Deps: Bump the python-packages group with 4 updates

[dependabot]

Bumps the python-packages group with 4 updates: pontos, librt, rich and ruff.

Updates pontos from 25.8.1 to 26.2.0

Release notes

Sourced from pontos's releases.

pontos 26.2.0

[26.2.0] - 2026-02-20

Added

• Add --project-type to release create and all version CLI commands a6ff904e
• add test a5d5d0f7

Bug Fixes

• Add or Update detect-hidden-unicode.yml 4e995a14
• fix linting 823399a1
• fix error 2fcf4ada
• fix errors 88d2a2b7
• formatting 1c2a48e0
• fix linting a9b74c9b
• fix linting 9c28e94b

Dependencies

• Bump the python-packages group with 2 updates e6ee003d
• Bump ruff from 0.14.14 to 0.15.0 in the python-packages group 9e2ece33
• Bump the python-packages group with 4 updates f15e15d9
• Bump actions/checkout from 6.0.1 to 6.0.2 in the actions group 43f5f9ae
• Bump the python-packages group with 5 updates 51838e2c
• Bump the python-packages group with 4 updates 60b8e915
• Bump the python-packages group with 4 updates a7b75e65
• Bump urllib3 from 2.6.2 to 2.6.3 7d7eaf82
• Bump the python-packages group with 2 updates b6433dd5
• Bump librt from 0.7.4 to 0.7.5 in the python-packages group c15f3cb1
• Bump the python-packages group with 7 updates bb9ad208
• Bump actions/upload-artifact in the actions group 0e79c666
• Bump the python-packages group with 2 updates 4361aeb1
• Bump actions/checkout from 6.0.0 to 6.0.1 in the actions group 7c9fea85
• Bump the python-packages group with 3 updates c6dac7a3
• Bump the python-packages group with 4 updates 9ecb7ee9
• Bump actions/checkout from 5.0.0 to 6.0.0 in the actions group 2ba4bf91
• Bump the python-packages group with 3 updates bce90a24
• Bump the python-packages group with 3 updates 0f929fd1
• Bump the python-packages group with 3 updates e0bf5947
• Bump actions/upload-artifact in the actions group 770ddc90
• Bump the python-packages group with 3 updates ec1f62c3
• Bump ruff from 0.14.1 to 0.14.2 in the python-packages group 7bc68fc0
• Bump the python-packages group with 5 updates 6bea2e02
• Bump the python-packages group with 4 updates 48ec5950
• Bump ossf/scorecard-action in the actions group 86a2faa0
• Bump the python-packages group with 3 updates a2d17964
• Bump the python-packages group across 1 directory with 11 updates e8850f23
• Bump the python-packages group with 3 updates a046f472
• Bump pypa/gh-action-pypi-publish in the actions group ccb073b8
• Bump ruff from 0.11.13 to 0.12.12 in the python-packages group d99e8f00
• Bump the python-packages group with 4 updates 6d36a9e9
• Bump the actions group with 2 updates 01c1f450

... (truncated)

Commits

• ff7b80e Automatic release to 26.2.0
• a6ff904 Add: Add --project-type to release create and all version CLI commands
• e6ee003 Deps: Bump the python-packages group with 2 updates
• 9e2ece3 Deps: Bump ruff from 0.14.14 to 0.15.0 in the python-packages group
• f15e15d Deps: Bump the python-packages group with 4 updates
• 43f5f9a Deps: Bump actions/checkout from 6.0.1 to 6.0.2 in the actions group
• 51838e2 Deps: Bump the python-packages group with 5 updates
• 60b8e91 Deps: Bump the python-packages group with 4 updates
• e9eb455 Fix Add or Update detect-hidden-unicode.yml (#1177)
• a7b75e6 Deps: Bump the python-packages group with 4 updates
• Additional commits viewable in compare view

Updates librt from 0.8.0 to 0.8.1

Commits

• e9c167e Sync mypy
• See full diff in compare view

Updates rich from 14.3.2 to 14.3.3

Release notes

Sourced from rich's releases.

The infinite Release

Fixed a infinite loop in split_graphemes

[14.3.3] - 2026-02-19

Fixed

• Fixed infinite loop with cells.split_graphemes Textualize/rich#4006

Changelog

Sourced from rich's changelog.

[14.3.3] - 2026-02-19

Fixed

• Fixed infinite loop with cells.split_graphemes Textualize/rich#4006

Commits

• ce01188 Merge pull request #4008 from Textualize/bump1433
• 14a47c9 bump
• f54bfe0 Merge pull request #4007 from Textualize/copilot/sub-pr-4006
• 7338cb9 Merge pull request #4006 from Textualize/fix-grapheme-stuck
• 905b397 Update tests/test_cells.py
• b031dca Update tests/test_cells.py
• f07a3fc Add regression tests for VS16 after zero-width chars in split_graphemes
• b618ccc spelling
• 378c34b Initial plan
• 87e7ca2 refinements, and tests
• Additional commits viewable in compare view

Updates ruff from 0.15.1 to 0.15.2

Release notes

Sourced from ruff's releases.

0.15.2

Release Notes

Released on 2026-02-19.

