build(deps): bump pylint from 3.3.9 to 4.0.5#279
build(deps): bump pylint from 3.3.9 to 4.0.5#279dependabot[bot] wants to merge 1 commit intomasterfrom
Conversation
Bumps [pylint](https://github.com/pylint-dev/pylint) from 3.3.9 to 4.0.5. - [Release notes](https://github.com/pylint-dev/pylint/releases) - [Commits](pylint-dev/pylint@v3.3.9...v4.0.5) --- updated-dependencies: - dependency-name: pylint dependency-version: 4.0.5 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
|
Beginning January 27, 2026, Dependabot will no longer support the @dependabot merge command. Please use GitHub's native pull request controls instead. Please see the changelog announcement for additional details. |
Codacy's Analysis Summary0 new issue (≤ 1 medium issue) Review Pull Request in Codacy →
|
There was a problem hiding this comment.
Pull Request Overview
This PR upgrades Pylint to version 4.0.5. As a major version release, this change carries a risk of breaking existing linting configurations or plugin integrations (e.g., pylint-django). Additionally, the project currently contains a security vulnerability in Flask==3.1.2 (CVE-2026-27205) that should be addressed in a separate PR.
🗒️ Improve review quality by adding custom instructions.
💡 Codacy uses AI. Check for mistakes.
| @@ -1,4 +1,4 @@ | |||
| pylint==3.3.9 | |||
| pylint==4.0.5 | |||
There was a problem hiding this comment.
🟡 MEDIUM RISK
Suggestion: Bumping Pylint to v4.0.5 is a major version jump. Pylint 4 may include breaking changes to its API or configuration format that could impact pylint-django==2.6.1. It is recommended to verify that this version of the plugin is compatible with Pylint 4 to prevent CI failures.
Try running the following prompt in your IDE agent:
Check the Pylint 4.0.0 release notes and the compatibility requirements for
pylint-django2.6.1 to ensure they are compatible.
Bumps pylint from 3.3.9 to 4.0.5.
Commits
88e1ab7Bump pylint to 4.0.5, update changelog (#10860)d96d489[Backport maintenance/4.0.x] Relax isort version constraint to allow isort 8 ...0b08ccbFix dynamic color mapping for "fail-on" messages when using multiple reporter...154dba4[Backport maintenance/4.0.x] Fix FP forinvalid-namewithtyping.Finalon...7b73bfdDisable unspecified-encoding for py-version above Python 3.15 (#10800)4cc98be[Backport maintenance/4.0.x] Fix setting options for import order checker (#1...f0d30a2Sync astroid version with requirements file again38bdf02[Backport maintenance/4.0.x] Fixlogging-unsupported-formatwhen logging ...f08c33a[Backport maintenance/4.0.x] Properly detectself.fail()as a terminating...e16f942Bump pylint to 4.0.4, update changelogDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)