Bump ruff from 0.9.2 to 0.9.3

[dependabot]

Bumps ruff from 0.9.2 to 0.9.3.

Changelog

Sourced from ruff's changelog.

0.9.3

Preview features

• [airflow] Argument fail_stop in DAG has been renamed as fail_fast (AIR302) (#15633)
• [airflow] Extend AIR303 with more symbols (#15611)
• [flake8-bandit] Report all references to suspicious functions (S3) (#15541)
• [flake8-pytest-style] Do not emit diagnostics for empty for loops (PT012, PT031) (#15542)
• [flake8-simplify] Avoid double negations (SIM103) (#15562)
• [pyflakes] Fix infinite loop with unused local import in __init__.py (F401) (#15517)
• [pylint] Do not report methods with only one EM101-compatible raise (PLR6301) (#15507)
• [pylint] Implement redefined-slots-in-subclass (W0244) (#9640)
• [pyupgrade] Add rules to use PEP 695 generics in classes and functions (UP046, UP047) (#15565, #15659)
• [refurb] Implement for-loop-writes (FURB122) (#10630)
• [ruff] Implement needless-else clause (RUF047) (#15051)
• [ruff] Implement starmap-zip (RUF058) (#15483)

Rule changes

• [flake8-bugbear] Do not raise error if keyword argument is present and target-python version is less or equals than 3.9 (B903) (#15549)
• [flake8-comprehensions] strip parentheses around generators in unnecessary-generator-set (C401) (#15553)
• [flake8-simplify] Mark fixes as unsafe (SIM201, SIM202) (#15626)
• [flake8-type-checking] Fix some safe fixes being labeled unsafe (TC006,TC008) (#15638)
• [isort] Omit trailing whitespace in unsorted-imports (I001) (#15518)
• [pydoclint] Allow ignoring one line docstrings for DOC rules (#13302)
• [pyflakes] Apply redefinition fixes by source code order (F811) (#15575)
• [pyflakes] Avoid removing too many imports in redefined-while-unused (F811) (#15585)
• [pyflakes] Group redefinition fixes by source statement (F811) (#15574)
• [pylint] Include name of base class in message for redefined-slots-in-subclass (W0244) (#15559)
• [ruff] Update fix for RUF055 to use var == value (#15605)

Formatter

• Fix bracket spacing for single-element tuples in f-string expressions (#15537)
• Fix unstable f-string formatting for expressions containing a trailing comma (#15545)

Performance

• Avoid quadratic membership check in import fixes (#15576)

Server

• Allow unsafe-fixes settings for code actions (#15666)

Bug fixes

• [flake8-bandit] Add missing single-line/dotall regex flag (S608) (#15654)
• [flake8-simplify] Do not emit diagnostics for expressions inside string type annotations (SIM222, SIM223) (#15405)
• [pyflakes] Treat arguments passed to the default= parameter of TypeVar as type expressions (F821) (#15679)
• [pyupgrade] Avoid syntax error when the iterable is a non-parenthesized tuple (UP028) (#15543)

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dryrunsecurity]

DryRun Security Summary

A minor version update of the ruff linting package from 0.9.2 to 0.9.3 is proposed, which appears to be a routine dependency update without significant security implications, but still warrants standard review and testing.

Expand for full summary

Summary:

The code change in this GitHub Pull Request is a minor version update for the ruff Python package, which is likely used for linting the codebase. Version updates for linting tools are generally not a significant security concern, as they are not directly involved in the core application logic or functionality.

However, it's always a good practice to review the release notes or change logs for the updated package to ensure there are no security-related fixes or improvements included in the new version. Additionally, it's recommended to have a robust testing and review process in place to validate the impact of any dependency updates, including linting tools, to ensure they do not introduce any unintended issues or regressions.

Overall, this code change appears to be a routine update to a linting dependency and does not raise any immediate security concerns. As an application security engineer, I would recommend approving this pull request, but continuing to monitor the application's security posture and any future dependency updates.

Files Changed:

• requirements-lint.txt: This file has been updated to use version 0.9.3 of the ruff Python package, which is a minor version update from the previous 0.9.2 version.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

[dryrunsecurity]

DryRun Security Summary

A minor version update of the ruff linting package from 0.9.2 to 0.9.3 is proposed, which appears to be a routine dependency update without significant security implications, but still warrants standard review and testing.

Expand for full summary

Summary:

The code change in this GitHub Pull Request is a minor version update for the ruff Python package, which is likely used for linting the codebase. Version updates for linting tools are generally not a significant security concern, as they are not directly involved in the core application logic or functionality.

However, it's always a good practice to review the release notes or change logs for the updated package to ensure there are no security-related fixes or improvements included in the new version. Additionally, it's recommended to have a robust testing and review process in place to validate the impact of any dependency updates, including linting tools, to ensure they do not introduce any unintended issues or regressions.

Overall, this code change appears to be a routine update to a linting dependency and does not raise any immediate security concerns. As an application security engineer, I would recommend approving this pull request, but continuing to monitor the application's security posture and any future dependency updates.

Files Changed:

• requirements-lint.txt: This file has been updated to use version 0.9.3 of the ruff Python package, which is a minor version update from the previous 0.9.2 version.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

[manuel-sommer]

#11451