build(deps): bump the quality group across 1 directory with 3 updates

[dependabot]

Bumps the quality group with 3 updates in the / directory: ruff, ty and prek.

Updates ruff from 0.15.15 to 0.15.17

Release notes

Sourced from ruff's releases.

0.15.17

Release Notes

Released on 2026-06-11.

Preview features

• Allow human-readable names in suppression comments (#25614)
• Fix handling of ignore comments within a disable/enable pair (#25845)
• Prioritize human-readable names in CLI output (#25869)
• Respect diagnostic start and parent ranges and trailing comments in ruff:ignore suppressions (#25673)
• [flake8-async] Add trio.as_safe_channel to safe decorators (ASYNC119) (#25775)
• [flake8-pytest-style] Also check pytest_asyncio fixtures (#25375)
• [ruff] Ban pytest autouse fixtures (RUF076) (#25477)
• [pyupgrade] Add from __future__ import annotations automatically (UP007, UP045) (#23259)

Bug fixes

• Fix diagnostic when ruff:enable or ruff:disable appears where ruff:ignore is expected (#25700)
• [pyupgrade] Preserve leading empty literals to avoid syntax errors (UP032) (#25491)

Rule changes

• [flake8-pytest-style] Clarify diagnostic message for single parameters (PT007) (#25592)
• [numpy] Drop autofix for np.in1d (NPY201) (#25612)
• [pylint] Exempt Python version comparisons (PLR2004) (#25743)

Performance

• Reserve AST Vecs with correct capacity for common cases (#25451)

Formatter

• Preserve whitespace for Quarto cell option comments (#25641)

CLI

• Allow rule names in ruff rule (#25640)

Other changes

• Fix playground diagnostics scrollbars (#25642)

Contributors

• @​SuryanshSS1011
• @​anishgirianish
• @​romero-deshaw
• @​karlhillx
• @​carljm

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.17

Released on 2026-06-11.

Preview features

• Allow human-readable names in suppression comments (#25614)
• Fix handling of ignore comments within a disable/enable pair (#25845)
• Prioritize human-readable names in CLI output (#25869)
• Respect diagnostic start and parent ranges and trailing comments in ruff:ignore suppressions (#25673)
• [flake8-async] Add trio.as_safe_channel to safe decorators (ASYNC119) (#25775)
• [flake8-pytest-style] Also check pytest_asyncio fixtures (#25375)
• [ruff] Ban pytest autouse fixtures (RUF076) (#25477)
• [pyupgrade] Add from __future__ import annotations automatically (UP007, UP045) (#23259)

Bug fixes

• Fix diagnostic when ruff:enable or ruff:disable appears where ruff:ignore is expected (#25700)
• [pyupgrade] Preserve leading empty literals to avoid syntax errors (UP032) (#25491)

Rule changes

• [flake8-pytest-style] Clarify diagnostic message for single parameters (PT007) (#25592)
• [numpy] Drop autofix for np.in1d (NPY201) (#25612)
• [pylint] Exempt Python version comparisons (PLR2004) (#25743)

Performance

• Reserve AST Vecs with correct capacity for common cases (#25451)

Formatter

• Preserve whitespace for Quarto cell option comments (#25641)

CLI

• Allow rule names in ruff rule (#25640)

Other changes

• Fix playground diagnostics scrollbars (#25642)

Contributors

• @​SuryanshSS1011
• @​anishgirianish
• @​romero-deshaw
• @​karlhillx
• @​carljm
• @​ntBre

... (truncated)

Commits

• 7c645a9 Bump 0.15.17 (#25872)
• f381eb1 Prioritize human-readable names in CLI output (#25869)
• b9b4546 Minor workflow simplification (#25870)
• 1e77ba0 [ty] Move PreformattedBlockScanner to format-agnostic location. (#25856)
• 6f2b772 [ty] Preserve nominal type of enum.property instances (#25849)
• be4777c [ty] Fix site-package error when multiple versions of pythons are installed i...
• 53f6ff7 Allow human-readable names in suppression comments (#25614)
• 6740325 [ty] Restrict uncached raw signature access (#25866)
• 970b1bf Auto-update snapshots when syncing typeshed (#25841)
• 0785793 Fix handling of ignore comments within a disable/enable pair (#25845)
• Additional commits viewable in compare view

Updates ty from 0.0.42 to 0.0.49

Release notes

Sourced from ty's releases.

0.0.49

Release Notes

Released on 2026-06-11.

Bug fixes

• Fix site-package error when multiple versions of Python are installed in system path (#25769)

Diagnostics

• Point at attribute's binding site in `invalid-await diagnostic (#24628)
• Report redefined legacy TypeVars (#25854)

Performance

• Add dedicated TDDs for narrowing constraints (#25834)
• Avoid caching same-file raw signatures (#25761)
• Cache reachability evaluations during inference (#25696)
• Compact retained definition maps (#25737)
• Omit redundant definition inference owner keys (#25837)

Core type checking

• Preserve nominal type of enum.property instances (#25849)
• Restrict length narrowing to types that encode their length (#25840)
• Use peer context for collection literals (#25848)

Contributors

• @​charliermarsh
• @​anishgirianish
• @​cheparity
• @​carljm

Install ty 0.0.49

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ty/releases/download/0.0.49/ty-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ty/releases/download/0.0.49/ty-installer.ps1 | iex"

Download ty 0.0.49

... (truncated)

Changelog

Sourced from ty's changelog.

