chore(deps): update aqua

[renovate]

This PR contains the following updates:

Package	Update	Change
aquaproj/aqua-registry	minor	v4.432.0 -> v4.442.0
astral-sh/ruff	minor	0.13.3 -> 0.14.7
rhysd/actionlint	patch	v1.7.8 -> v1.7.9

---

Release Notes

aquaproj/aqua-registry (aquaproj/aqua-registry)

v4.442.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-registry@v4.441.0...v4.442.0

🎉 New Packages

#​44810 kiali/kiali - Kiali project, observability for the Istio service mesh @​refi64

Fixes

#​44830 astral-sh/uv: Disable github attestation for 0.9.11 @​risu729
#​44828 XAMPPRocky/tokei: Use cargo for versions without assets @​risu729
#​44825 Re-scaffold wtfutil/wtf @​risu729

v4.441.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-registry@v4.440.0...v4.441.0

🎉 New Packages

#​44802 SonarSource/sonar-scanner-cli - Scanner CLI for SonarQube (Server, Cloud) @​Shion1305
#​44768 Stranger6667/jsonschema: A high-performance JSON Schema validator for Rust @​hituzi-no-sippo

Security

#​44801 astral-sh/uv: GitHub artifact attestations config @​scop

v4.440.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-registry@v4.439.0...v4.440.0

🎉 New Packages

#​44748 peteretelej/tree - tree is an open-source cross-platform tree cli implemented in Rust @​Shion1305
#​44645 microsoft/component-detection - Scans your project to determine what components you use @​scop

Fixes

#​44754 pre-commit/pre-commit: Remove checksums from v4.5.0 @​risu729

v4.439.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-registry@v4.438.0...v4.439.0

🎉 New Packages

#​44596 owenlamont/ryl: Personal project to learn Rust and create a yaml linter @​hituzi-no-sippo

Fixes

#​44597 Re-scaffold sst/opencode

v4.438.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-registry@v4.437.0...v4.438.0

🎉 New Packages

#​44498 m7medVision/lazycommit: using AI to generate commit message suggestions @​hituzi-no-sippo
#​44472 werf/werf - A solution for implementing efficient and consistent software delivery to Kubernetes facilitating best practices @​tony-sol

v4.437.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-registry@v4.436.0...v4.437.0

🎉 New Packages

#​44413 blender/blender: Blender is a free and open-source 3D computer graphics software @​lucasew

Fixes

#​44447 mas-cli/mas: Support mas v3.0.0 or later @​TyceHerrman
#​44305 apache/maven: Support maven 4.x @​aheritier

v4.436.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-registry@v4.435.0...v4.436.0

🎉 New Packages

#​44281 houseabsolute/omegasort: The last text sorting tool you'll ever need

Fixes

#​44282 rustic-rs/rustic: Support rustic v0.10.2
#​44287 leoafarias/fvm: Support fvm v4.0.1 on windows
#​44283 chaqchase/lla/: Support lla v0.5.1
#​44284 sigstore/rekor: Support rekor v1.4.3

v4.435.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-registry@v4.434.0...v4.435.0

🎉 New Packages

#​43910 cirruslabs/cirrus-cli - CLI for executing Cirrus tasks locally and in any CI @​djgoku

Fixes

#​44106 Re-scaffold phiresky/ripgrep-all

Security

#​43857 topgrade-rs/topgrade: GitHub artifact attestations config @​scop
#​44024 axodotdev/cargo-dist: GitHub artifact attestations config @​scop

v4.434.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-registry@v4.433.0...v4.434.0

🎉 New Packages

#​44060 CrociDB/bulletty: bulletty is a pretty feed reader for the terminal that stores the articles as Markdown
#​44058 Gaurav-Gosain/tuios: Terminal UI OS (Terminal Multiplexer)
#​44059 ck-zhang/reddix: Reddix – Reddit, refined for the terminal
#​43836 hokaccha/spannerdef: Idempotent Google Cloud Spanner schema management by SQL, inspired by sqldef @​yukukotani
#​44061 lasantosr/intelli-shell: Like IntelliSense, but for shells

