Update python dependencies

[renovate-bot]

Note: This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
Django (changelog)	~=5.2.0 → ~=6.0.0
coverage	~=7.10.2 → ~=7.13.1
model-bakery	~=1.20.0 → ~=1.21.0
mozilla-django-oidc (changelog)	~=4.0.1 → ~=5.0.2
mypy (changelog)	~=1.18.2 → ~=1.19.1
psycopg (changelog)	~=3.2.3 → ~=3.3.2
pydantic (changelog)	~=2.11.7 → ~=2.12.5
pylint (changelog)	~=3.3.0 → ~=4.0.4
pylint-django	~=2.6.1 → ~=2.7.0
redis (changelog)	~=6.4.0 → ~=7.1.0
ruff (source, changelog)	~=0.13.3 → ~=0.14.10
selenium	~=4.36.0 → ~=4.39.0
tblib (changelog)	~=3.1.0 → ~=3.2.2

---

Release Notes

django/django (Django)

v6.0

Compare Source

v5.2.9

Compare Source

v5.2.8

Compare Source

v5.2.7

Compare Source

v5.2.6

Compare Source

v5.2.5

Compare Source

v5.2.4

Compare Source

v5.2.3

Compare Source

v5.2.2

Compare Source

v5.2.1

Compare Source

coveragepy/coveragepy (coverage)

v7.13.1

Compare Source

• Added: the JSON report now includes a "start_line" key for function and
  class regions, indicating the first line of the region in the source. Closes
  issue 2110_.

• Added: The debug data command now takes file names as arguments on the
  command line, so you can inspect specific data files without needing to set
  the COVERAGE_FILE environment variable.

• Fix: the JSON report used to report module docstrings as executed lines,
  which no other report did, as described in issue 2105_. This is now fixed,
  thanks to Jianrong Zhao.

• Fix: coverage.py uses a more disciplined approach to detecting where
  third-party code is installed, and avoids measuring it. This shouldn't change
  any behavior. If you find that it does, please get in touch.

• Performance: data files that will be combined now record their hash as part
  of the file name. This lets us skip duplicate data more quickly, speeding the
  combining step.

• Docs: added a section explaining more about what is considered a missing
  branch and how it is reported: :ref:branch_explain, as requested in issue 1597. Thanks to Ayisha Mohammed <pull 2092_>.

• Tests: the test suite misunderstood what core was being tested if
  COVERAGE_CORE wasn't set on 3.14+. This is now fixed, closing issue 2109_.

.. _issue 1597: #​1597
.. _pull 2092: #​2092
.. _issue 2105: #​2105
.. _issue 2109: #​2109
.. _issue 2110: #​2110

.. _changes_7-13-0:

v7.13.0

Compare Source

• Feature: coverage.py now supports :file:.coveragerc.toml configuration
  files. These files use TOML syntax and take priority over
  :file:pyproject.toml but lower priority than :file:.coveragerc files.
  Closes issue 1643_ thanks to Olena Yefymenko <pull 1952_>_.

• Fix: we now include a permanent .pth file which is installed with the code,
  fixing issue 2084. In 7.12.1b1 this was done incorrectly: it didn't work
  when using the source wheel (py3-none-any). This is now fixed. Thanks,
  Henry Schreiner <pull 2100_>.

• Deprecated: when coverage.py is installed, it creates three command entry
  points: coverage, coverage3, and coverage-3.10 (if installed for
  Python 3.10). The second and third of these are not needed and will
  eventually be removed. They still work for now, but print a message about
  their deprecation.

.. _issue 1643: #​1643
.. _pull 1952: #​1952
.. _pull 2100: #​2100

.. _changes_7-12-1b1:

v7.12.0

Compare Source

• The HTML report now shows separate coverage totals for statements and
  branches, as well as the usual combined coverage percentage. Thanks to Ryuta
  Otsuka for the discussion <issue 2081_>_ and the implementation <pull 2085_>_.

