Bump ruff from 0.8.2 to 0.8.3

[dependabot]

Bumps ruff from 0.8.2 to 0.8.3.

Release notes

Sourced from ruff's releases.

0.8.3

Release Notes

Preview features

• Fix fstring formatting removing overlong implicit concatenated string in expression part (#14811)
• [airflow] Add fix to remove deprecated keyword arguments (AIR302) (#14887)
• [airflow]: Extend rule to include deprecated names for Airflow 3.0 (AIR302) (#14765 and #14804)
• [flake8-bugbear] Improve error messages for except* (B025, B029, B030, B904) (#14815)
• [flake8-bugbear] itertools.batched() without explicit strict (B911) (#14408)
• [flake8-use-pathlib] Dotless suffix passed to Path.with_suffix() (PTH210) (#14779)
• [pylint] Include parentheses and multiple comparators in check for boolean-chained-comparison (PLR1716) (#14781)
• [ruff] Do not simplify round() calls (RUF046) (#14832)
• [ruff] Don't emit used-dummy-variable on function parameters (RUF052) (#14818)
• [ruff] Implement if-key-in-dict-del (RUF051) (#14553)
• [ruff] Mark autofix for RUF052 as always unsafe (#14824)
• [ruff] Teach autofix for used-dummy-variable about TypeVars etc. (RUF052) (#14819)

Rule changes

• [flake8-bugbear] Offer unsafe autofix for no-explicit-stacklevel (B028) (#14829)
• [flake8-pyi] Skip all type definitions in string-or-bytes-too-long (PYI053) (#14797)
• [pyupgrade] Do not report when a UTF-8 comment is followed by a non-UTF-8 one (UP009) (#14728)
• [pyupgrade] Mark fixes for convert-typed-dict-functional-to-class and convert-named-tuple-functional-to-class as unsafe if they will remove comments (UP013, UP014) (#14842)

Bug fixes

• Raise syntax error for mixing except and except* (#14895)
• [flake8-bugbear] Fix B028 to allow stacklevel to be explicitly assigned as a positional argument (#14868)
• [flake8-bugbear] Skip B028 if warnings.warn is called with *args or **kwargs (#14870)
• [flake8-comprehensions] Skip iterables with named expressions in unnecessary-map (C417) (#14827)
• [flake8-pyi] Also remove self and cls's annotation (PYI034) (#14801)
• [flake8-pytest-style] Fix pytest-parametrize-names-wrong-type (PT006) to edit both argnames and argvalues if both of them are single-element tuples/lists (#14699)
• [perflint] Improve autofix for PERF401 (#14369)
• [pylint] Fix PLW1508 false positive for default string created via a mult operation (#14841)

Contributors

• @​AlexWaygood
• @​BurntSushi
• @​DimitriPapadopoulos
• @​Glyphack
• @​InSyncWithFoo
• @​Lee-W
• @​MichaReiser
• @​UnknownPlatypus
• @​carljm
• @​cclauss
• @​dcreager
• @​dhruvmanila
• @​dylwil3

... (truncated)

Changelog

Sourced from ruff's changelog.

0.8.3

Preview features

• Fix fstring formatting removing overlong implicit concatenated string in expression part (#14811)
• [airflow] Add fix to remove deprecated keyword arguments (AIR302) (#14887)
• [airflow]: Extend rule to include deprecated names for Airflow 3.0 (AIR302) (#14765 and #14804)
• [flake8-bugbear] Improve error messages for except* (B025, B029, B030, B904) (#14815)
• [flake8-bugbear] itertools.batched() without explicit strict (B911) (#14408)
• [flake8-use-pathlib] Dotless suffix passed to Path.with_suffix() (PTH210) (#14779)
• [pylint] Include parentheses and multiple comparators in check for boolean-chained-comparison (PLR1716) (#14781)
• [ruff] Do not simplify round() calls (RUF046) (#14832)
• [ruff] Don't emit used-dummy-variable on function parameters (RUF052) (#14818)
• [ruff] Implement if-key-in-dict-del (RUF051) (#14553)
• [ruff] Mark autofix for RUF052 as always unsafe (#14824)
• [ruff] Teach autofix for used-dummy-variable about TypeVars etc. (RUF052) (#14819)

Rule changes

• [flake8-bugbear] Offer unsafe autofix for no-explicit-stacklevel (B028) (#14829)
• [flake8-pyi] Skip all type definitions in string-or-bytes-too-long (PYI053) (#14797)
• [pyupgrade] Do not report when a UTF-8 comment is followed by a non-UTF-8 one (UP009) (#14728)
• [pyupgrade] Mark fixes for convert-typed-dict-functional-to-class and convert-named-tuple-functional-to-class as unsafe if they will remove comments (UP013, UP014) (#14842)

