Deps: Bump the python-packages group with 3 updates

[dependabot]

Updates the requirements on maturin, ruff and ty to permit the latest version.
Updates maturin to 1.13.3

Release notes

Sourced from maturin's releases.

v1.13.3

What's Changed

• fix: disable abi3 in pyo3 config for version-specific fallback builds by @​trim21 in PyO3/maturin#3180

Full Changelog: PyO3/maturin@v1.13.2...v1.13.3

Changelog

Sourced from maturin's changelog.

1.13.3

• Fix: disable abi3 in pyo3 config for version-specific fallback builds (#3180)

1.13.2

• Fix: resolve test failures in distro packaging environments (#3129)
• Fix: redirect tracing output to stderr to avoid breaking PEP 517 (#3131)
• Fix: skip interpreters with empty output for WSL2 cross-compile (#3137)
• Fix: set explicit lib_name in pyo3 config for Android abi3 cross-compilation (#3130)
• Chore: add sysconfig/cpython-freebsd-15.0-amd64.txt (#3140)
• Quote python-version in generated GitHub Actions workflow
• Update rustls-webpki
• Fix: two-phase bridge detection for conditional abi3 features (#3144)
• Update cargo-zigbuild to 0.22.2
• Update pyo3 to 0.28.3
• Treat pyo3 0.29.0+ as having Windows import lib support (raw-dylib) (#3145)
• Fix bin bindings with external shared library dependencies (#3147)
• Upgrade MSRV to 1.89.0 (#3149)
• Musllinux oci image (#3152)
• Remove Cirrus CI for FreeBSD (#3156)
• Perf: defer stage_artifact copy-back, finalize via rename when unpatched (#3155)
• Perf: eliminate stage_artifact double-copy, drop was_patched flag (#3157)
• Fix release pipeline (#3158)
• Auditwheel: copy unpatched cargo output back before in-place patching (#3159)
• Develop: fail loudly when pip leaves a stale ~ install behind (#1922) (#3161)
• Provide a link for the lib.name in Cargo.toml (#3167)
• Fix duplicated version in changelog (#3171)
• Switch to actions/attest from attest-build-provenance (#3169)
• Switch generation to actions/attest action, upgrade to v4 (#3170)
• Fix: avoid duplicate --interpreter panic in PEP 517 backend (#3175)
• Add trusted publishing options to generate-ci (#3176)
• Fix(sdist): handle symlinked Cargo.toml pointing outside project root (#3178)
• Stop install cffi for Python 3.8 in Dockerfile
• Fix: support pixi-managed virtualenvs in maturin develop (#3165)
• Support PEP 783 pyemscripten_*_wasm32 wheel platform tag (#3163)

1.13.1

• Fix: fall back to placeholder for abi3 when found interpreters are too old (#3126)

1.13.0

• Refactor: unified interpreter resolution pipeline (#3032)
• Refactor: decompose large modules into focused submodules (#3052)
• Keep cargo build artifact at original path after staging (#3054)
• Fix --strip conflicting with --include-debuginfo in develop (#3057)
• Fix abi3 wheel producing version-specific tags for CPython below minimum (#3061)
• Generate-ci: use uv pip for pytest steps to fix local wheel preference (#3063)
• Update reflink-copy to 0.1.29 to fix sparc Linux builds

... (truncated)

Commits

• 1f7e752 Release v1.13.3 (#3183)
• 863c990 fix: disable abi3 in pyo3 config for version-specific fallback builds (#3180)
• fd70e0d Release v1.13.2
• 8058c01 Support PEP 783 pyemscripten_*_wasm32 wheel platform tag (#3163)
• 211434c fix: support pixi-managed virtualenvs in maturin develop (#3165)
• 8a5130d Stop install cffi for Python 3.8 in Dockerfile
• 4ac4d99 fix(sdist): handle symlinked Cargo.toml pointing outside project root (#3178)
• dd54ac9 Add trusted publishing options to generate-ci (#3176)
• e6d39af fix: avoid duplicate --interpreter panic in PEP 517 backend (#3175)
• 02ad7b3 build(deps): bump openssl from 0.10.78 to 0.10.79 (#3173)
• Additional commits viewable in compare view

Updates ruff to 0.15.13

Release notes

Sourced from ruff's releases.

