Black

Latest version: v24.10.0

Safety actively analyzes 681775 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 11

24.10.0

Highlights

- Black is now officially tested with Python 3.13 and provides Python 3.13
mypyc-compiled wheels. (4436) (4449)
- Black will issue an error when used with Python 3.12.5, due to an upstream memory
safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please
use Python 3.12.6 or Python 3.12.4 instead. (4447)
- Black no longer supports running with Python 3.8 (4452)

Stable style

- Fix crashes involving comments in parenthesised return types or `X | Y` style unions.
(4453)
- Fix skipping Jupyter cells with unknown `%%` magic (4462)

Preview style

- Fix type annotation spacing between * and more complex type variable tuple (i.e. `def
fn(*args: *tuple[*Ts, T]) -> None: pass`) (4440)

Caching

- Fix bug where the cache was shared between runs with and without `--unstable` (4466)

Packaging

- Upgrade version of mypyc used to 1.12 beta (4450) (4449)
- `blackd` now requires a newer version of aiohttp. (4451)

Output

- Added Python target version information on parse error (4378)
- Add information about Black version to internal error messages (4457)

24.8.0

Stable style

- Fix crash when ` fmt: off` is used before a closing parenthesis or bracket. (4363)

Packaging

- Packaging metadata updated: docs are explictly linked, the issue tracker is now also
linked. This improves the PyPI listing for Black. (4345)

Parser

- Fix regression where Black failed to parse a multiline f-string containing another
multiline string (4339)
- Fix regression where Black failed to parse an escaped single quote inside an f-string
(4401)
- Fix bug with Black incorrectly parsing empty lines with a backslash (4343)
- Fix bugs with Black's tokenizer not handling `\{` inside f-strings very well (4422)
- Fix incorrect line numbers in the tokenizer for certain tokens within f-strings
(4423)

Performance

- Improve performance when a large directory is listed in `.gitignore` (4415)

_Blackd_

- Fix blackd (and all extras installs) for docker container (4357)

24.4.2

This is a bugfix release to fix two regressions in the new f-string parser introduced in
24.4.1.

Parser

- Fix regression where certain complex f-strings failed to parse (4332)

Performance

- Fix bad performance on certain complex string literals (4331)

24.4.1

Highlights

- Add support for the new Python 3.12 f-string syntax introduced by PEP 701 (3822)

Stable style

- Fix crash involving indented dummy functions containing newlines (4318)

Parser

- Add support for type parameter defaults, a new syntactic feature added to Python 3.13
by PEP 696 (4327)

Integrations

- Github Action now works even when `git archive` is skipped (4313)

24.4.0

Stable style

- Fix unwanted crashes caused by AST equivalency check (4290)

Preview style

- `if` guards in `case` blocks are now wrapped in parentheses when the line is too long.
(4269)
- Stop moving multiline strings to a new line unless inside brackets (4289)

Integrations

- Add a new option `use_pyproject` to the GitHub Action `psf/black`. This will read the
Black version from `pyproject.toml`. (4294)

24.3.0

Highlights

This release is a milestone: it fixes Black's first CVE security vulnerability. If you
run Black on untrusted input, or if you habitually put thousands of leading tab
characters in your docstrings, you are strongly encouraged to upgrade immediately to fix
[CVE-2024-21503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503).

This release also fixes a bug in Black's AST safety check that allowed Black to make
incorrect changes to certain f-strings that are valid in Python 3.12 and higher.

Stable style

- Don't move comments along with delimiters, which could cause crashes (4248)
- Strengthen AST safety check to catch more unsafe changes to strings. Previous versions
of Black would incorrectly format the contents of certain unusual f-strings containing
nested strings with the same quote type. Now, Black will crash on such strings until
support for the new f-string syntax is implemented. (4270)
- Fix a bug where line-ranges exceeding the last code line would not work as expected
(4273)

Performance

- Fix catastrophic performance on docstrings that contain large numbers of leading tab
characters. This fixes
[CVE-2024-21503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503).
(4278)

Documentation

- Note what happens when `--check` is used with `--quiet` (4236)

Page 1 of 11

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.