Skip to content

deps(py): bump mypy from 1.20.2 to 2.0.0 in /backend#595

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/backend/mypy-2.0.0
Open

deps(py): bump mypy from 1.20.2 to 2.0.0 in /backend#595
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/backend/mypy-2.0.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 11, 2026
edited
Loading

Bumps mypy from 1.20.2 to 2.0.0.

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next Release

Mypy 2.0

We’ve just uploaded mypy 2.0.0 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. There are also changes to options and defaults. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Enable --local-partial-types by Default

This flag affects the inference of types based on assignments in other scopes. For now, explicitly disabling this continues to be supported, but this support will be removed in the future as the legacy behaviour is hard to support with other current and future features in mypy, like the daemon or the new implementation of flexible redefinitions.

Contributed by Ivan Levkivskyi, Jukka Lehtosalo, Shantanu in PR 21163.

Enable --strict-bytes by Default

Per PEP 688, mypy no longer treats bytearray and memoryview values as assignable to the bytes type.

Contributed by Shantanu in PR 18371.

New Behavior for --allow-redefinition

The --allow-redefinition flag now behaves like --allow-redefinition-new in mypy 1.20 and earlier. The new behavior is generally more flexible. For example, you can have different types for a variable in different blocks:

# mypy: allow-redefinition
def foo(cond: bool) -> None:
if cond:
for x in ["a", "b"]:
# Type of "x" is "str" here
...
else:
for x in [1, 2]:
# Type of "x" is "int" here
...

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 11, 2026
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 11, 2026
edited
Loading

Review Council Results

4 tests   2 ✅  0s ⏱️
1 suites  0 💤
1 files    2 ❌

For more details on these failures, see this check.

Results for commit 7d7b402.

♻️ This comment has been updated with latest results.

@Blb3D Claude
Copy link
Copy Markdown
Owner

Blb3D commented May 11, 2026

Dependabot sweep — Bucket A, blocked on Review Council

Classification: Bucket A — major bump (mypy 1.20.2 → 2.0.0) but mypy is on the dev-tooling allowlist; failures surface as red CI, cannot affect runtime.

CI status: all checks green (backendcheck-pro-codefrontendCodeQL ✅) except Review Council → failure. This check is failing on every Dependabot PR in today's batch.

Note: mypy 2.0 enables --local-partial-types and --strict-bytes by default. If this PR causes mypy to report new errors in the backend CI check, that will show up as a red CI job and block merge naturally. Current backend check is green.

Per the merge policy, all visible checks must be SUCCESS before auto-merging. Deferring to human to resolve the Review Council gate, after which this PR is clear to merge.

Generated by Claude Code

@dependabot
deps(py): bump mypy from 1.20.2 to 2.0.0 in /backend
7d7b402 
Bumps [mypy](https://github.com/python/mypy) from 1.20.2 to 2.0.0.
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.20.2...v2.0.0)

---
updated-dependencies:
- dependency-name: mypy
  dependency-version: 2.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/backend/mypy-2.0.0 branch from 7d84f24 to 7d7b402 Compare May 11, 2026 12:38
@Blb3D
Copy link
Copy Markdown
Owner

Blb3D commented May 11, 2026

Deferring this major-version bump for now.

Rationale: mypy is not currently invoked in any .github/workflows/*.yml, so the green CI on this PR does not actually validate mypy 2.0 against this codebase. Merging would risk surprising contributors who run mypy locally — the 2.0 defaults flip several behaviors:

  • --local-partial-types on by default
  • --strict-bytes on by default (PEP 688: bytearray/memoryview no longer assignable to bytes)
  • --allow-redefinition semantics changed (now matches the old --allow-redefinition-new)

When we want to take this upgrade:

  1. First land a CI workflow step that runs mypy backend/app so the upgrade is actually validated.
  2. Address any new errors surfaced by the stricter defaults in a separate PR (or pass overrides via mypy.ini/pyproject.toml).
  3. Then @dependabot recreate here, or pin to mypy>=2.0,<3 directly.

Until then, mypy==1.20.2 continues to work for anyone who runs it locally.

Co-authored-by: Claude claude@anthropic.com
Agent-Session: 5a809249-bd8d-4006-9f3c-d1b2824dfc2c

@Blb3D Blb3D mentioned this pull request May 11, 2026
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Blb3D