Improvement

#​43941 flutter/flutter: Enable to change Flutter channel @​yumafuu

e.g.

packages:
  - name: flutter/flutter
    version: 3.38.0-0.2.pre
    vars:
      channel: beta

Fixes

#​44057 Re-scaffold cue-lang/cue
#​43790 Rename the package microsandbox/microsandbox to zerocore-ai/microsandbox

v4.433.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-registry@v4.432.0...v4.433.0

🎉 New Packages

#​43697 minc-org/minc - MicroShift in Container @​dronenb
#​43702 neilpa/yajsv - Yet Another JSON Schema Validator [CLI] @​dronenb
#​43699 nmstate/nmstate - Nmstate is a library with an accompanying command line tool that manages host networking settings in a declarative manner @​dronenb
#​43704 openshift-pipelines/pipelines-as-code - Pipelines-as-Code for Tekton @​dronenb
#​43701 pete911/certinfo - print x509 certificate info @​dronenb

Fixes

#​43698 Support caarlos0/svu v3.3.0 or later
#​43695 Re-scaffold amir20/dtop
#​43666 Fix borgbackup/borg @​risu729

astral-sh/ruff (astral-sh/ruff)

v0.14.7

Compare Source

Released on 2025-11-28.

Preview features

• [flake8-bandit] Handle string literal bindings in suspicious-url-open-usage (S310) (#​21469)
• [pylint] Fix PLR1708 false positives on nested functions (#​21177)
• [pylint] Fix suppression for empty dict without tuple key annotation (PLE1141) (#​21290)
• [ruff] Add rule RUF066 to detect unnecessary class properties (#​21535)
• [ruff] Catch more dummy variable uses (RUF052) (#​19799)

Bug fixes

• [server] Set severity for non-rule diagnostics (#​21559)
• [flake8-implicit-str-concat] Avoid invalid fix in (ISC003) (#​21517)
• [parser] Fix panic when parsing IPython escape command expressions (#​21480)

CLI

• Show partial fixability indicator in statistics output (#​21513)

Contributors

• @​mikeleppane
• @​senekor
• @​ShaharNaveh
• @​JumboBear
• @​prakhar1144
• @​tsvikas
• @​danparizher
• @​chirizxc
• @​AlexWaygood
• @​MichaReiser

v0.14.6

Compare Source

Released on 2025-11-21.

Preview features

• [flake8-bandit] Support new PySNMP API paths (S508, S509) (#​21374)

Bug fixes

• Adjust own-line comment placement between branches (#​21185)
• Avoid syntax error when formatting attribute expressions with outer parentheses, parenthesized value, and trailing comment on value (#​20418)
• Fix panic when formatting comments in unary expressions (#​21501)
• Respect fmt: skip for compound statements on a single line (#​20633)
• [refurb] Fix FURB103 autofix (#​21454)
• [ruff] Fix false positive for complex conversion specifiers in logging-eager-conversion (RUF065) (#​21464)

Rule changes

• [ruff] Avoid false positive on ClassVar reassignment (RUF012) (#​21478)

CLI

• Render hyperlinks for lint errors (#​21514)
• Add a ruff analyze option to skip over imports in TYPE_CHECKING blocks (#​21472)

Documentation

• Limit eglot-format hook to eglot-managed Python buffers (#​21459)
• Mention force-exclude in "Configuration > Python file discovery" (#​21500)

Contributors

• @​ntBre
• @​dylwil3
• @​gauthsvenkat
• @​MichaReiser
• @​thamer
• @​Ruchir28
• @​thejcannon
• @​danparizher
• @​chirizxc

v0.14.5

Compare Source

Released on 2025-11-13.