• The JSON report now includes separate coverage totals for statements and
  branches, thanks to Ryuta Otsuka <pull 2090_>_.

• Fix: except* clauses were not handled properly under the "sysmon"
  measurement core, causing KeyError exceptions as described in issue 2086_.
  This is now fixed.

• Fix: we now defend against aggressive mocking of open() that could cause
  errors inside coverage.py. An example of a failure is in issue 2083_.

• Fix: in unusual cases where a test suite intentionally exhausts the system's
  file descriptors to test handling errors in open(), coverage.py would
  fail when trying to open source files, as described in issue 2091_. This
  is now fixed.

• A small tweak to the HTML report: file paths now use thin spaces around
  slashes to make them easier to read.

.. _issue 2081: #​2081
.. _issue 2083: #​2083
.. _pull 2085: #​2085
.. _issue 2086: #​2086
.. _pull 2090: #​2090
.. _issue 2091: #​2091

.. _changes_7-11-3:

v7.11.3

Compare Source

• Fix: the 7.11.1 changes meant that conflicts between a requested measurement
  core and other settings would raise an error. This was a breaking change from
  previous behavior, as reported in issue 2076_ and issue 2078_.

  The previous behavior has been restored: when the requested core conflicts
  with other settings, another core is used instead, and a warning is issued.

• For contributors: the repo has moved from Ned's nedbat GitHub account_ to
  the coveragepy GitHub organization_. The default branch has changed from
  master to main.

.. _issue 2076: #​2076
.. _issue 2078: #​2078
.. _nedbat GitHub account: https://github.com/nedbat
.. _coveragepy GitHub organization: https://github.com/coveragepy

.. _changes_7-11-2:

v7.11.2

Compare Source

• Fix: using the "sysmon" measurement core in 7.11.1, if Python code was
  claimed to come from a non-Python file, a NotPython exception could be
  raised. This could happen for example with Jinja templates compiled to
  Python, as reported in issue 2077_. This is now fixed.

• Doc: corrected the first entry in the 7.11.1 changelog.

.. _issue 2077: #​2077

.. _changes_7-11-1:

v7.11.1

Compare Source

• Fix: some chanages to details of how the measurement core is chosen, and how
  conflicting settings are handled. The "sysmon" core cannot be used with some
  conurrency settings, with dynamic context, and in Python 3.12/3.13, with
  branch measurement.

  • If the core is not specified and defaults to "sysmon" (Python 3.14+), but
    other settings conflict with sysmon, then the "ctrace" core will be used
    instead with no warning. For concurrency conflicts, this used to produce an
    error, as described in issue 2064_.

  • If the "sysmon" core is explicitly requested in your configuration, but
    other settings conflict, an error is now raised. This used to produce a
    warning.

• Fix: some multi-line case clauses or for loops (and probably other
  constructs) could cause incorrect claims of missing branches with the
  sys.monitoring core, as described in issue 2070_. This is now fixed.

• Fix: when running in pytest under coverage, a breakpoint() would stop in
  the wrong frame, one level down from where it should, as described in issue 1420_. This was due to a coverage change in v6.4.1 that seemed to give a
  slight performance improvement, but I couldn't reproduce the performance
  gain, so it's been reverted, fixing the debugger problem.

• A new debug option --debug=core shows which core is in use and why.

• Split sqlite debugging information out of the sys :ref:coverage debug <cmd_debug> and :ref:cmd_run_debug options since it's bulky and not
  very useful.

• Updated the :ref:howitworks page to better describe the three different
  measurement cores.

.. _issue 1420: #​1420
.. _issue 2064: #​2064
.. _issue 2070: #​2070

.. _changes_7-11-0:

v7.11.0

Compare Source

• Dropped support for Python 3.9, declared support for Python 3.15 alpha.

.. _changes_7-10-7:

v7.10.7

Compare Source

• Performance: with branch coverage in large files, generating HTML, JSON, or
  LCOV reports could take far too long due to some quadratic behavior when
  creating the function and class index pages. This is now fixed, closing
  issue 2048_. Thanks to Daniel Diniz for help diagnosing the problem.