0.15.13

Release Notes

Released on 2026-05-14.

Preview features

• Add a rule to flag lazy imports that are eagerly evaluated (#25016)
• [pylint] Standardize diagnostic message (PLR0914, PLR0917) (#24996)

Bug fixes

• Fix F811 false positive for class methods (#24933)
• Fix setting selection for multi-folder workspace (#24819)
• [eradicate] Fix false positive for lines with leading whitespace (ERA001) (#25122)
• [flake8-pyi] Fix false positive for f-string debug specifier (PYI016) (#24098)

Rule changes

• Always include panic payload in panic diagnostic message (#24873)
• Restrict PYI034 for in-place operations to enclosing class (#24511)
• Improve error message for parameters that are declared global (#24902)
• Update known stdlib (#25103)

Performance

• [isort] Avoid constructing glob::Patterns for literal known modules (#25123)

CLI

• Add TOML examples to --config help text (#25013)
• Colorize ruff check 'All checks passed' (#25085)

Configuration

• Increase max allowed value of line-length setting (#24962)

Documentation

• Add D203 to rules that conflict with the formatter (#25044)
• Clarify COM819 and formatter interaction (#25045)
• Clarify that NotImplemented is a value, not an exception (F901) (#25054)
• Update number of lint rules supported (#24942)

Other changes

• Simplify the playground's markdown template (#24924)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.13

Released on 2026-05-14.

Preview features

• Add a rule to flag lazy imports that are eagerly evaluated (#25016)
• [pylint] Standardize diagnostic message (PLR0914, PLR0917) (#24996)

Bug fixes

• Fix F811 false positive for class methods (#24933)
• Fix setting selection for multi-folder workspace (#24819)
• [eradicate] Fix false positive for lines with leading whitespace (ERA001) (#25122)
• [flake8-pyi] Fix false positive for f-string debug specifier (PYI016) (#24098)

Rule changes

• Always include panic payload in panic diagnostic message (#24873)
• Restrict PYI034 for in-place operations to enclosing class (#24511)
• Improve error message for parameters that are declared global (#24902)
• Update known stdlib (#25103)

Performance

• [isort] Avoid constructing glob::Patterns for literal known modules (#25123)

CLI

• Add TOML examples to --config help text (#25013)
• Colorize ruff check 'All checks passed' (#25085)

Configuration

• Increase max allowed value of line-length setting (#24962)

Documentation

• Add D203 to rules that conflict with the formatter (#25044)
• Clarify COM819 and formatter interaction (#25045)
• Clarify that NotImplemented is a value, not an exception (F901) (#25054)
• Update number of lint rules supported (#24942)

Other changes

• Simplify the playground's markdown template (#24924)

Contributors

• @​MichaReiser

... (truncated)

Commits

• 2afb467 Bump 0.15.13 (#25157)
• 3008796 [ty] classify TypeVar semantic tokens as type parameters (#24891)
• 79470e3 [isort] Avoid constructing glob::Patterns for literal known modules (#25123)
• 2522549 Remove shellcheck from prek (#25154)
• 7db7170 [ty] Support TypedDict key completions in incomplete, anonymous contexts (#25...
• bb3dd53 [ty] Run full iteration analysis on narrowed typevars (#25143)
• 828cdb7 [ty] Isolate file-watching test environment (#25151)
• 89e1d86 [ty] Preserve TypedDict keys through dict unpacking (#24523)
• 86f3064 [ty] Avoid accessing args[0] for static_assert (#25149)
• ed819f9 [ty] Treat custom enum __new__ values as dynamic (#25136)
• Additional commits viewable in compare view

Updates ty to 0.0.36

Release notes

Sourced from ty's releases.