Preview features

• [flake8-simplify] Apply SIM113 when index variable is of type int (#​21395)
• [pydoclint] Fix false positive when Sphinx directives follow a "Raises" section (DOC502) (#​20535)
• [pydoclint] Support NumPy-style comma-separated parameters (DOC102) (#​20972)
• [refurb] Auto-fix annotated assignments (FURB101) (#​21278)
• [ruff] Ignore str() when not used for simple conversion (RUF065) (#​21330)

Bug fixes

• Fix syntax error false positive on alternative match patterns (#​21362)
• [flake8-simplify] Fix false positive for iterable initializers with generator arguments (SIM222) (#​21187)
• [pyupgrade] Fix false positive on relative imports from local .builtins module (UP029) (#​21309)
• [pyupgrade] Consistently set the deprecated tag (UP035) (#​21396)

Rule changes

• [refurb] Detect empty f-strings (FURB105) (#​21348)

CLI

• Add option to provide a reason to --add-noqa (#​21294)
• Add upstream linter URL to ruff linter --output-format=json (#​21316)
• Add color to --help (#​21337)

Documentation

• Add a new "Opening a PR" section to the contribution guide (#​21298)
• Added the PyScripter IDE to the list of "Who is using Ruff?" (#​21402)
• Update PyCharm setup instructions (#​21409)
• [flake8-annotations] Add link to allow-star-arg-any option (ANN401) (#​21326)

Other changes

• [configuration] Improve error message when line-length exceeds u16::MAX (#​21329)

Contributors

• @​njhearp
• @​11happy
• @​hugovk
• @​Gankra
• @​ntBre
• @​pyscripter
• @​danparizher
• @​MichaReiser
• @​henryiii
• @​charliecloudberry

v0.14.4

Compare Source

Released on 2025-11-06.

Preview features

• [formatter] Allow newlines after function headers without docstrings (#​21110)
• [formatter] Avoid extra parentheses for long match patterns with as captures (#​21176)
• [refurb] Expand fix safety for keyword arguments and Decimals (FURB164) (#​21259)
• [refurb] Preserve argument ordering in autofix (FURB103) (#​20790)

Bug fixes

• [server] Fix missing diagnostics for notebooks (#​21156)
• [flake8-bugbear] Ignore non-NFKC attribute names in B009 and B010 (#​21131)
• [refurb] Fix false negative for underscores before sign in Decimal constructor (FURB157) (#​21190)
• [ruff] Fix false positives on starred arguments (RUF057) (#​21256)

Rule changes

• [airflow] extend deprecated argument concurrency in airflow..DAG (AIR301) (#​21220)

Documentation

• Improve extend docs (#​21135)
• [flake8-comprehensions] Fix typo in C416 documentation (#​21184)
• Revise Ruff setup instructions for Zed editor (#​20935)

Other changes

• Make ruff analyze graph work with jupyter notebooks (#​21161)

Contributors

• @​chirizxc
• @​Lee-W
• @​musicinmybrain
• @​MichaReiser
• @​tjkuson
• @​danparizher
• @​renovate
• @​ntBre
• @​gauthsvenkat
• @​LoicRiegel

v0.14.3

Compare Source

Released on 2025-10-30.

Preview features

• Respect --output-format with --watch (#​21097)
• [pydoclint] Fix false positive on explicit exception re-raising (DOC501, DOC502) (#​21011)
• [pyflakes] Revert to stable behavior if imports for module lie in alternate branches for F401 (#​20878)
• [pylint] Implement stop-iteration-return (PLR1708) (#​20733)
• [ruff] Add support for additional eager conversion patterns (RUF065) (#​20657)

Bug fixes

• Fix finding keyword range for clause header after statement ending with semicolon (#​21067)
• Fix syntax error false positive on nested alternative patterns (#​21104)
• [ISC001] Fix panic when string literals are unclosed (#​21034)
• [flake8-django] Apply DJ001 to annotated fields (#​20907)
• [flake8-pyi] Fix PYI034 to not trigger on metaclasses (PYI034) (#​20881)
• [flake8-type-checking] Fix TC003 false positive with future-annotations (#​21125)
• [pyflakes] Fix false positive for __class__ in lambda expressions within class definitions (F821) (#​20564)
• [pyupgrade] Fix false positive for TypeVar with default on Python <3.13 (UP046,UP047) (#​21045)

Rule changes

• Add missing docstring sections to the numpy list (#​20931)
• [airflow] Extend airflow.models..Param check (AIR311) (#​21043)
• [airflow] Warn that airflow....DAG.create_dagrun has been removed (AIR301) (#​21093)
• [refurb] Preserve digit separators in Decimal constructor (FURB157) (#​20588)

Server

• Avoid sending an unnecessary "clear diagnostics" message for clients supporting pull diagnostics (#​21105)

Documentation

• [flake8-bandit] Fix correct example for S308 (#​21128)

Other changes

• Clearer error message when line-length goes beyond threshold (#​21072)

Contributors

• @​danparizher
• @​jvacek
• @​ntBre
• @​augustelalande
• @​prakhar1144
• @​TaKO8Ki
• @​dylwil3
• @​fatelei
• @​ShaharNaveh
• @​Lee-W

v0.14.2

Compare Source

Released on 2025-10-23.