• Most warnings and a few errors now have links to a page in the docs
  explaining the specific message. Closes issue 1921_.

.. _issue 1921: #​1921
.. _issue 2048: #​2048

.. _changes_7-10-6:

v7.10.6

Compare Source

• Fix: source directories were not properly communicated to subprocesses
  that ran in different directories, as reported in issue 1499_. This is now
  fixed.

• Performance: Alex Gaynor continues fine-tuning <pull 2038_>_ the speed of
  combination, especially with many contexts.

.. _issue 1499: #​1499
.. _pull 2038: #​2038

.. _changes_7-10-5:

v7.10.5

Compare Source

• Big speed improvements for coverage combine: it's now about twice as
  fast! Huge thanks to Alex Gaynor for pull requests 2032 <pull 2032_>,
  2033 <pull 2033_>, and 2034 <pull 2034_>_.

.. _pull 2032: #​2032
.. _pull 2033: #​2033
.. _pull 2034: #​2034

.. _changes_7-10-4:

v7.10.4

Compare Source

• Added patch = fork for times when the built-in forking support is
  insufficient.

• Fix: patch = execv also inherits the entire coverage configuration now.

.. _changes_7-10-3:

v7.10.3

Compare Source

• Fixes for patch = subprocess:

  • If subprocesses spawned yet more subprocesses simultaneously, some coverage
    could be missed. This is now fixed, closing issue 2024_.

  • If subprocesses were created in other directories, their data files were
    stranded there and not combined into the totals, as described in issue 2025_. This is now fixed.

  • On Windows (or maybe only some Windows?) the patch would fail with a
    ModuleNotFound error trying to import coverage. This is now fixed,
    closing issue 2022_.

  • Originally only options set in the coverage configuration file would apply
    to subprocesses. Options set on the coverage run command line (such as
    --branch) wouldn't be communicated to the subprocesses. This could
    lead to combining failures, as described in issue 2021_. Now the entire
    configuration is used in subprocesses, regardless of its origin.

  • Added debug=patch to help diagnose problems.

• Fix: really close all SQLite databases, even in-memory ones. Closes issue 2017_.

.. _issue 2017: #​2017
.. _issue 2021: #​2021
.. _issue 2022: #​2022
.. _issue 2024: #​2024
.. _issue 2025: #​2025

.. _changes_7-10-2:

model-bakers/model_bakery (model-bakery)

v1.21.0

Compare Source

Added

• Add Python 3.14 support
• Add Django 6.0 support

Changed

• The creation of generic foreign key fields now respects their for_concrete_model configuration
• Refactor gen_float() to use uniform() with configurable min_float/max_float bounds instead of random() * gen_integer() which produced skewed distribution
• Refactor gen_interval() to use min_interval/max_interval instead of offset parameter which never worked as intended due to huge MAX_INT range
• Fix gen_date_range() and gen_datetime_range() to prevent empty ranges by enforcing a minimum interval of 1 day
• Use baker_random.randint() directly in gen_pg_numbers_range() instead of gen_integer()
• The gen_from_choices generator now ignores None or "" values in choices when the field doesn't allow null or blank values
• [dev] Various improvements to CI Python/Django matrices

Removed

• Drop fallbacks made for Django < 4.2
• Drop Python 3.8 and 3.9 support (reached end of life)

v1.20.5

Compare Source

Added

• Add Django 5.2 support

Changed

• Improve documentation

v1.20.4

Compare Source

Changed

• Fix regression introduced in 1.20.3 that prevented using auto_now and auto_now_add fields with seq or callable.

v1.20.3

Compare Source

Changed

• Fix support of auto_now and auto_now_add fields in combination with _fill_optional
• Isolate Recipe defaults to prevent modification via instances

v1.20.2

Compare Source

Changed

• Fix setting GFK parameter by a callable
• Fix regression forbidding using Proxy models as GFK

v1.20.1

Compare Source

Added

• docs: Add missing doc on _refresh_after_create option

Changed

• Fix Recipe.prepare without _quantity (on one-to-one relation)

