chore(deps-dev): bump ruff from 0.5.7 to 0.7.1#976
Conversation
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
This PR updates the ruff linting dependency from v0.5.7 to v0.7.1, introducing breaking changes that require attention in the linting configuration.
- Updated ruff version constraint in
pyproject.tomlfrom<0.6.0to<0.8.0 - Breaking change:
lint.allow-unused-importssetting has been removed, needs migration tolint.pyflakes.allow-unused-imports - Both
ruff.tomlandci.ruff.tomlmay need updates to handle breaking changes in pytest rules PT001/PT023 - CI workflow uses
chartboost/ruff-action@v1which needs compatibility verification with ruff v0.7.1
1 file(s) reviewed, no comment(s)
Edit PR Review Bot Settings | Greptile
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.5.7 to 0.7.1. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.5.7...0.7.1) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
5fed121 to
ca877e7
Compare
There was a problem hiding this comment.
Disclaimer: Experimental PR review
PR Summary
(updates since last review)
This PR continues to evolve with significant changes around data masking functionality being added across the codebase. Here's a summary of the key changes:
Adds comprehensive data masking functionality to protect sensitive information:
- Added new
MaskFunctionprotocol type intypes/__init__.pydefining the interface for data masking functions - Implemented masking support in
TaskManagerwith in-place masking of event input/output fields - Added mask parameter propagation through
LangfuseBaseCallbackHandler,LangchainCallbackHandler, andLlamaIndexInstrumentorclasses - Added test coverage in
test_core_sdk.pyto verify masking behavior for both successful and error cases - Improved error handling in OpenAI integration by adding null checks for usage object serialization
The changes maintain backward compatibility since the masking functionality is optional, while providing a robust way to protect sensitive data before sending to the Langfuse backend.
15 file(s) reviewed, 3 comment(s)
Edit PR Review Bot Settings | Greptile
| pytest-httpserver = "^1.0.8" | ||
| boto3 = "^1.28.59" | ||
| ruff = ">=0.1.8,<0.6.0" | ||
| ruff = ">=0.1.8,<0.8.0" |
There was a problem hiding this comment.
logic: if using lint.allow-unused-imports in ruff config, must migrate to lint.pyflakes.allow-unused-imports
|
Superseded by #986. |
Bumps ruff from 0.5.7 to 0.7.1.
Release notes
Sourced from ruff's releases.
... (truncated)
Changelog
Sourced from ruff's changelog.
... (truncated)
Commits
337af83Bump version to 0.7.1 (#13913)113ce84Fixnormalizearguments whenfstring_formattingis disabled (#13910)7272f83Fix preview style name incan_omit_parenthesesto is_f_string_formatting_en...3eb4546[red-knot] Format mdtest Python snippets more concisely (#13905)77ae0cc[red-knot] Infer subscript expression types for bytes literals (#13901)73ee72bJoin implicit concatenated strings when they fit on a line (#13663)e402e27Use referencial equality intraversalhelper methods (#13895)de4181dRemove "default" remark fromruff check(#13900)2c57c2d[red-knot] Type narrowing forisinstancechecks (#13894)72c18c8Fix E221 and E222 to flag missing or extra whitespace around==operator (#...You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)