Preview features

• [flake8-gettext] Resolve qualified names and built-in bindings (INT001, INT002, INT003) (#​19045)

Bug fixes

• Avoid reusing nested, interpolated quotes before Python 3.12 (#​20930)
• Catch syntax errors in nested interpolations before Python 3.12 (#​20949)
• [fastapi] Handle ellipsis defaults in FAST002 autofix (#​20810)
• [flake8-simplify] Skip SIM911 when unknown arguments are present (#​20697)
• [pyupgrade] Always parenthesize assignment expressions in fix for f-string (UP032) (#​21003)
• [pyupgrade] Fix UP032 conversion for decimal ints with underscores (#​21022)
• [fastapi] Skip autofix for keyword and __debug__ path params (FAST003) (#​20960)

Rule changes

• [flake8-bugbear] Skip B905 and B912 for fewer than two iterables and no starred arguments (#​20998)
• [ruff] Use DiagnosticTag for more pyflakes and pandas rules (#​20801)

CLI

• Improve JSON output from ruff rule (#​20168)

Documentation

• Add source to testimonial (#​20971)
• Document when a rule was added (#​21035)

Other changes

• [syntax-errors] Name is parameter and global (#​20426)
• [syntax-errors] Alternative match patterns bind different names (#​20682)

Contributors

• @​hengky-kurniawan-1
• @​ShalokShalom
• @​robsdedude
• @​LoicRiegel
• @​TaKO8Ki
• @​dylwil3
• @​11happy
• @​ntBre

v0.14.1

Compare Source

Released on 2025-10-16.

Preview features

• [formatter] Remove parentheses around multiple exception types on Python 3.14+ (#​20768)
• [flake8-bugbear] Omit annotation in preview fix for B006 (#​20877)
• [flake8-logging-format] Avoid dropping implicitly concatenated pieces in the G004 fix (#​20793)
• [pydoclint] Implement docstring-extraneous-parameter (DOC102) (#​20376)
• [pyupgrade] Extend UP019 to detect typing_extensions.Text (UP019) (#​20825)
• [pyupgrade] Fix false negative for TypeVar with default argument in non-pep695-generic-class (UP046) (#​20660)

Bug fixes

• Fix false negatives in Truthiness::from_expr for lambdas, generators, and f-strings (#​20704)
• Fix syntax error false positives for escapes and quotes in f-strings (#​20867)
• Fix syntax error false positives on parenthesized context managers (#​20846)
• [fastapi] Fix false positives for path parameters that FastAPI doesn't recognize (FAST003) (#​20687)
• [flake8-pyi] Fix operator precedence by adding parentheses when needed (PYI061) (#​20508)
• [ruff] Suppress diagnostic for f-string interpolations with debug text (RUF010) (#​20525)

Rule changes

• [airflow] Add warning to airflow.datasets.DatasetEvent usage (AIR301) (#​20551)
• [flake8-bugbear] Mark B905 and B912 fixes as unsafe (#​20695)
• Use DiagnosticTag for more rules - changes display in editors (#​20758,#​20734)

Documentation

• Update Python compatibility from 3.13 to 3.14 in README.md (#​20852)
• Update lint.flake8-type-checking.quoted-annotations docs (#​20765)
• Update setup instructions for Zed 0.208.0+ (#​20902)
• [flake8-datetimez] Clarify docs for several rules (#​20778)
• Fix typo in RUF015 description (#​20873)

Other changes

• Reduce binary size (#​20863)
• Improved error recovery for unclosed strings (including f- and t-strings) (#​20848)

Contributors

• @​ntBre
• @​Paillat-dev
• @​terror
• @​pieterh-oai
• @​MichaReiser
• @​TaKO8Ki
• @​ageorgou
• @​danparizher
• @​mgaitan
• @​augustelalande
• @​dylwil3
• @​Lee-W
• @​injust
• @​CarrotManMatt

v0.14.0

Compare Source

Released on 2025-10-07.