Removed

• Remove deprecation warning of datetime.datetime.utcfromtimestamp.

mozilla/mozilla-django-oidc (mozilla-django-oidc)

v5.0.2

Compare Source

==================

• Fix and update Read the Docs.
  Thanks @janbrasna <https://github.com/janbrasna>_ and @escattone <https://github.com/escattone/>_

v5.0.1

Compare Source

==================

• Update PyPI release action.

python/mypy (mypy)

v1.19.1

Compare Source

• Fix noncommutative joins with bounded TypeVars (Shantanu, PR 20345)
• Respect output format for cached runs by serializing raw errors in cache metas (Ivan Levkivskyi, PR 20372)
• Allow types.NoneType in match cases (A5rocks, PR 20383)
• Fix mypyc generator regression with empty tuple (BobTheBuidler, PR 20371)
• Fix crash involving Unpack-ed TypeVarTuple (Shantanu, PR 20323)
• Fix crash on star import of redefinition (Ivan Levkivskyi, PR 20333)
• Fix crash on typevar with forward ref used in other module (Ivan Levkivskyi, PR 20334)
• Fail with an explicit error on PyPy (Ivan Levkivskyi, PR 20389)

v1.19.0

Compare Source

psycopg/psycopg (psycopg)

v3.3.2

Compare Source

v3.3.1

Compare Source

v3.3.0

Compare Source

v3.2.13

Compare Source

v3.2.12

Compare Source

v3.2.11

Compare Source

v3.2.10

Compare Source

v3.2.9

Compare Source

v3.2.8

Compare Source

v3.2.7

Compare Source

v3.2.6

Compare Source

v3.2.5

Compare Source

v3.2.4

Compare Source

pydantic/pydantic (pydantic)

v2.12.5: 2025-11-26

Compare Source

v2.12.5 (2025-11-26)

This is the fifth 2.12 patch release, addressing an issue with the MISSING sentinel and providing several documentation improvements.

The next 2.13 minor release will be published in a couple weeks, and will include a new polymorphic serialization feature addressing
the remaining unexpected changes to the serialize as any behavior.

• Fix pickle error when using model_construct() on a model with MISSING as a default value by @​ornariece in #​12522.
• Several updates to the documentation by @​Viicos.

Full Changelog: pydantic/pydantic@v2.12.4...v2.12.5

v2.12.4

Compare Source

v2.12.3

Compare Source

GitHub release

What's Changed

This is the third 2.13 patch release, fixing issues related to the FieldInfo class, and reverting a change to the supported
after model validator function signatures.

• Raise a warning when an invalid after model validator function signature is raised by @​Viicos in #​12414.
  Starting in 2.12.0, using class methods for after model validators raised an error, but the error wasn't raised concistently. We decided
  to emit a deprecation warning instead.
• Add FieldInfo.asdict() method, improve documentation around FieldInfo by @​Viicos in #​12411.
  This also add back support for mutations on FieldInfo classes, that are reused as Annotated metadata. However, note that this is still
  not a supported pattern. Instead, please refer to the added example in the documentation.

The blog post section on changes was also updated to document the changes related to serialize_as_any.

v2.12.2

Compare Source

GitHub release

What's Changed

Fixes

• Release a new pydantic-core version, as a corrupted CPython 3.10 manylinux2014_aarch64 wheel got uploaded (pydantic-core#1843).
• Fix issue with recursive generic models with a parent model class by @​Viicos in #​12398

v2.12.1

Compare Source

GitHub release

What's Changed

This is the first 2.12 patch release, addressing most (but not all yet) regressions from the initial 2.12.0 release.

