__.py (#21795)
  • Include conditional symbols (like datetime.UTC) in auto-import in more cases (#23249)
  • Support auto-import for symbols in inlay hints (#22111)
  • Include overload declarations in find-references (#23215)

Performance

  • Avoid UnionBuilder overhead when creating a new union from the filtered elements of an existing union (#22352)

Other changes

  • Allow discovering dependencies in system Python environments (#22994)
  • Apply workspace settings to virtual files (#23228)
  • Add support for --output-format=junit (#22125)
  • Use a smaller diagnostic range for inconsistent-mro diagnostics (#23213)

Contributors

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.17

Released on 2026-02-13.

Bug fixes

  • Avoid Literal promotion for constrained TypeVars with Literal bounds (#23209)
  • Fix false positives in TypeVar shadowing checks (#23222)

Core type checking

  • Support generic protocols (#21902)
  • Perform control-flow analysis in loops (#22794)
  • Support typing.Self in attribute annotations (#23108)
  • Support type narrowing in situations with calls to NoReturn functions (#23109)
  • Support type narrowing and reachability analysis based on os.name checks (#23230)
  • Detect overrides of Final class variables in subclasses (#23180)
  • Fix bound method access on None (#23246)
  • Fix method calls on subclasses of Any (#23248)
  • Disallow type variables within PEP-695 type variable bounds and constraints (#22982)
  • Emit error for attribute access on union where some elements lack the attribute (#23042)
  • Emit error for invalid typevar defaults (#23194)
  • Improve display of ParamSpecs in some situations (#23211)

LSP server

  • Add hover and go-to-declaration support for subscript literals (#22837)
  • Assign lower completion ranking to deprecated names in auto import (#23188)
  • Improve spans of references to submodules imported in an __init__.py (#21795)
  • Include conditional symbols (like datetime.UTC) in auto-import in more cases (#23249)
  • Support auto-import for symbols in inlay hints (#22111)
  • Include overload declarations in find-references (#23215)

Performance

  • Avoid UnionBuilder overhead when creating a new union from the filtered elements of an existing union (#22352)

Other changes

  • Allow discovering dependencies in system Python environments (#22994)
  • Apply workspace settings to virtual files (#23228)
  • Add support for --output-format=junit (#22125)
  • Use a smaller diagnostic range for inconsistent-mro diagnostics (#23213)

Contributors

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build: bump ty from 0.0.14 to 0.0.17
a599e08 
Bumps [ty](https://github.com/astral-sh/ty) from 0.0.14 to 0.0.17.
- [Release notes](https://github.com/astral-sh/ty/releases)
- [Changelog](https://github.com/astral-sh/ty/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ty@0.0.14...0.0.17)

---
updated-dependencies:
- dependency-name: ty
  dependency-version: 0.0.17
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Feb 13, 2026
@dependabot dependabot bot requested a review from BKDDFS as a code owner February 13, 2026 16:27
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Feb 13, 2026
@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 13, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@codecov
Copy link

codecov bot commented Feb 13, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@BKDDFS BKDDFS merged commit e1fc3e0 into dev Feb 16, 2026
10 checks passed
@dependabot dependabot bot deleted the dependabot/uv/dev/ty-0.0.17 branch February 16, 2026 18:24
BKDDFS added a commit that referenced this pull request Feb 16, 2026
@BKDDFS @dependabot @claude
build: bump deps and base image (#98)
bf60d6a 
* chore: bump version to 3.0.0

* fix: add conventional commit prefix to Dependabot config (#81)

Dependabot PRs fail the semantic-pull-request check because their
titles don't follow conventional commits format. Adding commit-message
prefix "build" makes Dependabot produce compliant titles.

* fix: set Dependabot target branch to dev (#85)

Dependabot PRs were targeting main which is protected. Setting
target-branch to dev to match the project's branching flow.

* Bump actions/checkout from 6.0.1 to 6.0.2 (#72)

Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@8e8c483...de0fac2)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump opencv-python from 4.13.0.90 to 4.13.0.92 (#90)

Bumps [opencv-python](https://github.com/opencv/opencv-python) from 4.13.0.90 to 4.13.0.92.
- [Release notes](https://github.com/opencv/opencv-python/releases)
- [Commits](https://github.com/opencv/opencv-python/commits)

---
updated-dependencies:
- dependency-name: opencv-python
  dependency-version: 4.13.0.92
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump ruff from 0.14.14 to 0.15.0 (#89)

Bumps [ruff](https://github.com/astral-sh/ruff) from 0.14.14 to 0.15.0.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.14.14...0.15.0)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.15.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump onnxruntime-gpu from 1.23.2 to 1.24.1 (#91)

Bumps [onnxruntime-gpu](https://github.com/microsoft/onnxruntime) from 1.23.2 to 1.24.1.
- [Release notes](https://github.com/microsoft/onnxruntime/releases)
- [Changelog](https://github.com/microsoft/onnxruntime/blob/main/docs/ReleaseManagement.md)
- [Commits](microsoft/onnxruntime@v1.23.2...v1.24.1)

---
updated-dependencies:
- dependency-name: onnxruntime-gpu
  dependency-version: 1.24.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump ruff from 0.15.0 to 0.15.1 (#97)

Bumps [ruff](https://github.com/astral-sh/ruff) from 0.15.0 to 0.15.1.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.0...0.15.1)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.15.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump fastapi from 0.128.0 to 0.129.0 (#96)

Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.128.0 to 0.129.0.
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.128.0...0.129.0)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.129.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump ty from 0.0.14 to 0.0.17 (#94)

Bumps [ty](https://github.com/astral-sh/ty) from 0.0.14 to 0.0.17.
- [Release notes](https://github.com/astral-sh/ty/releases)
- [Changelog](https://github.com/astral-sh/ty/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ty@0.0.14...0.0.17)

---
updated-dependencies:
- dependency-name: ty
  dependency-version: 0.0.17
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump github/codeql-action from 3.32.0 to 4.32.3 (#93)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.32.0 to 4.32.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@439137e...9e907b5)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.32.3
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* build: bump aquasecurity/trivy-action from 0.33.1 to 0.34.0 (#95)

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.33.1 to 0.34.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](aquasecurity/trivy-action@b6643a2...c1824fd)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: remove trailing whitespace in codeql.yml

Fix pre-commit CI failure on PR #98 caused by trailing whitespace.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: add missing newline at end of codeql.yml

The end-of-file-fixer hook requires a trailing newline.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* build: bump python base image from 3.13.11 to 3.13.12

Addresses Trivy security alerts for gnutls, pip, and libxml2
vulnerabilities in the base Docker image.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@BKDDFS BKDDFS Awaiting requested review from BKDDFS BKDDFS is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@BKDDFS