Preview features

• Expand the default rule set (#23385)

  In preview, Ruff now enables a significantly expanded default rule set of 412 rules, up from the stable default set of 59 rules. The new rules are mostly a superset of the stable defaults, with the exception of these rules, which are removed from the preview defaults:

  • multiple-imports-on-one-line (E401)
  • module-import-not-at-top-of-file (E402)
  • module-import-not-at-top-of-file (E701)
  • multiple-statements-on-one-line-semicolon (E702)
  • useless-semicolon (E703)
  • none-comparison (E711)
  • true-false-comparison (E712)
  • not-in-test (E713)
  • not-is-test (E714)
  • type-comparison (E721)
  • lambda-assignment (E731)
  • ambiguous-variable-name (E741)
  • ambiguous-class-name (E742)
  • ambiguous-function-name (E743)
  • undefined-local-with-import-star (F403)
  • undefined-local-with-import-star-usage (F405)
  • undefined-local-with-nested-import-star-usage (F406)
  • forward-annotation-syntax-error (F722)

  If you use preview and prefer the old defaults, you can restore them with configuration like:

  # ruff.toml
  [lint]
  select = ["E4", "E7", "E9", "F"]
  pyproject.toml
  [tool.ruff.lint]
  select = ["E4", "E7", "E9", "F"]

  If you do give them a try, feel free to share your feedback in the GitHub discussion!

• [flake8-pyi] Also check string annotations (PYI041) (#19023)

Bug fixes

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.2

Released on 2026-02-19.

Preview features

• Expand the default rule set (#23385)

  In preview, Ruff now enables a significantly expanded default rule set of 412 rules, up from the stable default set of 59 rules. The new rules are mostly a superset of the stable defaults, with the exception of these rules, which are removed from the preview defaults:

  • multiple-imports-on-one-line (E401)
  • module-import-not-at-top-of-file (E402)
  • module-import-not-at-top-of-file (E701)
  • multiple-statements-on-one-line-semicolon (E702)
  • useless-semicolon (E703)
  • none-comparison (E711)
  • true-false-comparison (E712)
  • not-in-test (E713)
  • not-is-test (E714)
  • type-comparison (E721)
  • lambda-assignment (E731)
  • ambiguous-variable-name (E741)
  • ambiguous-class-name (E742)
  • ambiguous-function-name (E743)
  • undefined-local-with-import-star (F403)
  • undefined-local-with-import-star-usage (F405)
  • undefined-local-with-nested-import-star-usage (F406)
  • forward-annotation-syntax-error (F722)

  If you use preview and prefer the old defaults, you can restore them with configuration like:

  # ruff.toml
  [lint]
  select = ["E4", "E7", "E9", "F"]
  pyproject.toml
  [tool.ruff.lint]
  select = ["E4", "E7", "E9", "F"]

  If you do give them a try, feel free to share your feedback in the GitHub discussion!

... (truncated)

Commits

• 9d18ee9 Hard code workflow name and cancel-in-progress only for PRs (#23431)
• 7cc15f0 Bump 0.15.2 (#23430)
• d1b5443 Add extension mapping to configuration file options (#23384)
• 222574a Expand the default rule set (#23385)
• 1465b5d [flake8-async] Fix in_async_context logic (#23426)
• 410902f [pyupgrade] Fix handling of typing.{io,re} (UP035) (#23131)
• 729610a [ty] Fall back to ambiguous for large control flow graphs (#23399)
• 1425c18 [ty] Add code folding support
• 97acaae [ty] Fix stack overflow for self-referential TypeOf in annotations (#23407)
• 1f380c8 [ty] Update tests reveal_type and Never (#23418)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 4 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA faa5878.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

poetry.lock

Package	Version	License	Issue Type
librt	0.8.1	Null	Unknown License
pontos	26.2.0	Null	Unknown License
rich	14.3.3	Null	Unknown License
ruff	0.15.2	Null	Unknown License

Allowed Licenses:

0BSD, AGPL-3.0-or-later, Apache-2.0, BlueOak-1.0.0, BSD-2-Clause, BSD-3-Clause-Clear, BSD-3-Clause, BSL-1.0, bzip2-1.0.6, CAL-1.0, CC-BY-3.0, CC-BY-4.0, CC-BY-SA-4.0, CC0-1.0, EPL-2.0, GPL-1.0-or-later, GPL-2.0-only, GPL-2.0-or-later, GPL-2.0, GPL-3.0-only, GPL-3.0-or-later, GPL-3.0, ISC, LGPL-2.0-only, LGPL-2.0-or-later, LGPL-2.1-only, LGPL-2.1-or-later, LGPL-2.1, LGPL-3.0-only, LGPL-3.0, LGPL-3.0-or-later, MIT, MIT-CMU, MPL-1.1, MPL-2.0, OFL-1.1, PSF-2.0, Python-2.0, Python-2.0.1, Unicode-3.0, Unicode-DFS-2016, Unlicense, Zlib, ZPL-2.1

OpenSSF Scorecard

Package	Version	Score	Details
pip/librt	0.8.1	Unknown	Unknown
pip/pontos	26.2.0	Unknown	Unknown
pip/rich	14.3.3	Unknown	Unknown
pip/ruff	0.15.2	Unknown	Unknown

Scanned Files

• poetry.lock

[github-actions]

Conventional Commits Report

Type	Number
Dependencies	1

🚀 Conventional commits found.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 98.33%. Comparing base (686d404) to head (faa5878).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1301   +/-   ##
=======================================
  Coverage   98.33%   98.33%           
=======================================
  Files          89       89           
  Lines        6197     6197           
  Branches     1112     1112           
=======================================
  Hits         6094     6094           
  Misses         74       74           
  Partials       29       29           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.