Fixes

• Do not evaluate annotations when inspecting validators and serializers by @​Viicos in #​12355
• Make sure None is converted as NoneType in Python 3.14 by @​Viicos in #​12370
• Backport V1 runtime warning when using Python 3.14 by @​Viicos in #​12367
• Fix error message for invalid validator signatures by @​Viicos in #​12366
• Populate field name in ValidationInfo for validation of default value by @​Viicos in pydantic-core#1826
• Encode credentials in MultiHostUrl builder by @​willswire in pydantic-core#1829
• Respect field serializers when using serialize_as_any serialization flag by @​davidhewitt in pydantic-core#1829
• Fix various RootModel serialization issues by @​davidhewitt in pydantic-core#1836

New Contributors

• @​willswire made their first contribution in pydantic-core#1829

v2.12.0

Compare Source

GitHub release

What's Changed

This is the final 2.12 release. It features the work of 20 external contributors and provides useful new features, along with initial Python 3.14 support.
Several minor changes (considered non-breaking changes according to our versioning policy)
are also included in this release. Make sure to look into them before upgrading.

Note that Pydantic V1 is not compatible with Python 3.14 and greater.

Changes (see the alpha and beta releases for additional changes since 2.11):

Packaging

• Update V1 copy to v1.10.24 by @​Viicos in #​12338

New Features

• Add extra parameter to the validate functions by @​anvilpete in #​12233
• Add exclude_computed_fields serialization option by @​Viicos in #​12334
• Add preverse_empty_path URL options by @​Viicos in #​12336
• Add union_format parameter to JSON Schema generation by @​Viicos in #​12147
• Add __qualname__ parameter for create_model by @​Atry in #​12001

Fixes

• Do not try to infer name from lambda definitions in pipelines API by @​Viicos in #​12289
• Use proper namespace for functions in TypeAdapter by @​Viicos in #​12324
• Use Any for context type annotation in TypeAdapter by @​inducer in #​12279
• Expose FieldInfo in pydantic.fields.__all__ by @​Viicos in #​12339
• Respect validation_alias in @validate_call by @​Viicos in #​12340
• Use Any as context annotation in plugin API by @​Viicos in #​12341
• Use proper stacklevel in warnings when possible by @​Viicos in #​12342

New Contributors

• @​anvilpete made their first contribution in #​12233
• @​JonathanWindell made their first contribution in #​12327
• @​inducer made their first contribution in #​12279
• @​Atry made their first contribution in #​12001

v2.11.10

Compare Source

GitHub release

What's Changed

Fixes

• Backport v1.10.24 changes by @​Viicos

v2.11.9

Compare Source

GitHub release

What's Changed

Fixes

• Backport v1.10.23 changes by @​Viicos

v2.11.8

Compare Source

GitHub release

What's Changed

Fixes

• Fix mypy plugin for mypy 1.18 by @​cdce8p in #​12209

pylint-dev/pylint (pylint)

v4.0.4

Compare Source

What's new in Pylint 4.0.4?

Release date: 2025-11-30

False Positives Fixed

• Fixed false positive for invalid-name where module-level constants were incorrectly classified as variables when a class-level attribute with the same name exists.

  Closes #​10719

• Fix a false positive for invalid-name on an UPPER_CASED name inside an if branch that assigns an object.

  Closes #​10745

v4.0.3

Compare Source

What's new in Pylint 4.0.3?

Release date: 2025-11-13

False Positives Fixed

• Add Enum dunder methods _generate_next_value_, _missing_, _numeric_repr_, _add_alias_, and _add_value_alias_ to the list passed to --good-dunder-names.

  Closes #​10435

• Fixed false positive for invalid-name with typing.Annotated.

  Closes #​10696

• Fix false positive for f-string-without-interpolation with template strings
  when using format spec.

  Closes #​10702

• Fix a false positive when an UPPER_CASED class attribute was raising an
  invalid-name when typed with Final.

  Closes #​10711

• Fix a false positive for unbalanced-tuple-unpacking when a tuple is assigned to a function call and the structure of the function's return value is ambiguous.

