Bump the python-packages group with 4 updates

[dependabot]

Bumps the python-packages group with 4 updates: cachetools, pyjwt, prek and ruff.

Updates cachetools from 7.0.2 to 7.0.5

Changelog

Sourced from cachetools's changelog.

v7.0.5 (2026-03-09)

• Minor @cachedmethod performance improvements.

v7.0.4 (2026-03-08)

• Fix and properly document @cachedmethod.cache_key behavior.

• Minor documentation improvements.

v7.0.3 (2026-03-05)

• Fix DeprecationWarning when creating an autospec mock with @cachedmethod decorations.

Commits

• 5dce86f Release v7.0.5.
• af5e688 Minor @​cachedmethod performance improvements.
• 0ca75e6 Relase v7.0.4.
• 5b1fa39 Prepare v7.0.4.
• 18e5930 Fix #218: Fix and properly document @​cachedmethod.cache_key handling.
• 98ec79f Drop "class method" from @​cachedmethod docstring.
• 93822a3 Release v7.0.3.
• 57d2e48 Fix #387: Handle obj=None case for inspection in _DescriptorBase.
• See full diff in compare view

Updates pyjwt from 2.11.0 to 2.12.0

Release notes

Sourced from pyjwt's releases.

2.12.0

Security

• Validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. by @​dmbs335 in GHSA-752w-5fwx-jx9f

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in jpadilla/pyjwt#1132
• chore(docs): fix docs build by @​tamird in jpadilla/pyjwt#1137
• Annotate PyJWKSet.keys for pyright by @​tamird in jpadilla/pyjwt#1134
• fix: close HTTPError to prevent ResourceWarning on Python 3.14 by @​veeceey in jpadilla/pyjwt#1133
• chore: remove superfluous constants by @​tamird in jpadilla/pyjwt#1136
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in jpadilla/pyjwt#1135
• chore(tests): enable mypy by @​tamird in jpadilla/pyjwt#1138
• Bump actions/download-artifact from 7 to 8 by @​dependabot[bot] in jpadilla/pyjwt#1142
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in jpadilla/pyjwt#1141
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci[bot] in jpadilla/pyjwt#1145
• fix: do not store reference to algorithms dict on PyJWK by @​akx in jpadilla/pyjwt#1143
• Use PyJWK algorithm when encoding without explicit algorithm by @​jpadilla in jpadilla/pyjwt#1148

New Contributors

• @​tamird made their first contribution in jpadilla/pyjwt#1137
• @​veeceey made their first contribution in jpadilla/pyjwt#1133

Full Changelog: jpadilla/pyjwt@2.11.0...2.12.0

Changelog

Sourced from pyjwt's changelog.

v2.12.0 <https://github.com/jpadilla/pyjwt/compare/2.11.0...2.12.0>__

Fixed

- Annotate PyJWKSet.keys for pyright by @tamird in `[#1134](https://github.com/jpadilla/pyjwt/issues/1134) <https://github.com/jpadilla/pyjwt/pull/1134>`__
- Close ``HTTPError`` response to prevent ``ResourceWarning`` on Python 3.14 by @veeceey in `[#1133](https://github.com/jpadilla/pyjwt/issues/1133) <https://github.com/jpadilla/pyjwt/pull/1133>`__
- Do not keep ``algorithms`` dict in PyJWK instances by @akx in `[#1143](https://github.com/jpadilla/pyjwt/issues/1143) <https://github.com/jpadilla/pyjwt/pull/1143>`__
- Validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. by @dmbs335 in `GHSA-752w-5fwx-jx9f <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f>`__
- Use PyJWK algorithm when encoding without explicit algorithm in `[#1148](https://github.com/jpadilla/pyjwt/issues/1148) <https://github.com/jpadilla/pyjwt/pull/1148>`__
Added

• Docs: Add PyJWKClient API reference and document the two-tier caching system (JWK Set cache and signing key LRU cache).

Commits

• bd9700c Use PyJWK algorithm when encoding without explicit algorithm (#1148)
• 051ea34 Merge commit from fork
• 1451d70 fix: do not store reference to algorithms dict on PyJWK (#1143)
• f3ba74c [pre-commit.ci] pre-commit autoupdate (#1145)
• 0318ffa [pre-commit.ci] pre-commit autoupdate (#1141)
• a52753d Bump actions/download-artifact from 7 to 8 (#1142)
• b85050f chore(tests): enable mypy (#1138)
• 1272b26 [pre-commit.ci] pre-commit autoupdate (#1135)
• 99a8728 chore: remove superfluous constants (#1136)
• 412cb67 fix: close HTTPError to prevent ResourceWarning on Python 3.14 (#1133)
• Additional commits viewable in compare view

Updates prek from 0.3.4 to 0.3.5

Release notes

Sourced from prek's releases.

0.3.5

Release Notes

Released on 2026-03-09.

Enhancements

• Add automatic Ruby download support using rv binaries (#1668)
• Adjust open file limit on process startup (#1705)
• Allow parallel gem retry (#1732)
• Enable system-proxy feature on reqwest (#1738)
• Expose --git-dir to force hook installation target (#1723)
• Pass --quiet, --verbose, and --no-progress through prek install into generated hook scripts (#1753)
• Respect core.sharedRepository for hook permissions (#1755)
• Support legacy mode hook script (#1706)
• rust: support cli: git dependency 4th segment package disambiguation (#1747)

Bug fixes

• Fix Python __main__.py entry (#1741)
• python: strip UV_SYSTEM_PYTHON from uv venv and pip install commands (#1756)

Other changes

• Sync latest identify tags (#1733)

Contributors

• @​Dev-iL
• @​tennox
• @​shaanmajid
• @​is-alnilam
• @​github-actions
• @​j178

Install prek 0.3.5

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/j178/prek/releases/download/v0.3.5/prek-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/j178/prek/releases/download/v0.3.5/prek-installer.ps1 | iex"

Install prebuilt binaries via Homebrew

... (truncated)

Changelog

Sourced from prek's changelog.