0.0.49

Released on 2026-06-11.

Bug fixes

• Fix site-package error when multiple versions of Python are installed in system path (#25769)

Diagnostics

• Point at attribute's binding site in `invalid-await diagnostic (#24628)
• Report redefined legacy TypeVars (#25854)

Performance

• Add dedicated TDDs for narrowing constraints (#25834)
• Avoid caching same-file raw signatures (#25761)
• Cache reachability evaluations during inference (#25696)
• Compact retained definition maps (#25737)
• Omit redundant definition inference owner keys (#25837)

Core type checking

• Preserve nominal type of enum.property instances (#25849)
• Restrict length narrowing to types that encode their length (#25840)
• Use peer context for collection literals (#25848)

Contributors

• @​charliermarsh
• @​anishgirianish
• @​cheparity
• @​carljm

0.0.48

Released on 2026-06-10.

Performance

• Avoid redundant constraint saturation work (#25786)

Core type checking

• Add support for TypedDict extra_items (#25591)
• Improve closed=True TypedDict precision (#25651)
• Require subtyping for transitive constraint pivots (#25778)
• Sync vendored typeshed stubs (#25828). Typeshed diff

Contributors

... (truncated)

Commits

• b669da8 Bump version to 0.0.49 (#3749)
• 79f0f51 Fixups to new AGENTS.md file (#3741)
• d621352 alex/generated workflow agents (#3740)
• 10b243d Bump version to 0.0.48 (#3729)
• c7a02f3 Automatically trigger new ty-pre-commit releases when we cut a release (#3727)
• b6465aa Update typing FAQs: we have a pre-commit hook now (#3728)
• bd984e5 Bump version to 0.0.47 (#3726)
• dd697a4 Harden release-script edits around typeshed-sync CHANGELOG entries (#3725)
• 23c525e Ensure the submodule is initialized in release.sh (#3724)
• baf9732 Update actions/checkout action to v6.0.3 (#3716)
• Additional commits viewable in compare view

Updates prek from 0.4.3 to 0.4.4

Release notes

Sourced from prek's releases.

0.4.4

Release Notes

Released on 2026-06-04.

✨ Highlights

0.4.4 makes prek run easier to watch and easier to slice.

Hook stream output now shows a small live preview under the running hook in the progress UI. Long-running hooks no longer look stuck while they are producing logs, and failed hooks are easier to diagnose because recent output is already visible before the final result.

The new group selector lets a single config support different workflows. Tag hooks with groups, then select or exclude those groups at run time:

repos:
  - repo: local
    hooks:
      - id: format
        name: Format Python
        language: system
        entry: ruff format
        groups: [format, ci]
  - id: lint
    name: Lint Python
    language: system
    entry: ruff check
    groups: [lint, ci]

prek run --all-files --group ci
prek run --all-files --no-group format

This is useful when local development, CI, slow validation, or project-specific checks need different hook sets without splitting the config.

💚 Sponsorship

If prek saves time for you or your team, please consider sponsoring the project on GitHub Sponsors. It helps keep new features, performance work, and maintenance moving.

Enhancements

... (truncated)

Changelog

Sourced from prek's changelog.

0.4.4

Released on 2026-06-04.

Highlights

0.4.4 makes prek run easier to watch and easier to slice.

Hook stream output now shows a small live preview under the running hook in the progress UI. Long-running hooks no longer look stuck while they are producing logs, and failed hooks are easier to diagnose because recent output is already visible before the final result.

The new group selector lets a single config support different workflows. Tag hooks with groups, then select or exclude those groups at run time:

repos:
  - repo: local
    hooks:
      - id: format
        name: Format Python
        language: system
        entry: ruff format
        groups: [format, ci]
  - id: lint
    name: Lint Python
    language: system
    entry: ruff check
    groups: [lint, ci]

prek run --all-files --group ci
prek run --all-files --no-group format

This is useful when local development, CI, slow validation, or project-specific checks need different hook sets without splitting the config.

Enhancements

• Add hook group filters to prek run (#2141)
• Delay hook output preview rendering (#2140)
• Stream hook output in progress UI (#2136)

Bug fixes

• Fix intent-to-add stash restore (#2143)

... (truncated)

Commits

• f44270e Bump version 0.4.4 (#2148)
• da457c5 Document hook stage file input (#2147)
• 0fa2929 Add hook group filters to prek run (#2141)
• 9b0047f Fix intent-to-add stash restore (#2143)
• 00b2520 Delay hook output preview rendering (#2140)
• a54fdf0 Simplify hook output preview rendering (#2139)
• ab7165d Stream hook output in progress UI (#2136)
• f609584 Remove unpinned dotnet test (#2137)
• ce0d8b3 Update Rust to 1.96 (#2134)
• 1815fc5 Update PyPI Downloads badge to dynamic JSON
• See full diff in compare view

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	pypi/​prek@​0.4.3 ⏵ 0.4.4
	pypi/​ty@​0.0.42 ⏵ 0.0.49
	pypi/​ruff@​0.15.15 ⏵ 0.15.17

View full report

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.32%. Comparing base (2f4a08a) to head (9b2e713).

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #618      +/-   ##
==========================================
+ Coverage   90.97%   93.32%   +2.34%     
==========================================
  Files           3       58      +55     
  Lines         133     2951    +2818     
==========================================
+ Hits          121     2754    +2633     
- Misses         12      197     +185     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.