  Closes #​10721

Other Bug Fixes

• Make 'ignore' option work as expected again.

  Closes #​10669

• Fix crash for consider-using-assignment-expr when a variable annotation without assignment
  is used as the if test expression.

  Closes #​10707

• Fix crash for prefer-typing-namedtuple and consider-math-not-float when
  a slice object is called.

  Closes #​10708

v4.0.2

Compare Source

False Positives Fixed

• Fix false positive for invalid-name on a partially uninferable module-level constant.

  Closes #​10652

• Fix a false positive for invalid-name on exclusive module-level assignments
  composed of three or more branches. We won't raise disallowed-name on module-level names that can't be inferred
  until a further refactor to remove this false negative is done.

  Closes #​10664

• Fix false positive for invalid-name for TypedDict instances.

  Closes #​10672

v4.0.1

Compare Source

What's new in Pylint 4.0.1?

Release date: 2025-10-14

False Positives Fixed

• Exclude __all__ and __future__.annotations from unused-variable.

  Closes #​10019

• Fix false-positive for bare-name-capture-pattern if a case guard is used.

  Closes #​10647

• Check enums created with the Enum() functional syntax to pass against the
  --class-rgx for the invalid-name check, like other enums.

  Closes #​10660

v4.0.0

Compare Source

• Pylint now supports Python 3.14.

• Pylint's inference engine (astroid) is now much more precise,
  understanding implicit booleanness and ternary expressions. (Thanks @​zenlyj!)

Consider this example:

class Result:
    errors: dict | None = None

result = Result()
if result.errors:
    result.errors[field_key]

##### inference engine understands result.errors cannot be None
##### pylint no longer raises unsubscriptable-object

The required astroid version is now 4.0.0. See the astroid changelog for additional fixes, features, and performance improvements applicable to pylint.

• Handling of invalid-name at the module level was patchy. Now,
  module-level constants that are reassigned are treated as variables and checked
  against --variable-rgx rather than --const-rgx. Module-level lists,
  sets, and objects can pass against either regex.

Here, LIMIT is reassigned, so pylint only uses --variable-rgx:

LIMIT = 500  # [invalid-name]
if sometimes:
    LIMIT = 1  # [invalid-name]

If this is undesired, refactor using exclusive assignment so that it is
evident that this assignment happens only once:

if sometimes:
    LIMIT = 1
else:
    LIMIT = 500  # exclusive assignment: uses const regex, no warning

Lists, sets, and objects still pass against either const-rgx or variable-rgx
even if reassigned, but are no longer completely skipped:

MY_LIST = []
my_list = []
My_List = []  # [invalid-name]

Remember to adjust the regexes and allow lists to your liking.

Breaking Changes

• invalid-name now distinguishes module-level constants that are assigned only once
  from those that are reassigned and now applies --variable-rgx to the latter. Values
  other than literals (lists, sets, objects) can pass against either the constant or
  variable regexes (e.g. "LOGGER" or "logger" but not "LoGgEr").

  Remember that --good-names or --good-names-rgxs can be provided to explicitly
  allow good names.

  Closes #​3585

• The unused pylintrc argument to PyLinter.__init__() is deprecated
  and will be removed.

  Refs #​6052

• Commented out code blocks such as # bar() # TODO: remove dead code will no longer emit fixme.

  Refs #​9255

• pyreverse Run was changed to no longer call sys.exit() in its __init__.
  You should now call Run(args).run() which will return the exit code instead.
  Having a class that always raised a SystemExit exception was considered a bug.

  Normal usage of pyreverse through the CLI will not be affected by this change.

  Refs #​9689

• The suggestion-mode option was removed, as pylint now always emits user-friendly hints instead
  of false-positive error messages. You should remove it from your conf if it's defined.

  Refs #​9962

• The async.py checker module has been renamed to async_checker.py since async is a Python keyword
  and cannot be imported directly. This allows for better testing and extensibility of the async checker functionality.