0.3.5

Released on 2026-03-09.

Enhancements

• Add automatic Ruby download support using rv binaries (#1668)
• Adjust open file limit on process startup (#1705)
• Allow parallel gem retry (#1732)
• Enable system-proxy feature on reqwest (#1738)
• Expose --git-dir to force hook installation target (#1723)
• Pass --quiet, --verbose, and --no-progress through prek install into generated hook scripts (#1753)
• Respect core.sharedRepository for hook permissions (#1755)
• Support legacy mode hook script (#1706)
• rust: support cli: git dependency 4th segment package disambiguation (#1747)

Bug fixes

• Fix Python __main__.py entry (#1741)
• python: strip UV_SYSTEM_PYTHON from uv venv and pip install commands (#1756)

Other changes

• Sync latest identify tags (#1733)

Contributors

• @​Dev-iL
• @​tennox
• @​shaanmajid
• @​is-alnilam
• @​github-actions
• @​j178

Commits

• 46cb7ba Bump version to 0.3.5 (#1760)
• 3cd9382 Fix GHC cache dir on Windows (#1759)
• c8ef5f9 Improve benchmark script (#1758)
• e6344fc Add a workflow for hyperfine benchmarks (#1304)
• 423e847 Respect core.sharedRepository for hook permissions (#1755)
• 80d0806 python: strip UV_SYSTEM_PYTHON from uv venv and pip install commands (#...
• b452914 Manage Rust toolchain and MSRV in renovate (#1757)
• 7c6c30e Bump actions versions (#1752)
• 73a55a4 Don't use native TLS backend (#1754)
• 8501ccb Pass --quiet, --verbose, and --no-progress through prek install into ...
• Additional commits viewable in compare view

Updates ruff from 0.15.4 to 0.15.5

Release notes

Sourced from ruff's releases.

0.15.5

Release Notes

Released on 2026-03-05.

Preview features

• Discover Markdown files by default in preview mode (#23434)
• [perflint] Extend PERF102 to comprehensions and generators (#23473)
• [refurb] Fix FURB101 and FURB103 false positives when I/O variable is used later (#23542)
• [ruff] Add fix for none-not-at-end-of-union (RUF036) (#22829)
• [ruff] Fix false positive for re.split with empty string pattern (RUF055) (#23634)

Bug fixes

• [fastapi] Handle callable class dependencies with __call__ method (FAST003) (#23553)
• [pydocstyle] Fix numpy section ordering (D420) (#23685)
• [pyflakes] Fix false positive for names shadowing re-exports (F811) (#23356)
• [pyupgrade] Avoid inserting redundant None elements in UP045 (#23459)

Documentation

• Document extension mapping for Markdown code formatting (#23574)
• Update default Python version examples (#23605)

Other changes

• Publish releases to Astral mirror (#23616)

Contributors

• @​amyreese
• @​stakeswky
• @​chirizxc
• @​anishgirianish
• @​bxff
• @​zsol
• @​charliermarsh
• @​ntBre
• @​kar-ganap

Install ruff 0.15.5

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.15.5/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.5

Released on 2026-03-05.

Preview features

• Discover Markdown files by default in preview mode (#23434)
• [perflint] Extend PERF102 to comprehensions and generators (#23473)
• [refurb] Fix FURB101 and FURB103 false positives when I/O variable is used later (#23542)
• [ruff] Add fix for none-not-at-end-of-union (RUF036) (#22829)
• [ruff] Fix false positive for re.split with empty string pattern (RUF055) (#23634)

Bug fixes

• [fastapi] Handle callable class dependencies with __call__ method (FAST003) (#23553)
• [pydocstyle] Fix numpy section ordering (D420) (#23685)
• [pyflakes] Fix false positive for names shadowing re-exports (F811) (#23356)
• [pyupgrade] Avoid inserting redundant None elements in UP045 (#23459)

Documentation

• Document extension mapping for Markdown code formatting (#23574)
• Update default Python version examples (#23605)

Other changes

• Publish releases to Astral mirror (#23616)

Contributors

• @​amyreese
• @​stakeswky
• @​chirizxc
• @​anishgirianish
• @​bxff
• @​zsol
• @​charliermarsh
• @​ntBre
• @​kar-ganap

Commits

• 5e4a3d9 Bump 0.15.5 (#23743)
• 69c23cc [ty] Render all changed diagnostics in conformance.py (#23613)
• 4926bd5 [ty] Split deferred checks out of types/infer/builder.rs (#23740)
• 9a70f5e Discover markdown files by default in preview mode (#23434)
• 3dc78b0 [ty] Use HasOptionalDefinition for except handlers (#23739)
• a6a5e8d [ty] Fix precedence of all selector in TOML configurations (#23723)
• 2a5384b [ty] Make all selector case sensitive (#23713)
• db77d7b [ty] Add a diagnostic if a TypeVar is used to specialize a ParamSpec, or ...
• db28490 [ty] Override home directory in ty tests (#23724)
• 5f0fd91 [ty] More type-variable default validation (#23639)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Coverage Report •

File	Stmts	Miss	Branch	BrPart	Cover	Missing
TOTAL	7808	968	1226	211	87%

report-only-changed-files is enabled. No files were changed during this commit :)