Bug fixes

• Raise syntax error for mixing except and except* (#14895)
• [flake8-bugbear] Fix B028 to allow stacklevel to be explicitly assigned as a positional argument (#14868)
• [flake8-bugbear] Skip B028 if warnings.warn is called with *args or **kwargs (#14870)
• [flake8-comprehensions] Skip iterables with named expressions in unnecessary-map (C417) (#14827)
• [flake8-pyi] Also remove self and cls's annotation (PYI034) (#14801)
• [flake8-pytest-style] Fix pytest-parametrize-names-wrong-type (PT006) to edit both argnames and argvalues if both of them are single-element tuples/lists (#14699)
• [perflint] Improve autofix for PERF401 (#14369)
• [pylint] Fix PLW1508 false positive for default string created via a mult operation (#14841)

Commits

• 53f2d72 Revert certain double quotes from workflow shell script (#14939)
• 3629cbf Use double quotes consistently for shell scripts (#14938)
• 37f4338 Bump version to 0.8.3 (#14937)
• 45b565c [red-knot] Any cannot be parameterized (#14933)
• 82faa9b Add tests demonstrating f-strings with debug expressions in replacements that...
• 2eac00c [perflint] fix invalid hoist in perf401 (#14369)
• 033ecf5 Also have zizmor check for low-severity security issues (#14893)
• 5509a3d Add LSP settings example for Zed editor (#14894)
• e4885a2 [red-knot] Understand typing.Tuple (#14927)
• a7e5e42 [red-knot] Make attributes.md test future-proof (#14923)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (cdee5eb) to head (e5fa273).

Additional details and impacted files

@@            Coverage Diff            @@
##              main      #644   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            8         8           
  Lines          151       151           
  Branches        15        15           
=========================================
  Hits           151       151           

Flag	Coverage Δ
python-3.10	100.00% <ø> (ø)
python-3.11	100.00% <ø> (ø)
python-3.12	100.00% <ø> (ø)
python-3.13	100.00% <ø> (ø)
python-3.9	100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[github-actions]

Test Results

  5 files  ±0    5 suites  ±0   21s ⏱️ -1s
 36 tests ±0   36 ✅ ±0  0 💤 ±0  0 ❌ ±0 
180 runs  ±0  180 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 9ed7bf7. ± Comparison against base commit 5ac3538.

♻️ This comment has been updated with latest results.

[github-actions]

🔍 Vulnerabilities of jkreileder/cf-ips-to-hcloud-fw:pr-644

📦 Image Reference jkreileder/cf-ips-to-hcloud-fw:pr-644

digest	sha256:b4b37caf7fd7a3200fd0c8400af38ac768ac71a97ad9a8db8cf2c9b198f686e1
vulnerabilities
platform	linux/amd64
size	28 MB
packages	62

📦 Base Image python:3-alpine

also known as	3-alpine3.20 3.13-alpine 3.13-alpine3.20 3.13.1-alpine 3.13.1-alpine3.20 alpine alpine3.20
digest	sha256:7bc78c6d338ab35ff94c90207c8b5457185f50f1fc059089f0b0069c8184280c
vulnerabilities

[github-actions]

Recommended fixes for image jkreileder/cf-ips-to-hcloud-fw:pr-644

Base image is python:3-alpine

Name	3.13.1-alpine3.20
Digest	sha256:7bc78c6d338ab35ff94c90207c8b5457185f50f1fc059089f0b0069c8184280c
Vulnerabilities
Pushed	1 week ago
Size	19 MB
Packages	41
Flavor	alpine
OS	3.20
Runtime	3.13.1

The base image is also available under the supported tag(s): 3-alpine3.20, 3.13-alpine, 3.13-alpine3.20, 3.13.1-alpine, 3.13.1-alpine3.20, alpine, alpine3.20

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

Tag	Details	Pushed	Vulnerabilities
3-alpine Newer image for same tag Also known as: alpine alpine3.21 3.13.1-alpine 3.13.1-alpine3.21 3.13-alpine 3.13-alpine3.21 3-alpine3.21	Benefits: Same OS detected Minor runtime version update Newer image for same tag Image is smaller by 2.2 MB Tag is preferred tag Tag was pushed more recently Image has same number of vulnerabilities Image contains similar number of packages 3-alpine was pulled 51K times last month Image details: Size: 17 MB Flavor: alpine OS: 3.21 Runtime: 3.13.1	1 week ago

Change base image

✅ There are no tag recommendations at this time.