  Refs #​10071

• The message-id of continue-in-finally was changed from E0116 to W0136. The warning is
  now emitted for every Python version since it will raise a syntax warning in Python 3.14.
  See PEP 765 - Disallow return/break/continue that exit a finally block.

  Refs #​10480

• Removed support for nmp.NaN alias for numpy.NaN being recognized in ':ref:nan-comparison'. Use np or numpy instead.

  Refs #​10583

• Version requirement for isort has been bumped to >=5.0.0.
  The internal compatibility for older isort versions exposed via pylint.utils.IsortDriver has
  been removed.

  Refs #​10637

New Features

• comparison-of-constants now uses the unicode from the ast instead of reformatting from
  the node's values preventing some bad formatting due to utf-8 limitation. The message now uses
  " instead of ' to better work with what the python ast returns.

  Refs #​8736

• Enhanced pyreverse to properly distinguish between UML relationship types (association, aggregation, composition) based on object ownership semantics. Type annotations without assignment are now treated as associations, parameter assignments as aggregations, and object instantiation as compositions.

  Closes #​9045
  Closes #​9267

• The fixme check can now search through docstrings as well as comments, by using
  check-fixme-in-docstring = true in the [tool.pylint.miscellaneous] section.

  Closes #​9255

• The use-implicit-booleaness-not-x checks now distinguish between comparisons
  used in boolean contexts and those that are not, enabling them to provide more accurate refactoring suggestions.

  Closes #​9353

• The verbose option now outputs the filenames of the files that have been checked.
  Previously, it only included the number of checked and skipped files.

  Closes #​9357

• colorized reporter now colorizes messages/categories that have been configured as fail-on in red inverse.
  This makes it easier to quickly find the errors that are causing pylint CI job failures.

  Closes #​9898

• Enhanced support for @​property decorator in pyreverse to correctly display return types of annotated properties when generating class diagrams.

  Closes #​10057

• Add --max-depth option to pyreverse to control diagram complexity. A depth of 0 shows only top-level packages, 1 shows one level of subpackages, etc.
  This helps manage visualization of large codebases by limiting the depth of displayed packages and classes.

  Refs #​10077

• Handle deferred evaluation of annotations in Python 3.14.

  Closes #​10149

• Enhanced pyreverse to properly detect aggregations for comprehensions (list, dict, set, generator).

  Closes #​10236

• pyreverse: add support for colorized output when using output format mmd (MermaidJS) and html.

  Closes #​10242

• pypy 3.11 is now officially supported.

  Refs #​10287

• Add support for Python 3.14.

  Refs #​10467

• Add naming styles for ParamSpec and TypeVarTuple that align with the TypeVar style.

  Refs #​10541

New Checks

• Add match-statements checker and the following message:
  bare-name-capture-pattern.
  This will emit an error message when a name capture pattern is used in a match statement which would make the remaining patterns unreachable.
  This code is a SyntaxError at runtime.

  Closes #​7128

• Add new check async-context-manager-with-regular-with to detect async context managers used with regular with statements instead of async with.

  Refs #​10408

• Add break-in-finally warning. Using break inside the finally clause
  will raise a syntax warning in Python 3.14.
  See PEP 765 - Disallow return/break/continue that exit a finally block <https://peps.python.org/pep-0765/>_.

  Refs #​10480

• Add new checks for invalid uses of class patterns in :keyword:match.

  • :ref:invalid-match-args-definition is emitted if :py:data:object.__match_args__ isn't a tuple of strings.
  • :ref:too-many-positional-sub-patterns if there are more positional sub-patterns than specified in :py:data:object.__match_args__.
  • :ref:multiple-class-sub-patterns if there are multiple sub-patterns for the same attribute.

  Refs #​10559

• Add additional checks for suboptimal uses of class patterns in :keyword:match.

  • :ref:match-class-bind-self is emitted if a name is bound to self instead of
    using an as pattern.
  • :ref:match-class-positional-attributes is emitted if a class pattern has positional
    attributes when keywords could be used.