Breaking changes

• Update default and latest Python versions for 3.14 (#​20725)

Preview features

• [flake8-bugbear] Include certain guaranteed-mutable expressions: tuples, generators, and assignment expressions (B006) (#​20024)
• [refurb] Add fixes for FURB101 and FURB103 (#​20520)
• [ruff] Extend FA102 with listed PEP 585-compatible APIs (#​20659)

Bug fixes

• [flake8-annotations] Fix return type annotations to handle shadowed builtin symbols (ANN201, ANN202, ANN204, ANN205, ANN206) (#​20612)
• [flynt] Fix f-string quoting for mixed quote joiners (FLY002) (#​20662)
• [isort] Fix inserting required imports before future imports (I002) (#​20676)
• [ruff] Handle argfile expansion errors gracefully (#​20691)
• [ruff] Skip RUF051 if else/elif block is present (#​20705)
• [ruff] Improve handling of intermixed comments inside from-imports (#​20561)

Documentation

• [flake8-comprehensions] Clarify fix safety documentation (C413) (#​20640)

Contributors

• @​danparizher
• @​terror
• @​TaKO8Ki
• @​ntBre
• @​njhearp
• @​amyreese
• @​IDrokin117
• @​chirizxc

rhysd/actionlint (rhysd/actionlint)

v1.7.9

Compare Source

• Add support for ubuntu-slim runner label. (#​585, thanks @​cestorer)
• Check input deprecation in action by checking deprecationMessage property. Using a deprecated input is reported as error if it is not marked as required. See the document for more details. (#​580)

  - uses: reviewdog/action-actionlint@v1
    with:
      # ERROR: Using a deprecated input
      fail_on_error: true

• Add support for the Custom images feature.
  • Support image_version workflow trigger.

    on:
      image_version:
        names:
          - "MyNewImage"
          - "MyOtherImage"
        versions:
          - 1.*
          - 2.*

  • Support jobs.<job_id>.snapshot syntax. To make actionlint recognize your own image generation runner, use self-hosted-runner.labels config.

    jobs:
      build:
        runs-on: my-image-generation-runner
        snapshot:
            image-name: my-custom-image
            version: 2.*

• Fix some invalid permissions are not reported as error in id-token and models scopes. (#​582, thanks @​holtkampjs)
• Fix args and entrypoint inputs are not recognized at uses: when it's not a Docker action. (#​550)
• Set correct column in source position of YAML parse error.
• Fix credentials cannot be configured with ${{ }}. (#​590)
• Improve messages in syntax errors on parsing steps (run: and uses:). Available keys suggestion is now more accurate and unexpected keys are detected more accurately.
• Fix the order of errors can be non-deterministic when multiple errors are caused at the same source positions.
• Improve error messages showing suggestions on detecting invalid permissions.
• Add instruction for installing actionlint with mise package manager. (#​589, thanks @​jylenhof)
• Fix outdated URLs in the document.
• Add new actionlint.AllContexts map constant in Go API that contains the information about all context availability.
• Update popular actions data set to the latest with several major versions of actions and the following new actions.
  • anthropics/claude-code-action
  • openai/codex-action
  • google-github-actions/run-gemini-cli
• Add make cov task to easily generate a code coverage report.
• Make installing the formula version of actionlint pacakge from tap of this repository with Homebrew a hard error. Install the cask version instead following the instruction in the error message.

[Changes][v1.7.9]

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, on day 1 of the month ( * 0-3 1 * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.85%. Comparing base (0ea525c) to head (321dcca).

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #54   +/-   ##
=======================================
  Coverage   92.85%   92.85%           
=======================================
  Files           2        2           
  Lines          14       14           
=======================================
  Hits           13       13           
  Misses          1        1           

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.