0.0.36

Release Notes

Released on 2026-05-14.

Bug fixes

• Fix Go To-Definition for self-imported submodules (#25106)
• Fix ClassVar[Self] assignment checks for class objects (#24657)
• Fix attribute access on Callable-bounded TypeVars (#24793)
• Fix panic from TypedDict schema cycle with Self fields (#25094)
• Fix panic from accessing args[0] for static_assert (#25149)
• Fix panic from non-name walrus target access (#25121)
• Fix singleton classification for runtime typing objects (#25099)
• Guard self-referential TypeOf recursion in generic callables (#24668)
• Preserve lexical ParamSpec scope for returned Callable annotations (#24909)
• Preserve walrus bindings through negated short-circuit conditions (#25163)
• Run full iteration analysis on narrowed typevars (#25143)

LSP server

• Classify TypeVar semantic tokens as type parameters (#24891)
• Emit folding ranges for an entire block (#25113)
• Respect the includeDeclaration request parameter (#24960)
• Support TypedDict key completions in incomplete, anonymous contexts (#25147)

Performance

• Bound loop-header analysis for large loops (#24972)
• Convert inference hash maps to boxed slices on finish (#25102)

Core type checking

• Add support for sentinel values (PEP 661) (#25082)
• Hoist path assignment implication checks (#25107)
• Preserve TypedDict keys through dict unpacking (#24523)
• Treat custom enum __new__ values as dynamic (#25136)

Contributors

• @​RasmusNygren
• @​charliermarsh
• @​JelleZijlstra
• @​Minibrams
• @​lerebear
• @​denyszhak
• @​MichaReiser

Install ty 0.0.36

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.36

Released on 2026-05-14.

Bug fixes

• Fix Go To-Definition for self-imported submodules (#25106)
• Fix ClassVar[Self] assignment checks for class objects (#24657)
• Fix attribute access on Callable-bounded TypeVars (#24793)
• Fix panic from TypedDict schema cycle with Self fields (#25094)
• Fix panic from accessing args[0] for static_assert (#25149)
• Fix panic from non-name walrus target access (#25121)
• Fix singleton classification for runtime typing objects (#25099)
• Guard self-referential TypeOf recursion in generic callables (#24668)
• Preserve lexical ParamSpec scope for returned Callable annotations (#24909)
• Preserve walrus bindings through negated short-circuit conditions (#25163)
• Run full iteration analysis on narrowed typevars (#25143)

LSP server

• Classify TypeVar semantic tokens as type parameters (#24891)
• Emit folding ranges for an entire block (#25113)
• Respect the includeDeclaration request parameter (#24960)
• Support TypedDict key completions in incomplete, anonymous contexts (#25147)

Performance

• Bound loop-header analysis for large loops (#24972)
• Convert inference hash maps to boxed slices on finish (#25102)

Core type checking

• Add support for sentinel values (PEP 661) (#25082)
• Hoist path assignment implication checks (#25107)
• Preserve TypedDict keys through dict unpacking (#24523)
• Treat custom enum __new__ values as dynamic (#25136)

Contributors

• @​RasmusNygren
• @​charliermarsh
• @​JelleZijlstra
• @​Minibrams
• @​lerebear
• @​denyszhak
• @​MichaReiser

0.0.35

Released on 2026-05-10.

... (truncated)

Commits

• a63e559 Bump version to 0.0.36 (#3463)
• 94370d5 Update prek dependencies (#3449)
• bc12d1c Bump version to 0.0.35 (#3436)
• fb34d89 Build riscv64 manylinux binary (#3402)
• 05def00 Update maturin to v1.13.1 (#3417)
• 569c081 Update prek dependencies (#3416)
• 608f8ff Update renovate configuration (#3379)
• 518b61d Update uraimo/run-on-arch-action action to v3.1.0 (#3405)
• 5542959 Update pre-commit hook astral-sh/ruff-pre-commit to v0.15.12 (#3404)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None