  Refs #​10587

• Add a consider-math-not-float message. float("nan") and float("inf") are slower
  than their counterpart math.inf and math.nan by a factor of 4 (notwithstanding
  the initial import of math) and they are also not well typed when using mypy.
  This check also catches typos in float calls as a side effect.

  The :ref:pylint.extensions.code_style need to be activated for this check to work.

  Refs #​10621

False Positives Fixed

• Fix a false positive for used-before-assignment when a variable defined under
  an if and via a named expression (walrus operator) is used later when guarded
  under the same if test.

  Closes #​10061

• Fix :ref:no-name-in-module for members of concurrent.futures with Python 3.14.

  Closes #​10632

False Negatives Fixed

• Fix false negative for used-before-assignment when a TYPE_CHECKING import is used as a type annotation prior to erroneous usage.

  Refs #​8893

• Match cases are now counted as edges in the McCabe graph and will increase the complexity accordingly.

  Refs #​9667

• Check module-level constants with type annotations for invalid-name.
  Remember to adjust const-naming-style or const-rgx to your liking.

  Closes #​9770

• Fix false negative where function-redefined (E0102) was not reported for functions with a leading underscore.

  Closes #​9894

• We now raise a logging-too-few-args for format string with no
  interpolation arguments at all (i.e. for something like logging.debug("Awaiting process %s")
  or logging.debug("Awaiting process {pid}")). Previously we did not raise for such case.

  Closes #​9999

• Fix false negative for used-before-assignment when a function is defined inside a TYPE_CHECKING guard block and used later.

  Closes #​10028

• Fix a false negative for possibly-used-before-assignment when a variable is conditionally defined
  and later assigned to a type-annotated variable.

  Closes #​10421

• Fix false negative for deprecated-module when a __import__ method is used instead of import sentence.

  Refs #​10453

• Count match cases for too-many-branches check.

  Refs #​10542

• Fix false-negative where :ref:unused-import was not reported for names referenced in a preceding global statement.

  Refs #​10633

Other Bug Fixes

• When displaying unicode with surrogates (or other potential UnicodeEncodeError),
  pylint will now display a '?' character (using encode(encoding="utf-8", errors="replace"))
  instead of crashing. The functional tests classes are also updated to handle this case.

  Closes #​8736

• Fixed unidiomatic-typecheck only checking left-hand side.

  Closes #​10217

• Fix a crash caused by malformed format strings when using .format with keyword arguments.

  Closes [#​10282](https://redi

---

Configuration

📅 Schedule: Branch creation - On day 1 of the month ( * * 1 * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[niklasmohrin]

See pylint-dev/pylint-django#467

[Kakadus]

Also notice that django-fsm got an update. They unarchived the repo, just to push an update to Django 6.0 by claude code and archive it again. We initially disabled the update to 3.0.0 because they added deprecation warnings.

Maybe we need to finally migrate to https://github.com/django-commons/django-fsm-2? They seem to be directly compatible and have Django 6.0 support.

[niklasmohrin]

Maybe we need to finally migrate to https://github.com/django-commons/django-fsm-2? They seem to be directly compatible and have Django 6.0 support.

That seems like a good idea! We should quickly check that they didn't introduce any malicious changes, but other than that I think this is the best way forward

[niklasmohrin]

I'll take a look at django-fsm-2

[niklasmohrin]

Diff from 77a4d770a0ade4329cc991322ff21fc22294a860 (which is from the previous repo) to 4.1.0 looks good

[Kakadus]

pylint-django now has support for django 6.0 pylint 4 and the CI fails because of the incompatible python version. Should be fixed in #2588

[niklasmohrin]

As far as I understand the pylint-django release, they only support pylint 4 now, but not Django 6 yet (their pyproject toml lists all kinds of Django versions up to 5.2). If it works, I am fine with upgrading, but I also think that we are not in a hurry to get pylint upgraded.