[github-actions]

Overview

Image reference	jkreileder/cf-ips-to-hcloud-fw:1	quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-644
- digest	70eafa0243eb	b4b37caf7fd7
- tag	1	pr-644
- provenance	e4eb5d1	7d45cdf
- vulnerabilities
- platform	linux/amd64	linux/amd64
- size	22 MB	28 MB (+6.3 MB)
- packages	64	62 (-2)
Base Image	python:3-alpine also known as: • 3-alpine3.20 • 3.13-alpine • 3.13-alpine3.20 • alpine • alpine3.20	python:3-alpine also known as: • 3-alpine3.20 • 3.13-alpine • 3.13-alpine3.20 • 3.13.1-alpine • 3.13.1-alpine3.20 • alpine • alpine3.20
- vulnerabilities

Environment Variables (2 changes)

• + 1 added
• ± 1 changed
• 4 unchanged

 GPG_KEY=7169605F62C751356D054A26A821E680E5FA6305
 PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
 PYTHONDONTWRITEBYTECODE=1
 PYTHONFAULTHANDLER=1
+PYTHON_SHA256=9cf9427bee9e2242e3877dd0f6b641c1853ca461f39d6503ce260a59c80bf0d9
-PYTHON_VERSION=3.13.0
+PYTHON_VERSION=3.13.1

Labels (3 changes)

• ± 3 changed
• 5 unchanged

-org.opencontainers.image.created=2024-11-08T09:30:05.868Z
+org.opencontainers.image.created=2024-12-13T15:37:37.378Z
 org.opencontainers.image.description=Update Hetzner Cloud firewall rules with current Cloudflare IP ranges
 org.opencontainers.image.licenses=MIT
-org.opencontainers.image.revision=e4eb5d1df244d0bc3ea7f09542b95c5368fbc7ab
+org.opencontainers.image.revision=7d45cdf8e79ae932c41591fa3d5b1400c9aecf50
 org.opencontainers.image.source=https://github.com/jkreileder/cf-ips-to-hcloud-fw
 org.opencontainers.image.title=cf-ips-to-hcloud-fw
 org.opencontainers.image.url=https://github.com/jkreileder/cf-ips-to-hcloud-fw
-org.opencontainers.image.version=1.0.14
+org.opencontainers.image.version=pr-644

Policies (0 improved, 1 worsened, 2 missing data)

Policy Name	jkreileder/cf-ips-to-hcloud-fw:1	quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-644	Change	Standing
Default non-root user	✅	✅		No Change
No AGPL v3 licenses	✅	✅		No Change
No fixable critical or high vulnerabilities	✅	✅		No Change
No high-profile vulnerabilities	✅	✅		No Change
No outdated base images	✅	❓ No data
No unapproved base images	✅	❓ No data
Supply chain attestations	✅	⚠️ 2	+2	Worsened

Packages and Vulnerabilities (17 package changes and 2 vulnerability changes)

• ➖ 2 packages removed
• ♾️ 15 packages changed
• 47 packages unchanged

• ✔️ 2 vulnerabilities removed

Changes for packages of type apk (10 changes)

	Package	Version jkreileder/cf-ips-to-hcloud-fw:1	Version quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-644
♾️	.python-rundeps	20241017.164351	20241205.142133
➖	expat	2.6.3-r0
		Removed vulnerabilities (1):
♾️	libcrypto3	3.3.2-r0	3.3.2-r1
➖	libexpat	2.6.3-r0
♾️	libncursesw	6.4_p20240420-r1	6.4_p20240420-r2
♾️	libpanelw	6.4_p20240420-r1	6.4_p20240420-r2
♾️	libssl3	3.3.2-r0	3.3.2-r1
♾️	ncurses	6.4_p20240420-r1	6.4_p20240420-r2
♾️	ncurses-terminfo-base	6.4_p20240420-r1	6.4_p20240420-r2
♾️	openssl	3.3.2-r0	3.3.2-r1
		Removed vulnerabilities (1):

Changes for packages of type generic (1 changes)

	Package	Version jkreileder/cf-ips-to-hcloud-fw:1	Version quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-644
♾️	python	3.13.0	3.13.1

Changes for packages of type pypi (6 changes)

	Package	Version jkreileder/cf-ips-to-hcloud-fw:1	Version quay.io/jkreileder/cf-ips-to-hcloud-fw:pr-644
♾️	anyio	4.6.2.post1	4.7.0
♾️	cf-ips-to-hcloud-fw	1.0.14	1.0.15.dev0
♾️	cloudflare	3.1.0	3.1.1
♾️	httpcore	1.0.6	1.0.7
♾️	pip	24.2	24.3.1
♾️	six	1.16.0	1.17.0